Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

All other Modules /

Discuss all other Modules here.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

Bugreport: Newsletter mailinglist import fails with security token error.

Go to End

4 Posts   1694 Views

Henk Poley

30 Posts

24 December 2010 at 4:46am

Edited: 24/12/2010 5:43am

Since the mysql server on seems to go down more often than a hooker from Ciranus IV:

Importing a CSV file into a mailinglist in the newsletter 0.4.0-rc1 module fails with: "Security token doesn't match, possible CSRF attack."

Steps to reproduce:

1. Go to <yoursite>/admin/newsletter/
2. Click Mailing List
3. Click tab 'Import'
4. Enter a (simple) CVS file with FirstName, SurName, Email columns
5. Click 'Show contents' button
6. Click 'Confirm' button

What happens:

The message "Security token doesn't match, possible CSRF attack." is shown.

What is the expected output:

CSV file is imported.

It could be that I am doing something wrong. But I'm using pretty much stock Silverstripe and newsletter.

[Edit] Apparently the ticket was still posted:


Community Member, 165 Posts

17 January 2011 at 2:44pm

*bounce* Anybody?


Community Member, 40 Posts

26 March 2011 at 4:31am

There is an issue with the template and the form for submitting the import. my work around is as below. I also updated the above ticket. (

My work around was to add the following to the template file, so the security ID is passed on through. I agree that a more elegant way may be needed but this should get some people out of trouble.

<input class="hidden" type="hidden" id="RecipientImportField_UploadForm_UploadForm_SecurityID" name="SecurityID" value="$SecurityID" />

Needs to be inserted in to the form around line 20 of the template file.

Hope this is of some help.


Community Member, 3 Posts

21 April 2011 at 4:36pm

It works perfect to me.

Thanks a lot.