Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We're retiring the forums!

The SilverStripe forums have passed their heyday. They'll stick around, but will be read only. We'd encourage you to get involved in the community via the following channels instead:

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

2.4 publishing issue on user site


Go to End


6 Posts   2293 Views

Avatar
chinaski

Community Member, 26 Posts

18 May 2010 at 4:42pm

I am having a problem with 2.4 on a user site (i.e. development url is http://ip-number/~username/).

Steps to recreate:

1) edit a page in cms
2) save and publish
3) click "Published Site" in cms to view the page
4) back in the cms, try to update a page. save and publish just spins, and I am asked to login again.

I am unable to edit and a javascript alert comes up saying "please login and then try again".

If I don't view the site by clicking on the "Published Site" link, I can make changes, save them, and view in a separate window in the browser.

Avatar
chinaski

Community Member, 26 Posts

19 May 2010 at 3:13am

I have some more information about this. Looking at the firebug output, I'm getting the following message in the response when I try to save a page in the admin section: SecurityID doesn't match, possible CSRF attack.

Any ideas?

Avatar
moloko_man

Community Member, 72 Posts

8 July 2010 at 11:56am

this might help, I am having the same problem, and it didn't help me, but give it a whirl. You never know.

http://silverstripe.org/installing-silverstripe/show/285523#post285523

Avatar
Webdoc

Community Member, 349 Posts

8 July 2010 at 12:19pm

Form::disable_all_security_tokens();

to _config.php

Avatar
moloko_man

Community Member, 72 Posts

9 July 2010 at 9:51am

The issue I was having was a session problem from the hosting provider. You can control your own sessions by adding the following to the bottom of your .htaccess:

php_value session.gc_probability 1
php_value session.gc_divisor 100
php_value session.gc_maxlifetime 3600
php_value session.save_path /mnt/stor1/123456/example.com/web/sessions

my session save path is outside my content folder that holds the web files, so it can't be accessed from the www.

Here is a link explaining the above.
http://cloudsites.rackspacecloud.com/index.php/Why_are_my_PHP_sessions_not_working%3F

Avatar
Fred Condo

Community Member, 29 Posts

13 January 2011 at 8:06pm

Please do not disable all security tokens. This exposes your entire site to CSRF attacks.