vBulletin Mods

The Official vBulletin Modifications Site
https://www.vbulletin.org/forum/showthread.php?t=177013

Boofo 28 Apr 2008 17:08

Quote:

Originally Posted by yaoren (Post 1501565)
Ok I'm at a loss since I've manually gone in and did the search in templates and added the line of code to each template that was missing the sercurity token and well, I'm still having the message pop up. I honestly don't know what mod is causing the issues since it pops up only in certain areas. Any other ideas?

Check Andreas' profile as he just released a hack that will send an email upon any token errors.

yaoren 28 Apr 2008 20:06

Oh man, thank you so much for this. Still having some problems but getting closer :)

ringleader 28 Apr 2008 23:35

Quick, random, and possibly letting everyone know the stupidity I try to keep hidden like a mental problem...

Does this token need to be placed in every form that passes a hidden value, or just the ones that use the sessionhash?

Boofo 28 Apr 2008 23:45

Every form that uses post.

ringleader 28 Apr 2008 23:52

Excellent. Thanks for responding! :)

Skavenger 30 Apr 2008 00:03

Quote:

Originally Posted by Boofo (Post 1499947)
The bad part is that not all forms have value="$session[sessionhash]" in them in some of the hacks out there. I basically look for <form and then add the line anywhere underneath that where there is a <input type="hidden" line.

what about this? I have a mod that doesn't have what is in bold...

I mean, there is no <input type="hidden" line neither

Can I just add the security token below the opening form tag "<form>"?

Dismounted 30 Apr 2008 10:47

Yes, you just add the line below the form tag.

ARB4HOSTING.COM 01 May 2008 03:48

Thank you

dealxa 01 May 2008 12:03

I didn't use color in posts, after upgrade :confused:
what is problem?

rinkrat 01 May 2008 15:15

I find it hard to believe that, in the final release candidate, Jelsoft would throw a monkey wrench like this into the mix and create a nightmare for all of their current customers who aren't programmers.

Isn;t there any kind of search and replace mod that one of you can cook up to repair the damage done by this security token B.S.? It looks like the terrorists have finally won!

Boosted Panda 01 May 2008 16:51

Quote:

Originally Posted by rinkrat (Post 1504585)
I find it hard to believe that, in the final release candidate, Jelsoft would throw a monkey wrench like this into the mix and create a nightmare for all of their current customers who aren't programmers.

Isn;t there any kind of search and replace mod that one of you can cook up to repair the damage done by this security token B.S.? It looks like the terrorists have finally won!

I too am frustrated at this because I was thinking going gold meant ready to go. Now I have end users who are leaving my forums because of this. I spent 2 hours searching and replacing and now find out that anything with form needs it too :( Is there a hack or something out there that will do this automatically this is quite a drag.

Boofo 01 May 2008 17:10

Just do a templare search for <form

Add the code to any form that uses POST. Simple.

The upgrade takes care of all that except for any add-on hacks.

spankaveli 04 May 2008 14:54

Quote:

Originally Posted by Boofo (Post 1499947)
The bad part is that not all forms have value="$session[sessionhash]" in them in some of the hacks out there. I basically look for <form and then add the line anywhere underneath that where there is a <input type="hidden" line.

thank you for this advise!!!! this fixed my itrader issue. two or 3 of the itrader templates did not have "sessionhash."

Boofo 04 May 2008 15:04

Default vb templates don't always have the sessionhash in the forms. Glad I could help. ;)

Mancunian_Red 04 May 2008 17:20

Quote:

Originally Posted by Wayne Luke (Post 1498706)
Forms are not equal to templates but some templates have forms in them.

A form is anywhere your users can submit data. If you have modifications that submit data and cannot update their templates then you need to post for support in the modification thread.

It isn't hard to find out where this needs to go.

In your Admin CP under Styles & Template select Search In Templates...

Search for: value="$session[sessionhash]"


In every template this occurs in add this line directly after the line containing the above, if it doesn't exist already:
<input type="hidden" name="securitytoken" value="$bbuserinfo[securitytoken]" />

Save the template.

thank you wayne for putting this in english i just followed your instructions and then the problem was solved


All times are GMT. The time now is 03:15.

Powered by vBulletin® Version 3.8.14
Copyright © 2021, MH Sub I, LLC dba vBulletin. All Rights Reserved. vBulletin® is a registered trademark of MH Sub I, LLC
Copyright ©2001 - , vbulletin.org. All rights reserved.