[Boofo]

Originally Posted by yaoren

Ok I'm at a loss since I've manually gone in and did the search in templates and added the line of code to each template that was missing the sercurity token and well, I'm still having the message pop up. I honestly don't know what mod is causing the issues since it pops up only in certain areas. Any other ideas?

Check Andreas' profile as he just released a hack that will send an email upon any token errors.

[yaoren]

Oh man, thank you so much for this. Still having some problems but getting closer

[ringleader]

Quick, random, and possibly letting everyone know the stupidity I try to keep hidden like a mental problem...

Does this token need to be placed in every form that passes a hidden value, or just the ones that use the sessionhash?

[Boofo]

Every form that uses post.

[ringleader]

Excellent. Thanks for responding!

[Skavenger]

Originally Posted by Boofo

The bad part is that not all forms have value="$session[sessionhash]" in them in some of the hacks out there. I basically look for <form and then add the line anywhere underneath that where there is a <input type="hidden" line.

what about this? I have a mod that doesn't have what is in bold...

I mean, there is no <input type="hidden" line neither

Can I just add the security token below the opening form tag "<form>"?

[Dismounted]

Yes, you just add the line below the form tag.

[ARB4HOSTING.COM]

Thank you

[dealxa]

I didn't use color in posts, after upgrade
what is problem?

[rinkrat]

I find it hard to believe that, in the final release candidate, Jelsoft would throw a monkey wrench like this into the mix and create a nightmare for all of their current customers who aren't programmers.

Isn;t there any kind of search and replace mod that one of you can cook up to repair the damage done by this security token B.S.? It looks like the terrorists have finally won!

[Boosted Panda]

Originally Posted by rinkrat

I find it hard to believe that, in the final release candidate, Jelsoft would throw a monkey wrench like this into the mix and create a nightmare for all of their current customers who aren't programmers.

Isn;t there any kind of search and replace mod that one of you can cook up to repair the damage done by this security token B.S.? It looks like the terrorists have finally won!

I too am frustrated at this because I was thinking going gold meant ready to go. Now I have end users who are leaving my forums because of this. I spent 2 hours searching and replacing and now find out that anything with form needs it too Is there a hack or something out there that will do this automatically this is quite a drag.

[Boofo]

Just do a templare search for <form

Add the code to any form that uses POST. Simple.

The upgrade takes care of all that except for any add-on hacks.

[spankaveli]

Originally Posted by Boofo

The bad part is that not all forms have value="$session[sessionhash]" in them in some of the hacks out there. I basically look for <form and then add the line anywhere underneath that where there is a <input type="hidden" line.

thank you for this advise!!!! this fixed my itrader issue. two or 3 of the itrader templates did not have "sessionhash."

[Boofo]

Default vb templates don't always have the sessionhash in the forms. Glad I could help.

[Mancunian_Red]

Originally Posted by Wayne Luke

Forms are not equal to templates but some templates have forms in them.

A form is anywhere your users can submit data. If you have modifications that submit data and cannot update their templates then you need to post for support in the modification thread.

It isn't hard to find out where this needs to go.

In your Admin CP under Styles & Template select Search In Templates...

Search for: value="$session[sessionhash]"


In every template this occurs in add this line directly after the line containing the above, if it doesn't exist already:
<input type="hidden" name="securitytoken" value="$bbuserinfo[securitytoken]" />

Save the template.

thank you wayne for putting this in english i just followed your instructions and then the problem was solved