Welcome to the LimeSurvey Community Forum

Ask the community, share ideas, and connect with other LimeSurvey users!

Admin Login : CSRF token error after install of a 2nd instance of LimeSurvey

More
9 years 1 month ago #116727 by Qat
Hi everyone,

I've been searching everywhere, but couldn't resolve my problem, so I turn to you.

Here is what happens:

I've been using LimeSurvey with no issue for the past 2 years.
- address : [mydomain]/limesurvey/
- db name : [name1]
- tables prefix : lime_
- admin name : administrator
- admin password : [password]
- version : most recent : 2.05+ Build 141229

Yestarday, I wanted to install "sandbox" instance of Limesurvey on in another subdirectory and another db of my domain.
- address : [mydomain]/sandbox-limesurvey/ <=différent
- db name : [name2] <=different

- tables prefix : lime_ <=same
- admin name : administrator <=same
- admin password : [password] <=same
- version : most recent : 2.05+ Build 141229 <=same



All worked just fine, but today, when I tried to login to any of the instances with any administrator credentials (default "administrator" or even another personal one), I got the "Bad request - CSRF token error".

I searched everywhere, and in despair, chose to delete the "sandbox" installation and tables

Have you any idea of what happened ?

EDIT :

At first nothing changed after I deleted my "sandbox" installation, but finally (+/- one hour later I think). I regained access to my main installation.

I will try a reinstallation with different parameters everywhere. I'll let you know what happens.

Thanks
The topic has been locked.
  • DenisChenu
  • DenisChenu's Avatar
  • Offline
  • LimeSurvey Community Team
  • LimeSurvey Community Team
More
9 years 1 month ago #116884 by DenisChenu
Hi,

Seems cookie for CRSF have real domain and path to "/" : www.yiiframework.com/doc/api/1.1/CHttpCookie#path-detail
Then crsf have same cookie domain and name/

To fix it, add this in you config.php file after installation.
Code:
'request' => array(
            'csrfCookie' => array( 'domain' => 'mydomain','path'=>'limesurvey' )
        ),
and
Code:
'request' => array(
            'csrfCookie' => array( 'domain' => 'mydomain','path'=>'sandbox-limesurvey' )
        ),

If it work : please update our manual : manual.limesurvey.org/Optional_settings#Request_settings

If it don't work : try with www.yiiframework.com/doc/api/1.1/CHttpCookie#name-detail , but not sure here.

Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
The topic has been locked.

Lime-years ahead

Online-surveys for every purse and purpose