Admin Login : CSRF token error after install of a 2nd instance of LimeSurvey

More
2 years 9 months ago #116727 by Qat
Qat created the topic: Admin Login : CSRF token error after install of a 2nd instance of LimeSurvey
Hi everyone,

I've been searching everywhere, but couldn't resolve my problem, so I turn to you.

Here is what happens:

I've been using LimeSurvey with no issue for the past 2 years.
- address : [mydomain]/limesurvey/
- db name : [name1]
- tables prefix : lime_
- admin name : administrator
- admin password : [password]
- version : most recent : 2.05+ Build 141229

Yestarday, I wanted to install "sandbox" instance of Limesurvey on in another subdirectory and another db of my domain.
- address : [mydomain]/sandbox-limesurvey/ <=différent
- db name : [name2] <=different

- tables prefix : lime_ <=same
- admin name : administrator <=same
- admin password : [password] <=same
- version : most recent : 2.05+ Build 141229 <=same



All worked just fine, but today, when I tried to login to any of the instances with any administrator credentials (default "administrator" or even another personal one), I got the "Bad request - CSRF token error".

I searched everywhere, and in despair, chose to delete the "sandbox"installation and tables

Have you any idea of what happened ?

EDIT :

At first nothing changed after I deleted my "sandbox"installation, but finally (+/- one hour later I think). I regained access to my main installation.

I will try a reinstallation with different parameters everywhere. I'll let you know what happens.

Thanks

Please Log in to join the conversation.

More
2 years 9 months ago #116884 by DenisChenu
DenisChenu replied the topic: Admin Login : CSRF token error after install of a 2nd instance of LimeSurvey
Hi,

Seems cookie for CRSF have real domain and path to "/" : www.yiiframework.com/doc/api/1.1/CHttpCookie#path-detail
Then crsf have same cookie domain and name/

To fix it, add this in you config.php file after installation.
'request' => array(
            'csrfCookie' => array( 'domain' => 'mydomain','path'=>'limesurvey' )
        ),
and
'request' => array(
            'csrfCookie' => array( 'domain' => 'mydomain','path'=>'sandbox-limesurvey' )
        ),

If it work : please update our manual : manual.limesurvey.org/Optional_settings#Request_settings

If it don't work : try with www.yiiframework.com/doc/api/1.1/CHttpCookie#name-detail , but not sure here.

Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand (or search sondages pro).
An error happen ? Before make a new topic : remind the Debug mode .

Please Log in to join the conversation.

Start now!

Just create your account and start using Limesurvey today.

Register now
Join our Newsletter!