Official Everybody Edits Forums
Do you think I could just leave this part blank and it'd be okay? We're just going to replace the whole thing with a header image anyway, right?
You are not logged in.
- Topics: Active | Unanswered
Pages: 1
Topic closed
#1 2016-09-12 00:20:48
- Koya
- Fabulous Member
- From: The island with those Brits
- Joined: 2015-02-18
- Posts: 6,310
Subscribe to thread error
Ability to subscribe and unsubscribe still works but doesn't appear so.
Clicking the "Subscribe to this thread" link sends you to a page with an error "Bad CSRF hash. You were referred to this page from an unauthorized source.", going back to the page the link still says "Subscribe..." and emails will be sent for posts; clicking it again returns you to the page and the link changes to "unsubscribe..."; the same weirdness happens in reverse.
Thank you eleizibeth ^
I stack my signatures rather than delete them so I don't lose them
Offline
#2 2016-09-12 01:03:12
Offline
#3 2016-09-12 01:23:35
- Kaleb
- Formerly Kaleb123
- From: California of America
- Joined: 2015-02-19
- Posts: 1,263
Re: Subscribe to thread error
Mine usually works, I don't really know what the problem is.
Offline
#4 2016-09-12 01:44:13
- Ratburntro44
- Member
- Joined: 1970-01-01
- Posts: 1,382
- Website
Re: Subscribe to thread error
That language matches $lang_common['Bad csrf hash'], and the only function that uses $lang_common['Bad csrf hash'] is check_csrf in include/functions.php
This function is only called in logging out, some moderator actions, deleting your avatar, marking stuff as read, and subscribing or unsubscribing. Given that the others shouldn't be involved here at all, it should be directly in the subscribing/unsubscribing process.
If you're redirected to $lang_common['Bad csrf hash'], then that means your csrf token was either nonexistent or unauthorized. Reasons for this could be if you changed your password separately before following a link from a page you opened prior to the password change, if your IP address had changed after you opened the link, or if you somehow opened an altered version of the link.
When this is activated, it shouldn't do anything past this in the subscription code and your subscription status shouldn't be changed. This matches with what I get when I do it by intentionally altering the subscription link.
I can't imagine how the subscription data would be altered while also getting a csrf error unless Diff made some weird changes in the subscribing code. I also can't imagine how it would end up listing links that don't match your status unless you are seeing the links from a cached version of the page.
Offline
#5 2016-09-12 02:19:10
- Different55
- Forum Admin
- Joined: 2015-02-07
- Posts: 16,574
Re: Subscribe to thread error
Diff has not made any changes to the subscribing code, let alone weird ones.
"Sometimes failing a leap of faith is better than inching forward"
- ShinsukeIto
Offline
- Wooted by:
#6 2016-09-12 02:43:51
- Ratburntro44
- Member
- Joined: 1970-01-01
- Posts: 1,382
- Website
Re: Subscribe to thread error
tfw i try to leave helpful info and diff just makes some weird comment on an unimportant part of my post
also btw everything i said is based on fluxbb 1.5.10 so there is a chance whatever the forums are currently on might be slightly different
Offline
#7 2016-09-12 03:01:33
- Different55
- Forum Admin
- Joined: 2015-02-07
- Posts: 16,574
Re: Subscribe to thread error
Patches have been applied to bring us up to 1.5.10
"Sometimes failing a leap of faith is better than inching forward"
- ShinsukeIto
Offline
#8 2016-09-13 15:23:54, last edited by Ratburntro44 (2016-09-13 15:27:02)
- Ratburntro44
- Member
- Joined: 1970-01-01
- Posts: 1,382
- Website
Re: Subscribe to thread error
Okay, the best explanation I can think of is
- you clicked the subscribe button
- the request was sent
- your internet connection changed while loading, and your browser sent a new request
- this request got a csrf error since you were on a new up
- the old request still changed your subscription status
- you went back to a cached version of the page that still had a subscribe button
- then ??????? I'm not totally sure what your description is saying beyond that point
Is this happening repeatedly, on a stable internet connection? If so then this explanation doesn't really make sense, but I'm not sure what else it could be here.
Edit: by total coincidence my wifi disconnected after posting this and I accidentally pressed the subscribe button, and got a similar result to this
Offline
#9 2016-09-13 22:12:26
- hummerz5
- Member
- From: wait I'm not a secret mod huh
- Joined: 2015-08-10
- Posts: 5,852
Offline
#10 2016-09-14 00:01:07, last edited by Koya (2016-09-18 11:59:55)
- Koya
- Fabulous Member
- From: The island with those Brits
- Joined: 2015-02-18
- Posts: 6,310
Re: Subscribe to thread error
koya, you don't happen to be running any of those fancy addons you carry around every now and then that might be making requests that mess up the csrf?
Nothing that would be causing this error.
Edit: Closed b/c as far as I know this is fixed.
Thank you eleizibeth ^
I stack my signatures rather than delete them so I don't lose them
Offline
Pages: 1
Topic closed
[ Started around 1714166636.7698 - Generated in 0.035 seconds, 12 queries executed - Memory usage: 1.47 MiB (Peak: 1.62 MiB) ]