Session expired problem |
Ion_auth 3 / CI 3.1.9 / PHP7.1.7
If my site is showing one of its forms and I wait to submit it until the session has expired, I get this error: **An Error Was Encountered The action you have requested is not allowed.** I am expecting to be logged out instead of having this error I use csrf protection, but my forms is working properly if they are submitted before the session has expired. Also, I use Code: form_open() config.php: Code: $config['csrf_protection'] = TRUE; ion_auth.php: Code: $config['remember_users'] = TRUE; // Allow users to be remembered and enable auto-login
That is the usually message for a CSRF verification failure. Per your settings, the CSRF cookie expires after 7200 seconds (2 hours). You may well be logged out, but CSRF is checked before any other processing happens and once the fail is caught execution of the script ends.
(05-08-2019, 08:32 AM)dave friend Wrote: That is the usually message for a CSRF verification failure. Per your settings, the CSRF cookie expires after 7200 seconds (2 hours). You may well be logged out, but CSRF is checked before any other processing happens and once the fail is caught execution of the script ends.Thanks, Dave, your answer lead me to this article: http://www.johnkieken.com/how-to-handle-...left-open/ I will check it out, it seems that it is possible to redirect to the login page which is good enough for me. |
Welcome Guest, Not a member yet? Register Sign In |