Skip to main content
Recent Posts
35
Support / Re: Token verification failed. Please go back and try again.
Last post by Steeley -
Quote from: ahrasis –
chmod 777: Everything for everyone. This command will give read, write and execute permission to the owner, group and public. chmod 777 is considered potentially dangerous because you are giving read, write and execute permission on a file/directory to everyone (who is on your system). You should totally avoid it.


One - if there's a permission issue, 0777 will expose it. It will also confirm it's not a permission issue with a file or directory if the problem doesn't go away. Typically, if there's a permission issue, one would then go chase down the cause and fix that. In the end, it can be put back to original (or at least to something less  permissive than 0777 that still works (In my case for example, an update to my server caused attachments to suddenly fail posting. I changed the permissions on the attachment directory from 0755 to 0777 and voilla! 

Two - unless someone has access to the server file system, they're not going to be able to do anything regardless of the permissions settings, and if they do have access to the file system, depending on their status or group they may also be able to change the permissions on a file or directory anyway, right?
(In my case, since the only ones who have access to my file system are me and my host, I just left that folder as 0777.

In this case, I suspect you're right about the token or cookie, although "being nothing" isn't entirely accurate since Radu81 said "I am not able to make any edits on Add-on settings pages.."

36
Support / Re: Token verification failed. Please go back and try again.
Last post by ahrasis -
First, why I think it is not a good idea?
Quotechmod 777: Everything for everyone. This command will give read, write and execute permission to the owner, group and public. chmod 777 is considered potentially dangerous because you are giving read, write and execute permission on a file/directory to everyone (who is on your system). You should totally avoid it.

Second, I could agree that it could be a cookie problem but I could not say anything more. I unfortunately do not think Debian 12 or nginx is the problem.

By the way, the token verification failed could just be nothing too:
Quote from: emanuele – Token failed is "kind" of normal in certain conditions.
The tokens are a security feature that (simplifying) allows to submit a form only once, that way, if you are tricked to submit data of a form by an hacker or so, it's very difficult to get the token right, and most likely you'll face the token verification failed.

Unfortunately, you'll get the same error if for example you submit a form, receive an error and you use the "back" button of the browser to go back, because what happens is:
Elk generates a token and adds it to the form
 you submit the form
first thing that Elk does is check if the token is correct, if it is, the token is invalidated and the program proceeds
 Elk generates an error maybe because you set something wrong and gives you the "fatal error page" with the "back" button
if you use the browser's back button, you will come back to the original form, but this form contains the token that has been invalidated
 you re-submit the form
* Elk verifies the token, but it finds it was invalidated and gives you the "token verification failed" error.
37
Support / Re: Token verification failed. Please go back and try again.
Last post by radu81 -
I think it was a cookie problem, I did not do anything, I just used the same browser in incognito mode and everything worked fine.

This could be related to a server change which I did a few months ago. I migrated from Ubuntu 18 to Debian 12, and in that situation I used the repair_settings.php several times. I know Ubuntu 18 reached his eol last year, but that configuration worked so fine for my forum for the last 6 years... Now I'm using a different configuration, on the old vps I used Nginx in front of Apache, now I don't use Apache anymore.
39
Support / Re: Token verification failed. Please go back and try again.
Last post by Steeley -
Quote from: ahrasis – I don't think changing the index.php permissions to 0777 is a good idea, though you can try, since the complaint is about about editing issue in the addon settings page.


quick and simple to try and rule out. I don't know all of what is being changed in the edit but, since he has another forum that is not experiencing the error, he can make a similar change in that forum, see what files were updated (last modified date/time), and then in the other forum 0777 those files, or maybe the whole folder. Probably won't change anything and can be set back to the original permissions, but if it does, well {blush} :zany_face: 
40
Support / Re: Token verification failed. Please go back and try again.
Last post by ahrasis -
I don't think changing the index.php permissions to 0777 is a good idea, though you can try, since the complaint is about about editing issue in the addon settings page.

Edited: The issue could be because of your theme or one of the addon. Try reading this:

https://www.elkarte.net/community/index.php?topic=3760.0

You could also try:
Code: [Select]
# 301 REDIRECT HTTP TO HTTPS AND WWW TO NON-WWW
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [L,NE,R=301]
</IfModule>
Adjust accordingly for your site/forum.