Comments (10)
@caugheygm If you would like, there is a branch (issue-313-csrf-magic) that switches out the CSRF library with a different one. The old one always seemed grumpy so wondering if the changes in this branch might resolve your issues.
from opendocman.
What version of OpenDocMan are you using?
from opendocman.
What version of OpenDocMan are you using?
OpenDocMan v 1.4.4
from opendocman.
@caugheygm I just performed a test installation on a hosting system and using a folder-based URL like you did I was able to install and then login without any issues.
The place where the base_url is computed is in functions.php line 881.
Add this line after line 890:
sprintf("%s://%s", $proto, $_SERVER['HTTP_HOST'].dirname($_SERVER['REQUEST_URI']);exit;
Try to login again and let me know the output.
from opendocman.
Good morning,
I inserted your line of code at line 891 of file 'functions.php' and tried it again. This experiment shows no error message but no page either just blank screen. I then reopened 'functions.php' and commented out your line of code to see what happens. The output shows the same error message as before with no other output.
from opendocman.
Sorry, that line is missing echo:
echo sprintf("%s://%s", $proto, $_SERVER['HTTP_HOST'].dirname($_SERVER['REQUEST_URI']);exit;
from opendocman.
@caugheygm If you would like, there is a branch (issue-313-csrf-magic) that switches out the CSRF library with a different one. The old one always seemed grumpy so wondering if the changes in this branch might resolve your issues.
Hi
I have the same issue and resolved with your code.
but your code have a mistake and right code is:
echo sprintf("%s://%s", $proto, $_SERVER['HTTP_HOST'].dirname($_SERVER['REQUEST_URI']));exit;
from opendocman.
@caugheygm If you would like, there is a branch (issue-313-csrf-magic) that switches out the CSRF library with a different one. The old one always seemed grumpy so wondering if the changes in this branch might resolve your issues.
Hi
I have the same issue and resolved with your code.
but your code have a mistake and right code is:
echo sprintf("%s://%s", $proto, $_SERVER['HTTP_HOST'].dirname($_SERVER['REQUEST_URI']));exit;
@sarazavi Yes, typo there, thanks. Did the issue-313-csrf-magic branch resolve your problem?
from opendocman.
@caugheygm If you would like, there is a branch (issue-313-csrf-magic) that switches out the CSRF library with a different one. The old one always seemed grumpy so wondering if the changes in this branch might resolve your issues.
Hi
I have the same issue and resolved with your code.
but your code have a mistake and right code is:
echo sprintf("%s://%s", $proto, $_SERVER['HTTP_HOST'].dirname($_SERVER['REQUEST_URI']));exit;@sarazavi Yes, typo there, thanks. Did the issue-313-csrf-magic branch resolve your problem?
Yes. This line resolved my problem.
from opendocman.
Hi Stephen, sorry about just getting back to you this slow, I have an update regarding my issue. After about a dozen installs with OpenDocMan-1.4.4 and having the same error message "403 Access Forbidden by CSRFProtector!" every time it's now working just fine. I have no explanation for this. I did another fresh install in preparation for adding your revised code string and trying again. However, this last time I did the auto-installation, did the initial admin login and edited the configuration file and then logged off. Same process I'd done all the other attempts.
Before editing 'functions.php' I decided to try and logon again and then like magic OpenDocMan worked and has kept on working without any issues. Go figure...
If anything goes wrong down the road I'll edit that code string in and drop you a note as to the results. Maybe I should just edit it in right now?
Thanks, Greg
from opendocman.
Related Issues (20)
- Error when saving the Settings page.. HOT 1
- Turkish language cleanup HOT 1
- sql error when update to 1.4.4 HOT 4
- Store uploaded files with their original filename
- User with Review rights in other dept cannot see the file permitted for him
- I log in to the open doc man, log in and then it tells me that the page has not been found HOT 2
- 403 Access Forbidden by CSRFProtector! HOT 4
- I can't view the file in the web browser HOT 1
- Warning: Smarty error: unable to read resource: "[...]opendocman-1.4.4-release//templates/common/login.tpl" in [...]/includes/smarty/Smarty.class.php on line 1094
- Trying to get in touch regarding a security issue
- Convert six variable assignments to the usage of combined operators
- Security Vulnerability - Unrestricted File Upload
- PHP Fatal error: Uncaught PDOException: SQLSTATE[42000]:
- No controls over files that users who sign up can see
- Deprecated Methods
- installation problem HOT 5
- Versión 2.0 ? HOT 1
- Can´t upload large PDF files
- Logon takes long time when using FQDN in mysql connection
- This project is dead? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from opendocman.