I have figured out about 3 issues with the chrono froms and some with the help of the chrono admins. It's seems I have one last issue that is halting progress. I get the error message of "Your session has expired. Please log in again." when ever I hit submit on any browser for the first time. It works after that but if I wait about an hour or 2 i get the error message again and it takes a 2nd time to get it to go through. It happens in the latest browsers of I.E., Firefox, Safari and Chrome. It happens at work and at home. The web address is http://www.star1studios.com/home/index.php/contact and debug will be on just in case.
Forums
Your session has expired. Please log in again.
Hi nokki00,
That sounds entirely consistent with the Joomla session behaviour. The session length is set in the Site Global Configuration and the defult is 15 minutes.
The error message is because Joomla uses a security token to check that the the form is being submitted by the same user who loaded it and the token is stored in the user session.
You can extend the session length in your site global configuration; or you can turn the security token check off in the Form General Tab. Both have potential security risks.
Bob
That sounds entirely consistent with the Joomla session behaviour. The session length is set in the Site Global Configuration and the defult is 15 minutes.
The error message is because Joomla uses a security token to check that the the form is being submitted by the same user who loaded it and the token is stored in the user session.
You can extend the session length in your site global configuration; or you can turn the security token check off in the Form General Tab. Both have potential security risks.
Bob
My session length was set to 45 mins. and the token was already turned off. This happens with any new user trying to submit the form which makes it pointless to use if it does that for the first time and then clear the fields. No one will want to send anything. Even if it is Joomla session handler it got to be a setting to change other than opening up security risk to resolve an issue. I have seen similar issues with "Your session has expired. Please log in again." and some of which look like it was never resolved. Is there another solution to resolve this? It seems to be common.
Hi nokki00,
I see the message OK - but if it's not the session toekn that I don't have anything useful to suggest. I open many ChronoForms forms for the first time and don't see this message so I have to suggest that it's something to do with your site configuration.
Sorry not to be more helpful.
Bob
I see the message OK - but if it's not the session toekn that I don't have anything useful to suggest. I open many ChronoForms forms for the first time and don't see this message so I have to suggest that it's something to do with your site configuration.
Sorry not to be more helpful.
Bob
Hi nokki00 & Bob,
I believe I have an idea of this. Disabling the token-check actually does not disable the actual checking of the token, but merely tells CF to ignore the result. As such, the session would still be destroyed, causing J!1.5 to "intervene" and display the "Session expired" message.
Php makes use of "lazy evaluation" in conditionals; that is, don't evaluate more than needed to get a result. In the code below, that results into first doing the JRequest::checkToken() and get the boolean inverse. If this evaluates to False (the token is valid), the second parameter of the "and" operator is not needed, and thus not evaluated. If the token is not valid however (we have "True"), the second parameter would be evaluated. Unfortunately, in either case the JRequest::checkToken() method would've already been invoked.
(code located in chronocontact.php around the line 111)
Changing the order should allow us to make use of the lazy evaluation though, and prevent JRequest::checkToken() from ever being invoked:
If you'd still like to keep the token-check enabled, there's a JScript method available that tries to implement a keep-alive function, try adding something like this at the beginning of your form:
/Fredrik
I believe I have an idea of this. Disabling the token-check actually does not disable the actual checking of the token, but merely tells CF to ignore the result. As such, the session would still be destroyed, causing J!1.5 to "intervene" and display the "Session expired" message.
Php makes use of "lazy evaluation" in conditionals; that is, don't evaluate more than needed to get a result. In the code below, that results into first doing the JRequest::checkToken() and get the boolean inverse. If this evaluates to False (the token is valid), the second parameter of the "and" operator is not needed, and thus not evaluated. If the token is not valid however (we have "True"), the second parameter would be evaluated. Unfortunately, in either case the JRequest::checkToken() method would've already been invoked.
(code located in chronocontact.php around the line 111)
if((!JRequest::checkToken()) && $MyForm->formparams('checkToken', 1)){
echo "You are not allowed to access this URL";
return;
}Changing the order should allow us to make use of the lazy evaluation though, and prevent JRequest::checkToken() from ever being invoked:
if($MyForm->formparams('checkToken', 1) && (!JRequest::checkToken())){
echo "You are not allowed to access this URL";
return;
}If you'd still like to keep the token-check enabled, there's a JScript method available that tries to implement a keep-alive function, try adding something like this at the beginning of your form:
<?php JHTML::_('behavior.keepalive'); ?>/Fredrik
If I use this:
Should I use this:
I had keep alive in form, but that was before Bob pointed me to this thread. I am having issue where form generates errors. Not for me, but for client's clients.
if($MyForm->formparams('checkToken', 1) && (!JRequest::checkToken())){
echo "You are not allowed to access this URL";
return;
}Should I use this:
<?php JHTML::_('behavior.keepalive'); ?>I had keep alive in form, but that was before Bob pointed me to this thread. I am having issue where form generates errors. Not for me, but for client's clients.
Hello,
I am having the same problem with this error message " Your session has expired. Please log in again." and it's really starting to frustrate me and piss me off! My form is one of the main features of my site and I cannot launch a site with a form that gives people an error.
Just like some people above, the form gives the error when the page is first loaded. If you resubmit the form it works fine.
My session time in the Joomla Global Settings is 45 minutes, and token in ChronoForms is turned off. Still having the issue with the form.
I like the ease of use of your form, but I am looking at other form apps for Joomla. If yours won't work, then I'll be forced to move on. I don't want to though because it's working the way I want except for this retarded error problem.
I looked at the code above provided, but I don't know where to put that code, so maybe a tutorial for us that don't know as much about PHP would be nice. Not all of us are experts so a 1 2 3 how to would be nice. And appreciated.
I will keep trying for the next couple of days. But if I find no solution I will be uninstalling your component and leaving negative feedback at the Joomla extension directory. Hate to sound like a jerk, but It shocks me that there is no straight forward fix for this issue. I've read a lot on this and many people are having this issue.
It just bugs me. I want it to work. I want to tell others to get your form component. But I won't if it doesn't work right. I can't recommend a form component with bugs.
You can check out my site to see what it's doing at birdsend.com. It's the form on the homepage for sending someone the middle finger in an email. (that's the point of my site).
anyway I really look forward to fixing this, and appreciate the help. Thanks very much.
Josh C.
I am having the same problem with this error message " Your session has expired. Please log in again." and it's really starting to frustrate me and piss me off! My form is one of the main features of my site and I cannot launch a site with a form that gives people an error.
Just like some people above, the form gives the error when the page is first loaded. If you resubmit the form it works fine.
My session time in the Joomla Global Settings is 45 minutes, and token in ChronoForms is turned off. Still having the issue with the form.
I like the ease of use of your form, but I am looking at other form apps for Joomla. If yours won't work, then I'll be forced to move on. I don't want to though because it's working the way I want except for this retarded error problem.
I looked at the code above provided, but I don't know where to put that code, so maybe a tutorial for us that don't know as much about PHP would be nice. Not all of us are experts so a 1 2 3 how to would be nice. And appreciated.
I will keep trying for the next couple of days. But if I find no solution I will be uninstalling your component and leaving negative feedback at the Joomla extension directory. Hate to sound like a jerk, but It shocks me that there is no straight forward fix for this issue. I've read a lot on this and many people are having this issue.
It just bugs me. I want it to work. I want to tell others to get your form component. But I won't if it doesn't work right. I can't recommend a form component with bugs.
You can check out my site to see what it's doing at birdsend.com. It's the form on the homepage for sending someone the middle finger in an email. (that's the point of my site).
anyway I really look forward to fixing this, and appreciate the help. Thanks very much.
Josh C.
Hey again,
So just to clarify that I do really like your form com, but you all understand my frustration I'm sure. Since my site is depending on users to fill out the form I don't want any hicups.
I think I might have figured it out.
Seams to me that since Joomla has a token, why do I need one for the form. So I used some of the PHP code that Fredrik posted above and then turned off the ChronoForm token in the back end.
So far seems to be working. I will let ya'll know if not.
I am not an expert web designer, or developer. I learn as I go. So this is just for info for my noodle.
Oh, and check out the site. It's still being developed with more features coming soon. But the basic idea is that you can send someone the middle finger in a email. I think it's funny.
Thanks for a cool form feature.
Josh
So just to clarify that I do really like your form com, but you all understand my frustration I'm sure. Since my site is depending on users to fill out the form I don't want any hicups.
I think I might have figured it out.
Seams to me that since Joomla has a token, why do I need one for the form. So I used some of the PHP code that Fredrik posted above and then turned off the ChronoForm token in the back end.
So far seems to be working. I will let ya'll know if not.
I am not an expert web designer, or developer. I learn as I go. So this is just for info for my noodle.
Oh, and check out the site. It's still being developed with more features coming soon. But the basic idea is that you can send someone the middle finger in a email. I think it's funny.
Thanks for a cool form feature.
Josh
(...)
(code located in chronocontact.php around the line 111)
if((!JRequest::checkToken()) && $MyForm->formparams('checkToken', 1)){
echo "You are not allowed to access this URL";
return;
}Changing the order should allow us to make use of the lazy evaluation though, and prevent JRequest::checkToken() from ever being invoked:
if($MyForm->formparams('checkToken', 1) && (!JRequest::checkToken())){
echo "You are not allowed to access this URL";
return;
}(...)[/code]
/Fredrik
Excellent !
Your method works !
I use a cache component, and people had a session problem on the first submitting of a form (or if they had delete their cookies) in spite of the Token OFF.
Now it is solved !
Thank you Fredrik.
Some users have been experiencing this problem. I have not been able to duplicate it, the form works on all of the computers I have tried it from.
Last night I changed the code as explained above in the chronocontact.php file and I turned the CheckToken setting to OFF.
However, this morning I got another e-mail from someone who still can't get the form to work. I have edited the form to say some people are reporting problems with the form and to try to submit it a second time and if it still fails, to e-mail me the information.
Any other ideas? Would telling people to clear their cache help? The redirect URL is a Joomla article I created that says that their form has been successfully submitted, there is no submit URL. I don't really have an understanding of what checkToken is. I have a couple of other forms that are less used but have not gotten any reports of those forms not working. The form name is membership so no special characters.
Last night I changed the code as explained above in the chronocontact.php file and I turned the CheckToken setting to OFF.
if($MyForm->formparams('checkToken', 1) && (!JRequest::checkToken())){
echo "You are not allowed to access this URL";
return;
}However, this morning I got another e-mail from someone who still can't get the form to work. I have edited the form to say some people are reporting problems with the form and to try to submit it a second time and if it still fails, to e-mail me the information.
Any other ideas? Would telling people to clear their cache help? The redirect URL is a Joomla article I created that says that their form has been successfully submitted, there is no submit URL. I don't really have an understanding of what checkToken is. I have a couple of other forms that are less used but have not gotten any reports of those forms not working. The form name is membership so no special characters.
Okay, this maybe points to the problem. I just looked at the error log and it says this:
[25-Aug-2010 10:18:21] PHP Fatal error: Call to undefined function imagecreatefrompng() in /public_html/components/com_chronocontact/chrono_verification.php on line 96
What does this mean?
Line 96 of chrono_verification.php is:
I haven't used any images on my form.
[25-Aug-2010 10:18:21] PHP Fatal error: Call to undefined function imagecreatefrompng() in /public_html/components/com_chronocontact/chrono_verification.php on line 96
What does this mean?
Line 96 of chrono_verification.php is:
}else{
$image = imagecreatefrompng("background.png");I haven't used any images on my form.
Hi pgrgrl,
It's the imageverification Captcha imae. It sounds as though you may not have the PHP GD Graphics library installed. Please check the settings on the Anti_Spam tab and see if there are any errors showing.
Bob
It's the imageverification Captcha imae. It sounds as though you may not have the PHP GD Graphics library installed. Please check the settings on the Anti_Spam tab and see if there are any errors showing.
Bob
This is what it says on the Anti Spam tab:
Use Image verification: No
What type of image to show ? Without Fonts
Error Message You have entered an incorrect verification code at the bottom of the form.
GD Info
All is blank.
Use Image verification: No
What type of image to show ? Without Fonts
Error Message You have entered an incorrect verification code at the bottom of the form.
GD Info
All is blank.
Hi pgrgrl,
Then the GD library almost certainly isn’t installed. What I see is in the image below.
You can either enable the library in php.ini or switch to using the ReCaptcha plugin which does't require the graphics library.
Bob
Then the GD library almost certainly isn’t installed. What I see is in the image below.
You can either enable the library in php.ini or switch to using the ReCaptcha plugin which does't require the graphics library.
Bob
Okay I will try those suggestions. Isn't it odd that only some users would be experiencing a problem while others don't, if this is the issue causing that is error message?
Hi,
Since you've set "Image Verification" to Off, I belive this is unrelated. The error-log most likely originates from the preview in the form manager, not from any users visiting the form.
Are you certain that your users recieve the "session expired" error, and not some other error?
Are you using any plugins, such as the Confirmation Page plugin?
/Fredrik
Since you've set "Image Verification" to Off, I belive this is unrelated. The error-log most likely originates from the preview in the form manager, not from any users visiting the form.
Are you certain that your users recieve the "session expired" error, and not some other error?
Are you using any plugins, such as the Confirmation Page plugin?
/Fredrik
A user emailed me this:
I still get the same “error code”
Message
· Your session has expired. Please log in again.
There is no form with this name or may be the form is unpublished, Please check the form and the url and the form management
I am not using any of the plugins. I was happy to get the basic forms working and writing to the database to start with, and wasn't going to fuss with adding anything extra unless and until I had. to.
I still get the same “error code”
Message
· Your session has expired. Please log in again.
There is no form with this name or may be the form is unpublished, Please check the form and the url and the form management
I am not using any of the plugins. I was happy to get the basic forms working and writing to the database to start with, and wasn't going to fuss with adding anything extra unless and until I had. to.
Hi,
Thank you for double-checking.
Unfortunately, the only piece of code in Joomla that will throw that error, is the checkToken() method. The only place within ChronoForms that call this method is the one mentioned earlier, and within the Confirmation Page plugin.
There are a few hooks to checkToken() in some of the standard Joomla components, but since we're dealing with ChronoForms, I find it very hard for these to come in play..
Just to try and isolate, could you try commenting or removing those 4 lines, and see if the error persists?
/Fredrik
Thank you for double-checking.
Unfortunately, the only piece of code in Joomla that will throw that error, is the checkToken() method. The only place within ChronoForms that call this method is the one mentioned earlier, and within the Confirmation Page plugin.
There are a few hooks to checkToken() in some of the standard Joomla components, but since we're dealing with ChronoForms, I find it very hard for these to come in play..
Just to try and isolate, could you try commenting or removing those 4 lines, and see if the error persists?
/Fredrik
I'm not sure what you want me to try?
Removing the lines of code that I changed in chronocontact.php ?
Removing the lines of code that I changed in chronocontact.php ?
Hi,
Yes, remove them. Or comment them:
/Fredrik
Yes, remove them. Or comment them:
//if($MyForm->formparams('checkToken', 1) && (!JRequest::checkToken())){
// echo "You are not allowed to access this URL";
// return;
// }/Fredrik
Okay, I have commented them.
Now all I can do is wait and see if anyone still reports problems. I'm not sure that user really wants to help me try to troubleshoot it. That is the frustrating thing about troubleshooting an error that you can't recreate.
Thank you for your help, I will let you know if I find out for sure it is working.
Now all I can do is wait and see if anyone still reports problems. I'm not sure that user really wants to help me try to troubleshoot it. That is the frustrating thing about troubleshooting an error that you can't recreate.
Thank you for your help, I will let you know if I find out for sure it is working.
I have not received any more reports of people having any problems, so I think that fixed it.
Fredrik, I also followed your instructions you gave to someone else to configure ReCaptcha, and it works too. Thanks! 8)
Fredrik, I also followed your instructions you gave to someone else to configure ReCaptcha, and it works too. Thanks! 8)
This works thank you.
Line 111 to 114 chronocontact.php
Error fixed.
Hopefully in the next release we can find a different way to block spam.
Line 111 to 114 chronocontact.php
// if($MyForm->formparams('checkToken', 1) && (!JRequest::checkToken())){
// echo "You are not allowed to access this URL";
// return;
// }
Error fixed.
Hopefully in the next release we can find a different way to block spam.
This topic is locked and no more replies can be posted.