Forums

Hello,

I've had a form up to RSVP for a series of events my company is having. I recently was made aware that some people trying to submit the form were receiving errors. I went and submitted some practice forms and found that it was only when the form was used on Mozilla Firefox that the problem was occurring. When you clicked submit it would keep you on our website but said "You are not authorized to view this URL" or something along those lines. I stripped all the plugins off the form and changed the name and corresponding links of the form and then finally recreated it all from scratch. Still the problem wasn't fixed. As of about 5 minutes ago it seems to have fixed itself, but I know that we have lost dozens of RSVPs already and since I did nothing to fix the problem I'm scared it's going to relapse to how it was before.

Belowis the URL for the form if that helps. Again, it works just fine with Explorer and has since I created it. I'm not sure how long the problem has been occurring with Firefox to even narrow down what may have caused it.

http://21stcenturydems.org/index.php/component/chronocontact/?chronoformname=rsvp

Hi Jared21dem,

Unfortunately I'm not seeing any problems.

Try commenting out these lines in chronocontact.php (around line 110)

	// Block SPAM through the submit URL
	if((!JRequest::checkToken()) && $MyForm->formparams('checkToken', 1)){
		echo "You are not allowed to access this URL";
		return;
	}

Bob

Bob,

Sorry, I just didn't understand what this meant.

Try commenting out these lines in chronocontact.php (around line 110)

Bob

Our web consultant suggested I delete and reinstall the entire component so I did that and it didn't fix anything; it still won't work with firefox.

I'll try what you're suggesting next once I figure out how.

Thanks again,

Jared

Hi Jared,

Sorry, I failed to paste in the code lines. I've edited my earlier post to include them.

Reinstalling won't help this is a little quirk that ChronoForms seems to have with one of the Jooml security features. There's a more detailed post about it somewhere here by Fredrik.

Bob

Thanks. Where do I find the code chronocontact.php to delete those lines? I've been searching with no luck

Hi Jared,

components/com_chronocontact/chronocontact.php

Bob

Bob,

The other problem, is often even when for form works, the first time they hit submit it tells them they need to to log in with the little blue circle warning symbol. I changed the form to resend if there's an error so now at least the form shows back up and if they take the time to try again it will work correctly. My fear, however, is that people are not bothering to try a second time.

Jared

Hi Jared,

Then there's something odd in the form or the site setup. There's nothing in ChronoForms that requires users to be registered or logged in.

Bob

Bob,

I was worried that may be the case. Our web consultant is on vacation so I have been trying to learn all this on the go since we need it functioning properly for our event on Thursday and next Tuesday.

I still haven't been able to figure out how to access components/com_chronocontact/chronocontact.php in order to fix the code. I tried looking around Joomla and editing the HTML through form manager, as well as typing 21stcenturydems.org/components/com.... and haven't been able to come up with anything. If you could please point me in the right direction as to where I need to click to gain access to the code in order to delete those lines my boss and I would be very grateful.

Jared

Hi Jared,

You'll either need to access the folders by FTP OR install the eXtplorer Joomla extension that will allow you to edit site files from within the admin area.

Bob

It worked! You guys are amazing. Thanks for your patience.

Jared

Hi Jared & Bob,
The blue warning-icon and "you must login" message is a side-effect of the JRequest::checkToken() test being done on a "new" (or expired/restarted) session. Possible scenarios would be that the session expired and the data was removed by the Garbage Collector (GC), or the GC is a bit greedy deleting still valid session data. Another possibility would be that the server does not send proper cookie data to the client, as I've discovered when troubleshooting a different thread here on the forum.

Unfortunately, apart from removing the JRequest::checkToken() test, there's not much you can do with ChronoForms to sort this issue. If your clients are taking too long filling out the form, you could try to increase the session timeout, or add some keepalive code (adding a line such as <? JHTML::_('behavior.keepalive'); ?> to the top of your form), though this is not a "fixall"..

/Fredrik