Member-Login: "Invalid Request Token" if member logs in after logout #11
Comments
|
Same here, in Contao 4.4.20 everything seemed to be working fine. I noticed that it only happens in app.php, not in app_dev.php. When clearing all cookies and opening my page in app.php, PHPSESSID is not set until I try to login. That fails and if I try again, it works, because then the PHPSESSID has been set. |
|
Does this only affect Contao 4.4? Because I have just tried it in the online demo (Contao 4.5) and the problem does not occur there. |
|
Mhm, didn‘t try that, sry. |
|
I can only reproduce it in Contao 4.4. |
|
Yep, reproduced in Contao 4.4. ... Contao 4.5 is fine. |
|
What's the time horizon for 4.4.22? Don't want to push, just for information so that I can tell that to my customer ;-) No need for a detailed info, but will it be 1 day, 1 week, 1 month... ? Thanks! If it took longer, I would just downgrade to 4.4.20. |
|
Fixed in 7a980dd. |
ghost
mentioned this issue
leofeyer
pushed a commit
that referenced
this issue
Aug 4, 2020
Description ----------- With @Toflar we have discovered by accident that if a URL is double-encoded (for some reason, doesn't matter) the Contao's `RouteProvider` will eventually throw an error trying to query a database. ``` URL original: drachenlochmuseum-v%25c3%25a4ttis.html URL decoded: drachenlochmuseum-v%c3%a4ttis.html URL decoded 2nd time: drachenlochmuseum-vättis.html ``` The decoded URL is used in the database query and that fails because the database driver would like to replace wildcards `%c` with parameters that were not provided. Stack trace: ``` Exception: Too few arguments to build the query string #27 vendor/contao/core-bundle/src/Resources/contao/library/Contao/Database/Statement.php(304): replaceWildcards #26 vendor/contao/core-bundle/src/Resources/contao/library/Contao/Database/Statement.php(249): execute #25 vendor/contao/core-bundle/src/Resources/contao/library/Contao/Model.php(1102): find #24 vendor/contao/core-bundle/src/Resources/contao/library/Contao/Model.php(973): findBy #23 vendor/contao/core-bundle/src/Framework/Adapter.php(38): __call #22 vendor/contao/core-bundle/src/Routing/RouteProvider.php(493): findPages #21 vendor/contao/core-bundle/src/Routing/RouteProvider.php(88): getRouteCollectionForRequest #20 vendor/contao/core-bundle/src/Routing/LegacyRouteProvider.php(43): getRouteCollectionForRequest #19 vendor/symfony-cmf/routing/src/NestedMatcher/NestedMatcher.php(141): matchRequest #18 vendor/contao/core-bundle/src/Routing/Matcher/LegacyMatcher.php(69): matchRequest #17 vendor/symfony-cmf/routing/src/DynamicRouter.php(271): matchRequest #16 vendor/symfony-cmf/routing/src/ChainRouter.php(188): doMatch #15 vendor/symfony-cmf/routing/src/ChainRouter.php(158): matchRequest #14 vendor/symfony/http-kernel/EventListener/RouterListener.php(115): onKernelRequest #13 vendor/symfony/event-dispatcher/EventDispatcher.php(212): doDispatch #12 vendor/symfony/event-dispatcher/EventDispatcher.php(44): dispatch #11 vendor/symfony/http-kernel/HttpKernel.php(126): handleRaw #10 vendor/symfony/http-kernel/HttpKernel.php(67): handle #9 vendor/symfony/http-kernel/Kernel.php(198): handle #8 vendor/symfony/http-kernel/HttpCache/SubRequestHandler.php(85): handle #7 vendor/symfony/http-kernel/HttpCache/HttpCache.php(448): forward #6 vendor/symfony/framework-bundle/HttpCache/HttpCache.php(57): forward #5 vendor/symfony/http-kernel/HttpCache/HttpCache.php(420): fetch #4 vendor/contao/manager-bundle/src/HttpKernel/ContaoCache.php(46): fetch #3 vendor/symfony/http-kernel/HttpCache/HttpCache.php(317): lookup #2 vendor/symfony/http-kernel/HttpCache/HttpCache.php(192): handle #1 vendor/friendsofsymfony/http-cache/src/SymfonyCache/EventDispatchingHttpCache.php(98): handle #0 web/app.php(58): null ``` Commits ------- 8ae2582 Fix a potential error if the URL has percentage in it 8caaf25 Fix unit tests 509f762 Correctly encode the page aliases
leofeyer
pushed a commit
that referenced
this issue
Nov 24, 2021
Description ----------- Follow up on #3594. This PR provides 3 new commands: - `contao:backup:create` - to create a new backup - `contao:backup:restore` - to restore a given backup - `contao:backup:list` - to list all available backups Configuration options: - The maximum number of backups Contao should keep (defaults to `5`). - The target directory where it should manage the backups (defaults to `var/backups`) - Tables to ignore for backups (defaults to things like the search index or our crawler queue) Additional features: - Our `contao:migrate` command now automatically creates a backup before migrating which makes things a lot safer :-) You can optionally disable it using `--no-backup`. - `--format=json` support for the `create` and `list` commands for a possible future integration in e.g. the Contao Manager. Impressions: <img width="857" alt="Bildschirmfoto 2021-11-01 um 14 04 31" src="https://user-images.githubusercontent.com/481937/139678077-132216f1-1871-438d-9e67-a25d06573cfd.png"> <img width="876" alt="Bildschirmfoto 2021-11-01 um 14 04 50" src="https://user-images.githubusercontent.com/481937/139678092-6a9294d5-86f5-4262-8e25-c6c2a80106d9.png"> <img width="735" alt="Bildschirmfoto 2021-11-01 um 14 05 03" src="https://user-images.githubusercontent.com/481937/139678119-904c3dab-e18a-46ce-97a6-ed18e6cd96ae.png"> ToDo: - [x] Tests Commits ------- cc22a7b Implemented a contao:database:import command 8d4f737 Implemented a contao:database:dump command cdee069 Merge branch 'feature/db-dump-command' into feature/db-cli * feature/db-dump-command: Implemented a contao:database:dump command cbccc8d Merge branch 'feature/db-import-command' into feature/db-cli * feature/db-import-command: Implemented a contao:database:import command a16f8ef CS f51b5bf Dump to var folder by default 84fed4c Allow to configure the default tables that are ignored during a db dump e2d8757 Extracted db dumping logic into service 7b953b8 CS 421bbe2 Create a backup by default when running contao:migrate d52d4a5 Rename class 08a0d4d Huge rework dad5a8a CS e8dab2b CS a82d088 Make sure we know when a dump has been generated 24414a8 Switching to backup implementation c1ef6b5 Ignore comments 9dd390a Handle creating and restoring backups as transactions c8754a8 Allow to disable the backup origin check 6e22890 Fixed restore logic 2010573 Added json format 57f44e7 Consider ndjson format in migrate command 56f2c3b Added tests for the contao:backup:create command and fixed issues found along the way f2a2fcb Use previous exception 72abbf7 Be explicit in config dd913db Added tests for contao:backup:list 4ac742c Added tests for contao:backup:restore and introduced json support there as well c6a2412 Added tests for configuration and extension 9b78bc8 Added tests for Backup and fixed issues found along the way c67270f Added tests for CreateConfig and RestoreConfig 147dbd9 Validate filepath with a regex bb18de3 Test everything but restore and dump in BackupManager 7df7885 Extracted dependency on slimdump in favor of a simple interface in order to split deps properly and allow for proper testing and other use cases f79e04a Added tests for create method and fixed issue with error handling 67550f7 Typo eaa281c Test tidying up directory works as expected and fixed issues found along the way de9aae9 Finished full coverage for BackupManager 504fe84 Covered last class with unit tests 26fbbb9 Merge branch '4.x' into feature/cli-backups d64931c Use Composer OAuth token c950d5c Made tests more platform independent 84ba8a2 Revert "Use Composer OAuth token" This reverts commit d64931c. 9f8a112 Implemented our own dumper class dbab5fe Fixed definition fb2e728 CS e819afd Test cb1b100 CS fa794c8 Trying to fix those freakin tests 064e5c7 CS 1e74fe4 fix Windows test issues (#8) cb0b550 Remove obsolete comment 5226362 Remove obsolete config option dc46cf9 Added support for views 583f44d Moved responsibility of writing the actual backup files from the dumper to the backupmanager, Generators FTW! 0b9e02a CS a6e752f Reuse dumper mock 2511bc8 More reuse 0d66994 Improve phpdocs 08d98c8 Improved docs 06083e8 Added support for extending or shortening an existing tables ignore list 5d90957 CS ccb2def Merge branch '4.x' into feature/cli-backups 9907144 Update core-bundle/src/Doctrine/Backup/Backup.php Co-authored-by: Fritz Michael Gschwantner <fmg@inspiredminds.at> 2669df7 Human readable information might be locale dependent and shouldn't be part of the Backup object itself ec5184d Fixed missing ndjson feedback for successful backup creation in contao:migrate 993e4f1 Fixed tests 5d09bc9 Update core-bundle/src/Doctrine/Backup/BackupManager.php Co-authored-by: Martin Auswöger <martin@auswoeger.com> bd41a27 Merge branch '4.x' into feature/cli-backups 136909b CS e922422 CS (#11) a11da20 CS
leofeyer
referenced
this issue
in leofeyer/contao
Mar 22, 2022
Description ----------- See contao#2863 and contao#2870 As this is a new class we should release version 4.3.0 afterwards I guess? Commits ------- 0571feb5 Add DeprecatedClassesPhpunitExtension 88b37948 Fix a typo
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Affected version(s)
contao/core-bundle:4.4.21
contao/installation-bundle:4.4.21
Description
If a member logs in after he has logged out the following error is displayed:
How to reproduce
Login > Logout > Login
The text was updated successfully, but these errors were encountered: