Answered Request denied

Status
Not open for further replies.

kuna199

Core license
License owner
Joined
Aug 5, 2017
Messages
18
Likes
1
Points
53
Location
India
#1
Website URL
<private>

Chevereto version
3.10.12

Description of the issue
I unable to login my admin panel when i try to login it show

Request denied
You either don't have permission to access this page or the link has expired.

When I try to login as a user it show also unable to upload any image.
 

kuna199

Core license
License owner
Joined
Aug 5, 2017
Messages
18
Likes
1
Points
53
Location
India
#2
Hello, Are you there ? Kindly quickly look over my problem.
 

Rodolfo

Chevereto Guru
Staff member
Joined
Oct 7, 2008
Messages
15,939
Likes
4,117
Points
237
Location
Chevereto HQ
Website
rodolfoberrios.com
#3
Hello, Are you there ? Kindly quickly look over my problem.
I'm not anywhere near a computer but I will check this today soon as I'm able to.

P.S. Please remember that support runs only on weekdays and you posted this at 10 pm last Friday.
 

Rodolfo

Chevereto Guru
Staff member
Joined
Oct 7, 2008
Messages
15,939
Likes
4,117
Points
237
Location
Chevereto HQ
Website
rodolfoberrios.com
#4
There are two problems in your website.

1. Sessions are not handled properly. To check this, do the following:
- Open your website, then open the browser console (F12), enter this code and then hit enter.
Code:
PF.obj.config.auth_token
You will get the auth_token value, which is like the signature of each visitor.
- Repeat the first step, you will notice that the auth_token value changes.

The system checks if sessions are working properly (save), but the system can't tell when the session value is the actual value needed or not (read). In other words, the system can't tell when your server isn't working properly. You should always get the same PF.obj.config.auth_token value for your current browsing session. You can check this on the demo which should always return the same signature.

Most likely you have a session cache issue? Maybe you tweaked how sessions work in your webserver? In any case, please note that your server tweaking is on your own and it is outside the scope of support to fix your server for you.

Pay attention to the bottom of this documentation https://chevereto.com/docs/server-issues where you will learn how to use a different session save path (it will help you to determine if the issue is related to permissions or not).

2. You used HTML code as JS code.

I got this on L35

1523909363482.png

The code looks like this:

1523909409117.png

This is not JS code, it is HTML code:
HTML:
<script src="//luckypushh.com/ntfc.php?p=1602141"data-cfasync="false"async></script>
You may want to add that custom HTML code as hook. https://chevereto.com/docs/theme
 
Status
Not open for further replies.