• Welcome to the Chevereto user community!

    Here users from all over the world gather around to learn the latest about Chevereto and contribute with ideas to improve the software.

    Please keep in mind:

    • 😌 This community is user driven. Be polite with other users.
    • 👉 Is required to purchase a Chevereto license to participate in this community (doesn't apply to Pre-sales).
    • 💸 Purchase a Pro Subscription to get access to active software support and faster ticket response times.

Request denied

Status
Not open for further replies.

kuna199

Chevereto Member
Website URL
<private>

Chevereto version
3.10.12

Description of the issue
I unable to login my admin panel when i try to login it show

Request denied
You either don't have permission to access this page or the link has expired.

When I try to login as a user it show also unable to upload any image.
 
Hello, Are you there ? Kindly quickly look over my problem.

I'm not anywhere near a computer but I will check this today soon as I'm able to.

P.S. Please remember that support runs only on weekdays and you posted this at 10 pm last Friday.
 
There are two problems in your website.

1. Sessions are not handled properly. To check this, do the following:
- Open your website, then open the browser console (F12), enter this code and then hit enter.
Code:
PF.obj.config.auth_token
You will get the auth_token value, which is like the signature of each visitor.
- Repeat the first step, you will notice that the auth_token value changes.

The system checks if sessions are working properly (save), but the system can't tell when the session value is the actual value needed or not (read). In other words, the system can't tell when your server isn't working properly. You should always get the same PF.obj.config.auth_token value for your current browsing session. You can check this on the demo which should always return the same signature.

Most likely you have a session cache issue? Maybe you tweaked how sessions work in your webserver? In any case, please note that your server tweaking is on your own and it is outside the scope of support to fix your server for you.

Pay attention to the bottom of this documentation https://chevereto.com/docs/server-issues where you will learn how to use a different session save path (it will help you to determine if the issue is related to permissions or not).

2. You used HTML code as JS code.

I got this on L35

1523909363482.png

The code looks like this:

1523909409117.png

This is not JS code, it is HTML code:
HTML:
<script src="//luckypushh.com/ntfc.php?p=1602141"data-cfasync="false"async></script>

You may want to add that custom HTML code as hook. https://chevereto.com/docs/theme
 
Status
Not open for further replies.
Back
Top