Loading...
 
Architecture / Installation

Architecture / Installation

Forum List Topic List

Forums » Architecture / Installation » Sea Surfing (CSRF) detected. Operation blocked.
 
Thread actions
PDF Print this page
  • Print all pages

    • Sea Surfing (CSRF) detected. Operation blocked.

    Posted by Dirk Deimeke posts: 2 Germany

    Hi out there,

    I installed Tikiwiki 1.8.1 on a mainframe linux (Kernel 2.4.21, Apache 1.3.26, PHP 4.2.2, MySQL 3.23.52).

    In php.ini I adjusted the memory limit to 32M for seeing anything.

    Now, after initially login in as admin/admin, I am forced to update the password.

    After updating the password the error message "Sea Surfing (CSRF) detected. Operation blocked." is diplayed.

    Tested with Mozilla 1.5 and IE 6.0 (Windows) and also with Konqueror 3.2.0 and Mozilla 1.4 (Linux).

    Cookies were enabled in all browsers.

    Reads: 1328
    Link
    Posted by Philippe Cloutier posts: 1001 Canada

    Hi,
    first make sure that when you try this you only have one browser window opened. Then if it doesn't work, disable feature_ticketlib from tiki_preferences table.
    You could then turn it on again after you can at least perform a first login from Admin -> Login, this feature is for security.

    Link
    Posted by Dirk Deimeke posts: 2 Germany

    Chealer9:

    Sorry, but there is no feature_ticketlib in this table.

    There are only "feature_t%':
    feature_tasks
    feature_theme_control
    feature_top_bar
    feature_trackers

    I added "feature_ticketlib" with a value of "n". Now it works.

    Thanks for your support.

    Regards

    Dirk

    P.S.: Maybe the programmers should add this line to the sql-script.

    Link

    Posted by Dirk Deimeke posts: 2 Germany

    Chealer9:

    Sorry, but there is no feature_ticketlib in this table.

    There are only "feature_t%':
    feature_tasks
    feature_theme_control
    feature_top_bar
    feature_trackers

    I added "feature_ticketlib" with a value of "n". Now it works.

    Thanks for your support.

    Regards

    Dirk

    P.S.: Maybe the programmers should add this line to the sql-script.

    Link