View Issue Details

This bug affects 1 person(s).
 14
IDProjectCategoryView StatusLast Update
14394Bug reportsCentral participant databasepublic2019-01-31 10:22
ReporterdominikvittAssigned ToDenisChenu  
PrioritynoneSeveritypartial_block 
Status closedResolutionfixed 
Product Version3.15.x 
Fixed in Version3.15.x 
Summary14394: CHttpException message when exporting participants
Description

There is a error message when trying to export participants:
CHttpException: The CSRF token could not be verified.

Same error message when trying to export participants using mass action dropbox.

Steps To Reproduce

Debug mode is turned on.
Open Central participant database --> Export all participants --> Export button.

Also, select checkbox for participant and click Export on mass action dropbox.

Additional Information

Error message file is attached.

TagsNo tags attached.
Bug heat14
Complete LimeSurvey version number (& build)
I will donate to the project if issue is resolved
Browser
Database type & version
Server OS (if known)
Webserver software & version (if known)
PHP Version

Relationships

has duplicate 14472 closedDenisChenu Central participants not exporting 

Users monitoring this issue

User List madvet

Activities

dominikvitt

dominikvitt

2019-01-03 17:53

developer  

CHttpException.html (16,084 bytes)   
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>CHttpException</title>

<style type="text/css">
/*<![CDATA[*/
html,body,div,span,applet,object,iframe,h1,h2,h3,h4,h5,h6,p,blockquote,pre,a,abbr,acronym,address,big,cite,code,del,dfn,em,font,img,ins,kbd,q,s,samp,small,strike,strong,sub,sup,tt,var,b,u,i,center,dl,dt,dd,ol,ul,li,fieldset,form,label,legend,table,caption,tbody,tfoot,thead,tr,th,td{border:0;outline:0;font-size:100%;vertical-align:baseline;background:transparent;margin:0;padding:0;}
body{line-height:1;}
ol,ul{list-style:none;}
blockquote,q{quotes:none;}
blockquote:before,blockquote:after,q:before,q:after{content:none;}
:focus{outline:0;}
ins{text-decoration:none;}
del{text-decoration:line-through;}
table{border-collapse:collapse;border-spacing:0;}

body {
	font: normal 9pt "Verdana";
	color: #000;
	background: #fff;
}

h1 {
	font: normal 18pt "Verdana";
	color: #f00;
	margin-bottom: .5em;
}

h2 {
	font: normal 14pt "Verdana";
	color: #800000;
	margin-bottom: .5em;
}

h3 {
	font: bold 11pt "Verdana";
}

pre {
	font: normal 11pt Menlo, Consolas, "Lucida Console", Monospace;
}

pre span.error {
	display: block;
	background: #fce3e3;
}

pre span.ln {
	color: #999;
	padding-right: 0.5em;
	border-right: 1px solid #ccc;
}

pre span.error-ln {
	font-weight: bold;
}

.container {
	margin: 1em 4em;
}

.version {
	color: gray;
	font-size: 8pt;
	border-top: 1px solid #aaa;
	padding-top: 1em;
	margin-bottom: 1em;
}

.message {
	color: #000;
	padding: 1em;
	font-size: 11pt;
	background: #f3f3f3;
	-webkit-border-radius: 10px;
	-moz-border-radius: 10px;
	border-radius: 10px;
	margin-bottom: 1em;
	line-height: 160%;
}

.source {
	margin-bottom: 1em;
}

.code pre {
	background-color: #ffe;
	margin: 0.5em 0;
	padding: 0.5em;
	line-height: 125%;
	border: 1px solid #eee;
}

.source .file {
	margin-bottom: 1em;
	font-weight: bold;
}

.traces {
	margin: 2em 0;
}

.trace {
	margin: 0.5em 0;
	padding: 0.5em;
}

.trace.app {
	border: 1px dashed #c00;
}

.trace .number {
	text-align: right;
	width: 2em;
	padding: 0.5em;
}

.trace .content {
	padding: 0.5em;
}

.trace .plus,
.trace .minus {
	display:inline;
	vertical-align:middle;
	text-align:center;
	border:1px solid #000;
	color:#000;
	font-size:10px;
	line-height:10px;
	margin:0;
	padding:0 1px;
	width:10px;
	height:10px;
}

.trace.collapsed .minus,
.trace.expanded .plus,
.trace.collapsed pre {
	display: none;
}

.trace-file {
	cursor: pointer;
	padding: 0.2em;
}

.trace-file:hover {
	background: #f0ffff;
}
/*]]>*/
</style>
</head>

<body>
<div class="container">
	<h1>CHttpException</h1>

	<p class="message">
		The CSRF token could not be verified.	</p>

	<div class="source">
		<p class="file">/var/www/html/LimeSurvey-develop/framework/web/CHttpRequest.php(1377)</p>
		<div class="code"><pre><span class="ln">1365</span> 
<span class="ln">1366</span>             if (!empty($maskedUserToken) &amp;&amp; $cookies-&gt;contains($this-&gt;csrfTokenName))
<span class="ln">1367</span>             {
<span class="ln">1368</span>                 $securityManager=Yii::app()-&gt;getSecurityManager();
<span class="ln">1369</span>                 $maskedCookieToken=$cookies-&gt;itemAt($this-&gt;csrfTokenName)-&gt;value;
<span class="ln">1370</span>                 $cookieToken=$securityManager-&gt;unmaskToken($maskedCookieToken);
<span class="ln">1371</span>                 $userToken=$securityManager-&gt;unmaskToken($maskedUserToken);
<span class="ln">1372</span>                 $valid=$cookieToken===$userToken;
<span class="ln">1373</span>             }
<span class="ln">1374</span>             else
<span class="ln">1375</span>                 $valid = false;
<span class="ln">1376</span>             if (!$valid)
<span class="error"><span class="ln error-ln">1377</span>                 throw new CHttpException(400,Yii::t('yii','The CSRF token could not be verified.'));
</span><span class="ln">1378</span>         }
<span class="ln">1379</span>     }
<span class="ln">1380</span> 
<span class="ln">1381</span> 
<span class="ln">1382</span>     /**
<span class="ln">1383</span>      * Returns the version of the HTTP protocol used by client.
<span class="ln">1384</span>      *
<span class="ln">1385</span>      * @return string the version of the HTTP protocol.
<span class="ln">1386</span>      * @since 1.1.16
<span class="ln">1387</span>      */
<span class="ln">1388</span>     public function getHttpVersion()
<span class="ln">1389</span>     {
</pre></div>	</div>

	<div class="traces">
		<h2>Stack Trace</h2>
				<table style="width:100%;">
						<tbody><tr class="trace core collapsed">
			<td class="number">
				#0			</td>
			<td class="content">
				<div class="trace-file">
											<div class="plus">+</div>
						<div class="minus">–</div>
										&nbsp;/var/www/html/LimeSurvey-develop/framework/base/CComponent.php(561): <strong>CHttpRequest</strong>-&gt;<strong>validateCsrfToken</strong>(CEvent)				</div>

				<div class="code"><pre><span class="ln">556</span>                         // an array: 0 - object, 1 - method name
<span class="ln">557</span>                         list($object,$method)=$handler;
<span class="ln">558</span>                         if(is_string($object))    // static method call
<span class="ln">559</span>                             call_user_func($handler,$event);
<span class="ln">560</span>                         elseif(method_exists($object,$method))
<span class="error"><span class="ln error-ln">561</span>                             $object-&gt;$method($event);
</span><span class="ln">562</span>                         else
<span class="ln">563</span>                             throw new CException(Yii::t('yii','Event "{class}.{event}" is attached with an invalid handler "{handler}".',
<span class="ln">564</span>                                 array('{class}'=&gt;get_class($this), '{event}'=&gt;$name, '{handler}'=&gt;$handler[1])));
<span class="ln">565</span>                     }
<span class="ln">566</span>                     else // PHP 5.3: anonymous function
</pre></div>			</td>
		</tr>
						<tr class="trace core collapsed">
			<td class="number">
				#1			</td>
			<td class="content">
				<div class="trace-file">
											<div class="plus">+</div>
						<div class="minus">–</div>
										&nbsp;/var/www/html/LimeSurvey-develop/framework/base/CApplication.php(212): <strong>CComponent</strong>-&gt;<strong>raiseEvent</strong>("onbeginrequest", CEvent)				</div>

				<div class="code"><pre><span class="ln">207</span>      * Raised right BEFORE the application processes the request.
<span class="ln">208</span>      * @param CEvent $event the event parameter
<span class="ln">209</span>      */
<span class="ln">210</span>     public function onBeginRequest($event)
<span class="ln">211</span>     {
<span class="error"><span class="ln error-ln">212</span>         $this-&gt;raiseEvent('onBeginRequest',$event);
</span><span class="ln">213</span>     }
<span class="ln">214</span> 
<span class="ln">215</span>     /**
<span class="ln">216</span>      * Raised right AFTER the application processes the request.
<span class="ln">217</span>      * @param CEvent $event the event parameter
</pre></div>			</td>
		</tr>
						<tr class="trace core collapsed">
			<td class="number">
				#2			</td>
			<td class="content">
				<div class="trace-file">
											<div class="plus">+</div>
						<div class="minus">–</div>
										&nbsp;/var/www/html/LimeSurvey-develop/framework/base/CApplication.php(183): <strong>CApplication</strong>-&gt;<strong>onBeginRequest</strong>(CEvent)				</div>

				<div class="code"><pre><span class="ln">178</span>      * Remember to call the parent implementation so that static application components are loaded.
<span class="ln">179</span>      */
<span class="ln">180</span>     public function run()
<span class="ln">181</span>     {
<span class="ln">182</span>         if($this-&gt;hasEventHandler('onBeginRequest'))
<span class="error"><span class="ln error-ln">183</span>             $this-&gt;onBeginRequest(new CEvent($this));
</span><span class="ln">184</span>         register_shutdown_function(array($this,'end'),0,false);
<span class="ln">185</span>         $this-&gt;processRequest();
<span class="ln">186</span>         if($this-&gt;hasEventHandler('onEndRequest'))
<span class="ln">187</span>             $this-&gt;onEndRequest(new CEvent($this));
<span class="ln">188</span>     }
</pre></div>			</td>
		</tr>
						<tr class="trace app expanded">
			<td class="number">
				#3			</td>
			<td class="content">
				<div class="trace-file">
											<div class="plus">+</div>
						<div class="minus">–</div>
										&nbsp;/var/www/html/LimeSurvey-develop/index.php(194): <strong>CApplication</strong>-&gt;<strong>run</strong>()				</div>

				<div class="code"><pre><span class="ln">189</span> require_once APPPATH . 'core/LSYii_Application' . EXT;
<span class="ln">190</span> 
<span class="ln">191</span> $config = require_once(APPPATH . 'config/internal' . EXT);
<span class="ln">192</span> 
<span class="ln">193</span> Yii::$enableIncludePath = false;
<span class="error"><span class="ln error-ln">194</span> Yii::createApplication('LSYii_Application', $config)-&gt;run();
</span><span class="ln">195</span> 
<span class="ln">196</span> /* End of file index.php */
<span class="ln">197</span> /* Location: ./index.php */
</pre></div>			</td>
		</tr>
				</tbody></table>
	</div>

	<div class="version">
		2019-01-03 17:43:14 Apache/2.4.29 (Ubuntu) <a href="http://www.yiiframework.com/">Yii Framework</a>/1.1.20	</div>
</div>

<script type="text/javascript">
/*<![CDATA[*/
var traceReg = new RegExp("(^|\\s)trace-file(\\s|$)");
var collapsedReg = new RegExp("(^|\\s)collapsed(\\s|$)");

var e = document.getElementsByTagName("div");
for(var j=0,len=e.length;j<len;j++){
	if(traceReg.test(e[j].className)){
		e[j].onclick = function(){
			var trace = this.parentNode.parentNode;
			if(collapsedReg.test(trace.className))
				trace.className = trace.className.replace("collapsed", "expanded");
			else
				trace.className = trace.className.replace("expanded", "collapsed");
		}
	}
}
/*]]>*/
</script>



<div id="SL_balloon_obj" alt="0" style="display: block;"><div id="SL_button" class="SL_ImTranslatorLogo" style="background: rgba(0, 0, 0, 0) url(&quot;moz-extension://120841c7-7d36-4867-bf6e-246750908aec/content/img/util/imtranslator-s.png&quot;) repeat scroll 0% 0%; display: none; opacity: 1;"></div><div id="SL_shadow_translation_result2" style="display: none;"></div><div id="SL_shadow_translator" style="display: none;"><div id="SL_planshet"><div id="SL_arrow_up" style="background: rgba(0, 0, 0, 0) url(&quot;moz-extension://120841c7-7d36-4867-bf6e-246750908aec/content/img/util/up.png&quot;) repeat scroll 0% 0%;"></div><div id="SL_Bproviders"><div class="SL_BL_LABLE_ON" title="Google" id="SL_P0">G</div><div class="SL_BL_LABLE_ON" title="Microsoft" id="SL_P1">M</div><div class="SL_BL_LABLE_ON" title="Translator" id="SL_P2">T</div></div><div id="SL_alert_bbl" style="display: none;"><div id="SLHKclose" style="background: rgba(0, 0, 0, 0) url(&quot;moz-extension://120841c7-7d36-4867-bf6e-246750908aec/content/img/util/delete.png&quot;) repeat scroll 0% 0%;"></div><div id="SL_alert_cont"></div></div><div id="SL_TB"><table id="SL_tables" cellspacing="1"><tr><td class="SL_td" width="10%" align="right"><input id="SL_locer" type="checkbox" title="Lock-in language"></td><td class="SL_td" width="20%" align="left"><select id="SL_lng_from" style="background: rgb(255, 255, 255) url(&quot;moz-extension://120841c7-7d36-4867-bf6e-246750908aec/content/img/util/select.png&quot;) no-repeat scroll 100% 0px;"><option value="hr" selected="selected">Croatian</option><option value="en">English</option><option value="de">German</option></select></td><td class="SL_td" width="3" align="center"><div id="SL_switch_b" title="Switch languages" style="background: rgba(0, 0, 0, 0) url(&quot;moz-extension://120841c7-7d36-4867-bf6e-246750908aec/content/img/util/switchb.png&quot;) repeat scroll 0% 0%;"></div></td><td class="SL_td" width="20%" align="left"><select id="SL_lng_to" style="background: rgb(255, 255, 255) url(&quot;moz-extension://120841c7-7d36-4867-bf6e-246750908aec/content/img/util/select.png&quot;) no-repeat scroll 100% 0px;"><option value="hr">Croatian</option><option selected="selected" value="en">English</option><option value="de">German</option></select></td><td class="SL_td" width="8%" align="center"><div id="SL_TTS_voice" title="undefined" style="background: rgba(0, 0, 0, 0) url(&quot;moz-extension://120841c7-7d36-4867-bf6e-246750908aec/content/img/util/ttsvoice.png&quot;) repeat scroll 0% 0%;"></div></td><td class="SL_td" width="8%" align="center"><div id="SL_copy" title="Copy translation" class="SL_copy" style="background: rgba(0, 0, 0, 0) url(&quot;moz-extension://120841c7-7d36-4867-bf6e-246750908aec/content/img/util/copy.png&quot;) repeat scroll 0% 0%;"></div></td><td class="SL_td" width="8%" align="center"><div id="SL_bbl_font_patch"></div><div id="SL_bbl_font" title="Font size" class="SL_bbl_font" style="background: rgba(0, 0, 0, 0) url(&quot;moz-extension://120841c7-7d36-4867-bf6e-246750908aec/content/img/util/font.png&quot;) repeat scroll 0% 0%;"></div></td><td class="SL_td" width="8%" align="center"><div id="SL_bbl_help" title="Help" style="background: rgba(0, 0, 0, 0) url(&quot;moz-extension://120841c7-7d36-4867-bf6e-246750908aec/content/img/util/bhelp.png&quot;) repeat scroll 0% 0%;"></div></td><td class="SL_td" width="15%" align="right"><div id="SL_pin" class="SL_pin_off" title="Pin pop-up bubble" style="background: rgba(0, 0, 0, 0) url(&quot;moz-extension://120841c7-7d36-4867-bf6e-246750908aec/content/img/util/pin-on.png&quot;) repeat scroll 0% 0%;"></div></td></tr></table></div></div><div id="SL_shadow_translation_result" style="visibility: visible;"></div><div id="SL_loading" class="SL_loading" style="background: rgba(0, 0, 0, 0) url(&quot;moz-extension://120841c7-7d36-4867-bf6e-246750908aec/content/img/util/loading.gif&quot;) repeat scroll 0% 0%;"></div><div id="SL_player2"></div><div id="SL_alert100">Text-to-speech function is limited to 200 characters</div><div id="SL_Balloon_options" style="background: rgb(255, 255, 255) url(&quot;moz-extension://120841c7-7d36-4867-bf6e-246750908aec/content/img/util/bg3.png&quot;) repeat scroll 0% 0%;"><div id="SL_arrow_down" style="background: rgba(0, 0, 0, 0) url(&quot;moz-extension://120841c7-7d36-4867-bf6e-246750908aec/content/img/util/down.png&quot;) repeat scroll 0% 0%;"></div><table id="SL_tbl_opt" width="100%"><tr><td width="5%" align="center"><input id="SL_BBL_locer" type="checkbox" checked="checked" title="Show Translator's button 3 second(s)"></td><td width="5%" align="left"><div id="SL_BBL_IMG" title="Show Translator's button 3 second(s)" style="background: rgba(0, 0, 0, 0) url(&quot;moz-extension://120841c7-7d36-4867-bf6e-246750908aec/content/img/util/bbl-logo.png&quot;) repeat scroll 0% 0%;"></div></td><td width="70%" align="center"><a href="moz-extension://120841c7-7d36-4867-bf6e-246750908aec/content/html/options/options.html?bbl" target="_blank" class="SL_options" title="Show options">Options</a> : <a href="moz-extension://120841c7-7d36-4867-bf6e-246750908aec/content/html/options/options.html?hist" target="_blank" class="SL_options" title="Translation History">History</a> : <a href="moz-extension://120841c7-7d36-4867-bf6e-246750908aec/content/html/options/options.html?feed" target="_blank" class="SL_options" title="ImTranslator Feedback">Feedback</a> : <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&amp;hosted_button_id=GD9D8CPW8HFA2" target="_blank" class="SL_options" title="Make a small contribution">Donate</a></td><td width="15%" align="right"><span id="SL_Balloon_Close" title="Close">Close</span></td></tr></table></div></div></div></body></html>
CHttpException.html (16,084 bytes)   
dominikvitt

dominikvitt

2019-01-03 17:56

developer   ~50095

The same problem is on master branch too.

DenisChenu

DenisChenu

2019-01-03 18:49

developer   ~50096

Last edited: 2019-01-03 18:50

Moving to bug for 3.X : OK ? Confirm issue in 3.15.5

DenisChenu

DenisChenu

2019-01-31 10:22

developer   ~50353

Mass action fixed (before or with this commit ? Don't know)

Issue History

Date Modified Username Field Change
2019-01-03 17:53 dominikvitt New Issue
2019-01-03 17:53 dominikvitt Status new => assigned
2019-01-03 17:53 dominikvitt Assigned To => markusfluer
2019-01-03 17:53 dominikvitt File Added: CHttpException.html
2019-01-03 17:56 dominikvitt Note Added: 50095
2019-01-03 18:48 DenisChenu Project Development => Bug reports
2019-01-03 18:49 DenisChenu Product Version 4.0.0dev => 3.15.x
2019-01-03 18:49 DenisChenu Target Version 4.0.0dev =>
2019-01-03 18:49 DenisChenu Note Added: 50096
2019-01-03 18:50 DenisChenu Note Edited: 50096
2019-01-30 12:05 madvet Issue Monitored: madvet
2019-01-31 10:22 DenisChenu Relationship added has duplicate 14472
2019-01-31 10:22 DenisChenu Assigned To markusfluer => DenisChenu
2019-01-31 10:22 DenisChenu Status assigned => closed
2019-01-31 10:22 DenisChenu Resolution open => fixed
2019-01-31 10:22 DenisChenu Fixed in Version => 3.15.x
2019-01-31 10:22 DenisChenu Note Added: 50353