View Issue Details

Jump to NotesJump to History
This bug affects 1 person(s).
 6
IDProjectCategoryView StatusDate SubmittedLast Update
16382Bug reportsSurvey takingpublic2020-06-11 23:222021-02-08 19:19
Reporterpixel.2920 Assigned Tocdorin  
PrioritynoneSeveritypartial_block 
Status closedResolutionno change required 
Product Version4.2.7 
Summary16382: Time out or "token has already been used" upon submit
Description

This is affecting both versions 3.22.19 and 4.2.7. It seems like I've been seeing this issue after LS v3.17.

I am getting several survey respondents who are getting either "your session has timed out" or "This token has already been used" when hitting Submit upon finishing their survey. The respondents say they are only in for anywhere between 1-30 minutes. According to our database, those tokens are successfully used and data recorded, but our respondents are angry that they believe their answers are not being recorded. We are not sure why this is happening.

FYI I have already tried changing the PHPSESSID cookie name.

I have two different installations in two different environments exhibiting the same problem:

SERVER 1 - on-prem:
Windows Server 2012 R2
Microsoft SQL Server 2016
IIS 8.5
PHP 7.3.4

SERVER 2 - Vultr cloud:
Ubuntu 20.04
Apache 2
PHP 7.4.5
MariaDB 10.3

Steps To Reproduce

Not happening consistently at all. Was able to confirm with one respondent it happens on Safari / iOS 13.4, but most others do not get screenshot when they tell us it happens.

Error messages show up when hitting "Submit" on the last question. 50 / 50 "Your session has expired" / "This token has already been used". We have a screenshot of the latter.

Additional Information

This is with different surveys on two different systems, which is why this is so baffling. It happens on 1-question surveys and 8-question surveys. No redirect at the end / e-mail notifications at all. They are pretty basic surveys with tokens.

Here's my PHP settings, which are mostly out of the box.

session.cookie_lifetime = 0
session.gc_maxlifetime = 1440

It's very random and happens intermittently. It's perhaps less than 1% of the total respondents, but out of 150 or 2,000 respondents, that's still a good number of people. We weren't getting this issue before upgrading past 3.17, and I know there was a bug related to the cookie name for PHPSESSID, so I am at a loss. I did make that change in config.php:

'session' => array (
'sessionName' => "NAMESURVEY",
),

since I was getting this issue after upgrading from 3.x to 4.x, but now it's showing up in 3.22 also.

See https://forums.limesurvey.org/forum/installation-a-update-issues/121525-time-out-or-token-has-already-been-used-upon-submit#201007

TagsNo tags attached.
Bug heat6
Complete LimeSurvey version number (& build)Version 4.2.7+200604 and Version 3.22.19+200605
I will donate to the project if issue is resolvedYes
BrowserChrome, Firefox, Safari
Database type & versionMicrosoft SQL Server 2016 / MariaDB 10.3
Server OS (if known)Windows Server 2012 R2 / Ubuntu 20.04
Webserver software & version (if known)IIS 8.5 / Apache 2
PHP Version7.3.4 / 7.4.5

Users monitoring this issue

There are no users monitoring this issue.

Activities

Mazi

Mazi

2020-06-19 10:47

updater   ~58347

@cdorin, are there any tickets smilar to this one?

@pixel.2920: First of all, you should not run or update to Limesurvey 4, it is not that stable yet.

Some things you can try:

  1. Switch to table based sessions: https://manual.limesurvey.org/Optional_settings/de#Use_table-based_sessions
  2. Try to use PHP 7.3 or 7.2.
  3. Maybe just add a last question page with a text display question "All your data has been saved. Click 'submit' to complete this surveys."

Can you confirm that in any case data of the last page was saved and the data sets are marked completed?
cdorin

cdorin

2020-06-19 12:10

reporter   ~58351

It is the first such report I see
pixel.2920

pixel.2920

2020-06-19 18:28

reporter   ~58365

@mazi, yes the data is being saved, token is marked as complete.
Mazi

Mazi

2020-06-22 11:30

updater   ~58373

Luckily the data gets saved correctly. So it could just be a false-positive warning?

@cdorin, have we had similiar issues with misleading warnings mentioned at other tickets?
@ollehar, can this be related to an old browser being used? It seems to show up really randomly and rarely, so this is tricky to debug.
cdorin

cdorin

2021-02-08 14:44

reporter   ~62015

@Mazi, did this error pop up again for you?

I just can't reproduce it + no similar reports in Support as well
Mazi

Mazi

2021-02-08 17:31

updater   ~62032

@cdorin, I don't remember us also facing this issue.

Issue History

Date Modified Username Field Change
2020-06-11 23:22 pixel.2920 New Issue
2020-06-19 10:47 Mazi Note Added: 58347
2020-06-19 12:10 cdorin Note Added: 58351
2020-06-19 18:28 pixel.2920 Note Added: 58365
2020-06-22 11:30 Mazi Note Added: 58373
2021-02-08 14:44 cdorin Note Added: 62015
2021-02-08 17:31 Mazi Note Added: 62032
2021-02-08 19:19 cdorin Assigned To => cdorin
2021-02-08 19:19 cdorin Status new => closed
2021-02-08 19:19 cdorin Resolution open => no change required