17564: Finishing survey ends with a 500 error "Invalid MAC"

This issue affects 1 person(s).

ID	Project	Category	View Status	Date Submitted	Last Update
17564	Bug reports	Survey taking	public	2021-09-02 21:56	2021-09-03 08:42

Reporter	davet902	Assigned To	galads
Priority	none	Severity	crash
Status	closed	Resolution	fixed
Product Version	5.x

Summary	17564: Finishing survey ends with a 500 error "Invalid MAC"
Description	Previewing a survey finished with no issue. A live survey gets the above error. The only place that crops up in the source code is third_party\paragonie as a thrown exception for whatever reason.
Steps To Reproduce	Create a blank survey, with the 1 default question. Activate and execute the survey, submit, and get the error. Happens also with pre-existing surveys.
Tags	No tags attached.
Attached Files	invalid-mac.png (26,970 bytes) invalid-mac.png (26,970 bytes) limesurvey_survey_459532.lss (13,890 bytes) <?xml version="1.0" encoding="UTF-8"?> <document> <LimeSurveyDocType>Survey</LimeSurveyDocType> <DBVersion>471</DBVersion> <languages> <language>en</language> </languages> <groups> <fields> <fieldname>gid</fieldname> <fieldname>sid</fieldname> <fieldname>group_order</fieldname> <fieldname>randomization_group</fieldname> <fieldname>grelevance</fieldname> </fields> <rows> <row> <gid><![CDATA[50]]></gid> <sid><![CDATA[459532]]></sid> <group_order><![CDATA[1]]></group_order> <randomization_group/> <grelevance><![CDATA[1]]></grelevance> </row> </rows> </groups> <group_l10ns> <fields> <fieldname>id</fieldname> <fieldname>gid</fieldname> <fieldname>group_name</fieldname> <fieldname>description</fieldname> <fieldname>language</fieldname> <fieldname>sid</fieldname> <fieldname>group_order</fieldname> <fieldname>randomization_group</fieldname> <fieldname>grelevance</fieldname> </fields> <rows> <row> <id><![CDATA[44]]></id> <gid><![CDATA[50]]></gid> <group_name><![CDATA[My first question group]]></group_name> <language><![CDATA[en]]></language> <sid><![CDATA[459532]]></sid> <group_order><![CDATA[1]]></group_order> <randomization_group/> <grelevance><![CDATA[1]]></grelevance> </row> </rows> </group_l10ns> <questions> <fields> <fieldname>qid</fieldname> <fieldname>parent_qid</fieldname> <fieldname>sid</fieldname> <fieldname>gid</fieldname> <fieldname>type</fieldname> <fieldname>title</fieldname> <fieldname>preg</fieldname> <fieldname>other</fieldname> <fieldname>mandatory</fieldname> <fieldname>question_order</fieldname> <fieldname>scale_id</fieldname> <fieldname>same_default</fieldname> <fieldname>relevance</fieldname> <fieldname>modulename</fieldname> <fieldname>encrypted</fieldname> <fieldname>question_theme_name</fieldname> </fields> <rows> <row> <qid><![CDATA[612]]></qid> <parent_qid><![CDATA[0]]></parent_qid> <sid><![CDATA[459532]]></sid> <gid><![CDATA[50]]></gid> <type><![CDATA[T]]></type> <title><![CDATA[Q00]]></title> <other><![CDATA[N]]></other> <mandatory><![CDATA[N]]></mandatory> <question_order><![CDATA[1]]></question_order> <scale_id><![CDATA[0]]></scale_id> <same_default><![CDATA[0]]></same_default> <relevance><![CDATA[1]]></relevance> <encrypted><![CDATA[N]]></encrypted> <question_theme_name><![CDATA[longfreetext]]></question_theme_name> </row> </rows> </questions> <question_l10ns> <fields> <fieldname>id</fieldname> <fieldname>qid</fieldname> <fieldname>question</fieldname> <fieldname>help</fieldname> <fieldname>language</fieldname> <fieldname>script</fieldname> </fields> <rows> <row> <id><![CDATA[507]]></id> <qid><![CDATA[612]]></qid> <question><![CDATA[A first example question. Please answer this question:]]></question> <help><![CDATA[This is a question help text.]]></help> <language><![CDATA[en]]></language> </row> </rows> </question_l10ns> <surveys> <fields> <fieldname>sid</fieldname> <fieldname>admin</fieldname> <fieldname>expires</fieldname> <fieldname>startdate</fieldname> <fieldname>adminemail</fieldname> <fieldname>anonymized</fieldname> <fieldname>faxto</fieldname> <fieldname>format</fieldname> <fieldname>savetimings</fieldname> <fieldname>template</fieldname> <fieldname>language</fieldname> <fieldname>additional_languages</fieldname> <fieldname>datestamp</fieldname> <fieldname>usecookie</fieldname> <fieldname>allowregister</fieldname> <fieldname>allowsave</fieldname> <fieldname>autonumber_start</fieldname> <fieldname>autoredirect</fieldname> <fieldname>allowprev</fieldname> <fieldname>printanswers</fieldname> <fieldname>ipaddr</fieldname> <fieldname>refurl</fieldname> <fieldname>publicstatistics</fieldname> <fieldname>publicgraphs</fieldname> <fieldname>listpublic</fieldname> <fieldname>htmlemail</fieldname> <fieldname>sendconfirmation</fieldname> <fieldname>tokenanswerspersistence</fieldname> <fieldname>assessments</fieldname> <fieldname>usecaptcha</fieldname> <fieldname>usetokens</fieldname> <fieldname>bounce_email</fieldname> <fieldname>attributedescriptions</fieldname> <fieldname>emailresponseto</fieldname> <fieldname>emailnotificationto</fieldname> <fieldname>tokenlength</fieldname> <fieldname>showxquestions</fieldname> <fieldname>showgroupinfo</fieldname> <fieldname>shownoanswer</fieldname> <fieldname>showqnumcode</fieldname> <fieldname>bouncetime</fieldname> <fieldname>bounceprocessing</fieldname> <fieldname>bounceaccounttype</fieldname> <fieldname>bounceaccounthost</fieldname> <fieldname>bounceaccountpass</fieldname> <fieldname>bounceaccountencryption</fieldname> <fieldname>bounceaccountuser</fieldname> <fieldname>showwelcome</fieldname> <fieldname>showprogress</fieldname> <fieldname>questionindex</fieldname> <fieldname>navigationdelay</fieldname> <fieldname>nokeyboard</fieldname> <fieldname>alloweditaftercompletion</fieldname> <fieldname>googleanalyticsstyle</fieldname> <fieldname>googleanalyticsapikey</fieldname> <fieldname>gsid</fieldname> <fieldname>showsurveypolicynotice</fieldname> <fieldname>tokenencryptionoptions</fieldname> <fieldname>ipanonymize</fieldname> </fields> <rows> <row> <sid><![CDATA[459532]]></sid> <admin><![CDATA[Dave Tughan]]></admin> <adminemail><![CDATA[david.tughan@gmail.com]]></adminemail> <anonymized><![CDATA[N]]></anonymized> <format><![CDATA[I]]></format> <savetimings><![CDATA[N]]></savetimings> <template><![CDATA[inherit]]></template> <language><![CDATA[en]]></language> <additional_languages/> <datestamp><![CDATA[N]]></datestamp> <usecookie><![CDATA[I]]></usecookie> <allowregister><![CDATA[I]]></allowregister> <allowsave><![CDATA[I]]></allowsave> <autonumber_start><![CDATA[0]]></autonumber_start> <autoredirect><![CDATA[I]]></autoredirect> <allowprev><![CDATA[I]]></allowprev> <printanswers><![CDATA[I]]></printanswers> <ipaddr><![CDATA[N]]></ipaddr> <refurl><![CDATA[N]]></refurl> <publicstatistics><![CDATA[I]]></publicstatistics> <publicgraphs><![CDATA[I]]></publicgraphs> <listpublic><![CDATA[I]]></listpublic> <htmlemail><![CDATA[I]]></htmlemail> <sendconfirmation><![CDATA[I]]></sendconfirmation> <tokenanswerspersistence><![CDATA[I]]></tokenanswerspersistence> <assessments><![CDATA[I]]></assessments> <usecaptcha><![CDATA[E]]></usecaptcha> <usetokens><![CDATA[N]]></usetokens> <bounce_email><![CDATA[inherit]]></bounce_email> <emailresponseto><![CDATA[inherit]]></emailresponseto> <emailnotificationto><![CDATA[inherit]]></emailnotificationto> <tokenlength><![CDATA[-1]]></tokenlength> <showxquestions><![CDATA[I]]></showxquestions> <showgroupinfo><![CDATA[I]]></showgroupinfo> <shownoanswer><![CDATA[I]]></shownoanswer> <showqnumcode><![CDATA[I]]></showqnumcode> <bounceprocessing><![CDATA[N]]></bounceprocessing> <showwelcome><![CDATA[I]]></showwelcome> <showprogress><![CDATA[I]]></showprogress> <questionindex><![CDATA[-1]]></questionindex> <navigationdelay><![CDATA[-1]]></navigationdelay> <nokeyboard><![CDATA[I]]></nokeyboard> <alloweditaftercompletion><![CDATA[I]]></alloweditaftercompletion> <gsid><![CDATA[1]]></gsid> <showsurveypolicynotice><![CDATA[0]]></showsurveypolicynotice> <tokenencryptionoptions/> <ipanonymize><![CDATA[N]]></ipanonymize> </row> </rows> </surveys> <surveys_languagesettings> <fields> <fieldname>surveyls_survey_id</fieldname> <fieldname>surveyls_language</fieldname> <fieldname>surveyls_title</fieldname> <fieldname>surveyls_description</fieldname> <fieldname>surveyls_welcometext</fieldname> <fieldname>surveyls_endtext</fieldname> <fieldname>surveyls_url</fieldname> <fieldname>surveyls_urldescription</fieldname> <fieldname>surveyls_email_invite_subj</fieldname> <fieldname>surveyls_email_invite</fieldname> <fieldname>surveyls_email_remind_subj</fieldname> <fieldname>surveyls_email_remind</fieldname> <fieldname>surveyls_email_register_subj</fieldname> <fieldname>surveyls_email_register</fieldname> <fieldname>surveyls_email_confirm_subj</fieldname> <fieldname>surveyls_email_confirm</fieldname> <fieldname>surveyls_dateformat</fieldname> <fieldname>surveyls_attributecaptions</fieldname> <fieldname>email_admin_notification_subj</fieldname> <fieldname>email_admin_notification</fieldname> <fieldname>email_admin_responses_subj</fieldname> <fieldname>email_admin_responses</fieldname> <fieldname>surveyls_numberformat</fieldname> <fieldname>attachments</fieldname> <fieldname>surveyls_policy_notice</fieldname> <fieldname>surveyls_policy_error</fieldname> <fieldname>surveyls_policy_notice_label</fieldname> </fields> <rows> <row> <surveyls_survey_id><![CDATA[459532]]></surveyls_survey_id> <surveyls_language><![CDATA[en]]></surveyls_language> <surveyls_title><![CDATA[dadasd]]></surveyls_title> <surveyls_description/> <surveyls_welcometext/> <surveyls_endtext/> <surveyls_url/> <surveyls_urldescription/> <surveyls_email_invite_subj><![CDATA[Invitation to participate in a survey]]></surveyls_email_invite_subj> <surveyls_email_invite><![CDATA[Dear {FIRSTNAME}, you have been invited to participate in a survey. The survey is titled: "{SURVEYNAME}" "{SURVEYDESCRIPTION}" To participate, please click on the link below. Sincerely, {ADMINNAME} ({ADMINEMAIL}) ---------------------------------------------- Click here to do the survey: {SURVEYURL} If you do not want to participate in this survey and don't want to receive any more invitations please click the following link: {OPTOUTURL} If you are blacklisted but want to participate in this survey and want to receive invitations please click the following link: {OPTINURL}]]></surveyls_email_invite> <surveyls_email_remind_subj><![CDATA[Reminder to participate in a survey]]></surveyls_email_remind_subj> <surveyls_email_remind><![CDATA[Dear {FIRSTNAME}, Recently we invited you to participate in a survey. We note that you have not yet completed the survey, and wish to remind you that the survey is still available should you wish to take part. The survey is titled: "{SURVEYNAME}" "{SURVEYDESCRIPTION}" To participate, please click on the link below. Sincerely, {ADMINNAME} ({ADMINEMAIL}) ---------------------------------------------- Click here to do the survey: {SURVEYURL} If you do not want to participate in this survey and don't want to receive any more invitations please click the following link: {OPTOUTURL}]]></surveyls_email_remind> <surveyls_email_register_subj><![CDATA[Survey registration confirmation]]></surveyls_email_register_subj> <surveyls_email_register><![CDATA[Dear {FIRSTNAME}, You, or someone using your email address, have registered to participate in an online survey titled {SURVEYNAME}. To complete this survey, click on the following URL: {SURVEYURL} If you have any questions about this survey, or if you did not register to participate and believe this email is in error, please contact {ADMINNAME} at {ADMINEMAIL}.]]></surveyls_email_register> <surveyls_email_confirm_subj><![CDATA[Confirmation of your participation in our survey]]></surveyls_email_confirm_subj> <surveyls_email_confirm><![CDATA[Dear {FIRSTNAME}, this email is to confirm that you have completed the survey titled {SURVEYNAME} and your response has been saved. Thank you for participating. If you have any further questions about this email, please contact {ADMINNAME} on {ADMINEMAIL}. Sincerely, {ADMINNAME}]]></surveyls_email_confirm> <surveyls_dateformat><![CDATA[9]]></surveyls_dateformat> <email_admin_notification_subj><![CDATA[Response submission for survey {SURVEYNAME}]]></email_admin_notification_subj> <email_admin_notification><![CDATA[Hello, A new response was submitted for your survey '{SURVEYNAME}'. Click the following link to see the individual response: {VIEWRESPONSEURL} Click the following link to edit the individual response: {EDITRESPONSEURL} View statistics by clicking here: {STATISTICSURL}]]></email_admin_notification> <email_admin_responses_subj><![CDATA[Response submission for survey {SURVEYNAME} with results]]></email_admin_responses_subj> <email_admin_responses><![CDATA[Hello, A new response was submitted for your survey '{SURVEYNAME}'. Click the following link to see the individual response: {VIEWRESPONSEURL} Click the following link to edit the individual response: {EDITRESPONSEURL} View statistics by clicking here: {STATISTICSURL} The following answers were given by the participant: {ANSWERTABLE}]]></email_admin_responses> <surveyls_numberformat><![CDATA[0]]></surveyls_numberformat> <surveyls_policy_notice/> <surveyls_policy_notice_label/> </row> </rows> </surveys_languagesettings> <themes> <theme> <sid>459532</sid> <template_name>vanilla</template_name> <config> <options>inherit</options> </config> </theme> </themes> <themes_inherited> <theme> <sid>459532</sid> <template_name>vanilla</template_name> <config> <options> <ajaxmode>off</ajaxmode> <animatebody>off</animatebody> <container>on</container> <bodyanimation>fadeInRight</bodyanimation> <brandlogo>on</brandlogo> <brandlogofile>./files/logo.png</brandlogofile> <font>noto</font> <hideprivacyinfo>off</hideprivacyinfo> <showpopups>1</showpopups> </options> </config> </theme> </themes_inherited> </document> limesurvey_survey_459532.lss (13,890 bytes)

Bug heat	4
Complete LimeSurvey version number (& build)	5.1.5
I will donate to the project if issue is resolved	No
Browser	Any
Database type & version	MySQL 5.7.35
Server OS (if known)	Linux
Webserver software & version (if known)
PHP Version	7.3.28

User List	There are no users monitoring this issue.

davet902 2021-09-02 23:08 reporter ~66296	OK, this ended up being another change to security.php that I overwrote after an upgrade. Required re-saving the SMTP password for each install, and then updating my post-upgrade archive so that the new version of security.php is included. The first time I had a similar issue, the suggestion was to move these settings into config.php, and then move config.php into to root folder. Having to preserve files buried layers deep in the hierarchy across upgrades is not the easiest approach. < https://forums.limesurvey.org/forum/installation-a-update-issues/120567-encryption-keys-after-update >. The last response there seems to indicate that this was done, but that may have been for 3.x or just that it was possible to do. In my case (unzipping and overwriting previous files) having them in config.php in the /application/config folder wouldn't have solved the problem anyway. I think I'll take a look at replacing the current config.php and security.php files with new php files with just a require pointing to config.php and security.php in the root. If that works (and I can manage to remember not to delete them from there) then that should prevent this from cropping up yet again. Sorry for the bother.

galads 2021-09-03 08:41 reporter ~66299	The forum suggested it can be done. You might want to try that out or use the comfort-update functionality to update your instance. Since this is not a bug, I will close the ticket.

Date Modified	Username	Field	Change
2021-09-02 21:56	davet902	New Issue
2021-09-02 21:56	davet902	File Added: invalid-mac.png
2021-09-02 21:56	davet902	File Added: limesurvey_survey_459532.lss
2021-09-02 23:08	davet902	Note Added: 66296
2021-09-02 23:08	davet902	Bug heat	0 => 2
2021-09-03 08:41	galads	Note Added: 66299
2021-09-03 08:41	galads	Bug heat	2 => 4
2021-09-03 08:42	galads	Assigned To	=> galads
2021-09-03 08:42	galads	Status	new => closed
2021-09-03 08:42	galads	Resolution	open => fixed

View Issue Details

Users monitoring this issue

Activities

Issue History