View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0011680 | mantisbt | administration | public | 2010-03-19 00:30 | 2014-02-26 18:34 |
Reporter | liyingm | Assigned To | dhx | ||
Priority | normal | Severity | major | Reproducibility | have not tried |
Status | closed | Resolution | no change required | ||
Platform | Linux | OS | Red Hat Enterprise Linux | OS Version | 5 |
Product Version | 1.2.0 | ||||
Summary | 0011680: Mantis APPLICATION ERROR #2800 for Mantis 1.2.0 | ||||
Description | When I open a issue and leave this issue page open, after couple of hours I add note to the issue and hit “Add Note”, I get an error screen, then I need to hit back only to see everything I wrote is gone! Things like this come up, APPLICATION ERROR #2800 Invalid form security token. Did you submit the form twice by accident? Please use the "Back" button in your web browser to return to the previous page. There you can correct whatever problems were identified in this error or select another action. You can also click an option from the menu bar to go directly to a new section. If I refresh my screen, retype what I wrote originally, and submit again, it goes through. And there is no problem to add note when the page is just opened. I was wondering it maybe a timeout setting for the page or Apache. Please advise. By the way, our Mantis recently has been upgraded from version 1.0.0a2 to 1.2.0 and migrated from a Debian box to a Red Hat box. | ||||
Tags | No tags attached. | ||||
has duplicate | 0011837 | closed | dhx | Error #2800 on trying to submit an issue |
has duplicate | 0012015 | closed | dhx | Error message that the form has been sent twice |
has duplicate | 0012169 | closed | dhx | "Add Note" issues ERROR_FORM_TOKEN_INVALID |
has duplicate | 0012233 | closed | dhx | Invalid security token when adding a note to a bug |
has duplicate | 0012315 | closed | dhx | APPLICATION WARNING 0002702: Your session has become invalidated. |
has duplicate | 0010148 | closed | dhx | Sesssion Timeout |
has duplicate | 0013952 | closed | atrol | Invalid form security token. Did you submit the form twice by accident? |
has duplicate | 0012381 | closed | dregad | APPLICATION ERROR #2800 |
has duplicate | 0015502 | closed | dregad | APPLICATION WARNING 0002702: Your session has become invalidated. |
related to | 0011693 | closed | dregad | Timeout : lost of project configuration |
what's probably happening is that mantis is logging you out after some time specified by your admin. So when you try to add a note it throws back an error saying your security token was invalid, which is just a fancy way of saying your login timed out. And like you said, if you refreshed the screen it grabs a new security token and you can enter in notes. Since you aren't specifically re-entering your login credentials, i'm assuming you are using the "Remember my IP address" or whatnot feature when you log in. So knowing those two things i'd agree with you that this is a bug. In the sense that it should at least try to grab a new security token if it can before erroring out. |
|
Thanks for the reply. You are right, I've enabled the "Secure Session (Only allow your session to be used from this IP address)" when logined to Mantis. But where can I reset the time out variable? |
|
Form security tokens are stored in PHP sessions and thus are subject to PHP's settings relating to session expiry times. MantisBT itself has something like a 3 day expiry for form security tokens (the idea being that you may leave screens open on Friday and return on Monday to finish up your work). Please see http://www.php.net/manual/en/session.configuration.php#ini.session.gc-maxlifetime |
|
This is happening in 1.2. I was entering bugs and did one bug report, then followed with another, and got the application error 2800 message. This was an active session, definitely not timed-out. It could be a php-related problem. Version 1.1.8 had this in it, and version 1.2 also demonstrates the same behavior. As a note, in other PHP applications, I noticed that sometimes after using my session, the session just dies without any apparent cause. So this is more and more looking like a PHP problem and not really a mantis problem. |
|