Every time I log into joomla admin I get the following error:
The most recent request was denied because it contained an invalid security token. Please refresh the page and try again.
And the only way I can get to admin section is to go back a page or 2 and I'm in. What could be causing this really annoying behaviour?
I'm running Joomla 3.1.5 with K2.
Seems as though this question is getting a lot of views so here is the solution I came up with to handle token errors. Since seeing the error would likely mean nothing to the user, I wanted to log the user out and redirect token errors to the home page. The only way I could achieve this was with a plugin.
Credit to joomunited.com for the original token interceptor plugin which can be found here.
Here is my modified version which includes a user logout and a redirect to the homepage with a message. Hope this helps!
tokeninterceptor.php:
class PlgSystemTokeninterceptor extends JPlugin
{
public function __construct(&$subject, $config = array())
{
parent::__construct($subject, $config);
$app = JFactory::getApplication();
if (($app->isSite() && $this->params->get('use_frontend')) || ($app->isAdmin() && $this->params->get('use_backend')))
{
register_shutdown_function(array($this,'redirectToHome'));
}
}
public function redirectToHome()
{
$content = ob_get_contents();
if($content == JText::_('JINVALID_TOKEN') || $content == 'Invalid Token')
{
$app = JFactory::getApplication();
if (!JFactory::getUser()->guest)
{
$app->logout();
}
$app->redirect(JURI::base().'index.php?invalid_token=true');
return false;
}
}
function onAfterInitialise()
{
$app = JFactory::getApplication();
$invalid_token = $app->input->get('invalid_token', 'false');
if ($invalid_token == 'true')
{
$app->enqueueMessage(JText::_('JINVALID_TOKEN'), 'warning');
}
return true;
}
}