1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

XF 1.2 Possible to rename the security error to something user friendly?

Discussion in 'Troubleshooting and Problems' started by Stuart Wright, Oct 31, 2013.

  1. Stuart Wright

    Stuart Wright Well-Known Member

    So as I understand it, if you try to submit a form on a page which has expired after 15 minutes, you get a rather scary security error.
    Is it possible to reword this so it's not so scary?
     
  2. Chris D

    Chris D XenForo Developer Staff Member

    You can change anything.

    Just search for the text of the phrase in the Admin CP > Appearance > Search Phrases.

    Specifically you're referring to the security_error_occurred phrase, I believe.
     
    Stuart Wright likes this.
  3. Stuart Wright

    Stuart Wright Well-Known Member

    Fair enough. Thought it might not have been phrased because it's such an unfriendly message that I assumed it was generated by 'the system' or something.
    Changed it to
     
  4. Mike

    Mike XenForo Developer Staff Member

    I'm not sure where 15 minutes comes from - normal usage is 24 hours AND the automatic token updater not running (it does get disabled when tabs are blurred).
     
  5. Stuart Wright

    Stuart Wright Well-Known Member

    I thought it was the normal session timeout Mike. 15 minutes and didn't click 'remember me'.
    What would be a more technically correct, granny friendly message then please?
     
  6. jmurrayhead

    jmurrayhead Well-Known Member

    I would just leave out the 15 minutes portion and simply tell them that it had timed out.
     
  7. Mike

    Mike XenForo Developer Staff Member

    If their session times out, they would normally get a permission error. I think they should just be able to log back in. I would just drop the time as well.

    I only note this because if you're getting reports of users seeing this with some frequency, that may be an indication of a problem somewhere else.

    FWIW, session timeouts are after 60 minutes.
     
    Chris D likes this.
  8. Chris D

    Chris D XenForo Developer Staff Member

    The impression that the session time is only lasting 15 minutes could be down to those memcache errors you've been getting in the Server Error Log.
     
  9. Stuart Wright

    Stuart Wright Well-Known Member

    I thought it was a 15 minute session length because that is kind of a standard (?).
    I set it to
    Thanks
     
  10. RobParker

    RobParker Well-Known Member

    Are you also maybe mixing it up with the "Online Status Timeout" time this is 15 minutes by default?
     
  11. Amaury

    Amaury Well-Known Member

    What you have Online Status Timeout set to, which can go as high as 60 minutes, is when members disappear from Members Online Now. However, their last location will still show for up to an hour and can go as far as two hours depending on whenever that cron job runs -- I think that's what @Mike said when I asked about "last seen" a long time ago.
     

Share This Page