1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Fixed security token missing from logout

Discussion in 'Resolved Bug Reports' started by Jake Bunce, Jul 10, 2011.

  1. Jake Bunce

    Jake Bunce XenForo Moderator Staff Member

    XF 1.0.3

    To reproduce:

    1) Disable overlays:

    Admin CP -> Appearance -> Style Properties -> Overlays and Tooltips -> Enable Overlays

    2) Click the logout tab on the front end:

    Screen shot 2011-07-09 at 9.34.34 PM.png

    You get a security error.

    To fix, edit this template:

    Admin CP -> Appearance -> Templates -> navigation_visitor_tab

    At the end of the template, add a security token to this code:

    Code:
    	<li class="navTab PopupClosed"><a href="{xen:link logout}" class="LogOut navLink visitorTabItem OverlayTrigger">{xen:phrase log_out}</a></li>
    
    Like so:

    Code:
    	<li class="navTab PopupClosed"><a href="{xen:link logout, '', '_xfToken={$visitor.csrf_token_page}'}" class="LogOut navLink visitorTabItem OverlayTrigger">{xen:phrase log_out}</a></li>
    
     
    Dean, erich37 and CurveGotti like this.
  2. Mike

    Mike XenForo Developer Staff Member

    I made some changes surrounding this while fixing the Facebook log out issue. Logging out is still confirmed without overlays now.
     
    Dean and Vincent like this.

Share This Page