Hello,
after an update (we used a very old roundcube version) we have some strange problems.
Some Informations:
- I've done a new installation (1.3.8 and 1.4-beta).
- We have this problem regardles if I use a new database or an updated old database.
- Some accounts are working and several accounts have this problem.
After the login the user cannot see any messages. He is able to write emails.
In the error log I can see this message:
<33bd17e0> PHP Error: Request security check failed (GET /roundcube/?_task=logout&_token=undefined)When this user trys to logout we have same problem I've found in this ticket:
https://github.com/roundcube/roundcubemail/issues/5579 (https://github.com/roundcube/roundcubemail/issues/5579)
The confusing thing is that it works for many users without problems.
I appreciate any help.
Many thanks in advance,
Thomas
What you are describing sound like JS errors. Can you get one of the effected users to check the JS console in their browsers for more information?
Thanks for your fast reply.
I hope, that I've found the requested informations:
Screenshot 1: incorrect login
Screenshot 2: incorrect login
I'll do another post with two further screenshots.
The screenshot are made in the same browser and on the same computer. I can reproduce this issue on other systems (Tablet, smartphone, Firefox, Chrome,...). Some Accounts are working fine and some accounts not - regardless of the system used...
It is very confusing :o
Regards,
Thomas
Screenshot 3: correct login
Screenshot 4: correct logout
Those show you have jQuery so this is presumably not a dependency issue but it was the JS console I was really interested in, can you check that?
I am a little embarrassed, but I'm not sure if I have now the correct screenshots...
1. Screenshot: incorrect login
2. Screenshot: correct login
Thanks in advance,
Thomas
those are the correct ones and they do show different things happening but sadly not much else.
these are taken with different users in the same browser right? so may be its something about the users themselves like a setting or something. could you compare the settings of the 2 users?
Hi,
yes indeed - same browser, different user. Same result on every device, browser,...
I can't see any different settings for the users. The problem even remains in a new roundcube installation.
I've found another different behaviour in the addressbar:
Correct login:
https://[path_to_roundcube]/?_task=mail&_mbox=INBOX
Correct logout:
https://[path_to_roundcube]/?_task=logout&_token=VTFASD....
Incorrect login:
https://[path_to_roundcube]/
Incorrect logout:
https://[path_to_roundcube]/?_task=logout&_token=undefined
Are you using an plugins?
Yes, we're using these plugins:
$config['plugins'] = array('additional_message_headers', 'attachment_reminder', 'emoticons', 'hide_blockquote', 'jqueryui', 'globaladdressbook');
When I comment this line out, the problem remains.
Here is a screenshot of the server configuration, maybe someone can recognize something here...
What php version and what web server are you running?
php Version: 7.2
Server: "WebServer Basic", Host Europe: https://www.hosteurope.de/WebServer/Vergleichen/ (https://www.hosteurope.de/WebServer/Vergleichen/)
Are you using Nginx and/or APCu?
APC User Cache (APCu): on
NGINX Caching: off and on (generally it is disabled, but it´s ,,on" for the folder of a Test installation, so I've got an installation with caching on and one with caching off)
Which configuration is recommended?
Well I'm not sure but it maybe worth trying without a APC cache on, it maybe also worth trying without any Roundcube plugins enabled.