Posted: January 23, 2024 at 12:27 pm
Hi, within the last week we now have an issue that (at least this example) the url generated by EE for the invoice is leading to a critical error on the website page. https://chiroeurope.com/?ee=msg_url_trigger&snd_msgr=html&gen_msgr=html&message_type=invoice&context=purchaser&token=1-8e811f41fd8e34f8ac74e98d707f556b&GRP_ID=14&id=862 |
|
Hi there, A critical error will save a ‘Fatal error’ within the server error logs, can you check those logs and post the error here, please? |
|
Sorry for the delay, had to find out how to find that. And of course now I can’t reproduce the error. If it happens again, I know what you need to see. |
|
Just to note, I’m still getting the critical error on the link provided so the error from that one should be logged on the server. |
|
Yes you’re right. I found an error_log file in public_html/wp-admin but the last record there is for 2 May 2023.. Is this the wrong place to be looking? |
|
It depends on your host and how the server is set up, but if the last record was 2 May 2023, that’s the wrong file. WHat you can do is add this: https://eventespresso.com/wiki/troubleshooting-checklist/#wpdebug To your Then visit the above link to throw the error and look in /wp-content/debug.log for the error. |
|
I can’t code. You still have admin access to the site. Is this somethign you can do ? Otheriwse I get my IT to set it up. |
|
We don’t save credentials so if you’ve sent them in the past we no longer have them. I can do the above if you can send over FTP credentials using this form: |
|
Just checking. You should have received my details via link Sunday. |
|
Hi there, The error you are getting is:
We fixed that in version 5.0.13.p+, as your currently using 5.0.12.p you’ll need to update to the latest version (currently 5.0.16.p) to fix this. |
|
OK. Done. |
|
Great, the above link no longer throws an error.
Which app login issue? The one from here? https://eventespresso.com/topic/unsupported-url-error-on-event-app/ |
|
Ahh. I wrote it all in the message block for the FTP credentials. |
|
I just read though the old thread – as far as I recall those issues were resolved, and the main thing I was focusing on was the capabilities. Since this time I couldn’t even log onto the app. |
|
Ah, ok. So there wasn’t any context with that message so thought it was related to the above error.
Register attendees using the app? The app allows for ticket scanning, you can’t register attendees onto event using the app. Unless you are using the term register for what we would class as check in?
Previously I could log in via the app so I couldn’t view this. I’ll set up the proxy I use for this and check now. |
|
Sorry, it was just easier to send you all the info in one message I thought. |
|
3 missing permissions read _events, read_other_events & read_private_events. |
|
Hiya, do you need more info from me ? |
|
Hello Tony, Im not getting any response from you on this. What happened when you set up the proxy? |
|
Hi there, My apologies, I’ve been digging into this but didn’t want to reply with a “I don’t have any answers just yet” message, yet that is what I’m having to do currently. Loading the connection through the proxie allows me to easily view what is happening on the requests… but… they appear normal. I was waiting on some feedback on where to go from this point, which I’ve not tested and get the same results. I’d like to add some debugging code to the site to view where exactly the request makes it too, right now it looks like the authorization headers isn’t being processed but I also noticed that users have multiple roles on your site which may also be affecting this. So I’d like to work through the auth steps to confirm if it makes it through that. I’d need to enable WP_DEBUG_LOGGING on the site and then add some code to view the requests, as you’ve provided details to file manager I can do that on my end. Is that ok? |
|
All good – ‘I like the ‘Im still looking into it’ message !! Yes by all means. Does it help to say that the error message also appears 3 times when I try to log in? But I suspect that is related to the 3 permissions that are missing. |
|
To explain that one, the app sends multiple requests when you log in. The 3 requests that require authentication are failing so they return missing permissions and you see that for each request on the app. I don’t think this is a permissions issue as such, I think either the request is unauthenticated OR the multiple roles are messing something up. Right now it looks like something is preventing the authorization headers on the request or hooking in before EE’s code runs and doing something weird, that’s why I want to add some additional code and see where it gets up to. |
|
OK. The accounts I used are a variety of mostly test accounts, so all of them have subscriber, some are admin, some have added content access, and then I added the Event App capability to all of them. I also figured the variety of them might help make it work (at the time I was trying to log in) |
|
So the issue is from the reCaptcha plugin enabled on the site. The REST request authenticates with the details passed and it’s not expected to use reCaptcha for those logins, what’s happening is the details are being passed correctly but then the function used to submit the log details returns a reCaptcha error (because you can’t ‘complete’ a reCaptcha over REST) and no login is allow… no long means no user, no user means no capabilities. You can test this by going to Dashboard -> reCaptcha. Disable the reCaptcha on the login form: https://monosnap.com/file/Pcev4TVYXlz0upY6PglonUYdcJxPKz Save the settings there and then try logging in with the app. It works fine for me that way. |
|
OK wow, wouldnt have thought that might be an issue. However the whole reason we have reCaptcha is that we had months of card testing through our site. Hundreds of attempts every day for months, stripe gave us less than zero help to resolve it, in fact they were intentionally unhelpful, and part of the solution was to halve reCaptcha at login. if i disable it, we open ourselves back up to this problem . |
|
Hiya, true to be said I didnt ask a question, but my concern is that disabling reCaptcha, which I have not done nor tested, was because of the massive number of fraud attempts made on site in part that were stopped through having reCaptcha at login. Could I disable it long enough to login, then reenable ? |
|
What security plugin/tools you’re using for your site? this might be your alternative for your concern. thanks |
|
we use sitelock from Buehost, and reCaptcha. No plug in security tools as they are not that secure. |
|
For this to work, you’ll need to find a reCaptcha plugin that allows you to either disable it on REST API requests via setting or one that allows you to hook in and disable it via custom code with a hook. The current reCaptcha plugin you are using doesn’t allow for this and I don’t currently know of one that does. You are right to want to keep reCaptcha enabled but REST request can not complete reCaptcha so it needs to be disabled for those. |
|
Ok , thanks Tony, good to know the problem finally, and potential solutions. Appreciate your help. |
|
The support post ‘Critical Error message when viewing an invoice URL’ is closed to new replies.
Have a question about this support post? Create a new support post in our support forums and include a link to this existing support post so we can help you.