|
cmessengerlehmann
|
June 4, 2014 at 12:44 pm
For the last week now, off and on people trying to register have been getting a security error message. It happens when they click on the Submit button from the registration form. Here is a screenshot of the message
This matter is urgent. Are you able let me know where to start looking to resolve this.
|
|
Dean
|
June 5, 2014 at 12:38 am
Hi,
The most likely culprit of this is template files in the uploads/espresso folder being outdated.
From time to time we will change how the templates are written and how the rest of the plugin interacts with them.
The simplest solution would be to rename the uploads/espresso/templates folder, so that the plugin reverts to the default templates.
If you have made any modifications, you will need to copy over the new template files to the uploads/espresso/template folder (not the renamed one) and make the appropriate modifications to those files.
|
|
cmessengerlehmann
|
June 5, 2014 at 1:51 pm
Hi Dean
There has been modifications done to some template files but it was done by the team at EE. How do I deal with this as I don’t know what was changed. My client is still having issues with people trying to register so a quick solution would be ideal.
Thanks
Terry
|
|
Tony
|
June 9, 2014 at 6:25 am
Hi,
A security error such as the one you posted means a Nonce check failed.
Generally this is caused by caching. I notice your site is running WP-Super-Cache, have the Event Espresso critical pages been added to the ‘do not cache’ list?
|
|
cmessengerlehmann
|
June 9, 2014 at 9:11 am
Thanks Tony. I’ve checked the ‘do not cache’ field and entered the following strings…
/courses/
/event-listings/
/event-registration/
Can you tell me if this is correct?
Terry
|
|
Tony
|
June 9, 2014 at 9:26 am
By default the strings would be:
/transactions/
/thank-you/
/registration-cancelled/
/event-registration/
Adding other strings won’t cause issue, it will just prevent those other pages from caching. So you could have:
/transactions/
/thank-you/
/registration-cancelled/
/event-registration/
/courses/
/event-listings/
Once you have saved those strings, don’t forget to Purge (delete) the current cache.
If you view the page source for your event-registration page currently, you’ll find:
Cached page generated by WP-Super-Cache on 2014-06-05 03:49:35
http://take.ms/NvD13
Once you have done the above, that should no longer be within the page.
|
|
cmessengerlehmann
|
June 9, 2014 at 10:34 am
Thanks again Tony. I have implemented these changes now.
After adding the new strings I see the block of code in ‘view source’ is not there so hopefully this resolves everything. I will let you know if the issues persist.
Thanks
Terry
|
|
cmessengerlehmann
|
June 9, 2014 at 10:44 am
Is there a reason why we would not be receiving any registration notifications from EE. Since I added the first set of strings my earlier this morning those notifications has stopped. Could this be a conflict between wp-super cache and EE?
Terry
|
|
Josh
|
June 9, 2014 at 12:35 pm
Hi Terry,
I doubt it. Have you tried installing an email log plugin to verify whether the emails are getting sent out or not?
|
