Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

In this Discussion

osTicket v1.10 (stable) and Maintenance Release v1.9.15 are now available! Go get it now

Invalid csrf token osticket and related problems

When suddenly encountering this error message, I saw there was a code fix of the logon.php.
However, when comparing the code to what I already have, the relevant changes were already implemented, while some others were not.
Of course I wanted to know my current version, but I could no longer logon, so that was not an option.
I found this SQL to execute on the database: select ostversion from table ost_config, but the field wasn't there!!
Then I decided to do an upgrade with 1.10.1. Trying to execute the upgrade.php it asked me to logon.
So there again, I was stuck. I changed the logon.php so that I would not get the csrf error anymore.
But then I got access denied. Thinking that something was the matter with my password, I changed it in the database, with the MD5 function.
Still no results. I get alternating messages of "access denied" and "authentication required".
So what is there left for me to do, without doing a full reinstall? I have entered many many parameters, and don't want to loose them.
That would be days work to correct all the settings. There are a few customisations in the code as well, but I have a backup of those.


  • Please help us to help you by reading and following the posting guidelines located in this thread: Please read before requesting assistance.  The more information you give us the better we will be able to assist you. Thank you.

    In current versions you should be able to check your current version in the bootstrap.php circa lines: 317-319 or search for THIS_VERSION.

    Q: So what is there left for me to do, without doing a full reinstall?

    A: Honestly I'm not sure.  We don't know anything about your environment, and have yet to identify the root cause of why this suddenly started happening.  We also dont know if you restored from back up or are still sitting at a partially updated instance.  So let's start with you telling us about your environment (webserver ver, php ver, etc) like described in the link above.

  • Dear ntozier, thanks for responding so quickly and for the info about the osticket version.
    The site, is running on Apache 2.4 with PHP 7.1 with provider
    The original problem, with the CSRF token, occurred both on the client and staff side.
    I found out that my version was and still is (after the upgrade attempt) 1.10 (GIT 901e5ea).
    So either the upgrade was not finished, or I was attempting to upgrade with a version I already had.
    What do you think would be the next thing we should investigate or try?
  • PHP 7.1 is not supported yet in osTicket. Try downgrading to 5.6 or 7.0

  • I'm betting that @blueyeguy suggestion will get you running. :)
  • Thanks, I will ask the owner of the "parent" website if this downgrade will not break anything.
    It is a WordPress site and some plugins depend on the latest PHP.
    I hope 7.1 will soon be supported.
Sign In or Register to comment.