But why am I only getting 1 token (posted_token). You told me that they had to match but I only have 1….

I deleted admin and all associated table rows and ran init again but still getting error.

Why only 1 token echoed?

k2zs - 11 December 2011 12:03 PM

But why am I only getting 1 token (posted_token). You told me that they had to match but I only have 1….

I deleted admin and all associated table rows and ran init again but still getting error.

Why only 1 token echoed?

It is likely that if the current_token is FALSE, it’s because it is being used up by a 404. That’s why I asked you to check your logs. The only other reason why it would be missing would be if CI never created it, and then you’d need to run some standard cookie usage testing.

I’m lost…

What logs? I checked the /application/logs/ folder and it’s empty. There’s nothing in the server log. This shouldn’t be this hard…

PHP ver: 5.3.2

k2zs - 11 December 2011 12:21 PM

I’m lost…

What logs? I checked the /application/logs/ folder and it’s empty. There’s nothing in the server log. This shouldn’t be this hard…

PHP ver: 5.3.2

I was talking about the apache access logs ... assuming your running apache. On my system, this is at /apache/logs/. This can give key info as to problems with 404s that can use up your flashdata type cookie.

Yes, it shouldn’t be this hard. Especially considering you just downloaded the application and say you’ve configured it again and again. I’ve run this code on multiple websites, and on multiple servers, and so I don’t understand the problem you are having, unless it is with the flashdata cookie. Again, check for 404s in your apache access log.

I’ve got to head out for the day. I hope you can get it working before giving up.

If you are running IE8 or IE9 click F12 and it has a developers tool panel

Then click cache on menu and view cookies.

This may not apply to k2zs, but as I went through a new installation of Community Auth this weekend, I noticed that the documentation suggested that the encryption key be changed after the admin was created. Doing that would make it so the admin would never be able to log in. I actually deleted the encryption key from config/config to force the developer to set the configuration option before doing anything else. This also takes away the chance that somebody would use the one that was supplied with the download.