nginx reverse proxy login error "the submitted form was invalid. try submitting again"

Get help with installation and running phpBB 3.2.x here. Please do not post bug reports, feature requests, or extension related questions here.
Post Reply
User avatar
syrea
Registered User
Posts: 4
Joined: Wed Apr 20, 2005 3:26 am

nginx reverse proxy login error "the submitted form was invalid. try submitting again"

Post by syrea » Tue Jun 18, 2019 3:16 am

1、phpBB 3.2.7 with nginx reverse proxy when login, always got "the submitted form was invalid. try submitting again" error;
2、Clear browser cache do not solve this problem;
3、Try install fresh new nginx reverse proxy, but problem keep same;
4、If direct access without nginx reverse proxy then all is right;
5、Got this problem when some days after upgrade to 3.2.7;
6、It's OK when just upgrade to 3.2.7;

What's wrong? Thanks.

User avatar
Lumpy Burgertushie
Registered User
Posts: 66324
Joined: Mon May 02, 2005 3:11 am
Contact:

Re: nginx reverse proxy login error "the submitted form was invalid. try submitting again"

Post by Lumpy Burgertushie » Tue Jun 18, 2019 4:12 am

clear the cache folder of everything but the index and htaccess files

robert
I'm baaaaaccckkkk. still doing work on donation basis. PM your needs.

Premium phpBB 3.2 Styles by PlanetStyles.net

If a tree falls in the forest and nobody is there, does it make a sound?

User avatar
syrea
Registered User
Posts: 4
Joined: Wed Apr 20, 2005 3:26 am

Re: nginx reverse proxy login error "the submitted form was invalid. try submitting again"

Post by syrea » Tue Jun 18, 2019 4:32 am

Lumpy Burgertushie wrote:
Tue Jun 18, 2019 4:12 am
clear the cache folder of everything but the index and htaccess files
Thanks, but it doesn't work.

User avatar
EA117
Registered User
Posts: 636
Joined: Wed Aug 15, 2018 3:23 am
Contact:

Re: nginx reverse proxy login error "the submitted form was invalid. try submitting again"

Post by EA117 » Tue Jun 18, 2019 5:32 am

I know nothing of nginx proxy behavior. But for phpBB 3.2.7 login forms, "form was invalid" is now a condition which can occur which was impossible in phpBB 3.2.5 and earlier. So this same nginx proxy configuration might have been working on earlier phpBB releases; but has behavior which causes the new phpBB 3.2.6 and later login forms to fail.

A potential workaround would be to change the "Tie forms to guest sessions:" setting to "No" in the ACP General, Server Configuration, Security Settings section. This would make it so that even if the session ID is "wrong" on the submitted phpBB 3.2.7 login form, phpBB would accept the login form anyway instead of declaring "invalid form."

If it works, that's still not "the right answer", and is just a workaround. There is apparently still something about the nginx proxy configuration which is apparently causing an older or wrong session ID to be used. Maybe that's because it's caching the page with the login form and serving an "old" copy to other users who should have had a page based on their own session ID. Or maybe it's because the proxy is somehow interfering with the cookie value that should have successfully persisted the session ID. I know nothing of nginx proxy behavior or configuration to comment further on that.

User avatar
syrea
Registered User
Posts: 4
Joined: Wed Apr 20, 2005 3:26 am

Re: nginx reverse proxy login error "the submitted form was invalid. try submitting again"

Post by syrea » Tue Jun 18, 2019 10:33 am

EA117 wrote:
Tue Jun 18, 2019 5:32 am
A potential workaround would be to change the "Tie forms to guest sessions:" setting to "No" in the ACP General, Server Configuration, Security Settings section. This would make it so that even if the session ID is "wrong" on the submitted phpBB 3.2.7 login form, phpBB would accept the login form anyway instead of declaring "invalid form."

If it works, that's still not "the right answer", and is just a workaround. There is apparently still something about the nginx proxy configuration which is apparently causing an older or wrong session ID to be used. Maybe that's because it's caching the page with the login form and serving an "old" copy to other users who should have had a page based on their own session ID. Or maybe it's because the proxy is somehow interfering with the cookie value that should have successfully persisted the session ID. I know nothing of nginx proxy behavior or configuration to comment further on that.
1、The workaround works;
2、Actually the problem was caused by wrong nginx proxy configuration:
A、In proxy configuration, here a line "proxy_set_header referer " set to wrong url, mismatch to actual pbpBB url;
B、Problem only occurred when this browser first time access phpBB or after clear cache;
C、Change "proxy_set_header referer " to actual phpBB url, then problem solved.
Thanks a lot.

Post Reply

Return to “[3.2.x] Support Forum”