Serendipity Forums

Hi,

every now and then I get the error message "invalid session hash" when commenting in my own blog.

After resending the comment gets through is displayed.

Any idea what might be the reason?

Thanks

Dirk

Hi!

If you have enabled the setting "CSRF-Protection / Cookie hash" (or something like that) in your antispam plugin, then you need a valid session cookie before you comment. If you jump right to a page, without having been to the overview page or something else before, you do not have that hash.

It's a protection against people that come to your site directly and enter their spam. You can disable that, if you like.

Regards,
Garvin

Hi Garvin,

garvinhicking wrote:If you have enabled the setting "CSRF-Protection / Cookie hash" (or something like that) in your antispam plugin, then you need a valid session cookie before you comment. If you jump right to a page, without having been to the overview page or something else before, you do not have that hash.

that is exactly the point ...

Unfortunately that hits also myself, even if I logged in.

How can I find out how many spams were found by that rule? (Which is thesearch criteria for the spamblocklog table?)

Thanks for your support

Dirl

Hi!

If you enabled spamblock logging, you can find it in the logfile or log-database.

I don't know for the exact criteria; try to make a comment when you load a URL without cookies (like from your RSS reader directly to the page) and then look for the most recent entry?

HTH,
Garvin

garvinhicking wrote:I don't know for the exact criteria; try to make a comment when you load a URL without cookies (like from your RSS reader directly to the page) and then look for the most recent entry?

That is too easy.

Thank you

Dirk