Hello Anastasia,

I am really sorry for the delay of this reply as it is a weekend for us here. Is it possible for you to provide us with the back end and FTP access to your site to check on this issue?

could you ask Nik Faris? he has

Hello Anastasia,

Sorry for late reply to this,
Did you enable this 2 option from your Facebook apps?
client OAuth Login and Embedded browser OAuth Login in Client Token section ( http://screencast.com/t/3O2YWE1Hv )
Also, is it possible provide us with your Facebook access as well? So we can help you check on your Facebook apps configuration? Please advise.

It was OK http://gyazo.com/66a70a63a2eca36339b1b134e65a1410
I didn't change anything now

http://gyazo.com/66a70a63a2eca36339b1b134e65a1410 I didn't change anything
this is current settings

Hello Anastasia

I have tried to access in your facebook, but i getting this : http://screencast.com/t/THNgvCxL

Also, i have checked in your screenshot, it seems like you doesn't set the Valid OAuth redirect URLs ( http://screencast.com/t/8gkEry0rO ), try to set it and see how it goes?

Hello Anastasia,

I have just checked this with my colleague and we didn't actually do anything on the site. Is your hosting provider currently running backups on the site?

I do not know what happened there, but allegedly disappeared memory on the server.

Problem with Facebook authorisation is still there.
again, to update 1.2.3 everything was normal. with old settings. now I always see error - CSRF state token does not match one provided.
you will can't login into my facebook because facebook protect accounts - I use facebook from Russia and you would like to login from Malaysia. Please try to explain me here - which setting I have to do at ES and in Facebook for correctly work facebook authorization and registration.
Thanks.

and I can't give you access to ftp, only to website.

facebook app setting - http://gyazo.com/0b6bf1b526fa9771d637beb11ead14c9 advanced
main - http://gyazo.com/bc7ae77fef7947c8f3fa380a4752b641

i tried another OAuth redirect url -http://svetreiki.ru/home/community.html and got redirect error.

And when I login after these attempts I see system message at site - An active access token must be used to query information about the current user.

may be some answers are there http://stackoverflow.com/questions/7340764/problem-with-facebook-login-not-matching-csrf-state-token but I don't understand What I have to do?

Hi,

It seems like all the settings are properly in place and judging from the error message, this has nothing to do with settings in EasySocial nor Facebook.

I can try to apply the fix in the link that you've provided but please do contact your host to provide an FTP access or recreate a new FTP access account, because only so we are able to proceed with patching and further investigation.

a-ah..

Hi,

Can you give it a try again and let me know if it works to verify the issue? (I've managed to identify the issue and tested with my own account on your site).

Jason, I gave you access at my post with "a-ah" -)
problem is still there
I can't login with facebook

I received new user registration email with request to accept this registration, but when I accept your registration I see error http://gyazo.com/fff2f8e4db956b1e0d160bc4a2178655 "Sorry, but provided key is not a valid key. Try again."
URL - http://svetreiki.ru/component/easysocial/?controller=registration&task=approveUser&id=12041&key=6824f7892af9e5d96f5b2985887dd06d
At admin panel of ES component I don't see any new registered user.

Hi,

I actually applied a fix on your site and tested on your site as well http://cl.ly/image/1S47471i1y1r

At admin panel of ES I don't see any new users for 2 and 3 April.
so I still can't log in to site with facebook account< I see error at popup window with URL - https://www.facebook.com/dialog/oauth?client_id=115569645211731&redirect_uri=http%3A%2F%2Fwww.svetreiki.ru%2Fhome%2Fcommunity%2Fregistration%2FoauthDialog%2Ffacebook.html&state=3df07ebeca456218a1dd814d6e639b10&scope=publish_stream%2Cpublish_actions%2Cemail%2Cuser_birthday&display=popup
text of error - URL does not match the settings of the application: One or more of the URL-address messages application settings. The address must match the address of the web site or location of the canvas, or a subdomain of the domain should be one of the application domains


i will restart my computer now.

Hi,

This is because of the www.

You will have to add another domain in your Facebook settings that states http://www.svetreiki.ru

If you try it with this link: https://www.facebook.com/dialog/oauth?client_id=115569645211731&redirect_uri=http%3A%2F%2Fsvetreiki.ru%2Fhome%2Fcommunity%2Fregistration%2FoauthDialog%2Ffacebook.html&state=3df07ebeca456218a1dd814d6e639b10&scope=publish_stream%2Cpublish_actions%2Cemail%2Cuser_birthday&display=popup it works (without the www.)

OK, I loged in with Internet explorer and svetreiki.ru (without www). it was OK

and I add domain http://www.svetreiki.ru to facebook App setting - http://gyazo.com/907d0b24d147e115dd452b8cec590514 and http://gyazo.com/b92ccd987bef3e62da9e09963fc85bd5

may be I need set redirect at .htaccess? from www to svetreiki.ru?
What do I or You can do with facebook login option at ES for its work correctly both http://www.svetreiki.ru and svetreiki.ru?

Hi,

You should be able to login with Facebook now with that settings.

Tested with your original link (with www.) https://www.facebook.com/dialog/oauth?client_id=115569645211731&redirect_uri=http%3A%2F%2Fwww.svetreiki.ru%2Fhome%2Fcommunity%2Fregistration%2FoauthDialog%2Ffacebook.html&state=3df07ebeca456218a1dd814d6e639b10&scope=publish_stream%2Cpublish_actions%2Cemail%2Cuser_birthday&display=popup and it is working properly now.

May be I should to restart my computer again and clean cache... because I see error: An active access token must be used to query information about the current user."

thanks! I will try again later

You know... I don't understand what's happening
I cleared cache and tried to log in with facebook account (login! not registration new user) and I see again error.
when I loged in I was at svetreiki.ru (without www), but after logging process I was at http://www.svetreiki.ru/
(In that case I use Google Chrome)

And I tried to login with Internet Explorer. I cleared cache, restart IE, typed http://www.svetreiki.ru and loged in - and got error.

ANd I try login from svetreiki.ru (without www) and got error again.
I can't login with facebook still.

CSRF state token does not match one provided. - this error I see at server's log.

what's happend?

Hello Anastasia,

I have just been informed by Jason about this and he requested me to test this. I have tested this on your site with both Firefox and Chrome as well and it works fine. http://screencast.com/t/Jy5aWcOmcE

I thought that it could be a Microsoft specific issues but I have tested this on a separate Microsoft machine and it works fine too. See my screen shot here, http://screencast.com/t/yQPHaWEOOlwz

Dear Mark,

not registration, but login process. I can't login with facebook account. I have registered account at site and I want enter into site with facebook.
may be registration works... I didn't try. I write all this posts for support about login process.

Hello Anastasia,

It's the same actually because regardless if you use Facebook to authenticate or to register, if you hit that error, it's basically saying that the token don't work. Anyway I do believe that this is most likely a caching issue. Try to temporarily turn off cache on your Joomla site and try relogging again. When I was testing, Jason noticed that when he used his account, my avatar appeared instead of his. So I believe Joomla is caching something on the page.

Several days go away, error is still there

I update to 1.2.7
I can't turn off cache because I have very big site (many information in articles and forums).

and now when I log in with facebook at svetreiki.ru (without WWW) I get error.


AND
my facebook stream has a few posts from my site easysocial component, it has photos, but it is not clickable -(
https://www.facebook.com/svetreiki?hc_location=timeline item from 3 april 2014 (has no foto - why?), item from 24 march with photo.

Hello Anastasia,

Is there any way we can setup a screen share so that we can test on your computer? It's almost impossible to debug this because it works for all of our computers (We tested this with 6 different computers and operating systems).

Maybe you could add me on Skype, marklee_777 and when you are free, we could try Teamviewer?

Yesterday I set simple reigstration and now I have near 14 spam accounts -((
If I set normal registration I have no users because errors (I even saw the input data of the previous user who attempted to register), if simple - only spam. How protect from spam registration? At simple process there is no Captcha -((
a lot of defects...

strange that before steadily every day was one or two new member. and it's not a problem of my computer.
Thank you for the offer to work in Teamviewer. Maybe next week will try, if you will not succeed with my sad post http://stackideas.com/forums/es-is-killing-my-site

Mark wrote:

I have tested this on your site with both Firefox and Chrome as well and it works fine.

Mark, note that Anastasia mentioned using Internet Explorer. This could have a big effect on the problem considering we know how difficult that browser is to work with.

Anastasia wrote:

Yesterday I set simple reigstration and now I have near 14 spam accounts -((

Do you have any spam protection? For this very reason I'm holding off from allow people to register for my site. There are methods that "work" as of now, but are not as friendly to the user. I made a proposal recently that would be an effective method for combating spammers. I hope it eventually gets into ES.

Hi,

You can actually place the reCaptcha field in the quick registration to prevent spam.

Hello Josh,

I have explicitly tested the site with IE, Firefox, Chrome and even Opera. In fact, not only on my own laptop + Parallels, I have also gotten our colleagues computer to test this out and they work just fine.

Anyway, I am locking this thread because this is getting too long and it's going to be hard to maintain to read through the discussion. Please start a new topic if you still have issues and I will work on it personally.