"Invalid Token" Error

By Katie Browning on Tuesday, 18 February 2014

Posted in General Issues

Replies 10

Likes 0

Views 1.6K

Votes 0

Hi guys,

I have noticed for a while now, but have been too lazy to write:p an error that occurs every now and then when trying to log off. If i have gone off and not done anything on the site for a while and then go to Profile> logoff... I get an error page with just "Invalid Token" showing.

Now Ive just gone to Dashboard, and Ive already logged out there.

Any ideas whats happening?

Thanks
Katie

Hi,

This is actually the default behaviour of Joomla. A token is generated when a user visits a page and the token only lasts a certain amount of time (configurable). If you leave the page stall for more than the defined amount of time, then the token is no longer valid, and any action involving logging in or logging out will return this error from Joomla.

Jason Rey

Tuesday, 18 February 2014 12:02

0 Likes

0 Votes

0 Comments

#125015

Ah ok. Well this brings me to another question anyway. How can we make it so that the member isnt logged out automatically. Maybe a few hrs would be better.

Katie Browning

Tuesday, 18 February 2014 12:31

0 Likes

0 Votes

0 Comments

#125018

And can the errors message be changed?

Katie Browning

Tuesday, 18 February 2014 12:33

0 Likes

0 Votes

0 Comments

#125019

Hi,

This can be set through session settings in backend -> System -> Global Configuration -> System.

Unfortunately Joomla hardcodes this string and you will have to temper with thousands of Joomla files to change this.

Jason Rey

Tuesday, 18 February 2014 12:41

0 Likes

0 Votes

0 Comments

#125021

Thanks Jason

Katie Browning

Tuesday, 18 February 2014 12:52

0 Likes

0 Votes

0 Comments

#125024

You are most welcome Katie

Mark

Wednesday, 19 February 2014 00:09

0 Likes

0 Votes

0 Comments

#125170

Is there anyway to hide the error (or do we need to set the logout time to some ridiculous time such as 24hours)?

Wednesday, 19 February 2014 05:16

0 Likes

0 Votes

0 Comments

#125221

Hello CK,

Unfortunately the only work around is to increase the life span of the session in Joomla

Mark

Wednesday, 19 February 2014 10:31

0 Likes

0 Votes

0 Comments

#125254

I'd say 2 hours is plenty of time. 4-5 hours if you really want to make sure the user is not interrupted.

I believe the session logout is there for security. So while there are cases where you can "lower security", I wouldn't lower it too much (ex. set the session for way too long).

Josh Lewis

Wednesday, 19 February 2014 14:04

0 Likes

0 Votes

0 Comments

#125320

Yep, setting it to 2 - 4 hours is good

Mark

Wednesday, 19 February 2014 15:00

0 Likes

0 Votes

0 Comments

#125332