“invalid form key. please refresh the page” - cannot login to admin panel
I regularly visit my site to make sure its working and noticed that images for products were not appearing, thinking it was a problem with indexing cache I tried to login to the admin panel and received the error:
"invalid form key. please refresh the page"
Other symptoms are customers could not add products to cart and extremely slow performance.
There are no errors in the logs (/var/logs)
What additional steps should I perform to resolve this issue?
magento-1.9 admin session form-key
edited Aug 29 '16 at 9:43
Fabian Schmengler
54.5k20131343
asked Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,369115096
add a comment |
I regularly visit my site to make sure its working and noticed that images for products were not appearing, thinking it was a problem with indexing cache I tried to login to the admin panel and received the error:
"invalid form key. please refresh the page"
Other symptoms are customers could not add products to cart and extremely slow performance.
There are no errors in the logs (/var/logs)
What additional steps should I perform to resolve this issue?
magento-1.9 admin session form-key
edited Aug 29 '16 at 9:43
Fabian Schmengler
54.5k20131343
asked Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,369115096
add a comment |
I regularly visit my site to make sure its working and noticed that images for products were not appearing, thinking it was a problem with indexing cache I tried to login to the admin panel and received the error:
"invalid form key. please refresh the page"
Other symptoms are customers could not add products to cart and extremely slow performance.
There are no errors in the logs (/var/logs)
What additional steps should I perform to resolve this issue?
magento-1.9 admin session form-key
edited Aug 29 '16 at 9:43
Fabian Schmengler
54.5k20131343
asked Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,369115096
I regularly visit my site to make sure its working and noticed that images for products were not appearing, thinking it was a problem with indexing cache I tried to login to the admin panel and received the error:
"invalid form key. please refresh the page"
Other symptoms are customers could not add products to cart and extremely slow performance.
There are no errors in the logs (/var/logs)
What additional steps should I perform to resolve this issue?
magento-1.9 admin session form-key
magento-1.9 admin session form-key
edited Aug 29 '16 at 9:43
Fabian Schmengler
54.5k20131343
asked Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,369115096
edited Aug 29 '16 at 9:43
Fabian Schmengler
54.5k20131343
asked Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,369115096
edited Aug 29 '16 at 9:43
Fabian Schmengler
54.5k20131343
edited Aug 29 '16 at 9:43
Fabian Schmengler
54.5k20131343
edited Aug 29 '16 at 9:43
Fabian Schmengler
54.5k20131343
54.5k20131343
asked Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,369115096
asked Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,369115096
asked Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,369115096
3,369115096
add a comment |
add a comment |
7 Answers
7
active
oldest
votes
It also happens if the cookie domain in System > Configuration > Web > Cookies is different from the actual site domain.
To remove the setting without access to the admin panel:
use the following SQL query on the MySQL console or in a client like phpMyAdmin:
DELETE FROM core_config_data WHERE path='web/cookie/cookie_domain';
clear the cache. If you are using the default file based cache backend, delete all directories below
var/cache.
Then as soon as you can log in again, set the correct cookie domain for each website or store (Example: .example.com for example.com, www.example.com and all other subdomains)
If you are using n98-magerun (and you should!), the same can be accomplished with:
n98-magerun config:delete web/cookie/cookie_domain
n98-magerun cache:clean config
answered Aug 29 '16 at 6:09
Fabian SchmenglerFabian Schmengler
54.5k20131343
Hi @fschmengler, please add more details on how to check this setting from phpmyadmin, because user is not able to login to admin panel and some developers who are new to Magento development don't know where to check such settings in database. Sorry, but just for help of new members :)
– Mohit Kumar Arora
Aug 29 '16 at 10:00
@MohitKumarArora you are right, I updated the answer
– Fabian Schmengler
Aug 29 '16 at 10:21
Now I have upvoted. :)
– Mohit Kumar Arora
Aug 29 '16 at 10:27
Magerun for the win. Thanks for the info.
– andy jones
Apr 6 '17 at 16:06
n98 way works fantastic. Thanks for the info.
– andy jones
May 3 '17 at 10:14
|
show 2 more comments
I am posting the question / answer because I couldn't find anything relevant.
The issue was that the drive on which my magento installation resides was full. I freed up some room, clear the /var/session and /var/cache and everything went back to normal.
answered Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,369115096
1
Warning: deletingvar/sessionwill log out everybody and clear all guest carts. See here for a solution that only removes old sessions: magento.stackexchange.com/a/58167/243
– Fabian Schmengler
Sep 14 '16 at 11:12
@fschmengler yes but do you really want to take a chance with sessions that werent properly created to begin with? When I checked the /var/session there were all kinds of 0kb files which is not normal.
– SR_Magento
Sep 14 '16 at 12:52
1
Absolutely a first thing to check. Been racking my head on this for hours. Thanks!
– Bryant Jackson
Apr 6 '17 at 16:09
For me it was disk space. I found out after trying to git pull, as it failed with disk space related error.
– Damodar Bashyal
Apr 27 '17 at 5:19
@SR_Magento Sir I was removed cache folder and session folder so many time it's works only for some time after some time there is an same issue
– Amaresh Tiwari
May 30 '17 at 13:24
|
show 4 more comments
There are 3 solutions:
Use these commands in phpmyadmin
DELETE FROM core_config_data WHERE path='web/cookie/cookie_domain';
DELETE FROM core_config_data WHERE path='web/cookie/cookie_path';
Now Try to login.
2.Delete everything in var folder and then check if it works.
3.Replace the .htaccess file with sample .htaccess file and then try to login the admin.
Hope it help you.
edited Oct 24 '17 at 12:06
Manoj Deswal
4,30591743
answered Oct 24 '17 at 12:04
LokranjanLokranjan
311
add a comment |
Another possible, somewhat obvious, problem to check first: if your site uses SSL, make sure you're not using the http protocol for your admin page; you should be using https. e.g. https://example.com/admin
answered Oct 18 '17 at 13:15
voxoidvoxoid
1214
add a comment |
In my case the problem seems to be because I've created the admin user using n98-magerun with an user that cannot write on magentofolder/var and used the fallback folder /tmp/magento instead.
I just deleted my admin user and executed a sudo -iu OTHERUSER(user that owns the magento folder) and ran n98-magerun admin:user:create again to create my user.
UPDATE: In another case, the admin url has being visited without www. syntax, and the cookie settings was using www. Just putting the www. in the admin url solved the problem. ;)
answered Mar 14 '18 at 4:17
Ricardo MartinsRicardo Martins
600420
Shouldn't this beadmin:user:create?
– sr9yar
Nov 21 '18 at 19:22
add a comment |
Along with the above step of clearing cache, i also had to follow the below article and set the session data information in correct path by following the below steps
Ref article
https://stackoverflow.com/questions/26123081/failed-to-write-session-data-magento
I fixed it by changing the session.save_path to place it in the VM.
Change the file app/etc/local.xml
replaced with below
Then it started working. Also at times you cannot really tell the issue, thus it is important you enable error logging. Enable this by referring to following article
https://www.thecreativedev.com/how-to-enable-system-log-and-errorswarning-in-magento/
answered 10 hours ago
Abhishek ChowlaAbhishek Chowla
1
New contributor
Abhishek Chowla is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
This is known issue generally comes after applying patch SUPEE-7405 included in Magento 1.9.2.3 release. It can be solved by adding below code in file - app/code/local/Mage/Core/Model/Session.php
public function validateFormKey()
{
if (!($formKey = $_REQUEST['form_key']) || $formKey != $this->getFormKey()) {
return false;
}
return true;
}
This file might not exist in your repository so copy it from app/code/core/Mage/Core/Model/Session.php and paste it in app/code/local/Mage/Core/Model/Session.php After that add above function in file because it may be missing in core file.
Also clear your browser cache and cookies. Clear all files in Magento var/cache and var/session folders contents. Then login to your admin panel.
edited Jan 15 '17 at 1:08
SR_Magento
3,369115096
answered Aug 29 '16 at 6:54
InfoBeansInfoBeans
1885
Ermm..wouldn't a better solution be to add the form key block output to the overridden adminhtml template? (That way the CSRF protection will work as intended).
– Luke A. Leber
Jan 15 '17 at 2:47
1
One should never edit core files.
– Max
Oct 24 '17 at 13:26
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "479"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e) {
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom)) {
StackExchange.using('gps', function() { StackExchange.gps.track('embedded_signup_form.view', { location: 'question_page' }); });
$window.unbind('scroll', onScroll);
}
};
$window.on('scroll', onScroll);
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fmagento.stackexchange.com%2fquestions%2f133459%2finvalid-form-key-please-refresh-the-page-cannot-login-to-admin-panel%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
7 Answers
7
active
oldest
votes
7 Answers
7
active
oldest
votes
active
oldest
votes
active
oldest
votes
It also happens if the cookie domain in System > Configuration > Web > Cookies is different from the actual site domain.
To remove the setting without access to the admin panel:
use the following SQL query on the MySQL console or in a client like phpMyAdmin:
DELETE FROM core_config_data WHERE path='web/cookie/cookie_domain';
clear the cache. If you are using the default file based cache backend, delete all directories below
var/cache.
Then as soon as you can log in again, set the correct cookie domain for each website or store (Example: .example.com for example.com, www.example.com and all other subdomains)
If you are using n98-magerun (and you should!), the same can be accomplished with:
n98-magerun config:delete web/cookie/cookie_domain
n98-magerun cache:clean config
answered Aug 29 '16 at 6:09
Fabian SchmenglerFabian Schmengler
54.5k20131343
Hi @fschmengler, please add more details on how to check this setting from phpmyadmin, because user is not able to login to admin panel and some developers who are new to Magento development don't know where to check such settings in database. Sorry, but just for help of new members :)
– Mohit Kumar Arora
Aug 29 '16 at 10:00
@MohitKumarArora you are right, I updated the answer
– Fabian Schmengler
Aug 29 '16 at 10:21
Now I have upvoted. :)
– Mohit Kumar Arora
Aug 29 '16 at 10:27
Magerun for the win. Thanks for the info.
– andy jones
Apr 6 '17 at 16:06
n98 way works fantastic. Thanks for the info.
– andy jones
May 3 '17 at 10:14
|
show 2 more comments
It also happens if the cookie domain in System > Configuration > Web > Cookies is different from the actual site domain.
To remove the setting without access to the admin panel:
use the following SQL query on the MySQL console or in a client like phpMyAdmin:
DELETE FROM core_config_data WHERE path='web/cookie/cookie_domain';
clear the cache. If you are using the default file based cache backend, delete all directories below
var/cache.
Then as soon as you can log in again, set the correct cookie domain for each website or store (Example: .example.com for example.com, www.example.com and all other subdomains)
If you are using n98-magerun (and you should!), the same can be accomplished with:
n98-magerun config:delete web/cookie/cookie_domain
n98-magerun cache:clean config
answered Aug 29 '16 at 6:09
Fabian SchmenglerFabian Schmengler
54.5k20131343
Hi @fschmengler, please add more details on how to check this setting from phpmyadmin, because user is not able to login to admin panel and some developers who are new to Magento development don't know where to check such settings in database. Sorry, but just for help of new members :)
– Mohit Kumar Arora
Aug 29 '16 at 10:00
@MohitKumarArora you are right, I updated the answer
– Fabian Schmengler
Aug 29 '16 at 10:21
Now I have upvoted. :)
– Mohit Kumar Arora
Aug 29 '16 at 10:27
Magerun for the win. Thanks for the info.
– andy jones
Apr 6 '17 at 16:06
n98 way works fantastic. Thanks for the info.
– andy jones
May 3 '17 at 10:14
|
show 2 more comments
It also happens if the cookie domain in System > Configuration > Web > Cookies is different from the actual site domain.
To remove the setting without access to the admin panel:
use the following SQL query on the MySQL console or in a client like phpMyAdmin:
DELETE FROM core_config_data WHERE path='web/cookie/cookie_domain';
clear the cache. If you are using the default file based cache backend, delete all directories below
var/cache.
Then as soon as you can log in again, set the correct cookie domain for each website or store (Example: .example.com for example.com, www.example.com and all other subdomains)
If you are using n98-magerun (and you should!), the same can be accomplished with:
n98-magerun config:delete web/cookie/cookie_domain
n98-magerun cache:clean config
answered Aug 29 '16 at 6:09
Fabian SchmenglerFabian Schmengler
54.5k20131343
It also happens if the cookie domain in System > Configuration > Web > Cookies is different from the actual site domain.
To remove the setting without access to the admin panel:
use the following SQL query on the MySQL console or in a client like phpMyAdmin:
DELETE FROM core_config_data WHERE path='web/cookie/cookie_domain';
clear the cache. If you are using the default file based cache backend, delete all directories below
var/cache.
Then as soon as you can log in again, set the correct cookie domain for each website or store (Example: .example.com for example.com, www.example.com and all other subdomains)
If you are using n98-magerun (and you should!), the same can be accomplished with:
n98-magerun config:delete web/cookie/cookie_domain
n98-magerun cache:clean config
answered Aug 29 '16 at 6:09
Fabian SchmenglerFabian Schmengler
54.5k20131343
edited Feb 5 '17 at 20:12
answered Aug 29 '16 at 6:09
Fabian SchmenglerFabian Schmengler
54.5k20131343
answered Aug 29 '16 at 6:09
Fabian SchmenglerFabian Schmengler
54.5k20131343
answered Aug 29 '16 at 6:09
Fabian SchmenglerFabian Schmengler
54.5k20131343
54.5k20131343
Hi @fschmengler, please add more details on how to check this setting from phpmyadmin, because user is not able to login to admin panel and some developers who are new to Magento development don't know where to check such settings in database. Sorry, but just for help of new members :)
– Mohit Kumar Arora
Aug 29 '16 at 10:00
@MohitKumarArora you are right, I updated the answer
– Fabian Schmengler
Aug 29 '16 at 10:21
Now I have upvoted. :)
– Mohit Kumar Arora
Aug 29 '16 at 10:27
Magerun for the win. Thanks for the info.
– andy jones
Apr 6 '17 at 16:06
n98 way works fantastic. Thanks for the info.
– andy jones
May 3 '17 at 10:14
|
show 2 more comments
Hi @fschmengler, please add more details on how to check this setting from phpmyadmin, because user is not able to login to admin panel and some developers who are new to Magento development don't know where to check such settings in database. Sorry, but just for help of new members :)
– Mohit Kumar Arora
Aug 29 '16 at 10:00
@MohitKumarArora you are right, I updated the answer
– Fabian Schmengler
Aug 29 '16 at 10:21
Now I have upvoted. :)
– Mohit Kumar Arora
Aug 29 '16 at 10:27
Magerun for the win. Thanks for the info.
– andy jones
Apr 6 '17 at 16:06
n98 way works fantastic. Thanks for the info.
– andy jones
May 3 '17 at 10:14
Hi @fschmengler, please add more details on how to check this setting from phpmyadmin, because user is not able to login to admin panel and some developers who are new to Magento development don't know where to check such settings in database. Sorry, but just for help of new members :)
– Mohit Kumar Arora
Aug 29 '16 at 10:00
Hi @fschmengler, please add more details on how to check this setting from phpmyadmin, because user is not able to login to admin panel and some developers who are new to Magento development don't know where to check such settings in database. Sorry, but just for help of new members :)
– Mohit Kumar Arora
Aug 29 '16 at 10:00
@MohitKumarArora you are right, I updated the answer
– Fabian Schmengler
Aug 29 '16 at 10:21
@MohitKumarArora you are right, I updated the answer
– Fabian Schmengler
Aug 29 '16 at 10:21
Now I have upvoted. :)
– Mohit Kumar Arora
Aug 29 '16 at 10:27
Now I have upvoted. :)
– Mohit Kumar Arora
Aug 29 '16 at 10:27
Magerun for the win. Thanks for the info.
– andy jones
Apr 6 '17 at 16:06
Magerun for the win. Thanks for the info.
– andy jones
Apr 6 '17 at 16:06
n98 way works fantastic. Thanks for the info.
– andy jones
May 3 '17 at 10:14
n98 way works fantastic. Thanks for the info.
– andy jones
May 3 '17 at 10:14
|
show 2 more comments
I am posting the question / answer because I couldn't find anything relevant.
The issue was that the drive on which my magento installation resides was full. I freed up some room, clear the /var/session and /var/cache and everything went back to normal.
answered Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,369115096
1
Warning: deletingvar/sessionwill log out everybody and clear all guest carts. See here for a solution that only removes old sessions: magento.stackexchange.com/a/58167/243
– Fabian Schmengler
Sep 14 '16 at 11:12
@fschmengler yes but do you really want to take a chance with sessions that werent properly created to begin with? When I checked the /var/session there were all kinds of 0kb files which is not normal.
– SR_Magento
Sep 14 '16 at 12:52
1
Absolutely a first thing to check. Been racking my head on this for hours. Thanks!
– Bryant Jackson
Apr 6 '17 at 16:09
For me it was disk space. I found out after trying to git pull, as it failed with disk space related error.
– Damodar Bashyal
Apr 27 '17 at 5:19
@SR_Magento Sir I was removed cache folder and session folder so many time it's works only for some time after some time there is an same issue
– Amaresh Tiwari
May 30 '17 at 13:24
|
show 4 more comments
I am posting the question / answer because I couldn't find anything relevant.
The issue was that the drive on which my magento installation resides was full. I freed up some room, clear the /var/session and /var/cache and everything went back to normal.
answered Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,369115096
1
Warning: deletingvar/sessionwill log out everybody and clear all guest carts. See here for a solution that only removes old sessions: magento.stackexchange.com/a/58167/243
– Fabian Schmengler
Sep 14 '16 at 11:12
@fschmengler yes but do you really want to take a chance with sessions that werent properly created to begin with? When I checked the /var/session there were all kinds of 0kb files which is not normal.
– SR_Magento
Sep 14 '16 at 12:52
1
Absolutely a first thing to check. Been racking my head on this for hours. Thanks!
– Bryant Jackson
Apr 6 '17 at 16:09
For me it was disk space. I found out after trying to git pull, as it failed with disk space related error.
– Damodar Bashyal
Apr 27 '17 at 5:19
@SR_Magento Sir I was removed cache folder and session folder so many time it's works only for some time after some time there is an same issue
– Amaresh Tiwari
May 30 '17 at 13:24
|
show 4 more comments
I am posting the question / answer because I couldn't find anything relevant.
The issue was that the drive on which my magento installation resides was full. I freed up some room, clear the /var/session and /var/cache and everything went back to normal.
answered Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,369115096
I am posting the question / answer because I couldn't find anything relevant.
The issue was that the drive on which my magento installation resides was full. I freed up some room, clear the /var/session and /var/cache and everything went back to normal.
answered Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,369115096
answered Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,369115096
answered Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,369115096
answered Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,369115096
3,369115096
1
Warning: deletingvar/sessionwill log out everybody and clear all guest carts. See here for a solution that only removes old sessions: magento.stackexchange.com/a/58167/243
– Fabian Schmengler
Sep 14 '16 at 11:12
@fschmengler yes but do you really want to take a chance with sessions that werent properly created to begin with? When I checked the /var/session there were all kinds of 0kb files which is not normal.
– SR_Magento
Sep 14 '16 at 12:52
1
Absolutely a first thing to check. Been racking my head on this for hours. Thanks!
– Bryant Jackson
Apr 6 '17 at 16:09
For me it was disk space. I found out after trying to git pull, as it failed with disk space related error.
– Damodar Bashyal
Apr 27 '17 at 5:19
@SR_Magento Sir I was removed cache folder and session folder so many time it's works only for some time after some time there is an same issue
– Amaresh Tiwari
May 30 '17 at 13:24
|
show 4 more comments
1
Warning: deletingvar/sessionwill log out everybody and clear all guest carts. See here for a solution that only removes old sessions: magento.stackexchange.com/a/58167/243
– Fabian Schmengler
Sep 14 '16 at 11:12
@fschmengler yes but do you really want to take a chance with sessions that werent properly created to begin with? When I checked the /var/session there were all kinds of 0kb files which is not normal.
– SR_Magento
Sep 14 '16 at 12:52
1
Absolutely a first thing to check. Been racking my head on this for hours. Thanks!
– Bryant Jackson
Apr 6 '17 at 16:09
For me it was disk space. I found out after trying to git pull, as it failed with disk space related error.
– Damodar Bashyal
Apr 27 '17 at 5:19
@SR_Magento Sir I was removed cache folder and session folder so many time it's works only for some time after some time there is an same issue
– Amaresh Tiwari
May 30 '17 at 13:24
1
1
Warning: deleting
var/session will log out everybody and clear all guest carts. See here for a solution that only removes old sessions: magento.stackexchange.com/a/58167/243– Fabian Schmengler
Sep 14 '16 at 11:12
Warning: deleting
var/session will log out everybody and clear all guest carts. See here for a solution that only removes old sessions: magento.stackexchange.com/a/58167/243– Fabian Schmengler
Sep 14 '16 at 11:12
@fschmengler yes but do you really want to take a chance with sessions that werent properly created to begin with? When I checked the /var/session there were all kinds of 0kb files which is not normal.
– SR_Magento
Sep 14 '16 at 12:52
@fschmengler yes but do you really want to take a chance with sessions that werent properly created to begin with? When I checked the /var/session there were all kinds of 0kb files which is not normal.
– SR_Magento
Sep 14 '16 at 12:52
1
1
Absolutely a first thing to check. Been racking my head on this for hours. Thanks!
– Bryant Jackson
Apr 6 '17 at 16:09
Absolutely a first thing to check. Been racking my head on this for hours. Thanks!
– Bryant Jackson
Apr 6 '17 at 16:09
For me it was disk space. I found out after trying to git pull, as it failed with disk space related error.
– Damodar Bashyal
Apr 27 '17 at 5:19
For me it was disk space. I found out after trying to git pull, as it failed with disk space related error.
– Damodar Bashyal
Apr 27 '17 at 5:19
@SR_Magento Sir I was removed cache folder and session folder so many time it's works only for some time after some time there is an same issue
– Amaresh Tiwari
May 30 '17 at 13:24
@SR_Magento Sir I was removed cache folder and session folder so many time it's works only for some time after some time there is an same issue
– Amaresh Tiwari
May 30 '17 at 13:24
|
show 4 more comments
There are 3 solutions:
Use these commands in phpmyadmin
DELETE FROM core_config_data WHERE path='web/cookie/cookie_domain';
DELETE FROM core_config_data WHERE path='web/cookie/cookie_path';
Now Try to login.
2.Delete everything in var folder and then check if it works.
3.Replace the .htaccess file with sample .htaccess file and then try to login the admin.
Hope it help you.
edited Oct 24 '17 at 12:06
Manoj Deswal
4,30591743
answered Oct 24 '17 at 12:04
LokranjanLokranjan
311
add a comment |
There are 3 solutions:
Use these commands in phpmyadmin
DELETE FROM core_config_data WHERE path='web/cookie/cookie_domain';
DELETE FROM core_config_data WHERE path='web/cookie/cookie_path';
Now Try to login.
2.Delete everything in var folder and then check if it works.
3.Replace the .htaccess file with sample .htaccess file and then try to login the admin.
Hope it help you.
edited Oct 24 '17 at 12:06
Manoj Deswal
4,30591743
answered Oct 24 '17 at 12:04
LokranjanLokranjan
311
add a comment |
There are 3 solutions:
Use these commands in phpmyadmin
DELETE FROM core_config_data WHERE path='web/cookie/cookie_domain';
DELETE FROM core_config_data WHERE path='web/cookie/cookie_path';
Now Try to login.
2.Delete everything in var folder and then check if it works.
3.Replace the .htaccess file with sample .htaccess file and then try to login the admin.
Hope it help you.
edited Oct 24 '17 at 12:06
Manoj Deswal
4,30591743
answered Oct 24 '17 at 12:04
LokranjanLokranjan
311
There are 3 solutions:
Use these commands in phpmyadmin
DELETE FROM core_config_data WHERE path='web/cookie/cookie_domain';
DELETE FROM core_config_data WHERE path='web/cookie/cookie_path';
Now Try to login.
2.Delete everything in var folder and then check if it works.
3.Replace the .htaccess file with sample .htaccess file and then try to login the admin.
Hope it help you.
edited Oct 24 '17 at 12:06
Manoj Deswal
4,30591743
answered Oct 24 '17 at 12:04
LokranjanLokranjan
311
edited Oct 24 '17 at 12:06
Manoj Deswal
4,30591743
edited Oct 24 '17 at 12:06
Manoj Deswal
4,30591743
edited Oct 24 '17 at 12:06
Manoj Deswal
4,30591743
4,30591743
answered Oct 24 '17 at 12:04
LokranjanLokranjan
311
answered Oct 24 '17 at 12:04
LokranjanLokranjan
311
answered Oct 24 '17 at 12:04
LokranjanLokranjan
311
311
add a comment |
add a comment |
Another possible, somewhat obvious, problem to check first: if your site uses SSL, make sure you're not using the http protocol for your admin page; you should be using https. e.g. https://example.com/admin
answered Oct 18 '17 at 13:15
voxoidvoxoid
1214
add a comment |
Another possible, somewhat obvious, problem to check first: if your site uses SSL, make sure you're not using the http protocol for your admin page; you should be using https. e.g. https://example.com/admin
answered Oct 18 '17 at 13:15
voxoidvoxoid
1214
add a comment |
Another possible, somewhat obvious, problem to check first: if your site uses SSL, make sure you're not using the http protocol for your admin page; you should be using https. e.g. https://example.com/admin
answered Oct 18 '17 at 13:15
voxoidvoxoid
1214
Another possible, somewhat obvious, problem to check first: if your site uses SSL, make sure you're not using the http protocol for your admin page; you should be using https. e.g. https://example.com/admin
answered Oct 18 '17 at 13:15
voxoidvoxoid
1214
answered Oct 18 '17 at 13:15
voxoidvoxoid
1214
answered Oct 18 '17 at 13:15
voxoidvoxoid
1214
answered Oct 18 '17 at 13:15
voxoidvoxoid
1214
1214
add a comment |
add a comment |
In my case the problem seems to be because I've created the admin user using n98-magerun with an user that cannot write on magentofolder/var and used the fallback folder /tmp/magento instead.
I just deleted my admin user and executed a sudo -iu OTHERUSER(user that owns the magento folder) and ran n98-magerun admin:user:create again to create my user.
UPDATE: In another case, the admin url has being visited without www. syntax, and the cookie settings was using www. Just putting the www. in the admin url solved the problem. ;)
answered Mar 14 '18 at 4:17
Ricardo MartinsRicardo Martins
600420
Shouldn't this beadmin:user:create?
– sr9yar
Nov 21 '18 at 19:22
add a comment |
In my case the problem seems to be because I've created the admin user using n98-magerun with an user that cannot write on magentofolder/var and used the fallback folder /tmp/magento instead.
I just deleted my admin user and executed a sudo -iu OTHERUSER(user that owns the magento folder) and ran n98-magerun admin:user:create again to create my user.
UPDATE: In another case, the admin url has being visited without www. syntax, and the cookie settings was using www. Just putting the www. in the admin url solved the problem. ;)
answered Mar 14 '18 at 4:17
Ricardo MartinsRicardo Martins
600420
Shouldn't this beadmin:user:create?
– sr9yar
Nov 21 '18 at 19:22
add a comment |
In my case the problem seems to be because I've created the admin user using n98-magerun with an user that cannot write on magentofolder/var and used the fallback folder /tmp/magento instead.
I just deleted my admin user and executed a sudo -iu OTHERUSER(user that owns the magento folder) and ran n98-magerun admin:user:create again to create my user.
UPDATE: In another case, the admin url has being visited without www. syntax, and the cookie settings was using www. Just putting the www. in the admin url solved the problem. ;)
answered Mar 14 '18 at 4:17
Ricardo MartinsRicardo Martins
600420
In my case the problem seems to be because I've created the admin user using n98-magerun with an user that cannot write on magentofolder/var and used the fallback folder /tmp/magento instead.
I just deleted my admin user and executed a sudo -iu OTHERUSER(user that owns the magento folder) and ran n98-magerun admin:user:create again to create my user.
UPDATE: In another case, the admin url has being visited without www. syntax, and the cookie settings was using www. Just putting the www. in the admin url solved the problem. ;)
answered Mar 14 '18 at 4:17
Ricardo MartinsRicardo Martins
600420
edited Nov 22 '18 at 4:34
answered Mar 14 '18 at 4:17
Ricardo MartinsRicardo Martins
600420
answered Mar 14 '18 at 4:17
Ricardo MartinsRicardo Martins
600420
answered Mar 14 '18 at 4:17
Ricardo MartinsRicardo Martins
600420
600420
Shouldn't this beadmin:user:create?
– sr9yar
Nov 21 '18 at 19:22
add a comment |
Shouldn't this beadmin:user:create?
– sr9yar
Nov 21 '18 at 19:22
Shouldn't this be
admin:user:create?– sr9yar
Nov 21 '18 at 19:22
Shouldn't this be
admin:user:create?– sr9yar
Nov 21 '18 at 19:22
add a comment |
Along with the above step of clearing cache, i also had to follow the below article and set the session data information in correct path by following the below steps
Ref article
https://stackoverflow.com/questions/26123081/failed-to-write-session-data-magento
I fixed it by changing the session.save_path to place it in the VM.
Change the file app/etc/local.xml
replaced with below
Then it started working. Also at times you cannot really tell the issue, thus it is important you enable error logging. Enable this by referring to following article
https://www.thecreativedev.com/how-to-enable-system-log-and-errorswarning-in-magento/
answered 10 hours ago
Abhishek ChowlaAbhishek Chowla
1
New contributor
Abhishek Chowla is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
Along with the above step of clearing cache, i also had to follow the below article and set the session data information in correct path by following the below steps
Ref article
https://stackoverflow.com/questions/26123081/failed-to-write-session-data-magento
I fixed it by changing the session.save_path to place it in the VM.
Change the file app/etc/local.xml
replaced with below
Then it started working. Also at times you cannot really tell the issue, thus it is important you enable error logging. Enable this by referring to following article
https://www.thecreativedev.com/how-to-enable-system-log-and-errorswarning-in-magento/
answered 10 hours ago
Abhishek ChowlaAbhishek Chowla
1
New contributor
Abhishek Chowla is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
Along with the above step of clearing cache, i also had to follow the below article and set the session data information in correct path by following the below steps
Ref article
https://stackoverflow.com/questions/26123081/failed-to-write-session-data-magento
I fixed it by changing the session.save_path to place it in the VM.
Change the file app/etc/local.xml
replaced with below
Then it started working. Also at times you cannot really tell the issue, thus it is important you enable error logging. Enable this by referring to following article
https://www.thecreativedev.com/how-to-enable-system-log-and-errorswarning-in-magento/
answered 10 hours ago
Abhishek ChowlaAbhishek Chowla
1
New contributor
Abhishek Chowla is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Along with the above step of clearing cache, i also had to follow the below article and set the session data information in correct path by following the below steps
Ref article
https://stackoverflow.com/questions/26123081/failed-to-write-session-data-magento
I fixed it by changing the session.save_path to place it in the VM.
Change the file app/etc/local.xml
replaced with below
Then it started working. Also at times you cannot really tell the issue, thus it is important you enable error logging. Enable this by referring to following article
https://www.thecreativedev.com/how-to-enable-system-log-and-errorswarning-in-magento/
answered 10 hours ago
Abhishek ChowlaAbhishek Chowla
1
New contributor
Abhishek Chowla is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 10 hours ago
Abhishek ChowlaAbhishek Chowla
1
New contributor
Abhishek Chowla is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 10 hours ago
Abhishek ChowlaAbhishek Chowla
1
answered 10 hours ago
Abhishek ChowlaAbhishek Chowla
1
1
New contributor
Abhishek Chowla is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Abhishek Chowla is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Abhishek Chowla is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
This is known issue generally comes after applying patch SUPEE-7405 included in Magento 1.9.2.3 release. It can be solved by adding below code in file - app/code/local/Mage/Core/Model/Session.php
public function validateFormKey()
{
if (!($formKey = $_REQUEST['form_key']) || $formKey != $this->getFormKey()) {
return false;
}
return true;
}
This file might not exist in your repository so copy it from app/code/core/Mage/Core/Model/Session.php and paste it in app/code/local/Mage/Core/Model/Session.php After that add above function in file because it may be missing in core file.
Also clear your browser cache and cookies. Clear all files in Magento var/cache and var/session folders contents. Then login to your admin panel.
edited Jan 15 '17 at 1:08
SR_Magento
3,369115096
answered Aug 29 '16 at 6:54
InfoBeansInfoBeans
1885
Ermm..wouldn't a better solution be to add the form key block output to the overridden adminhtml template? (That way the CSRF protection will work as intended).
– Luke A. Leber
Jan 15 '17 at 2:47
1
One should never edit core files.
– Max
Oct 24 '17 at 13:26
add a comment |
This is known issue generally comes after applying patch SUPEE-7405 included in Magento 1.9.2.3 release. It can be solved by adding below code in file - app/code/local/Mage/Core/Model/Session.php
public function validateFormKey()
{
if (!($formKey = $_REQUEST['form_key']) || $formKey != $this->getFormKey()) {
return false;
}
return true;
}
This file might not exist in your repository so copy it from app/code/core/Mage/Core/Model/Session.php and paste it in app/code/local/Mage/Core/Model/Session.php After that add above function in file because it may be missing in core file.
Also clear your browser cache and cookies. Clear all files in Magento var/cache and var/session folders contents. Then login to your admin panel.
edited Jan 15 '17 at 1:08
SR_Magento
3,369115096
answered Aug 29 '16 at 6:54
InfoBeansInfoBeans
1885
Ermm..wouldn't a better solution be to add the form key block output to the overridden adminhtml template? (That way the CSRF protection will work as intended).
– Luke A. Leber
Jan 15 '17 at 2:47
1
One should never edit core files.
– Max
Oct 24 '17 at 13:26
add a comment |
This is known issue generally comes after applying patch SUPEE-7405 included in Magento 1.9.2.3 release. It can be solved by adding below code in file - app/code/local/Mage/Core/Model/Session.php
public function validateFormKey()
{
if (!($formKey = $_REQUEST['form_key']) || $formKey != $this->getFormKey()) {
return false;
}
return true;
}
This file might not exist in your repository so copy it from app/code/core/Mage/Core/Model/Session.php and paste it in app/code/local/Mage/Core/Model/Session.php After that add above function in file because it may be missing in core file.
Also clear your browser cache and cookies. Clear all files in Magento var/cache and var/session folders contents. Then login to your admin panel.
edited Jan 15 '17 at 1:08
SR_Magento
3,369115096
answered Aug 29 '16 at 6:54
InfoBeansInfoBeans
1885
This is known issue generally comes after applying patch SUPEE-7405 included in Magento 1.9.2.3 release. It can be solved by adding below code in file - app/code/local/Mage/Core/Model/Session.php
public function validateFormKey()
{
if (!($formKey = $_REQUEST['form_key']) || $formKey != $this->getFormKey()) {
return false;
}
return true;
}
This file might not exist in your repository so copy it from app/code/core/Mage/Core/Model/Session.php and paste it in app/code/local/Mage/Core/Model/Session.php After that add above function in file because it may be missing in core file.
Also clear your browser cache and cookies. Clear all files in Magento var/cache and var/session folders contents. Then login to your admin panel.
edited Jan 15 '17 at 1:08
SR_Magento
3,369115096
answered Aug 29 '16 at 6:54
InfoBeansInfoBeans
1885
edited Jan 15 '17 at 1:08
SR_Magento
3,369115096
edited Jan 15 '17 at 1:08
SR_Magento
3,369115096
edited Jan 15 '17 at 1:08
SR_Magento
3,369115096
3,369115096
answered Aug 29 '16 at 6:54
InfoBeansInfoBeans
1885
answered Aug 29 '16 at 6:54
InfoBeansInfoBeans
1885
answered Aug 29 '16 at 6:54
InfoBeansInfoBeans
1885
1885
Ermm..wouldn't a better solution be to add the form key block output to the overridden adminhtml template? (That way the CSRF protection will work as intended).
– Luke A. Leber
Jan 15 '17 at 2:47
1
One should never edit core files.
– Max
Oct 24 '17 at 13:26
add a comment |
Ermm..wouldn't a better solution be to add the form key block output to the overridden adminhtml template? (That way the CSRF protection will work as intended).
– Luke A. Leber
Jan 15 '17 at 2:47
1
One should never edit core files.
– Max
Oct 24 '17 at 13:26
Ermm..wouldn't a better solution be to add the form key block output to the overridden adminhtml template? (That way the CSRF protection will work as intended).
– Luke A. Leber
Jan 15 '17 at 2:47
Ermm..wouldn't a better solution be to add the form key block output to the overridden adminhtml template? (That way the CSRF protection will work as intended).
– Luke A. Leber
Jan 15 '17 at 2:47
1
1
One should never edit core files.
– Max
Oct 24 '17 at 13:26
One should never edit core files.
– Max
Oct 24 '17 at 13:26
add a comment |
Thanks for contributing an answer to Magento Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e) {
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom)) {
StackExchange.using('gps', function() { StackExchange.gps.track('embedded_signup_form.view', { location: 'question_page' }); });
$window.unbind('scroll', onScroll);
}
};
$window.on('scroll', onScroll);
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fmagento.stackexchange.com%2fquestions%2f133459%2finvalid-form-key-please-refresh-the-page-cannot-login-to-admin-panel%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e) {
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom)) {
StackExchange.using('gps', function() { StackExchange.gps.track('embedded_signup_form.view', { location: 'question_page' }); });
$window.unbind('scroll', onScroll);
}
};
$window.on('scroll', onScroll);
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e) {
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom)) {
StackExchange.using('gps', function() { StackExchange.gps.track('embedded_signup_form.view', { location: 'question_page' }); });
$window.unbind('scroll', onScroll);
}
};
$window.on('scroll', onScroll);
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e) {
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom)) {
StackExchange.using('gps', function() { StackExchange.gps.track('embedded_signup_form.view', { location: 'question_page' }); });
$window.unbind('scroll', onScroll);
}
};
$window.on('scroll', onScroll);
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
