MyBB Community Forums

Hello

I really don't know why i can't figure out how to fix this forsaken error:

"Authorization Code Mismatch: Are you accessing this function correctly? Please go back and try again"

I tried following all fixes presented here but it seems not working at all. There is something wrong with regards to cache on my end, however i can't figure out yet on how to fix it. I am hosting my forum on a vps using xampp with cloudflare. I already disable cache on xampp, put cloudflare on development mode and purge caches but this seems to be always haunting back. 

So I wanted to disregard this check every time the user login. It's like we are just going to check if the username and password match in the database, no post key checks or whatever for the user to log in. How am i going to do it? What php files must i modify, particularly what line of code must i comment out or remove?

Thanks for the help.

I gave you a modification, didn't that help?

(2019-06-05, 04:57 AM)effone Wrote: [ -> ]I gave you a modification, didn't that help?

It did not. So i really need this bypass. We can control incoming users on our forum so i think it would not be a problem and i am willing to take the risks.

Latest:

I gave you something which will return a fixed string code to any user, every time.
How can that be altered? If your code is still mismatching then this is the end of my knowledge.

Again, if you missed:
Open inc/functions.php, go to line around 619, find the function generate_post_check() { }
Replace the entire function with:

function generate_post_check()
{
    return md5("nofeara");
}

(2019-06-06, 11:40 AM)effone Wrote: [ -> ]I gave you something which will return a fixed string code to any user, every time.
How can that be altered? If your code is still mismatching then this is the end of my knowledge.

Again, if you missed:
Open inc/functions.php, go to line around 619, find the function generate_post_check() { }
Replace the entire function with:

function generate_post_check()
{
    return md5("nofeara");
}

@effone,

Does this look OK to you with website's functions.php coding? (I did not do this coding, I think my former admin did this modification)

Thats the default code of the said function, @serpius. Its perfect and fine as you have now.
OP is having problem with regeneration of code in every page refresh and wanted to bypass the check.

Bypassing check is a huge modification, so I have provided him a modification which sets a fixed authentication code in every scenario.
Note, this modification will reduce your site security in certain level (CSRF) but apparently OP is ready to intake the risk.

(2019-06-06, 11:40 AM)effone Wrote: [ -> ]I gave you something which will return a fixed string code to any user, every time.
How can that be altered? If your code is still mismatching then this is the end of my knowledge.

Again, if you missed:
Open inc/functions.php, go to line around 619, find the function generate_post_check() { }
Replace the entire function with:

function generate_post_check()
{
    return md5("nofeara");
}

Yep, i missed this one...

I will be updating the results.

It's working!!!

Thank You Very Much

(2019-06-06, 11:40 AM)effone Wrote: [ -> ]

function generate_post_check()
{
    return md5("nofeara");
}

Unfortunately, it is the only real "fix" for this problem... (I tried all of them) Even with 1.8.22 version. It used to login OK from most of browsers in 99% of login attempts, it shows mismatch error pretty rarely (it seems, it happens more often with new firefox), but it doesn't work at all when using torbrowser, I used latest clean torbrowser version for Linux without any additional addons. And this issue even exist on this forum (!)

(2020-03-28, 08:51 AM)ILUXA Wrote: [ -> ]but it doesn't work at all when using torbrowser, I used latest clean torbrowser version for Linux without any additional addons. And this issue even exist on this forum (!)

In the Storage Inspector, can you see a cookie with Name sid? Does its Value change with page reload?