6.0.0-beta1
7/5/25

[#9349] SyncML delete prefs form token issue
Summary SyncML delete prefs form token issue
Queue Horde Groupware
Queue Version 1.2.8
Type Bug
State Resolved
Priority 2. Medium
Owners jan (at) horde (dot) org
Requester slusarz (at) horde (dot) org
Created 10/28/2010 (5364 days ago)
Due
Updated 06/28/2011 (5121 days ago)
Assigned 11/04/2010 (5357 days ago)
Resolved 06/28/2011 (5121 days ago)
Github Issue Link
Github Pull Request
Milestone 1.2.9
Patch No

History
06/28/2011 06:00:10 PM Jan Schneider Comment #12
Assigned to Jan Schneider
State ⇒ Resolved
Reply to this comment
Nice catch!
06/28/2011 05:53:06 PM dunix (at) gmx (dot) de Comment #10 Reply to this comment
So, changing line 35 in templates/syncml/syncml.inc to
There is another short open tag in that file on line 51
06/28/2011 05:45:01 PM dunix (at) gmx (dot) de Comment #9 Reply to this comment
You could check if you have a hidden horde_prefs_token field in the 
forms on that preference page.
I have one, but it has no value because there is a short open tag   
that is not interpreted anymore on my server.

So, changing line 35 in templates/syncml/syncml.inc to
<input type="hidden" value="<?php echo 
Horde::getRequestToken('horde_prefs') ?>" name="horde_prefs_token">
fixed the problem for me.
06/28/2011 04:22:45 PM Jan Schneider Comment #8 Reply to this comment
What additional information to provide?
You could check if you have a hidden horde_prefs_token field in the 
forms on that preference page.
06/28/2011 03:57:25 PM dunix (at) gmx (dot) de Comment #7 Reply to this comment
Same here, also with Horde 3.3.11
06/22/2011 07:10:32 PM jfrey (at) gmx (dot) de Comment #6 Reply to this comment
Going to mark as not a bug since it can't be replicated.
I can reproduce this issue on horde 3.3.11 - simply need to click 
"Delete" for any sync session or "Delete all" in SyncML options page.

What additional information to provide?
01/20/2011 05:02:46 AM Michael Slusarz Comment #5 Reply to this comment
Changes have been made in Git for this ticket:
Wrong bug report.
01/20/2011 05:02:19 AM Git Commit Comment #4 Reply to this comment
Changes have been made in Git for this ticket:

Bug #9349: Fix new subfolder doesn't show in folder list
Problem only occurred if all (unsubscribed) folders are viewed.
hasChildren() was always returning true because we created the parent
element before making the initial hasChildren() check.  Need to check
for children before this.

http://git.horde.org/horde-git/-/commit/245d08ddc7d2f1b0d72eee0b3f96ebc164534899
11/08/2010 09:12:07 PM Michael Slusarz Comment #3
State ⇒ Not A Bug
Reply to this comment
Going to mark as not a bug since it can't be replicated.
11/04/2010 11:12:21 AM Jan Schneider Comment #2
State ⇒ Feedback
Reply to this comment
I don't see this. I can delete individual sync anchors and all anchors 
at once just fine.
10/28/2010 10:33:36 PM Michael Slusarz Comment #1
Patch ⇒ No
State ⇒ Unconfirmed
Milestone ⇒ 1.2.9
Queue ⇒ Horde Groupware
Summary ⇒ SyncML delete prefs form token issue
Type ⇒ Bug
Priority ⇒ 2. Medium
Reply to this comment
From Ticket #9289:

Unfortunately after upgrade I still get "We cannot verify that this
request..." when trying to delete sync sessions from
Horde/Options/SyncML.

Oct 27 22:23:28 direwolf horde[8584]: [horde] Backend of class
SyncML_Backend_Horde created [pid 8584 on line 287 of
"/usr/local/www/horde/lib/SyncML/Backend.php"]
Oct 27 22:23:28 direwolf horde[8584]: [horde] We cannot verify that
this request was really sent by you. It could be a malicious request.
If you intended to perform this action, you can retry it now. [pid
8584 on line 176 of "/usr/local/www/horde/lib/Horde/Notification.php"]
Oct 27 22:23:28 direwolf horde[8584]: [horde] SQL Query by
SyncML_Backend_Horde::getUserAnchors(): SELECT syncml_syncpartner,
syncml_db, syncml_clientanchor, syncml_serveranchor FROM
horde_syncml_anchors WHERE syncml_uid = ?, values: peo [pid 8584 on
line 650 of "/usr/local/www/horde/lib/SyncML/Backend/Horde.php"]

Saved Queries