Thread

Hi Guys,
I’m in need of assistance. I have EE 2.1.3 and Forum Module 3.1.2 (just upgraded) running on a membership based site. Everything is working fine within the forum module EXCEPT if the user tries to change their password. Then the following error comes up.

The following errors were encountered

  * The action you have requested is invalid.

Return to Previous Page

I have tested it out and you can change the email address and all other fields in relation to the forum/membership functionality. The error only comes up when the user attempts to change their password.

These are my current settings:
- User session type: Cookies only
- Process form data in secure mode: yes
- require IP address and user agent for login: yes

I am using NSM .htaccess Generator to remove the index.php from the urls.

Any suggestions welcome!
Thanks
Patricia

Moved to Community Help forum by Moderator

Any suggestions welcome!

If there is more information needed please let me know and I can provide it.

Hi Patricia,

Do you have any other add-ons installed?

Can you rename your htaccess temporarily and reinstate index.php in your General Configuration and test again please.

Did it work for you as an administrator or did you just test as a user?

Hi John,
Thanks so much for your reply.

The error came up when anyone admin or general user tried to change their password.

I removed the .htaccess file and I was able to change the password on the admin account so I am presuming that this is the issue. Will I need to add something to the HTaccess file to ensure that this function works with the htaccess file in place?

Many Thanks
Patricia

Hi, Patricia.

Unfortunately we can’t offer direct support for making changes to the .htaccess file. You could check with the author of the add-on or I can move this to the Community Help forum. Let me know if you want to move to that forum.

Hi Sue
That would be great - it seems to be the NSM .htaccess Generator thats the issue so it would be best there I think.
THanks
Patricia

Moving per request..

Thanks so much Sue!

I should have tested the removal of the htaccess file first - I just didn’t think it would be the problem as literally everything else worked.

Has someone come across this issue where the NSM .htaccess Generator blocked the ability of a user to change their password when in the forum section of the site?

My htaccess generator:

# secure .htaccess file
<Files .htaccess>
 order allow,deny
 deny from all
</Files>

# Dont list files in index pages
IndexIgnore *

# EE 404 page for missing pages
ErrorDocument 404 /index.php?/{ee:404}

# Simple 404 for missing files
<FilesMatch "(\.jpe?g|gif|png|bmp)$">
  ErrorDocument 404 "File Not Found"
</FilesMatch>

RewriteEngine On

RewriteBase /

# remove the www
RewriteCond %{HTTP_HOST} ^(www\.$) [NC]
RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# Add a trailing slash to paths without an extension
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} !(\.[a-zA-Z0-9]{1,5}|/)$
RewriteRule ^(.*)$ $1/ [L,R=301]

# Remove index.php
# Uses the "include method"
# <a href="http://expressionengine.com/wiki/Remove_index.php_From_URLs/#Include_List_Method">http://expressionengine.com/wiki/Remove_index.php_From_URLs/#Include_List_Method</a>
RewriteCond %{REQUEST_URI} !(\.[a-zA-Z0-9]{1,5})$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} ^/(forums|course_presentations|download_area|events|faq|international|blog|members|member|news|personnel|programmes|quotes|training|trainingdates|video|videos|main_pages|contact|about|P[0-9]{2,8}) [NC]
RewriteRule ^(.*)$ /index.php?/$1 [L] 

RewriteCond %{QUERY_STRING} ^(ACT=.*)$ [NC,OR]
RewriteCond %{QUERY_STRING} ^(URL=.*)$ [NC,OR]
RewriteCond %{QUERY_STRING} ^(CSS=.*)$ [NC]   
RewriteRule ^(.*)$ /index.php\?&%{QUERY_STRING} [L]

# Remove IE image toolbar
<FilesMatch "\.(html|htm|php)$">
  Header set imagetoolbar "no"
</FilesMatch>

Many Thanks
Patricia

Hi Guys,

Can anyone see what it is about my .htaccess generated file would stop a users ability to change their password?

As far as I can tell the user stays within the “forums” section when they are changing their password. It is the “Control Panel Home” link where you can change all your personal settings.

I was initially thinking that I would need to add a component within this section of my htaccess file:

RewriteCond %{REQUEST_URI} ^/(forums|course_presentations|download_area|events|faq|international|blog|members|member|news|personnel|programmes|quotes|training|trainingdates|video|videos|main_pages|contact|about|P[0-9]{2,8}) [NC]

Any ideas gratefully received!
Many Thanks
Patricia

Hi Guys,
I’m still stuck on this one - I’ve had to remove the .htaccess file completely to ensure that this function works.
I would like to be able to add it back soon.
Any thoughts gratefully received!
Thanks
Patricia

My 2 cents…

Same context (LG htacces generator and removal of index.php) and I had the same issu. I discovered that this is due to the trailing slash rules section.

# Add a trailing slash to paths without an extension
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} !(\.[a-zA-Z0-9]{1,5}|/)$
RewriteRule ^(.*)$ $1/ [L,R=301]

The member template doesn’t seem to like the traling slash addition so just add an extra rule to exclude the member profile templates as follow

# Add a trailing slash to paths without an extension
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} !(\.[a-zA-Z0-9]{1,5}|/)$
RewriteCond %{REQUEST_URI} !(^/member) [NC]
RewriteRule ^(.*)$ $1/ [L,R=301]

Works for me. I hope this helps!

I’m running into the same issue now that I have upgraded to EE2.  I added that condition to .htaccess but no luck yet.  My .htaccess has been created manually so it is a little different.  I’m going to continue digging but if anyone else has run into this and solved it, let me know!

I found the culprit in my .htaccess file:

#RewriteCond %{REQUEST_URI} ^/[^\.]+[^/]$
#RewriteRule ^(.*)$ http://%{HTTP_HOST}/$1/ [R=301,L]

I commented that out and changed from the File/Directory Check method to the Include method and things seem to work now.