Thread

I’m having an issue with a few of my safecracker forms that I’m really hoping you can help with.  I’m running EE 2.3.1 and I have a safecracker form that allows guests to submit team information into one of our channels.  Occasionally, when someone fills out the form and then hits submit, it just reloads the safecracker form page and blanks out all of the fields they just filled out.  Nothing is actually submitted, the user isn’t taken to the return page.  This has happened to some people multiple times in a row and it never works for them, but for others they have come back to it the next morning and the submission works just fine.  I personally haven’t been able to recreate this issue, but others in our office have.

I have the user session type set to cookies only and have the safecracker module settings set up to allow guest submissions.

This form is extremely important to our organization right now, so I’m hoping to figure out what’s going on as quick as possible.  It’s a long form and people are losing a lot of time trying to fill out the form over and over again.

Have you seen this issue before?  Any help you can provide me in tracking this down?

I have a lot of validation rules in the safecracker code, but here’s the complete safecracker tag if that helps.  I can post the entire form if need be.

{exp:safecracker channel="team_information"
class="appnitro" id="team-information"
logged_out_member_id="##" 
status="closed"
dynamic_title="School Name [team_year] - [team_conference] Football"
secure_action="yes"
secure_return="yes"
preserve_checkboxes="yes"
return="temple_group/template"
rules:submitter_email_address="required|valid_email"
rules:team_school_city="required"
rules:team_school_zip_code="required"
rules:team_school_phone="required"
rules:team_district="required"
rules:team_school_current_enrollment="required"
rules:team_colors="required"
rules:team_mascot="required"
rules:team_head_coach_name="required"
rules:team_head_coach_college="required"
rules:team_head_coach_home_phone="required"
rules:team_head_coach_cell_phone="required"
rules:team_athletic_director_name="required"
rules:team_athletic_director_phone="required"
rules:team_principal_name="required"
rules:team_superintendent_name="required"
rules:team_supt_principal_phone="required"
rules:football_player_info="required"
rules:team_manager_trainer_stat="required"
rules:team_season_games="required"
rules:team_playoff_games="required"
rules:team_district_place="required"
rules:team_record="required"
rules:team_state_appearances="required"
rules:team_state_years="required"
error_handling="inline"}

Hi, Stephen.

Are they not filling in some of the required fields? Do they go to the return form if they fill out everything they should?

Hi Sue,

They are filling out all of the required fields.  If they don’t fill out the required fields, the error messages show up just fine, then they can fill out the fields they left blank, submit the form, and it works.

If everything is filled out correctly they go to the return page as they should.  We’ve had about 110 forms submitted successfully and maybe 10 of them have had this issue where they hit submit and the form page reloads with everything blanked out.  It’s really odd.  I have a number of other safecracker forms on my site and haven’t had this issue with any of the others.

Thanks again for your help with this.

Something I just noticed that I don’t think would be related to this, but I wanted to pass on the info just in case.  Since I upgraded to EE 2.3.1 from EE 2.2.2 I’ve noticed that I’m getting logged out of the control panel rather quickly.  For example, I just logged into the control panel to make some changes, navigated to the entry I wanted to edit, and started editing it.  After a few minutes I got the drop down from the top of the window about my session being expired and needing to log in again.  I wasn’t on the site that long, so it seems a bit odd that my session is expiring so quickly.  It seems like this wouldn’t have any effect on the safecracker form since I have the User Session Type set to “Cookies Only”, but I figured it couldn’t hurt to let you know.

The Safecracker form is set to allow guests to post, but maybe there’s some issue with the user session it is using to allow them to post an entry as the anonymous user I have set up for this purpose.

Also, in case this might have an affect as well, I made a change to my safecracker_lib.php file to fix the bug mentioned in this bug report: https://support.ellislab.com/bugs/detail/16034.

Hi, Stephen T -

We often seen issues with form submissions where .htaccess is at play in some way modifying the domain for the URL.  Can you post your entire .htaccess file so we can assess if that might be one of the contributing factors?

Also do you know if there is a long time between form load and form submission?

Hi Lisa,

Some people who have had this issue with the form took a long time to fill it out (30 minutes or so), but there are a few others that have had the same issue just testing the form and only taking a couple of minutes to fill it out.

Below is my .htaccess file.  I’ve removed references to specific folders or files in the Rewrite Conditions.

# Secure .htaccess file
<Files .htaccess>
order allow,deny
deny from all
</Files>

# Don't show any directory without an index file
Options -Indexes

# Don't list files in index pages
IndexIgnore *

Deny from certainipaddress
Deny from certainipaddress
Allow from all

Redirect /url <a href="http://anotherurl.com">http://anotherurl.com</a>
Redirect 301 /url/url <a href="http://www.anotherurl.org/folder">http://www.anotherurl.org/folder</a>

RewriteEngine on

## Rewrite all urls to include www:
RewriteCond %{HTTP_HOST} ^domain.org
RewriteRule (.*) <a href="http://www.domain.org/$1">http://www.domain.org/$1</a> [R=301,L]

## Rewrite https for all control panel pages - Code from <a href="http://feistygoat.com/blog/2010/10/force-ssl-in-expressionengine/">http://feistygoat.com/blog/2010/10/force-ssl-in-expressionengine/</a>
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ - [E=site_url:http://www.domain.org/]

RewriteCond %{SERVER_PORT} 443
RewriteRule ^(.*)$ - [E=site_url:https://www.domain.org/]

RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} url1|url2|member|url3|^/forms|^/form|url4|url5
RewriteRule ^(.*)$ <a href="https://www.domain.org/$1">https://www.domain.org/$1</a> [R,L]

## Exclude Method:
RewriteCond $1 !^(list_of_folders|and_files) [NC]
RewriteRule ^(.*)$ /index.php/$1 [L]

I should also note I’ve made a change in my config.php file to assist with forcing https for certain URLs.  I added these two variables:

$config['base_url']= apache_getenv("site_url");
$config['site_url']= apache_getenv("site_url");

I wish there was a better way to handle ssl in EE so I didn’t have to resort to changing the config.php file, but this is the only way I’ve been able to figure out how to handle it.

One other odd thing I’ve noticed that I don’t think is related, but might be.  I’m using ssl on this safecracker form, but for some reason the form page is pulling in images from my homepage over http, which is making the form page appear to be not entirely secure.  Those images aren’t linked anywhere on the page or in the css.  When I add the parameter safecracker_head=“no” to the safecracker tag, those images are no longer pulled in and the form page appears to be completely secure.  If I use the default and do not set safecracker_head=“no” then the form page pulls in those unsecure images from my homepage.  Does that make any sense?  It took me a while to figure out that those images were only being pulled in if the safecracker_head was set to “yes”.  This is happening with all the safecracker forms on my site.

Thanks again for your help.  I’m really trying to get this figured out in the next day or two so I know if we need to completely switch directions with these forms and look into another solution.

Hi, Stephen,

I suspect that the issue is here:

## Rewrite all urls to include www:
RewriteCond %{HTTP_HOST} ^domain.org
RewriteRule (.*) <a href="http://www.domain.org/$1">http://www.domain.org/$1</a> [R=301,L]

If the domains don’t match (www vs non www) the form submission will fail. If you remove that rule, do the form submissions start to work consistently?

Thanks!

Hi Lisa,

I can certainly try that, but why would the domains not match?  Are you referring to the domain of the form page and the results page not matching?  Those should always match, since it just has the path in the safecracker parameter, right?

I always use the www subdomain for all links and I’d like to force users to the www version of the site.  Is there a better way to do that?  I know it’s not something you specifically support, but if it’s breaking my safecracker forms, I’d like to figure out another way to handle the same thing.

Hi, Stephen -

The form submission domain changing can throw off the matching domains. We see this a lot when forcing the addition or removal of www; also the forcible addition or removal of the trailing slash can cause the same thing.

There have been some solutions posted on this forum though it’s not something we can explicitly support.  My recommendation before troubleshooting it is to confirm if that ist he problem or not by removing that rule and seeing if form submissions start to work consistently.

Got it - I’ll stop forcing the www in the .htaccess file to see if that helps.  It may take a while to test this though because we had about 100 successful submissions before we ever had a problem.  I’ll post back here when I can tell if this fixes it or not.

Thanks for your help.

Hey Stephen -

Any news on the testing process?

Thanks!

Hi Lisa,

Looks like forcing the www through .htaccess isn’t the culprit.  I removed that code from the .htaccess file and someone in my organization who was helping me test this issue had the form partially blank out again.  This time he said he filled out the form and before he hit submit the page reloaded on him on it’s own (doesn’t sound right to me, but that’s what he said).  When the page reloaded, the matrix fields, dropdown fields, and textarea fields were all blank.  There were no errors with the required fields or else I would say it was related to the page reloading because one of the required fields wasn’t filled out and those particular fields didn’t have their data carried through.

I still haven’t been able to recreate the problem on my own, so I apologize for not having better information for you.  There are a few errors and warnings showing up in the error console when the page loads.  I don’t think these are related directly to this issue, but I’d like to get these solved as well.

Failed to load resource: the server responded with a status of 404 (Not Found)
<a href="https://www.domain.org/themes/cp_themes/default/images/ui-bg_highlight-hard_0_ecf1f4_1x100.png">https://www.domain.org/themes/cp_themes/default/images/ui-bg_highlight-hard_0_ecf1f4_1x100.png</a>

The page at <a href="https://www.domain.org/forms/formname">https://www.domain.org/forms/formname</a> displayed insecure content from <a href="http://www.domain.org/images/uploads/features/feature-image-001.jpg">http://www.domain.org/images/uploads/features/feature-image-001.jpg</a>.

The first error is odd because the file named ui-bg_highlight-hard_0_ECF1F4_1x100.png is actually in the referenced folder, but the code is referencing a file name where ecf1f4 is not in capital letters.  It looks like this is pulled in from the saef css file, but when I look at the file in cp_themes/default/css/saef.css I don’t see a reference to that file anywhere.

There are several errors similar to the second one I listed about the page trying to pull in insecure content that is only loaded on the homepage.  This is the issue I mentioned earlier in this thread:

I’m using ssl on this safecracker form, but for some reason the form page is pulling in images from my homepage over http, which is making the form page appear to be not entirely secure.  Those images aren’t linked anywhere on the page or in the css.  When I add the parameter safecracker_head=“no” to the safecracker tag, those images are no longer pulled in and the form page appears to be completely secure.  If I use the default and do not set safecracker_head=“no” then the form page pulls in those unsecure images from my homepage.  Does that make any sense?  It took me a while to figure out that those images were only being pulled in if the safecracker_head was set to “yes”.  The particular error is happening with all the safecracker forms on my site.

Thanks again for your help with this.

Hi Stephen,

While the errors you posted above aren’t likely the cause of the issue at hand, I do want you to get those fixed. The first error you mentioned is in reference to this bug. The solution here (until a new version comes out) is to rename the files so they’re lowercase.

The second error is indeed because SafeCracker is loading the image through an insecure connection, so I filed a bug on that for you here.

With regards to the pages reloading with no content, if it’s only happening to some users, that tells me we need to look more specifically at their environments and behavior. Do you know if any of them are using Safari? If so, what version? Safari’s latest versions have been reported to unnecessarily reload pages, and it’s a behavior I’ve seen myself.

Are the pages all reloading themselves, as your co-worker noticed, or is everyone else submitting the form and seeing it return to the same form, empty?

Could you get more information from each of the folks reporting problems about their environment? We’ll need things like their OS, browser, Internet connection type, whether or not they had multiple tabs open, how long they had been on the form before it returned blank, and whether or not they actually submitted the form or it just reloaded the page by itself. Also see if you can get them to change variables in their environment one at a time to determine if it might be specific to a browser or their computer.

Hi Kevin,

Sorry about the delay in responding.  I’ve been trying to collect some data for you and it’s right in the middle of a busy time of year for us here.  I figured those two errors weren’t related, but I wanted to let you know about them just in case.

I’ve been trying to collect some more information on this, but it’s been tricky because I haven’t actually been able to talk to anyone who has reported an issue.  Other people in our office have talked to them and collected a little bit of data, but our user base is not the most technologically savvy, so it’s difficult to get useful information.  For example, one person reported that they were using Bing as their browser and a lot of them don’t know what a browser or operating system is.

We did another trial with this form and had about 12 people submit their team information.  Out of those 12, 4 people reported having the issue where they fill out the complete form, hit submit, and it just takes them to a blank page.  The form is not submitted when this happens - it never shows up in EE and they don’t see any indication of whether the form has successfully submitted or not.  So it appears that it’s not reloading the form page with blank information, it’s actually redirecting them to a page (I don’t know if it’s going to the correct return page url), but it’s completely blank.

Most of the users spend a lot of time filling out the form, so they are on the page anywhere from 15 minutes to one hour before submitting it.  A vast majority of them are using Internet Explorer - mostly version 7 or 8.  One person was using Safari and reported the page reloading on its own, but that seems to be a separate issue from them pressing submit and the form taking them to a blank page.  It doesn’t seem to matter if they change variables in their environment because some people will try to fill it out several times in a row and it will submit successfully on their 3rd or 4th attempt without switching computers, browsers, or changing anything else.

Because of the importance of this form, we had to switch to a much more cumbersome back up system after we got reports of those four errors, so I haven’t been able to collect any more data and I’m not willing to switch back to the Safecracker form until I can figure out what’s been going wrong.  Do you have any other ideas of what I could look into?  Would it help to see the form and the code?

Thanks again for your help.  I’m really hoping we can get this figured out.

Ah! Ok, so just a blank page and nothing is submitted at all. That indicates to me that we’re probably looking at a series of PHP errors that are being thrown. Typically, PHP errors are hidden from non-Super Admins, so everyone else would likely see a blank page. Take a look at this article and follow the suggestions there for troubleshooting this. Once you’ve got your installation set to show all errors to everyone, run the test again and have your team take screenshots or exact copies of the PHP errors they’re presented with. Then make sure to set your installation back so that errors aren’t shown to everyone.

Let me know which PHP errors you’re presented with!