Request forged on processwire backend

[Harmster]

Hey,

I am busy with a school project but I get stuck when i placed my website from localhost to my domain. My site runs on a subfolder. /daplays/

/site/assets and all it's subfolders are 777.

I've tried to change things around in the .htaccess but with no result.

Could someone please help me ? 

Thanks in advance

[diogo]

Long shot, but did you delete the cach, logs or sessions folders before moving the site? http://processwire.com/talk/topic/2786-request-seems-to-be-forged/?p=30109

[Harmster]

No I didnt, I did empty it now though and it still doesn't work.

Does it matter that it is in a subdir with an another PW setup in the rootdir?

[ryan]

Subdirectory vs. root doesn't matter. Most likely ProcessWire can't get sessions started. Try removing your /site/assets/sessions/ dir completely, and then re-creating it. Give it whatever permissions are necessary for ProcessWire to write to it. If you do 777, and this is not a dedicated server, then check with your systems administrator to see if you can lock that down a little better. 

[Harmster]

Subdirectory vs. root doesn't matter. Most likely ProcessWire can't get sessions started. Try removing your /site/assets/sessions/ dir completely, and then re-creating it. Give it whatever permissions are necessary for ProcessWire to write to it. If you do 777, and this is not a dedicated server, then check with your systems administrator to see if you can lock that down a little better. 

I've emptied both folders, with no result. The folder has 777 and still doesn't work. I am kinda stuck since i really need to access the admin panel. Well i guess i'll try to redo the whole process.

[arjen]

Did you empty them of did you delete them and recreated the directories? Another option would be to install a new version of PW and import the database and replace the files in /templates/. Shouldn't be much work.

[Harmster]

Will  try that now... Hope it works it really starts to frustrate me >.<

[interrobang]

Does it matter that it is in a subdir with an another PW setup in the rootdir?

I never tried to install PW inside another PW. And I am sure this matters.

What does your filesystem structure look like. Where did you install the 2nd ProcessWire instance? Do you bootstrap your 2nd PW in one of your templates of the root PW?

I guess the sessions of the 2 PWs conflict.

Do you have the same User Authentication Salt in both /site/config.php ($config->userAuthSalt = '')? I guess the salts have to be the same if you have nested PW instances. Do you have the same users with the same passwords in both PW instances?

Another idea is to rename one of the sessions in /site/config.php ($config->sessionName = 'wire2';)

[interrobang]

Edit: Sorry, double posted

[ryan]

I never tried to install PW inside another PW. And I am sure this matters.

I do it all the time here. You are right that it's a good idea to make it use a different session name for each. Being logged into one of the PW instances doesn't have you logged into the other, either way. 

@harmster: you can always disable the CSRF protection too by editing your /site/config.php and adding:

$config->protectCSRF = false;

That's not an idea solution, as having CSRF protection is a good idea. But it will solve it until you can find another resolution.