“invalid form key. please refresh the page” - cannot login to admin panelAdmin login issue-Invalid Form Key. Please refresh the pageCleaning up Magento installation: Which files & folders can be deleted?Magento admin login Error : invalid form key. please refresh the pageInvalid Form Key. Please refresh the pagemagento upgrade issue Invalid Form Key. Please refresh the pageInvalid Form Key. Please refresh the page, admin loginInvalid Form Key, Please Refresh Page at Checkout Magento 1.9.1Invalid Form Key, Please refresh the page - Admin PanelInvalid Form Key. Please refresh the page. Magento 1.9.3.8Magento 2 : Invalid Form Key. Please refresh the pageInvalid Form Key. Please refresh the page. while submiting formMagento 2.3 — Invalid Form Key. Please refresh the page
How to create a hard link to an inode (ext4)?
Why is there a voltage between the mains ground and my radiator?
Should QA ask requirements to developers?
Can you reject a postdoc offer after the PI has paid a large sum for flights/accommodation for your visit?
Am I not good enough for you?
Unreachable code, but reachable with exception
Replacing Windows 7 security updates with anti-virus?
What Happens when Passenger Refuses to Fly Boeing 737 Max?
Accountant/ lawyer will not return my call
Extra alignment tab has been changed to cr. } using table, tabular and resizebox
Is there a window switcher for GNOME that shows the actual window?
Do items de-spawn in Diablo?
Force user to remove USB token
Is there any way to damage Intellect Devourer(s) when already within a creature's skull?
Latest web browser compatible with Windows 98
Why does the negative sign arise in this thermodynamic relation?
Is Gradient Descent central to every optimizer?
What wound would be of little consequence to a biped but terrible for a quadruped?
Are babies of evil humanoid species inherently evil?
Time travel short story where dinosaur doesn't taste like chicken
Is there an elementary proof that there are infinitely many primes that are *not* completely split in an abelian extension?
How do I express some one as a black person?
Offered promotion but I'm leaving. Should I tell?
Could you please stop shuffling the deck and play already?
“invalid form key. please refresh the page” - cannot login to admin panel
Admin login issue-Invalid Form Key. Please refresh the pageCleaning up Magento installation: Which files & folders can be deleted?Magento admin login Error : invalid form key. please refresh the pageInvalid Form Key. Please refresh the pagemagento upgrade issue Invalid Form Key. Please refresh the pageInvalid Form Key. Please refresh the page, admin loginInvalid Form Key, Please Refresh Page at Checkout Magento 1.9.1Invalid Form Key, Please refresh the page - Admin PanelInvalid Form Key. Please refresh the page. Magento 1.9.3.8Magento 2 : Invalid Form Key. Please refresh the pageInvalid Form Key. Please refresh the page. while submiting formMagento 2.3 — Invalid Form Key. Please refresh the page
I regularly visit my site to make sure its working and noticed that images for products were not appearing, thinking it was a problem with indexing cache I tried to login to the admin panel and received the error:
"invalid form key. please refresh the page"
Other symptoms are customers could not add products to cart and extremely slow performance.
There are no errors in the logs (/var/logs)
What additional steps should I perform to resolve this issue?
magento-1.9 admin session form-key
edited Aug 29 '16 at 9:43
Fabian Schmengler
54.9k21134349
asked Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,404115196
add a comment |
I regularly visit my site to make sure its working and noticed that images for products were not appearing, thinking it was a problem with indexing cache I tried to login to the admin panel and received the error:
"invalid form key. please refresh the page"
Other symptoms are customers could not add products to cart and extremely slow performance.
There are no errors in the logs (/var/logs)
What additional steps should I perform to resolve this issue?
magento-1.9 admin session form-key
edited Aug 29 '16 at 9:43
Fabian Schmengler
54.9k21134349
asked Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,404115196
add a comment |
I regularly visit my site to make sure its working and noticed that images for products were not appearing, thinking it was a problem with indexing cache I tried to login to the admin panel and received the error:
"invalid form key. please refresh the page"
Other symptoms are customers could not add products to cart and extremely slow performance.
There are no errors in the logs (/var/logs)
What additional steps should I perform to resolve this issue?
magento-1.9 admin session form-key
edited Aug 29 '16 at 9:43
Fabian Schmengler
54.9k21134349
asked Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,404115196
I regularly visit my site to make sure its working and noticed that images for products were not appearing, thinking it was a problem with indexing cache I tried to login to the admin panel and received the error:
"invalid form key. please refresh the page"
Other symptoms are customers could not add products to cart and extremely slow performance.
There are no errors in the logs (/var/logs)
What additional steps should I perform to resolve this issue?
magento-1.9 admin session form-key
magento-1.9 admin session form-key
edited Aug 29 '16 at 9:43
Fabian Schmengler
54.9k21134349
asked Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,404115196
edited Aug 29 '16 at 9:43
Fabian Schmengler
54.9k21134349
asked Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,404115196
edited Aug 29 '16 at 9:43
Fabian Schmengler
54.9k21134349
edited Aug 29 '16 at 9:43
Fabian Schmengler
54.9k21134349
edited Aug 29 '16 at 9:43
Fabian Schmengler
54.9k21134349
54.9k21134349
asked Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,404115196
asked Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,404115196
asked Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,404115196
3,404115196
add a comment |
add a comment |
8 Answers
8
active
oldest
votes
It also happens if the cookie domain in System > Configuration > Web > Cookies is different from the actual site domain.
To remove the setting without access to the admin panel:
use the following SQL query on the MySQL console or in a client like phpMyAdmin:
DELETE FROM core_config_data WHERE path='web/cookie/cookie_domain';clear the cache. If you are using the default file based cache backend, delete all directories below
var/cache.
Then as soon as you can log in again, set the correct cookie domain for each website or store (Example: .example.com for example.com, www.example.com and all other subdomains)
If you are using n98-magerun (and you should!), the same can be accomplished with:
n98-magerun config:delete web/cookie/cookie_domain
n98-magerun cache:clean config
answered Aug 29 '16 at 6:09
Fabian SchmenglerFabian Schmengler
54.9k21134349
Hi @fschmengler, please add more details on how to check this setting from phpmyadmin, because user is not able to login to admin panel and some developers who are new to Magento development don't know where to check such settings in database. Sorry, but just for help of new members :)
– Mohit Kumar Arora
Aug 29 '16 at 10:00
@MohitKumarArora you are right, I updated the answer
– Fabian Schmengler
Aug 29 '16 at 10:21
Now I have upvoted. :)
– Mohit Kumar Arora
Aug 29 '16 at 10:27
Magerun for the win. Thanks for the info.
– andy jones
Apr 6 '17 at 16:06
n98 way works fantastic. Thanks for the info.
– andy jones
May 3 '17 at 10:14
|
show 2 more comments
I am posting the question / answer because I couldn't find anything relevant.
The issue was that the drive on which my magento installation resides was full. I freed up some room, clear the /var/session and /var/cache and everything went back to normal.
answered Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,404115196
1
Warning: deletingvar/sessionwill log out everybody and clear all guest carts. See here for a solution that only removes old sessions: magento.stackexchange.com/a/58167/243
– Fabian Schmengler
Sep 14 '16 at 11:12
@fschmengler yes but do you really want to take a chance with sessions that werent properly created to begin with? When I checked the /var/session there were all kinds of 0kb files which is not normal.
– SR_Magento
Sep 14 '16 at 12:52
1
Absolutely a first thing to check. Been racking my head on this for hours. Thanks!
– Bryant Jackson
Apr 6 '17 at 16:09
For me it was disk space. I found out after trying to git pull, as it failed with disk space related error.
– Damodar Bashyal
Apr 27 '17 at 5:19
@SR_Magento Sir I was removed cache folder and session folder so many time it's works only for some time after some time there is an same issue
– Amaresh Tiwari
May 30 '17 at 13:24
|
show 4 more comments
There are 3 solutions:
Use these commands in phpmyadmin
DELETE FROM core_config_data WHERE path='web/cookie/cookie_domain';
DELETE FROM core_config_data WHERE path='web/cookie/cookie_path';
Now Try to login.
2.Delete everything in var folder and then check if it works.
3.Replace the .htaccess file with sample .htaccess file and then try to login the admin.
Hope it help you.
edited Oct 24 '17 at 12:06
Manoj Deswal
4,31991743
answered Oct 24 '17 at 12:04
LokranjanLokranjan
311
add a comment |
Another possible, somewhat obvious, problem to check first: if your site uses SSL, make sure you're not using the http protocol for your admin page; you should be using https. e.g. https://example.com/admin
answered Oct 18 '17 at 13:15
voxoidvoxoid
1214
add a comment |
In my case the problem seems to be because I've created the admin user using n98-magerun with an user that cannot write on magentofolder/var and used the fallback folder /tmp/magento instead.
I just deleted my admin user and executed a sudo -iu OTHERUSER(user that owns the magento folder) and ran n98-magerun admin:user:create again to create my user.
UPDATE: In another case, the admin url has being visited without www. syntax, and the cookie settings was using www. Just putting the www. in the admin url solved the problem. ;)
answered Mar 14 '18 at 4:17
Ricardo MartinsRicardo Martins
636520
Shouldn't this beadmin:user:create?
– sr9yar
Nov 21 '18 at 19:22
add a comment |
Along with the above step of clearing cache, i also had to follow the below article and set the session data information in correct path by following the below steps
Ref article
https://stackoverflow.com/questions/26123081/failed-to-write-session-data-magento
I fixed it by changing the session.save_path to place it in the VM.
Change the file app/etc/local.xml
replaced with below
Then it started working. Also at times you cannot really tell the issue, thus it is important you enable error logging. Enable this by referring to following article
https://www.thecreativedev.com/how-to-enable-system-log-and-errorswarning-in-magento/
answered Feb 18 at 9:33
Abhishek ChowlaAbhishek Chowla
1
add a comment |
Clear cookies and cache. Open admin panel in incognito mode.
answered 9 hours ago
Abdul RafayAbdul Rafay
113
add a comment |
This is known issue generally comes after applying patch SUPEE-7405 included in Magento 1.9.2.3 release. It can be solved by adding below code in file - app/code/local/Mage/Core/Model/Session.php
public function validateFormKey()
$formKey != $this->getFormKey())
return false;
return true;
This file might not exist in your repository so copy it from app/code/core/Mage/Core/Model/Session.php and paste it in app/code/local/Mage/Core/Model/Session.php After that add above function in file because it may be missing in core file.
Also clear your browser cache and cookies. Clear all files in Magento var/cache and var/session folders contents. Then login to your admin panel.
edited Jan 15 '17 at 1:08
SR_Magento
3,404115196
answered Aug 29 '16 at 6:54
InfoBeansInfoBeans
1885
Ermm..wouldn't a better solution be to add the form key block output to the overridden adminhtml template? (That way the CSRF protection will work as intended).
– Luke A. Leber
Jan 15 '17 at 2:47
1
One should never edit core files.
– Max
Oct 24 '17 at 13:26
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "479"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fmagento.stackexchange.com%2fquestions%2f133459%2finvalid-form-key-please-refresh-the-page-cannot-login-to-admin-panel%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
8 Answers
8
active
oldest
votes
8 Answers
8
active
oldest
votes
active
oldest
votes
active
oldest
votes
It also happens if the cookie domain in System > Configuration > Web > Cookies is different from the actual site domain.
To remove the setting without access to the admin panel:
use the following SQL query on the MySQL console or in a client like phpMyAdmin:
DELETE FROM core_config_data WHERE path='web/cookie/cookie_domain';clear the cache. If you are using the default file based cache backend, delete all directories below
var/cache.
Then as soon as you can log in again, set the correct cookie domain for each website or store (Example: .example.com for example.com, www.example.com and all other subdomains)
If you are using n98-magerun (and you should!), the same can be accomplished with:
n98-magerun config:delete web/cookie/cookie_domain
n98-magerun cache:clean config
answered Aug 29 '16 at 6:09
Fabian SchmenglerFabian Schmengler
54.9k21134349
Hi @fschmengler, please add more details on how to check this setting from phpmyadmin, because user is not able to login to admin panel and some developers who are new to Magento development don't know where to check such settings in database. Sorry, but just for help of new members :)
– Mohit Kumar Arora
Aug 29 '16 at 10:00
@MohitKumarArora you are right, I updated the answer
– Fabian Schmengler
Aug 29 '16 at 10:21
Now I have upvoted. :)
– Mohit Kumar Arora
Aug 29 '16 at 10:27
Magerun for the win. Thanks for the info.
– andy jones
Apr 6 '17 at 16:06
n98 way works fantastic. Thanks for the info.
– andy jones
May 3 '17 at 10:14
|
show 2 more comments
It also happens if the cookie domain in System > Configuration > Web > Cookies is different from the actual site domain.
To remove the setting without access to the admin panel:
use the following SQL query on the MySQL console or in a client like phpMyAdmin:
DELETE FROM core_config_data WHERE path='web/cookie/cookie_domain';clear the cache. If you are using the default file based cache backend, delete all directories below
var/cache.
Then as soon as you can log in again, set the correct cookie domain for each website or store (Example: .example.com for example.com, www.example.com and all other subdomains)
If you are using n98-magerun (and you should!), the same can be accomplished with:
n98-magerun config:delete web/cookie/cookie_domain
n98-magerun cache:clean config
answered Aug 29 '16 at 6:09
Fabian SchmenglerFabian Schmengler
54.9k21134349
Hi @fschmengler, please add more details on how to check this setting from phpmyadmin, because user is not able to login to admin panel and some developers who are new to Magento development don't know where to check such settings in database. Sorry, but just for help of new members :)
– Mohit Kumar Arora
Aug 29 '16 at 10:00
@MohitKumarArora you are right, I updated the answer
– Fabian Schmengler
Aug 29 '16 at 10:21
Now I have upvoted. :)
– Mohit Kumar Arora
Aug 29 '16 at 10:27
Magerun for the win. Thanks for the info.
– andy jones
Apr 6 '17 at 16:06
n98 way works fantastic. Thanks for the info.
– andy jones
May 3 '17 at 10:14
|
show 2 more comments
It also happens if the cookie domain in System > Configuration > Web > Cookies is different from the actual site domain.
To remove the setting without access to the admin panel:
use the following SQL query on the MySQL console or in a client like phpMyAdmin:
DELETE FROM core_config_data WHERE path='web/cookie/cookie_domain';clear the cache. If you are using the default file based cache backend, delete all directories below
var/cache.
Then as soon as you can log in again, set the correct cookie domain for each website or store (Example: .example.com for example.com, www.example.com and all other subdomains)
If you are using n98-magerun (and you should!), the same can be accomplished with:
n98-magerun config:delete web/cookie/cookie_domain
n98-magerun cache:clean config
answered Aug 29 '16 at 6:09
Fabian SchmenglerFabian Schmengler
54.9k21134349
It also happens if the cookie domain in System > Configuration > Web > Cookies is different from the actual site domain.
To remove the setting without access to the admin panel:
use the following SQL query on the MySQL console or in a client like phpMyAdmin:
DELETE FROM core_config_data WHERE path='web/cookie/cookie_domain';clear the cache. If you are using the default file based cache backend, delete all directories below
var/cache.
Then as soon as you can log in again, set the correct cookie domain for each website or store (Example: .example.com for example.com, www.example.com and all other subdomains)
If you are using n98-magerun (and you should!), the same can be accomplished with:
n98-magerun config:delete web/cookie/cookie_domain
n98-magerun cache:clean config
answered Aug 29 '16 at 6:09
Fabian SchmenglerFabian Schmengler
54.9k21134349
edited Feb 5 '17 at 20:12
answered Aug 29 '16 at 6:09
Fabian SchmenglerFabian Schmengler
54.9k21134349
answered Aug 29 '16 at 6:09
Fabian SchmenglerFabian Schmengler
54.9k21134349
answered Aug 29 '16 at 6:09
Fabian SchmenglerFabian Schmengler
54.9k21134349
54.9k21134349
Hi @fschmengler, please add more details on how to check this setting from phpmyadmin, because user is not able to login to admin panel and some developers who are new to Magento development don't know where to check such settings in database. Sorry, but just for help of new members :)
– Mohit Kumar Arora
Aug 29 '16 at 10:00
@MohitKumarArora you are right, I updated the answer
– Fabian Schmengler
Aug 29 '16 at 10:21
Now I have upvoted. :)
– Mohit Kumar Arora
Aug 29 '16 at 10:27
Magerun for the win. Thanks for the info.
– andy jones
Apr 6 '17 at 16:06
n98 way works fantastic. Thanks for the info.
– andy jones
May 3 '17 at 10:14
|
show 2 more comments
Hi @fschmengler, please add more details on how to check this setting from phpmyadmin, because user is not able to login to admin panel and some developers who are new to Magento development don't know where to check such settings in database. Sorry, but just for help of new members :)
– Mohit Kumar Arora
Aug 29 '16 at 10:00
@MohitKumarArora you are right, I updated the answer
– Fabian Schmengler
Aug 29 '16 at 10:21
Now I have upvoted. :)
– Mohit Kumar Arora
Aug 29 '16 at 10:27
Magerun for the win. Thanks for the info.
– andy jones
Apr 6 '17 at 16:06
n98 way works fantastic. Thanks for the info.
– andy jones
May 3 '17 at 10:14
Hi @fschmengler, please add more details on how to check this setting from phpmyadmin, because user is not able to login to admin panel and some developers who are new to Magento development don't know where to check such settings in database. Sorry, but just for help of new members :)
– Mohit Kumar Arora
Aug 29 '16 at 10:00
Hi @fschmengler, please add more details on how to check this setting from phpmyadmin, because user is not able to login to admin panel and some developers who are new to Magento development don't know where to check such settings in database. Sorry, but just for help of new members :)
– Mohit Kumar Arora
Aug 29 '16 at 10:00
@MohitKumarArora you are right, I updated the answer
– Fabian Schmengler
Aug 29 '16 at 10:21
@MohitKumarArora you are right, I updated the answer
– Fabian Schmengler
Aug 29 '16 at 10:21
Now I have upvoted. :)
– Mohit Kumar Arora
Aug 29 '16 at 10:27
Now I have upvoted. :)
– Mohit Kumar Arora
Aug 29 '16 at 10:27
Magerun for the win. Thanks for the info.
– andy jones
Apr 6 '17 at 16:06
Magerun for the win. Thanks for the info.
– andy jones
Apr 6 '17 at 16:06
n98 way works fantastic. Thanks for the info.
– andy jones
May 3 '17 at 10:14
n98 way works fantastic. Thanks for the info.
– andy jones
May 3 '17 at 10:14
|
show 2 more comments
I am posting the question / answer because I couldn't find anything relevant.
The issue was that the drive on which my magento installation resides was full. I freed up some room, clear the /var/session and /var/cache and everything went back to normal.
answered Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,404115196
1
Warning: deletingvar/sessionwill log out everybody and clear all guest carts. See here for a solution that only removes old sessions: magento.stackexchange.com/a/58167/243
– Fabian Schmengler
Sep 14 '16 at 11:12
@fschmengler yes but do you really want to take a chance with sessions that werent properly created to begin with? When I checked the /var/session there were all kinds of 0kb files which is not normal.
– SR_Magento
Sep 14 '16 at 12:52
1
Absolutely a first thing to check. Been racking my head on this for hours. Thanks!
– Bryant Jackson
Apr 6 '17 at 16:09
For me it was disk space. I found out after trying to git pull, as it failed with disk space related error.
– Damodar Bashyal
Apr 27 '17 at 5:19
@SR_Magento Sir I was removed cache folder and session folder so many time it's works only for some time after some time there is an same issue
– Amaresh Tiwari
May 30 '17 at 13:24
|
show 4 more comments
I am posting the question / answer because I couldn't find anything relevant.
The issue was that the drive on which my magento installation resides was full. I freed up some room, clear the /var/session and /var/cache and everything went back to normal.
answered Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,404115196
1
Warning: deletingvar/sessionwill log out everybody and clear all guest carts. See here for a solution that only removes old sessions: magento.stackexchange.com/a/58167/243
– Fabian Schmengler
Sep 14 '16 at 11:12
@fschmengler yes but do you really want to take a chance with sessions that werent properly created to begin with? When I checked the /var/session there were all kinds of 0kb files which is not normal.
– SR_Magento
Sep 14 '16 at 12:52
1
Absolutely a first thing to check. Been racking my head on this for hours. Thanks!
– Bryant Jackson
Apr 6 '17 at 16:09
For me it was disk space. I found out after trying to git pull, as it failed with disk space related error.
– Damodar Bashyal
Apr 27 '17 at 5:19
@SR_Magento Sir I was removed cache folder and session folder so many time it's works only for some time after some time there is an same issue
– Amaresh Tiwari
May 30 '17 at 13:24
|
show 4 more comments
I am posting the question / answer because I couldn't find anything relevant.
The issue was that the drive on which my magento installation resides was full. I freed up some room, clear the /var/session and /var/cache and everything went back to normal.
answered Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,404115196
I am posting the question / answer because I couldn't find anything relevant.
The issue was that the drive on which my magento installation resides was full. I freed up some room, clear the /var/session and /var/cache and everything went back to normal.
answered Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,404115196
answered Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,404115196
answered Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,404115196
answered Aug 28 '16 at 22:29
SR_MagentoSR_Magento
3,404115196
3,404115196
1
Warning: deletingvar/sessionwill log out everybody and clear all guest carts. See here for a solution that only removes old sessions: magento.stackexchange.com/a/58167/243
– Fabian Schmengler
Sep 14 '16 at 11:12
@fschmengler yes but do you really want to take a chance with sessions that werent properly created to begin with? When I checked the /var/session there were all kinds of 0kb files which is not normal.
– SR_Magento
Sep 14 '16 at 12:52
1
Absolutely a first thing to check. Been racking my head on this for hours. Thanks!
– Bryant Jackson
Apr 6 '17 at 16:09
For me it was disk space. I found out after trying to git pull, as it failed with disk space related error.
– Damodar Bashyal
Apr 27 '17 at 5:19
@SR_Magento Sir I was removed cache folder and session folder so many time it's works only for some time after some time there is an same issue
– Amaresh Tiwari
May 30 '17 at 13:24
|
show 4 more comments
1
Warning: deletingvar/sessionwill log out everybody and clear all guest carts. See here for a solution that only removes old sessions: magento.stackexchange.com/a/58167/243
– Fabian Schmengler
Sep 14 '16 at 11:12
@fschmengler yes but do you really want to take a chance with sessions that werent properly created to begin with? When I checked the /var/session there were all kinds of 0kb files which is not normal.
– SR_Magento
Sep 14 '16 at 12:52
1
Absolutely a first thing to check. Been racking my head on this for hours. Thanks!
– Bryant Jackson
Apr 6 '17 at 16:09
For me it was disk space. I found out after trying to git pull, as it failed with disk space related error.
– Damodar Bashyal
Apr 27 '17 at 5:19
@SR_Magento Sir I was removed cache folder and session folder so many time it's works only for some time after some time there is an same issue
– Amaresh Tiwari
May 30 '17 at 13:24
1
1
Warning: deleting
var/session will log out everybody and clear all guest carts. See here for a solution that only removes old sessions: magento.stackexchange.com/a/58167/243– Fabian Schmengler
Sep 14 '16 at 11:12
Warning: deleting
var/session will log out everybody and clear all guest carts. See here for a solution that only removes old sessions: magento.stackexchange.com/a/58167/243– Fabian Schmengler
Sep 14 '16 at 11:12
@fschmengler yes but do you really want to take a chance with sessions that werent properly created to begin with? When I checked the /var/session there were all kinds of 0kb files which is not normal.
– SR_Magento
Sep 14 '16 at 12:52
@fschmengler yes but do you really want to take a chance with sessions that werent properly created to begin with? When I checked the /var/session there were all kinds of 0kb files which is not normal.
– SR_Magento
Sep 14 '16 at 12:52
1
1
Absolutely a first thing to check. Been racking my head on this for hours. Thanks!
– Bryant Jackson
Apr 6 '17 at 16:09
Absolutely a first thing to check. Been racking my head on this for hours. Thanks!
– Bryant Jackson
Apr 6 '17 at 16:09
For me it was disk space. I found out after trying to git pull, as it failed with disk space related error.
– Damodar Bashyal
Apr 27 '17 at 5:19
For me it was disk space. I found out after trying to git pull, as it failed with disk space related error.
– Damodar Bashyal
Apr 27 '17 at 5:19
@SR_Magento Sir I was removed cache folder and session folder so many time it's works only for some time after some time there is an same issue
– Amaresh Tiwari
May 30 '17 at 13:24
@SR_Magento Sir I was removed cache folder and session folder so many time it's works only for some time after some time there is an same issue
– Amaresh Tiwari
May 30 '17 at 13:24
|
show 4 more comments
There are 3 solutions:
Use these commands in phpmyadmin
DELETE FROM core_config_data WHERE path='web/cookie/cookie_domain';
DELETE FROM core_config_data WHERE path='web/cookie/cookie_path';
Now Try to login.
2.Delete everything in var folder and then check if it works.
3.Replace the .htaccess file with sample .htaccess file and then try to login the admin.
Hope it help you.
edited Oct 24 '17 at 12:06
Manoj Deswal
4,31991743
answered Oct 24 '17 at 12:04
LokranjanLokranjan
311
add a comment |
There are 3 solutions:
Use these commands in phpmyadmin
DELETE FROM core_config_data WHERE path='web/cookie/cookie_domain';
DELETE FROM core_config_data WHERE path='web/cookie/cookie_path';
Now Try to login.
2.Delete everything in var folder and then check if it works.
3.Replace the .htaccess file with sample .htaccess file and then try to login the admin.
Hope it help you.
edited Oct 24 '17 at 12:06
Manoj Deswal
4,31991743
answered Oct 24 '17 at 12:04
LokranjanLokranjan
311
add a comment |
There are 3 solutions:
Use these commands in phpmyadmin
DELETE FROM core_config_data WHERE path='web/cookie/cookie_domain';
DELETE FROM core_config_data WHERE path='web/cookie/cookie_path';
Now Try to login.
2.Delete everything in var folder and then check if it works.
3.Replace the .htaccess file with sample .htaccess file and then try to login the admin.
Hope it help you.
edited Oct 24 '17 at 12:06
Manoj Deswal
4,31991743
answered Oct 24 '17 at 12:04
LokranjanLokranjan
311
There are 3 solutions:
Use these commands in phpmyadmin
DELETE FROM core_config_data WHERE path='web/cookie/cookie_domain';
DELETE FROM core_config_data WHERE path='web/cookie/cookie_path';
Now Try to login.
2.Delete everything in var folder and then check if it works.
3.Replace the .htaccess file with sample .htaccess file and then try to login the admin.
Hope it help you.
edited Oct 24 '17 at 12:06
Manoj Deswal
4,31991743
answered Oct 24 '17 at 12:04
LokranjanLokranjan
311
edited Oct 24 '17 at 12:06
Manoj Deswal
4,31991743
edited Oct 24 '17 at 12:06
Manoj Deswal
4,31991743
edited Oct 24 '17 at 12:06
Manoj Deswal
4,31991743
4,31991743
answered Oct 24 '17 at 12:04
LokranjanLokranjan
311
answered Oct 24 '17 at 12:04
LokranjanLokranjan
311
answered Oct 24 '17 at 12:04
LokranjanLokranjan
311
311
add a comment |
add a comment |
Another possible, somewhat obvious, problem to check first: if your site uses SSL, make sure you're not using the http protocol for your admin page; you should be using https. e.g. https://example.com/admin
answered Oct 18 '17 at 13:15
voxoidvoxoid
1214
add a comment |
Another possible, somewhat obvious, problem to check first: if your site uses SSL, make sure you're not using the http protocol for your admin page; you should be using https. e.g. https://example.com/admin
answered Oct 18 '17 at 13:15
voxoidvoxoid
1214
add a comment |
Another possible, somewhat obvious, problem to check first: if your site uses SSL, make sure you're not using the http protocol for your admin page; you should be using https. e.g. https://example.com/admin
answered Oct 18 '17 at 13:15
voxoidvoxoid
1214
Another possible, somewhat obvious, problem to check first: if your site uses SSL, make sure you're not using the http protocol for your admin page; you should be using https. e.g. https://example.com/admin
answered Oct 18 '17 at 13:15
voxoidvoxoid
1214
answered Oct 18 '17 at 13:15
voxoidvoxoid
1214
answered Oct 18 '17 at 13:15
voxoidvoxoid
1214
answered Oct 18 '17 at 13:15
voxoidvoxoid
1214
1214
add a comment |
add a comment |
In my case the problem seems to be because I've created the admin user using n98-magerun with an user that cannot write on magentofolder/var and used the fallback folder /tmp/magento instead.
I just deleted my admin user and executed a sudo -iu OTHERUSER(user that owns the magento folder) and ran n98-magerun admin:user:create again to create my user.
UPDATE: In another case, the admin url has being visited without www. syntax, and the cookie settings was using www. Just putting the www. in the admin url solved the problem. ;)
answered Mar 14 '18 at 4:17
Ricardo MartinsRicardo Martins
636520
Shouldn't this beadmin:user:create?
– sr9yar
Nov 21 '18 at 19:22
add a comment |
In my case the problem seems to be because I've created the admin user using n98-magerun with an user that cannot write on magentofolder/var and used the fallback folder /tmp/magento instead.
I just deleted my admin user and executed a sudo -iu OTHERUSER(user that owns the magento folder) and ran n98-magerun admin:user:create again to create my user.
UPDATE: In another case, the admin url has being visited without www. syntax, and the cookie settings was using www. Just putting the www. in the admin url solved the problem. ;)
answered Mar 14 '18 at 4:17
Ricardo MartinsRicardo Martins
636520
Shouldn't this beadmin:user:create?
– sr9yar
Nov 21 '18 at 19:22
add a comment |
In my case the problem seems to be because I've created the admin user using n98-magerun with an user that cannot write on magentofolder/var and used the fallback folder /tmp/magento instead.
I just deleted my admin user and executed a sudo -iu OTHERUSER(user that owns the magento folder) and ran n98-magerun admin:user:create again to create my user.
UPDATE: In another case, the admin url has being visited without www. syntax, and the cookie settings was using www. Just putting the www. in the admin url solved the problem. ;)
answered Mar 14 '18 at 4:17
Ricardo MartinsRicardo Martins
636520
In my case the problem seems to be because I've created the admin user using n98-magerun with an user that cannot write on magentofolder/var and used the fallback folder /tmp/magento instead.
I just deleted my admin user and executed a sudo -iu OTHERUSER(user that owns the magento folder) and ran n98-magerun admin:user:create again to create my user.
UPDATE: In another case, the admin url has being visited without www. syntax, and the cookie settings was using www. Just putting the www. in the admin url solved the problem. ;)
answered Mar 14 '18 at 4:17
Ricardo MartinsRicardo Martins
636520
edited Nov 22 '18 at 4:34
answered Mar 14 '18 at 4:17
Ricardo MartinsRicardo Martins
636520
answered Mar 14 '18 at 4:17
Ricardo MartinsRicardo Martins
636520
answered Mar 14 '18 at 4:17
Ricardo MartinsRicardo Martins
636520
636520
Shouldn't this beadmin:user:create?
– sr9yar
Nov 21 '18 at 19:22
add a comment |
Shouldn't this beadmin:user:create?
– sr9yar
Nov 21 '18 at 19:22
Shouldn't this be
admin:user:create?– sr9yar
Nov 21 '18 at 19:22
Shouldn't this be
admin:user:create?– sr9yar
Nov 21 '18 at 19:22
add a comment |
Along with the above step of clearing cache, i also had to follow the below article and set the session data information in correct path by following the below steps
Ref article
https://stackoverflow.com/questions/26123081/failed-to-write-session-data-magento
I fixed it by changing the session.save_path to place it in the VM.
Change the file app/etc/local.xml
replaced with below
Then it started working. Also at times you cannot really tell the issue, thus it is important you enable error logging. Enable this by referring to following article
https://www.thecreativedev.com/how-to-enable-system-log-and-errorswarning-in-magento/
answered Feb 18 at 9:33
Abhishek ChowlaAbhishek Chowla
1
add a comment |
Along with the above step of clearing cache, i also had to follow the below article and set the session data information in correct path by following the below steps
Ref article
https://stackoverflow.com/questions/26123081/failed-to-write-session-data-magento
I fixed it by changing the session.save_path to place it in the VM.
Change the file app/etc/local.xml
replaced with below
Then it started working. Also at times you cannot really tell the issue, thus it is important you enable error logging. Enable this by referring to following article
https://www.thecreativedev.com/how-to-enable-system-log-and-errorswarning-in-magento/
answered Feb 18 at 9:33
Abhishek ChowlaAbhishek Chowla
1
add a comment |
Along with the above step of clearing cache, i also had to follow the below article and set the session data information in correct path by following the below steps
Ref article
https://stackoverflow.com/questions/26123081/failed-to-write-session-data-magento
I fixed it by changing the session.save_path to place it in the VM.
Change the file app/etc/local.xml
replaced with below
Then it started working. Also at times you cannot really tell the issue, thus it is important you enable error logging. Enable this by referring to following article
https://www.thecreativedev.com/how-to-enable-system-log-and-errorswarning-in-magento/
answered Feb 18 at 9:33
Abhishek ChowlaAbhishek Chowla
1
Along with the above step of clearing cache, i also had to follow the below article and set the session data information in correct path by following the below steps
Ref article
https://stackoverflow.com/questions/26123081/failed-to-write-session-data-magento
I fixed it by changing the session.save_path to place it in the VM.
Change the file app/etc/local.xml
replaced with below
Then it started working. Also at times you cannot really tell the issue, thus it is important you enable error logging. Enable this by referring to following article
https://www.thecreativedev.com/how-to-enable-system-log-and-errorswarning-in-magento/
answered Feb 18 at 9:33
Abhishek ChowlaAbhishek Chowla
1
answered Feb 18 at 9:33
Abhishek ChowlaAbhishek Chowla
1
answered Feb 18 at 9:33
Abhishek ChowlaAbhishek Chowla
1
answered Feb 18 at 9:33
Abhishek ChowlaAbhishek Chowla
1
1
add a comment |
add a comment |
Clear cookies and cache. Open admin panel in incognito mode.
answered 9 hours ago
Abdul RafayAbdul Rafay
113
add a comment |
Clear cookies and cache. Open admin panel in incognito mode.
answered 9 hours ago
Abdul RafayAbdul Rafay
113
add a comment |
Clear cookies and cache. Open admin panel in incognito mode.
answered 9 hours ago
Abdul RafayAbdul Rafay
113
Clear cookies and cache. Open admin panel in incognito mode.
answered 9 hours ago
Abdul RafayAbdul Rafay
113
answered 9 hours ago
Abdul RafayAbdul Rafay
113
answered 9 hours ago
Abdul RafayAbdul Rafay
113
answered 9 hours ago
Abdul RafayAbdul Rafay
113
113
add a comment |
add a comment |
This is known issue generally comes after applying patch SUPEE-7405 included in Magento 1.9.2.3 release. It can be solved by adding below code in file - app/code/local/Mage/Core/Model/Session.php
public function validateFormKey()
$formKey != $this->getFormKey())
return false;
return true;
This file might not exist in your repository so copy it from app/code/core/Mage/Core/Model/Session.php and paste it in app/code/local/Mage/Core/Model/Session.php After that add above function in file because it may be missing in core file.
Also clear your browser cache and cookies. Clear all files in Magento var/cache and var/session folders contents. Then login to your admin panel.
edited Jan 15 '17 at 1:08
SR_Magento
3,404115196
answered Aug 29 '16 at 6:54
InfoBeansInfoBeans
1885
Ermm..wouldn't a better solution be to add the form key block output to the overridden adminhtml template? (That way the CSRF protection will work as intended).
– Luke A. Leber
Jan 15 '17 at 2:47
1
One should never edit core files.
– Max
Oct 24 '17 at 13:26
add a comment |
This is known issue generally comes after applying patch SUPEE-7405 included in Magento 1.9.2.3 release. It can be solved by adding below code in file - app/code/local/Mage/Core/Model/Session.php
public function validateFormKey()
$formKey != $this->getFormKey())
return false;
return true;
This file might not exist in your repository so copy it from app/code/core/Mage/Core/Model/Session.php and paste it in app/code/local/Mage/Core/Model/Session.php After that add above function in file because it may be missing in core file.
Also clear your browser cache and cookies. Clear all files in Magento var/cache and var/session folders contents. Then login to your admin panel.
edited Jan 15 '17 at 1:08
SR_Magento
3,404115196
answered Aug 29 '16 at 6:54
InfoBeansInfoBeans
1885
Ermm..wouldn't a better solution be to add the form key block output to the overridden adminhtml template? (That way the CSRF protection will work as intended).
– Luke A. Leber
Jan 15 '17 at 2:47
1
One should never edit core files.
– Max
Oct 24 '17 at 13:26
add a comment |
This is known issue generally comes after applying patch SUPEE-7405 included in Magento 1.9.2.3 release. It can be solved by adding below code in file - app/code/local/Mage/Core/Model/Session.php
public function validateFormKey()
$formKey != $this->getFormKey())
return false;
return true;
This file might not exist in your repository so copy it from app/code/core/Mage/Core/Model/Session.php and paste it in app/code/local/Mage/Core/Model/Session.php After that add above function in file because it may be missing in core file.
Also clear your browser cache and cookies. Clear all files in Magento var/cache and var/session folders contents. Then login to your admin panel.
edited Jan 15 '17 at 1:08
SR_Magento
3,404115196
answered Aug 29 '16 at 6:54
InfoBeansInfoBeans
1885
This is known issue generally comes after applying patch SUPEE-7405 included in Magento 1.9.2.3 release. It can be solved by adding below code in file - app/code/local/Mage/Core/Model/Session.php
public function validateFormKey()
$formKey != $this->getFormKey())
return false;
return true;
This file might not exist in your repository so copy it from app/code/core/Mage/Core/Model/Session.php and paste it in app/code/local/Mage/Core/Model/Session.php After that add above function in file because it may be missing in core file.
Also clear your browser cache and cookies. Clear all files in Magento var/cache and var/session folders contents. Then login to your admin panel.
edited Jan 15 '17 at 1:08
SR_Magento
3,404115196
answered Aug 29 '16 at 6:54
InfoBeansInfoBeans
1885
edited Jan 15 '17 at 1:08
SR_Magento
3,404115196
edited Jan 15 '17 at 1:08
SR_Magento
3,404115196
edited Jan 15 '17 at 1:08
SR_Magento
3,404115196
3,404115196
answered Aug 29 '16 at 6:54
InfoBeansInfoBeans
1885
answered Aug 29 '16 at 6:54
InfoBeansInfoBeans
1885
answered Aug 29 '16 at 6:54
InfoBeansInfoBeans
1885
1885
Ermm..wouldn't a better solution be to add the form key block output to the overridden adminhtml template? (That way the CSRF protection will work as intended).
– Luke A. Leber
Jan 15 '17 at 2:47
1
One should never edit core files.
– Max
Oct 24 '17 at 13:26
add a comment |
Ermm..wouldn't a better solution be to add the form key block output to the overridden adminhtml template? (That way the CSRF protection will work as intended).
– Luke A. Leber
Jan 15 '17 at 2:47
1
One should never edit core files.
– Max
Oct 24 '17 at 13:26
Ermm..wouldn't a better solution be to add the form key block output to the overridden adminhtml template? (That way the CSRF protection will work as intended).
– Luke A. Leber
Jan 15 '17 at 2:47
Ermm..wouldn't a better solution be to add the form key block output to the overridden adminhtml template? (That way the CSRF protection will work as intended).
– Luke A. Leber
Jan 15 '17 at 2:47
1
1
One should never edit core files.
– Max
Oct 24 '17 at 13:26
One should never edit core files.
– Max
Oct 24 '17 at 13:26
add a comment |
Thanks for contributing an answer to Magento Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fmagento.stackexchange.com%2fquestions%2f133459%2finvalid-form-key-please-refresh-the-page-cannot-login-to-admin-panel%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
