Discuss Joomla! 3.4.7

[amob7880]

Following the upgrade from 3.4.6 to 3.4.7, I have the same issue with logging into the backend. I have tried everything mentioned (that I can find) in the forums. With solutions suggested, I am yet to see anyone report that any of them worked.

• - Cleared all browser history (actually set Chrome back to default) I did this after each step below
  - Went to easttexasnaturalists.com/administrator instead of easttexasnaturalists.com/administrator/index.php
  - Went to database and truncated session entries (Kunena sessions, too)
  - Used computer that I just rebuilt (it had never been to the site)

Nothing worked.

I have not tried all of my other sites, but the few (4 others) that I did check, do not have this issue. The only real difference in this site is that it has Kunena but other users are having the same issue who said Kenena is not installed on their sites.

Would appreciate any other ideas or suggestions. Thank you in advance.

I don't know that it matters in this case but here is my FPA data:

Invalid security token in backend only

request was denied because it contained an invalid security token

Cleared cookies; changed browsers; changed computers to one that had never been to the site; had someone in other location attempt to log in; deleted all session entries in database (main and in Kunena);

Joomla! Instance :: Joomla! 3.4.7-Stable (Ember) 21-December-2015
Joomla! Platform :: Joomla Platform 13.1.0-Stable (Curiosity) 24-Apr-2013
Joomla! Configured :: Yes | Read-Only (444) | Owner: easttexasnatural (uid: 1/gid: 1) | Group: easttexasnatural (gid: 1) | Valid For: 3.4
Configuration Options :: Offline: 0 | SEF: 1 | SEF Suffix: 1 | SEF ReWrite: 1 | .htaccess/web.config: Yes | GZip: 0 | Cache: 2 | FTP Layer: 0 | SSL: 0 | Error Reporting: default | Site Debug: 0 | Language Debug: 0 | Default Access: 1 | Unicode Slugs: 0 | Database Credentials Present: Yes

Host Configuration :: OS: Linux | OS Version: 2.6.32-042stab112.15 | Technology: x86_64 | Web Server: Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_bwlimited/1.4 | Encoding: gzip, deflate | Doc Root: /home/easttexasnatural/public_html | System TMP Writable: Yes

PHP Configuration :: Version: 5.4.44 | PHP API: cgi-fcgi | Session Path Writable: Yes | Display Errors: 1 | Error Reporting: 22519 | Log Errors To: error_log | Last Known Error: | Register Globals: | Magic Quotes: | Safe Mode: | Open Base: | Uploads: 1 | Max. Upload Size: 64M | Max. POST Size: 64M | Max. Input Time: 60 | Max. Execution Time: 30 | Memory Limit: 192M

MySQL Configuration :: Version: 5.6.27 (Client:mysqlnd 5.0.10 - 20111026 - $Id: c85105d7c6f7d70d609bb4c000257868a40840ab $) | Host: --protected-- (--protected--) | Collation: utf8_unicode_ci (Character Set: utf8) | Database Size: 19.65 MiB | #of Tables:  229

PHP Extensions :: Core (5.4.44) | date (5.4.44) | ereg () | libxml () | openssl () | pcre () | sqlite3 (0.7) | zlib (2.0) | bcmath () | bz2 () | calendar () | ctype () | curl () | dom (20031129) | hash (1.0) | filter (0.11.0) | ftp () | gd () | gettext () | SPL (0.2) | iconv () | session () | intl (1.1.0) | json (1.2.1) | mbstring () | mcrypt () | standard (5.4.44) | mysqlnd (mysqlnd 5.0.10 - 20111026 - $Id: c85105d7c6f7d70d609bb4c000257868a40840ab $) | mysqli (0.1) | mysql (1.0) | Phar (2.0.1) | posix () | pspell () | Reflection ($Id: f6367cdb4e3f392af4a6d441a6641de87c2e50c4 $) | imap () | SimpleXML (0.1) | soap () | sockets () | exif (1.4 $Id: 7f95ff43ea7cc9a2c41a912863ed70069c0e34c5 $) | tidy (2.0) | tokenizer (0.1) | wddx () | xml () | xmlreader (0.1) | xmlrpc (0.51) | xmlwriter (0.1) | xsl (0.1) | zip (1.11.0) | cgi-fcgi () | PDO (1.0.4dev) | pdo_mysql (1.0.2) | pdo_sqlite (1.0.1) | ionCube Loader () | Zend Guard Loader () | Zend Engine (2.4.0) |
Potential Missing Extensions :: suhosin |

Switch User Environment (Experimental) :: PHP CGI: Yes | Server SU: Yes | PHP SU: Yes | Custom SU (LiteSpeed/Cloud/Grid): Yes
Potential Ownership Issues: No

Core Folders :: images/ (755) | components/ (755) | modules/ (755) | plugins/ (755) | language/ (755) | templates/ (755) | cache/ (755) | logs/ (755) | tmp/ (755) | administrator/components/ (755) | administrator/modules/ (755) | administrator/language/ (755) | administrator/templates/ (755) |

Elevated Permissions (First 10) ::

Components :: SITE :: com_wrapper (3.0.0) | com_mailto (3.0.0) | WF_ARTICLE_TITLE (2.5.11) | WF_TEXTCASE_TITLE (2.5.11) | WF_FONTSELECT_TITLE (2.5.11) | WF_SOURCE_TITLE (2.5.11) | WF_MEDIA_TITLE (2.5.11) | WF_VISUALCHARS_TITLE (2.5.11) | WF_CHARMAP_TITLE (2.5.11) | WF_LINK_TITLE (2.5.11) | WF_ANCHOR_TITLE (2.5.11) | WF_KITCHENSINK_TITLE (2.5.11) | WF_CLEANUP_TITLE (2.5.11) | WF_HR_TITLE (2.5.11) | WF_FONTCOLOR_TITLE (2.5.11) | WF_VISUALBLOCKS_TITLE (2.5.11) | WF_PRINT_TITLE (2.5.11) | WF_PREVIEW_TITLE (2.5.11) | WF_FORMATSELECT_TITLE (2.5.11) | WF_FULLSCREEN_TITLE (2.5.11) | WF_SEARCHREPLACE_TITLE (2.5.11) | WF_FONTSIZESELECT_TITLE (2.5.11) | WF_CLIPBOARD_TITLE (2.5.11) | WF_CONTEXTMENU_TITLE (2.5.11) | WF_AUTOSAVE_TITLE (2.5.11) | WF_DIRECTIONALITY_TITLE (2.5.11) | WF_XHTMLXTRAS_TITLE (2.5.11) | WF_STYLESELECT_TITLE (2.5.11) | WF_LISTS_TITLE (2.5.11) | WF_BROWSER_TITLE (2.5.11) | WF_INLINEPOPUPS_TITLE (2.5.11) | WF_NONBREAKING_TITLE (2.5.11) | WF_IMGMANAGER_TITLE (2.5.11) | WF_SPELLCHECKER_TITLE (2.5.11) | WF_LAYER_TITLE (2.5.11) | WF_TABLE_TITLE (2.5.11) | WF_STYLE_TITLE (2.5.11) | WF_AGGREGATOR_DAILYMOTION_TITL (2.5.11) | WF_AGGREGATOR_VINE_TITLE (2.5.11) | WF_AGGREGATOR_VIMEO_TITLE (2.5.11) | WF_AGGREGATOR_[youtube]_TITLE (2.5.11) | WF_LINKS_JOOMLALINKS_TITLE (2.5.11) | WF_FILESYSTEM_JOOMLA_TITLE (2.5.11) | WF_MEDIAPLAYER_JCEPLAYER_TITLE (2.5.11) | WF_LINK_SEARCH_TITLE (2.5.11) | WF_POPUPS_JCEMEDIABOX_TITLE (2.5.11) | WF_POPUPS_WINDOW_TITLE (2.5.11) | kunena_tmpl_crypsis (4.0.7) | Bubbles (4.0) | Vintage (4.0) | Elegant Green (3.5) | Elegant Blue (4.0) | Wireframe (4.0) | Elegant Yellow (3.5) | Elegant Red (3.5) | Default Theme (3.5) | Nomad (4.0) | Nickel (4.0) | Hako (4.0) | Greenie (3.5) | Bluedream (4.0) | Elegant White (3.5) | Polish (3.5) | Carbon (4.0) | Origami (4.0) | Timeless (4.0) | Simplistic (4.0) | Plain (4.0) | Pinky (3.5) |
Components :: ADMIN :: com_cpanel (3.0.0) | com_plugins (3.0.0) | com_joomlaupdate (3.0.0) | com_cache (3.0.0) | com_users (3.0.0) | com_messages (3.0.0) | com_checkin (3.0.0) | com_admin (3.0.0) | JCE (2.5.11) | Unknown (-) | JEvents (3.4.4) | com_installer (3.0.0) | Dc_pro_counter_analyze (0.5) | com_menus (3.0.0) | com_kunena (4.0.7) | plg_kunena_uddeim (4.0.7) | plg_kunena_community (4.0.7) | plg_kunena_alphauserpoints (4.0.7) | plg_kunena_comprofiler (4.0.7) | plg_kunena_joomla (4.0.7) | plg_kunena_kunena (4.0.7) | plg_kunena_finder (4.0.7) | plg_finder_kunena (4.0.7) | plg_kunena_gravatar (4.0.7) | plg_system_kunena (-) | mod_kunenamenu (4.0.7) | com_categories (3.0.0) | com_templates (3.0.0) | com_newsfeeds (3.0.0) | com_redirect (3.0.0) | com_oziogallery3 (4.4.2) | com_tags (3.1.0) | com_content (3.0.0) | com_phocafavicon (3.0.0) | com_media (3.0.0) | COM_EVENTGALLERY (3.3.3) | com_contenthistory (3.2.0) | com_login (3.0.0) | com_config (3.0.0) | com_easyblog (5.0.30) | com_languages (3.0.0) | RokSprocket (2.1.9) | com_finder (3.0.0) | com_banners (3.0.0) | com_gantry5 (5.2.5) | Akeeba (4.5.0) | com_postinstall (3.2.0) | com_ajax (3.2.0) | com_modules (3.0.0) | com_search (3.0.0) | uddeIM (3.7) | Admintools (3.6.6) |

Modules :: SITE :: JEvents View Switcher (3.4.4) | mod_menu (3.0.0) | EasyBlog - Archive Module (5.0.30) | mod_weather_gk4 (1.7.0) | mod_articles_category (3.0.0) | mod_banners (3.0.0) | EasyBlog - Most Popular Post M (5.0.30) | EasyBlog - Subscribers Listing (5.0.30) | mod_footer (3.0.0) | mod_tags_similar (3.1.0) | EasyBlog - Showcase Module (5.0.30) | EasyBlog - Ticker Module (5.0.30) | EasyBlog - Top Blogs Module (5.0.30) | mod_articles_news (3.0.0) | EasyBlog - Posts List (5.0.30) | mod_tags_popular (3.1.0) | JEvents Latest Events (3.4.4) | JEvents Legend (3.4.4) | EasyBlog - Related Posts Modul (5.0.30) | dehkadeco pro counter analyze (0.5) | EasyBlog - Team Blogs Module (5.0.29) | EasyBlog - Subscribe Module (5.0.30) | mod_articles_categories (3.0.0) | EasyBlog Latest Blogs (3.9.1) | EasyBlog - Latest Comments Mod (5.0.30) | mod_custom (3.0.0) | EasyBlog - Most Commented Post (5.0.30) | JEvents CustomModule (3.4.4) | EasyBlog - Search Blogs Module (5.0.30) | mod_finder (3.0.0) | mod_syndicate (3.0.0) | mod_users_latest (3.0.0) | mod_articles_popular (3.0.0) | EasyBlog - Image Wall Module (5.0.30) | mod_articles_archive (3.0.0) | JEvents Calendar (3.4.4) | EasyBlog - Random Post Module (5.0.30) | mod_stats (3.0.0) | mod_articles_latest (3.0.0) | JEvents Filter (3.4.4) | mod_breadcrumbs (3.0.0) | mod_login (3.0.0) | EasyBlog - Post Meta Module (5.0.29) | RokAjaxSearch (2.0.4) | mod_gantry5_particle (5.2.5) | EasyBlog - Latest Bloggers Mod (5.0.30) | Easyblog - Categories Module (5.0.30) | EasyBlog New Post Module (3.9.1) | EasyBlog - Biography Module (5.0.30) | mod_random_image (3.0.0) | mod_languages (3.0.0) | mod_search (3.0.0) | mod_wrapper (3.0.0) | mod_whosonline (3.0.0) | EasyBlog - Quick Post Module (5.0.30) | EasyBlog - Welcome Module (5.0.30) | EasyBlog - Tag Cloud Module (5.0.30) | EasyBlog - Latest Blogs Module (5.0.30) | EasyBlog - Post Map Module (5.0.30) | mod_feed (3.0.0) | mod_related_items (3.0.0) | EasyBlog - Calendar Module (5.0.30) | RokSprocket Module (2.1.9) |
Modules :: ADMIN :: mod_menu (3.0.0) | mod_version (3.0.0) | mod_toolbar (3.0.0) | mod_latest (3.0.0) | mod_logged (3.0.0) | mod_submenu (3.0.0) | mod_custom (3.0.0) | mod_status (3.0.0) | mod_popular (3.0.0) | mod_stats_admin (3.0.0) | mod_login (3.0.0) | mod_title (3.0.0) | mod_quickicon (3.0.0) | mod_multilangstatus (3.0.0) | mod_feed (3.0.0) |

Plugins :: SITE :: PLG_EVENTGALLERY_SUR_STANDARD (3.3.3) | EVENTGALLERY_FIELDS_CATEGORY (3.3.3) | AllVideos (by JoomlaWorks) (4.7.0) | AllVideos (by JoomlaWorks) (4.7.0) | plg_content_ozio (4.4.0) | plg_content_vote (3.0.0) | plg_content_loadmodule (3.0.0) | Content - RokBox (2.0.11) | plg_content_joomla (3.0.0) | plg_content_emailcloak (3.0.0) | plg_content_finder (3.0.0) | Content - RokInjectModule (1.7) | plg_content_pagenavigation (3.0.0) | Content - Komento (1.0) | JEvents - Core Content Plugin (3.4.4) | Art Color Box (1.9.16) | plg_content_pagebreak (3.0.0) | plg_authentication_joomla (3.0.0) | plg_authentication_ldap (3.0.0) | plg_authentication_cookie (3.0.0) | plg_authentication_gmail (3.0.0) | plg_extension_joomla (3.0.0) | plg_captcha_recaptcha (3.4.0) | plg_system_sef (3.0.0) | plg_system_languagecode (3.0.0) | PLG_SYSTEM_PICASAUPDATER (3.3.3) | plg_system_highlight (3.0.0) | Antispam by CleanTalk (3.7) | plg_system_gantry5 (5.2.5) | System - RokBox (2.0.11) | plg_system_kunena (4.0.7) | plg_system_remember (3.0.0) | plg_system_p3p (3.0.0) | plg_system_gwejson (3.4.4) | plg_system_debug (3.0.0) | plg_system_logout (3.0.0) | plg_system_oziojquery (1.0.1) | plg_system_cache (3.0.0) | System - Komento (1.0) | System - RokCommon (3.2.0) | System - Admin Tools (3.6.6) | PLG_PRO_DC_PRO_COUNTER_ANALYZE (0.5) | plg_system_jce (2.5.11) | plg_system_redirect (3.0.0) | System - RokBooster (1.1.15) | plg_system_log (3.0.0) | System - RokSprocket (2.1.9) | plg_system_languagefilter (3.0.0) | plg_gantry5_preset (5.2.5) | plg_kunena_gravatar (4.0.7) | plg_kunena_community (4.0.7) | plg_kunena_comprofiler (4.0.7) | plg_kunena_kunena (4.0.7) | plg_kunena_joomla (4.0.7) | plg_kunena_uddeim (4.0.7) | plg_kunena_alphauserpoints (4.0.7) | plg_twofactorauth_totp (3.2.0) | plg_twofactorauth_yubikey (3.2.0) | plg_search_content (3.0.0) | plg_search_tags (3.0.0) | Search - Easy Blog (3.7.0) | plg_search_categories (3.0.0) | plg_search_contacts (3.0.0) | Search - JEvents (3.4.4) | plg_search_newsfeeds (3.0.0) | EasyBlog - Auto Article (5.0.1) | plg_finder_content (3.0.0) | plg_finder_tags (3.0.0) | Smart Search - EasyBlog Posts (3.5.0) | plg_finder_categories (3.0.0) | plg_finder_jevents (3.4.4) | plg_finder_contacts (3.0.0) | plg_finder_newsfeeds (3.0.0) | PLG_EVENTGALLERY_PAY_STANDARD (3.3.3) | plg_editors-xtd_article (3.0.0) | plg_editors-xtd_readmore (3.0.0) | Button - RokBox (2.0.11) | plg_editors-xtd_oziogallery (4.2.2) | plg_editors-xtd_pagebreak (3.0.0) | plg_editors-xtd_image (3.0.0) | PLG_EVENTGALLERY_SHIP_STANDARD (3.3.3) | Editor - RokPad (2.1.9) | plg_editors_codemirror (5.6) | plg_editors_tinymce (4.1.7) | plg_editors_jce (2.5.11) | plg_installer_webinstaller (1.0.5) | plg_user_profile (3.0.0) | User - Komento Users (1.0.0) | User - EasyBlog Users (3.0.0) | User - EasyBlog Users (5.0.1) | plg_user_joomla (3.0.0) | plg_user_contactcreator (3.0.0) | plg_quickicon_gantry5 (5.2.5) | plg_quickicon_kunena (4.0.7) | plg_quickicon_extensionupdate (3.0.0) | plg_quickicon_joomlaupdate (3.0.0) | plg_quickicon_jcefilebrowser (2.5.11) |

Templates :: SITE :: beez3 (3.1.0) | rt_ambrosia (1.0.1) | oziofullscreen (1.0.1) | protostar (1.0) |
Templates :: ADMIN :: isis (1.0) | hathor (3.0.0) |

[itoctopus]

For those of you having the login problem and other related problems on your website, does copying the libraries/joomla/session/session.php from 3.4.6 to 3.4.7 fix your problem?

I personally haven't tried it - but I can see that there are many differences in the new session.php in the way it saves the data - so that might fix it until Joomla comes up with a patch for this.

Note: What I'm offering is not a solution, it is just a suggestion to see whether this will fix the problem or not. The long term solution to this problem would be a patch.

Also keep in mind that reverting back to a previous session.php might re-introduce security issues found in 3.4.6.

[sleighd]

This is obviously not a preferable fix but... I replaced the 3.4.7 version of '/libraries/joomla/session/session.php' with a backup version (being 3.4.6). I was immediately able to login, both front-end and back-end, without re-clearing browser and/or truncating session table.

At least the site is accessible until somebody fixes the underlying issue.

[leolam]

For those of you having the login problem and other related problems on your website, does copying the libraries/joomla/session/session.php from 3.4.6 to 3.4.7 fix your problem?

That is imho a bad suggestion. What you do with this is partially (!) rolling back a patch and screwing up the system. That is not a solution. THe JBS and the JSST are working hard to resolve the issues posted and we will get a patch shortly.

Never mix versions!

Leo

[itoctopus]

I agree that it's a bad suggestion - but the problem is that the code changes in the session.php is causing some serious issues on some Joomla websites out there. I did stress the point that the solution is a Joomla patch and not this method - but, until then, these websites must work properly.

Reverting back to the old session.php also re-introduces the serialize/unserialize PHP security issue on websites powered by older PHP versions (<= 5.4.44), so I do not recommend it, but, if you're running PHP > 5.4.44, then reverting back to the old session.php is the lesser of the 2 evils.

[leolam]

As stated the Joomla Security Strike Force are working to resolve these issues in close coordination with the JBS

Leo

[pe7er]

Also keep in mind that reverting back to a previous session.php might re-introduce security issues found in 3.4.6.

Yes, will re-introduce security issues.
You are running on PHP 5.4.44 which probably is affected by the PHP bug which was the reason for the Joomla 3.4.6/3.4.7 release.

See https://www.joomla.org/announcements/re ... 3-4-7.html

Since the recent update it has become clear that the root cause is a bug in PHP itself. This was fixed by PHP in September of 2015 with the releases of PHP 5.4.45, 5.5.29, 5.6.13

Ask your hosting company to update PHP to 5.4.45
or a higher PHP version (as PHP 5.4 is End-Of-Life since last september http://php.net/eol.php )

[JEDmin]

Hi guys! Since 3.4.6 and 3.4.7 session.php file doesn`t write session.client.browser info in _session mysql table. Its temporaly? Some modules use session.client.browser data for showing who is online, detecting bots. From 3.4.6 they doesn`t work(

[kentmorrison]

I have been pulling my hair out in frustration, getting locked out of your own web site JUST SUCKS!
I cannot believe this buggy [censored], really annoying.

> copying the libraries/joomla/session/session.php from 3.4.6 to 3.4.7 fix your problem?

YES! - this is what I had to do to get back into one of my sites.

IF YOU ARE GOING TO RELEASE A SECURITY PATCH THAT NOT EVERYONE NEEDS, WHY CAN'T YOU AT LEAST TEST THE GOD DAMN THING ?

Seriously, VERY unprofessional.
I blew 2.5 hours on this.

THANK YOU itoctopus for the above suggested fix !

[jgress-]

Forum Rules: http://forum.joomla.org/viewtopic.php?f=8&t=65

[kentmorrison]

Thanks for the reminder jgress
I understand and will comply.
Please remind Ribo as well...

[amob7880]

For those of you having the login problem and other related problems on your website, does copying the libraries/joomla/session/session.php from 3.4.6 to 3.4.7 fix your problem?.

It does fix the problem. At least I can get in and work - then replace the 3.4.6 sessions.php with the 3.4.7 when done so I am secure again. Hopefully only until there is a patch.

I do understand the reasons for not doing this. Right now it is the best of two evils.

[makotosun]

This is obviously not a preferable fix but... I replaced the 3.4.7 version of '/libraries/joomla/session/session.php' with a backup version (being 3.4.6). I was immediately able to login, both front-end and back-end, without re-clearing browser and/or truncating session table.

At least the site is accessible until somebody fixes the underlying issue.

Regardless of the somewhat heated discussion above, the fix listed in the quote works. I was able to replace the above file and all seems to be good again.

For what it is worth, I am running PHP 5.6.15 on my server, so hopefully the security concerns are less?

A HUGE thank you to the person who posted the suggestion. I lost about 5 hours playing around in my SQL back end (scary for a neophyte!) and my site was offline for about 12 hours (not good for a user forum) but the fix will save me completely rebuilding the site and missing Christmas with my family.

PLEASE GET US A FIX THAT DOES NOT BREAK SOME SITES!

[daduts]

I upgrade a site to 3.4.7 and it's now throwing this error in the backend...

Error
Your host needs to disable magic_quotes_gpc to run this version of Joomla!

Your host needs to disable magic_quotes_gpc to run this version of Joomla!


My host is running PHP 5.3.28 and I double checked my php.ini file included magic_quotes_gpc=off

This is a reasonably complex site (hikashop, roksprocket, gantry4, breezin forms, docman, admin tools, hotspots, ajax search...) and all seems to be functioning well so i'm hoping this is just a nonsense error.

Cheers,

: D

[nickwalks]

@leolam: Tried truncating session table, deleted entire browsing history, close and reopen browser, went to yoursite/administrator. Although I "should" be able to login again I am still not able to...

@itoctopus: Tried copying the libraries/joomla/session/session.php from 3.4.6 to 3.4.7 and yes this allows login to the admin site again BUT I agree that although it fixes the problem temporarily it is not a solution. The main thing is that I can access the site again. Also updated PHP version in the server to 5.5 and tried using the 3.4.7 session.php again but it fails

@amob7880: "At least I can get in and work - then replace the 3.4.6 sessions.php with the 3.4.7 when done so I am secure again." This sounds like the best temporary solution, unless anyone has any better ideas?

[infograf768]

I upgrade a site to 3.4.7 and it's now throwing this error in the backend...

Error
Your host needs to disable magic_quotes_gpc to run this version of Joomla!

Your host needs to disable magic_quotes_gpc to run this version of Joomla!


My host is running PHP 5.3.28 and I double checked my php.ini file included magic_quotes_gpc=off

This is a reasonably complex site (hikashop, roksprocket, gantry4, breezin forms, docman, admin tools, hotspots, ajax search...) and all seems to be functioning well so i'm hoping this is just a nonsense error.

Cheers,

: D

See https://docs.joomla.org/How_to_turn_off ... r_Joomla_3

[hefesto]

A few more things to check regarding this issue:

-Are these servers using any kind of server side caching? Vagrant maybe? Proxy cache? If so, try disabling them. That error message about the token is one I often see when there's a mismatch between the session I try to load and the one Joomla expects, so could be a caching issue.
-Have you tried restoring a recent copy of your site (the one you took just before upgrading... because you took one, right?) on a local environment and upgrading there? If it works locally, that will point to server related issues, and at least would help narrowing the issue.

Cheers!

[sabikeuk]

Hello,
after update to the newest Joomla 3.4.7 I have difficulties to add item to cart. When I access my website estilofina.sk for a first time (tried different computers, mobiles), if I want to add a product to cart it doesnt work, I just got a page stating that the card is empty. After that I have repeated the step and I was able to add a product to cart.

Please could someone help ASAP. My site is e-commerce site and live.

J3.4.7
Virtuemart 3.0.8 + VP One page checkout plugin
PHP 5.6

Regards,
Dan

[daduts]

Thanks JM,

Adding
magic_quotes_runtime = Off
magic_quotes_sybase = Off

to php.ini did the trick.

: D

[kaagee]

Since i updated to joomla 3.4.7 after pressing install on an extension in Extension manager, and the tab templates of Template manager can't be accessed anymore, all get a 404 page. It is not template specific because all link names of templates in the tab "templates" gives a 404. Can anyone point me in the right direction where to corrrect this. Which files address the extension and template manager? I can't also not upload pictures i just found out.

links that give 404..

.../administrator/index.php?option=com_installer&view=install

/administrator/index.php?option=com_templates&view=template&id=10070&file=aG9tZQ==

Anyone experienced this?

Any help would be much appreciated, because i have been looking for a while to locate the problem.

[rotor]

I have three out of three sites that have me locked out of the backend!!!

All sites are located on a "Joomla" promoted host.

I upgraded one site using the Admin backend upgrade feature - locked out
My host upgraded the second site using the auto update from softaculous - locked out
The third site couldn't be upgraded using the auto updater from softaculous so the host reverted to the earlier version - 3.4.6 - locked out

[EvanGR]

According to this page (from an important Joomla developer and contributor):
https://www.akeebabackup.com/home/news/ ... -bugs.html

The Joomla 3.4.7 update is broken in major ways, AND it was preventable.

quoting: "Even though we explicitly warned the Joomla! security team that trying to migrate existing session data would cause problems they chose to ignore us. Guess what? We were right."

Somebody is responsible for releasing this to the public despite the warnings.

Somebody is also responsible for still (as of the time of this post) keeping it available online!

Great way to crap on the holidays of as many users and developers (wasting hours/days in support) as possible.

Well done.

[itoctopus]

3.4.8 Should be released this evening - this release should address all the session/database issues caused by 3.4.7.

[JacquesR]

Joomla 3.4.8 is now available.
This bug-fix (not security) release should hopefully fix all the recent issues.

More info here:
https://www.joomla.org/announcements/re ... eased.html

If your site does not have immediate issues after the 3.4.7 security update, and if you are supposed to be on holiday (as many are at this time of year), then you may safely let the 3.4.8 update stand over until the new year.

A big thank you to all who helped get this release out .

[nickwalks]

Thanks for everyone's patience and continued work on this problem. Just letting you know that the 3.4.8 update doesn't fix the session issue for me. I think/know others may still be having similar problems.

[Deleyna]

I have read elsewhere that the session issue is coming from third party plugins. I will try tomorrow, but am told it requires uninstalling and removing the table from the responsible plugin, clearing the last session and the cookies, then upgrading and installing updated plugin. In my case the plugin seems to be clean talk... Which is a fabulous plugin.

[sabikeuk]

Problem still persist even with update to J3.4.8. One of the customers just send email he is not able to add product to cart using either PC or mobile. When he tried to add product to cart he got just page saying the cart is empty.

I was able to complete checkout for this customer from my PC.

Any idea ?

[ribo]

Clear browser cache in this pc that can t add product

[sabikeuk]

Thank you for quick reply, but it's quire embarrassing to ask every other customer to clear cache in their PC/mobile isn't it?

[ribo]

The clear cache of browser must be for the people that tryed before that you had the issue.