Since upgrading to Drupal 6.16 I started receiving this error when users try to create content or fill out forms.

"Validation error, please try again. If this error persists, please contact the site administrator."

I see this is a common problem with Drupal but I believe it can be attributed to ipAuthenticator in this case. Based on the log entries it looks like the user is in a role when they click on the create link and they are anonymous when they submit the form, that is causing the validation error.

CommentFileSizeAuthor
#5 ipauth_loginvalidation.patch665 bytesrob-ert
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

b0b’s picture

I should add, normal logged in users (not by IP) are not experiencing the problem.

b0b’s picture

It is line 37 of the ipauth.module file, "sess_regenerate();", causing the validation error

mickster917’s picture

I am having this issue with the Webform module. Authenticated Users (other than my blocked user created for IP Authenticator) can submit webforms just fine. When I try to submit a webform using the user I created for the IP Authenticator module I get "Validation error, please try again. If this error persists, please contact the site administrator."

In regards to comment #2 above, is there something that needs to be done with line 37???

b0b’s picture

I commented it out for now and it works, but I guess that creates a vulnerability.

Unfortunately this module doesn't seem to be maintained.

rob-ert’s picture

FileSize
665 bytes

My problem was only with login and I found that changing the ipauthenticator user login block has resolved the issue. If you can still login as an ip authenticated user using example.com/user/login then the following patch will hopefully resolve your problems.

thomasmurphy’s picture

Thanks, this help me solve a problem with the webform module which I was pulling into another CMS via a wrapper. It created a form validation error when users who were logged in attempted to test the form. I'm guessing that the reason was that the IP counted as anonymous when the form was wrapped, but logged in when it was submitted. I logged out on that browser when performing the test and it worked fine.

drasgardian’s picture

Subscribe.

I've commented out line 37 for now, but would like to find a more secure solution.