Terence J. Grant wrote: > Hi guys, > > >I've check it and the problem is simply template related. > >I've changed my default template to the "monobook" tpl two weeks ago and > >it does not create the hidden sectok field used like security token. > >Probably it's an old template release, as i guess that the filed is > >created automatically by some new tpl Api. > > > Ah, right. If the template uses the build in functions for creating the > > forms, the sectoken will be added automatically. But I think the Monobook > > template uses a custom login form in the sidebar. > > Monobook doesn't create a custom form for the login page. > Monobook doesn't access login page APIs or anything like that. > Monobook just links a page served up by the dokuwiki engine: > "doku.php?do=login" > So somebody (Andi?) may wish to investigate what's happening > differently in the "do=login" screen. > > It's not a template problem from my P.O.V. Given your example above it is a template problem. You either have to use the tpl_actionlink() function to generate the login link or if you build it yourself, like your example implies, you have to add the security token manually: "doku.php?do=login&sectok=<?php echo getSecurityToken()?>" otherwise it wont work. This however only affects the latest development version of DW and if Andi decides to remove the sectok check from the login action it`s no problem after all. Best Regards, Chi -- Michael Klier mail: chi@xxxxxxxxxxx www: http://www.chimeric.de icq: 206179334 jabber: chi@xxxxxxxxxxxxxxxxxx key: http://downloads.chimeric.de/chi.asc key-id: 0x8308F551