After trying to login, a cookie with the suffix _csrfchk (with numeric abracadabra contents) is set. Also there is a getCSRFCookie function present in main_posts.html (it's the default file), so I suppose that's working properly.
I just looked into the error log in Firefox. There are some minor messages, but one maybe relevant. On index.php it says "Er is een formulier in de windows-1252-tekenset verzonden dat niet alle Unicode-tekens kan coderen, waardoor gebruikersinvoer beschadigd kan raken. Om dit probleem te voorkomen, dient u de pagina zo aan te passen dat het formulier in de UTF-8-tekenset wordt verzonden door of de tekenset van de pagina zelf naar UTF-8 te wijzigen, of door accept-charset=utf-8 in het formulierelement te specificeren.", which more or less means that a form was sent in a Windows-1252 set which cannot code all Unicode-signs, thus damaging user input. To avoid this problem you need to edit the page so that the form is sent in UTF-8 set or by changing the page's set to UTF-8 itself, or by specifying accept-charset=utf-8 in the form's element.
Could this be of influence for not being able to login? It sounds like I have to change something in index.php. |