Authentication Error

Situation
When patch 7-0-2-Patch-1 is installed, when you visit Admin-> Users this error will appear.

OpenEMR Version
I’m using OpenEMR version 7.0.2

Browser:
I’m using: Firefox and Crome

Operating System
I’m using: Ubuntu

Search
Did you search the forum for similar questions? Yes but no fixed was found

Logs
Did you check the logs?

Was there anything pertinent in them? This happened after i installed the patch, this is also been tested on a newly installed version of Open EMR

Please paste them here (surround with three backticks (```) for readability.
You can also turn on User Debugging under Administration->Globals->Logging User Debugging Options=>All

Does anyone encounter this issue after the patch been installed? I just try using a new fresh installation of Open EMR, Everything is working fine, Installed the patch and again encounter the same error. ( Admin->User = “Authentication Error” )

Situation

After installing the 7.0.3 on our OpenEMR installation, I encountered the following issues:

  1. An Authentication Error when accessing the Admin → Users section.

  2. An SQL Error related to a missing column template_name in the email_queue table.

I enabled PHP logging and found the following:
Logs
PHP Warning: Undefined array key “csrf_token_form” in /openemr/interface/usergroup/usergroup_admin.php on line 38
OpenEMR CSRF token authentication error
SQL Error with statement:query failed: SELECT id, sender, recipient, subject, body, template_name FROM email_queue WHERE sent = 0–Unknown column ‘template_name’ in ‘field list’==>/openemr/library/classes/postmaster.php at 103:sqlStatement

What I Have Tried

  1. CSRF Token Error:

• The csrf_token_form token is missing in requests to usergroup_admin.php. I checked the corresponding form and found no hidden field with the CSRF token.

• I added debugging to usergroup_admin.php with the following code:
error_log("Received CSRF token: " . ($_GET[‘csrf_token_form’] ?? ‘None’));
The logs confirmed that the token is not being sent.

2.SQL Error:

•I examined the email_queue table structure and confirmed that the template_name column does not exist.
•Running the query:
DESCRIBE email_queue;

showed no template_name column.

  1. General Logs:

No additional related errors were found in the logs.

  1. How can we resolve the CSRF token issue? Should we synchronize token_main with csrf_token_form, or is there a more appropriate fix?

  2. What is the correct schema for the email_queue table? Should we manually add the template_name column, or is there a specific update script to run?

1 Like

Hi, this was already solve on my end, the solution i do is replace the usergroup folder found in interface (interface/usergroup