Magento SUPEE-10570 post-patch login issues

Posted on Posted in Magento

After applying SUPEE-10570 Magento patch we discovered the issue with logging into the website admin for one of our clients.

The error in the var/report was the following:

a:5:{i:0;s:64:"Invalid method Mage_Core_Model_Session::renewFormKey(Array
(
)
)";i:1;s:2038:"#0 /xxxx/xxxx/xxxx/app/code/core/Mage/Admin/Model/User.php(385): Varien_Object->__call('renewFormKey', Array)
#1 /xxxx/xxxx/xxxx/app/code/core/Mage/Admin/Model/User.php(385): Mage_Core_Model_Session->renewFormKey()
#2 /xxxx/xxxx/xxxx/app/code/core/Mage/Admin/Model/Session.php(134): Mage_Admin_Model_User->login('login', 'password')
#3 /xxxx/xxxx/xxxx/app/code/core/Mage/Admin/Model/Observer.php(73): Mage_Admin_Model_Session->login('login', 'password', Object(Mage_Core_Controller_Request_Http))
#4 /xxxx/xxxx/xxxx/app/code/core/Mage/Core/Model/App.php(1338): Mage_Admin_Model_Observer->actionPreDispatchAdmin(Object(Varien_Event_Observer))
#5 /xxxx/xxxx/xxxx/app/code/core/Mage/Core/Model/App.php(1317): Mage_Core_Model_App->_callObserverMethod(Object(Mage_Admin_Model_Observer), 'actionPreDispat...', Object(Varien_Event_Observer))
#6 /xxxx/xxxx/xxxx/app/Mage.php(448): Mage_Core_Model_App->dispatchEvent('controller_acti...', Array)
#7 /xxxx/xxxx/xxxx/app/code/core/Mage/Core/Controller/Varien/Action.php(527): Mage::dispatchEvent('controller_acti...', Array)
#8 /xxxx/xxxx/xxxx/app/code/core/Mage/Adminhtml/Controller/Action.php(167): Mage_Core_Controller_Varien_Action->preDispatch()
#9 /xxxx/xxxx/xxxx/app/code/core/Mage/Core/Controller/Varien/Action.php(407): Mage_Adminhtml_Controller_Action->preDispatch()
#10 /xxxx/xxxx/xxxx/app/code/core/Mage/Core/Controller/Varien/Router/Standard.php(254): Mage_Core_Controller_Varien_Action->dispatch('index')
#11 /xxxx/xxxx/xxxx/app/code/core/Mage/Core/Controller/Varien/Front.php(172): Mage_Core_Controller_Varien_Router_Standard->match(Object(Mage_Core_Controller_Request_Http))
#12 /xxxx/xxxx/xxxx/app/code/core/Mage/Core/Model/App.php(354): Mage_Core_Controller_Varien_Front->dispatch()
#13 /xxxx/xxxx/xxxx/app/Mage.php(684): Mage_Core_Model_App->run(Array)
#14 /xxxx/xxxx/xxxx/index.php(87): Mage::run('default', 'store')
#15 {main}";s:3:"url";s:16:"/index.php/admin";s:11:"script_name";s:10:"/index.php";s:4:"skin";s:5:"admin";}

If you are seeing the same error than the following can help you fix it.

The app/code/core/Mage/Core/Model/Session.php file needs to be updated:

  1. Find the following string:
    $this->setData('_form_key', Mage::helper('core')->getRandomString(16));

    and replace it with the following:

    $this->renewFormKey();
  2. Add the function to generate new Form key:
        /**
         * Creates new Form key
         */
        public function renewFormKey()
        {
            $this->setData('_form_key', Mage::helper('core')->getRandomString(16));
        }
  3. Add a new function to validate Form key:
        /**
         * Validates Form key
         *
         * @param string|null $formKey
         * @return bool
         */
        public function validateFormKey($formKey)
        {
            return ($formKey === $this->getFormKey());
        }
  4. Flush website cache and session storage:
    rm -rf var/cache/*
    rm -rf var/session/*

Now you can access the admin page.

Leave a Reply

Your email address will not be published. Required fields are marked *