What I did now, I inserted the linesstraightlight wrote: ↑Tue Jan 05, 2021 11:42 amThat's intended to have an error there. The csrf_helper uses a buffer to output the token and cannot be added manually with the object without using the regex for security purposes on the catalog-end side. As explained previously, you simply need workaround the paths in the XML for all your TWIG files and, to make it easier, use the VQMod Manager to see for any errors in the paths. If you can't see any, then you need to keep playing with one block of XML modifications at a time to see where the issue might be originating from in your paths.
$this->load->helper('csrf_helper');
csrf_start();
into catalog/controller/common/header.php
That makes the token show up in a hidden input file in all forms including those which I had modified. Even though zlib.output_compression has not yet been enabled by my host manager.
Makes me wonder if that will prevent fake account registrations.
I'll report on this. We had only about 2 fake account registrations daily since about a week while we already had 60 per day in december.