By 
I recently noticed that sometimes the Joomla core contact form will give an “Invalid Token” error page when a website visitor uses the contact form to send a message to the owner of the website. This screen is unmistakable, and somewhat shocking to the unsuspecting website visitor, as it is completely blank except for the words “Invalid Token” in the upper-left corner of the browser window.
What also happens, and this is the really frustrating part, is that their message does not make it to its intended recipient, the sender of the message probably won’t try again, and it makes you and your website look rather incompetent. What’s also frustrating is that you may not know your website is doing this unless you try your own submission form several times in a row.
I discovered the problem by checking the Moovur/Mollom log of one website we’ve built. This log keeps track of all contact form submissions, both spam and ham. What’s recorded is the date, the name, email address, message subject, and a brief excerpt from the message. What clued me in is that there were messages listed in that log that the owner of the website had not received. (How did I know they hadn’t been received? I happen to know the website owner very well – she’s my wife!)
Here’s how to fix it…
The Fix
I googled this issue and what I found were more problems listed than solutions, but you only need one solution to fix a problem, and the one I found was posted on the JoomlaCode website a few months ago at this thread. The patch you need to fix this issue is found at the bottom of that page. Download the patch, open it in your favorite text editor (I recommend Notepad++), copy and paste it in the correct place in the controller.php file found in your components/com_contact directory, clean your website cache, and go to your contact form on your website to make sure it’s still working. Oh yeah, don’t forget to backup your site first!
The status on this bug is “Fixed in SVN”, so it should be included in the next Joomla 1.5 maintenance release (1.5.16). Until then, and if for some unknown reason you don’t want to update your Joomla website to the latest version, this blog post is for you.
The Fix in greater detail
I’ve listed the contents of the patch file here, to point out that you need to remove the plus signs at the beginning of each line or your contact form won’t work or even load in your browser. The plus signs indicate which lines have been added to the original code.
Contact Form Invalid Token patch
I suppose it goes without saying, but I’m going to say it anyway, that you need to insert the patch in the right place or it’s not going to work. The code you’re replacing is the following, found at lines 78-85 (in 1.5.15, at least):
Contact Form original lines of code (78-85)
I had this problem , but with your help my problem solve . tanks a lot man . 😉
You’re welcome, Arman. Glad you found it useful!
I’m using Joomla 1.5.9 but I don’t have the original lines of code in my com_contact/controller.php
Hi Andrea,
The “original lines of code” that I included in this post were from Joomla 1.5.15.
Probably the best advice I can give about Joomla 1.5.9 is to upgrade it to 1.5.23 which is the current version. I recommend using the component Update Manager for Joomla! I install that on all my Joomla sites and it seems to work flawlessly to update to the latest version of Joomla 1.5.
The core Joomla contact form is still pretty limited even when it’s working correctly, with several drawbacks such as it doesn’t keep a log of form submissions and there is no customization available. I’ve started using RSFormPro! from RSJoomla! on several of my sites. It seems to work well in the Joomla environment and it’s relatively inexpensive.
Another good form alternative though a little pricier is using custom forms from Formstack.
John
Hi John,
I’m using Joomla 1.5.25 stable, trying with your advice but no luck. Any Idea?
Hi Aldy,
Just checking here…are those “plus signs” in your code too? If so, you’ll need to remove them. They’re only there to let us know which lines were added.
Beyond that I’m not sure what to tell you. This was supposed to have been corrected by Joomla back in version 1.5.16.
John
Yup, the original text on my controller.php is like that without plus sign… 🙂
Well, you could always switch to WordPress – that’s what I did. 🙂