I recently noticed that sometimes the Joomla core contact form will give an “Invalid Token” error page when a website visitor uses the contact form to send a message to the owner of the website. This screen is unmistakable, and somewhat shocking to the unsuspecting website visitor, as it is completely blank except for the words “Invalid Token” in the upper-left corner of the browser window.
What also happens, and this is the really frustrating part, is that their message does not make it to its intended recipient, the sender of the message probably won’t try again, and it makes you and your website look rather incompetent. What’s also frustrating is that you may not know your website is doing this unless you try your own submission form several times in a row.
I discovered the problem by checking the Moovur/Mollom log of one website we’ve built. This log keeps track of all contact form submissions, both spam and ham. What’s recorded is the date, the name, email address, message subject, and a brief excerpt from the message. What clued me in is that there were messages listed in that log that the owner of the website had not received. (How did I know they hadn’t been received? I happen to know the website owner very well – she’s my wife!)
Here’s how to fix it…
I googled this issue and what I found were more problems listed than solutions, but you only need one solution to fix a problem, and the one I found was posted on the JoomlaCode website a few months ago at this thread. The patch you need to fix this issue is found at the bottom of that page. Download the patch, open it in your favorite text editor (I recommend Notepad++), copy and paste it in the correct place in the controller.php file found in your components/com_contact directory, clean your website cache, and go to your contact form on your website to make sure it’s still working. Oh yeah, don’t forget to backup your site first!
The status on this bug is “Fixed in SVN”, so it should be included in the next Joomla 1.5 maintenance release (1.5.16). Until then, and if for some unknown reason you don’t want to update your Joomla website to the latest version, this blog post is for you.
The Fix in greater detail
I’ve listed the contents of the patch file here, to point out that you need to remove the plus signs at the beginning of each line or your contact form won’t work or even load in your browser. The plus signs indicate which lines have been added to the original code.
Contact Form Invalid Token patch
I suppose it goes without saying, but I’m going to say it anyway, that you need to insert the patch in the right place or it’s not going to work. The code you’re replacing is the following, found at lines 78-85 (in 1.5.15, at least):
Contact Form original lines of code (78-85)