News:

SMF 2.1.4 has been released! Take it for a spin! Read more.

Main Menu

Many errors in logs in Security.php and Subs.php file from guests

Started by Adrek, February 23, 2014, 08:56:09 AM

Previous topic - Next topic

Adrek

Hi, yesterday I noticed that guests are making many errors in my logs (in SMF).

All errors are in two files: Subs.php and Security.php. Errors are created by guests and (what's for me interesting) this entries have no IP.
Here are example errors from Security.php:
Line 833: if (!is_array($permission) && in_array($permission, $user_info['permissions']))
Errors:
2: in_array() expects parameter 2 to be array, null given
8: Undefined index: permissions

Line 836:
elseif (is_array($permission) && count(array_intersect($permission, $user_info['permissions'])) != 0)
Errors:
2: array_intersect(): Argument #2 is not an array

Errors are repeating for 11 pages and all have the same time.

Errors from Subs.php:
Line 4068: if (($menu_buttons = cache_get_data('menu_buttons-' . implode('_', $user_info['groups']) . '-' . $user_info['language'] . '-' . empty($context['disable_sp']), $cacheTime)) === null || time() - $cacheTime <= $modSettings['settings_updated'])
Errors:
8: Undefined index: language
2: implode(): Invalid arguments passed
8: Undefined index: groups
8: Undefined index: total_time_logged_in

Errors from both files have the same URL logged: http://***.info/forum/index.php?action=portal;sa=shoutbox;shoutbox_id=1;time=1392993296;xml

Some time ago I had another issue with errors made by guests => http://www.simplemachines.org/community/index.php?topic=502568.0

SMF version: 2.0.7
Installed modifications:
Arantor CAPTCHA   1.0.8
Top 10 Posters and Topic Starters Stats (Today, Week, Month, and Year)   2.6
Nickname to Reply   0.7.1.1
Best Answer Intergration   1.4
ResizeImagesToFitScreen   0.1.6
DevCenter   0.4
Join date and Location in Posts   1.3.1
Location on memberlist SMF2   1.5
Custom Fields On Memberlist   1.1
Topic Author   0.1
Recent Topics On Board Index   1.03
Optimus Brave   1.8.7
Similar Topics   0.6
Tapatalk SMF 2.0 RC5/Final Plugin   3.9.0
SA GPlus   0.3 REV 9
SA Facebook   2.0.2
Avatar On Board RC2   2.1
Ban Filter   1.0
Gravatar 4 SMF   1.0
Member Color Link   3.1
Switch Permissions   1.0
Aeva Media   1.4w
Misc Anti Spam   1.0
Add Facebook Like, Tweet, and Google +1   1.0.3a
httpBL   2.5.1

Subs.php and Security.php files in attachment.

How this can be solved? Or how at least figure out IP so I can add it in ban list?
Polskie wsparcie SMF na simplemachines.org

the simplest solution is most likely the right one

Kays

Hi, do you still have Simple Portal installed?

It looks like someone is trying to access the shoutbox before the permissions are set. In fact maybe even before $user_info is properly populated. Which is strange but also possibly the cause of the  other errors and no ip addy.

Which were the last mods you added and how long ago?

If at first you don't succeed, use a bigger hammer. If that fails, read the manual.
My Mods

Adrek

I have SP installed for over a year now.
Latest installed packages was Arantor CAPTCHA, Top 10 Posters and Topic Starters Stats and SMF 2.0.7 update - all 3-4 weeks ago.

Additionally I have in index.template.php added:
if (!$context['user']['is_logged'] && isset($_GET['sa']) && $_GET['sa'] == 'shoutbox') die();

Because earlier we had other issues with guests.
Polskie wsparcie SMF na simplemachines.org

the simplest solution is most likely the right one

Adrek

Again something caused errors in Security.php :|

8 pages filled up with this errors, all from yesterday 11:26.


any ideas how to solve it? How to log at least IP so it can be banned?
Polskie wsparcie SMF na simplemachines.org

the simplest solution is most likely the right one

Arantor


Adrek

The same as in first post, only change is SMF version - 2.0.8

Also server error logs did not log anything on this time.
Polskie wsparcie SMF na simplemachines.org

the simplest solution is most likely the right one

Arantor

Something is doing a permissions request before you actually have permissions loaded. This doesn't happen in a stock install. Additionally, one of your mods is doing it during the avatar load procedure which is a really bad idea.

As countermeasure, I suggest changing this a few lines above line 833:
if (empty($user_info))
return false;


to this:
if (empty($user_info) || empty($user_info['permissions']))
return false;


Quite why something is loading so early, I don't know. But this will stop it throwing errors at least.

Adrek

Thanks, but with this edit I don't have all menu buttons and I can't access action=admin
Polskie wsparcie SMF na simplemachines.org

the simplest solution is most likely the right one

Arantor

What the hell has mangled your site?


Revert back and then replace this:
// You're never allowed to do something if your data hasn't been loaded yet!
if (empty($user_info))
return false;

// Administrators are supermen :P.
if ($user_info['is_admin'])
return true;


with:
// You're never allowed to do something if your data hasn't been loaded yet!
if (empty($user_info))
return false;

// Administrators are supermen :P.
if ($user_info['is_admin'])
return true;

// For some reason, some mods are broken and requesting permissions before permissions have even been loaded. To deal with that idiocy... we have to check them again.
if (empty($user_info['permissions']))
return false;

Adrek

This works fine, we'll see if it helps in few days.
Thanks.

Quote from: ♥ on August 29, 2014, 01:55:43 PMWhat the hell has mangled your site?
If I only knew... :|

I wonder if this could be somehow caused by Wordpress installed on main domain, where are blocks with latest posts from SMF forum?
I'm waiting for password to WP, because other admin changed it and forgot to notify me.. so for now i have no idea how posts are added, with SSI or some WP plugin.
Polskie wsparcie SMF na simplemachines.org

the simplest solution is most likely the right one

Arantor

I don't see how. Something is doing an SMF permissions call before the full process is carried out, and that's not what WP does normally (and it wouldn't be the case if SSI were involved anyway). Tapatalk certainly used to do that at one point but I thought they'd fixed that nonsense by now.

Adrek

So WP blocks are added with https://wordpress.org/plugins/bns-smf-feeds/
For now I'll leave it as it is, and see if your fix helps with issue.
Polskie wsparcie SMF na simplemachines.org

the simplest solution is most likely the right one

Arantor


Advertisement: