Status: offline

uKrease

Forum User
Junior
Registered: 30/01/06
Posts: 24
blank
Greetings all,

Yesterday I found that when I try to access my Geeklog phpBB section of the site, I get the following error :
PHP Formatted Code

An error has occurred:
2 - Illegal string offset: -12 @ /var/www/web23/web/phpBB2/language/lang_english/lang_main.php line 899
 


And below that is the entire session data listing usernames, database password and tons of other info, ending with the text "(This text is only displayed to users in the group 'Root'Wink"

I looked around initially to try find the problem, line 899 of the above file llists the time zones only and nothing suspicious was found there, so I deleted the entire phpBB dir and reinstalled the plugin, problem still there...

My Geeklog logfile lists the following entry :
PHP Formatted Code

[client 196.2.124.251] PHP Fatal error:  Call to a member function on a non-object in /var/www/web23/web/phpBB2/includes/sessions.php on line 133, referer: http://www.ukrease.co.za/admin/plugins.php
 


whenever I try to access the plugins page, line 133 doesn`t help me much and looks fine ?

I disabled the plugin for now and changed all passwords etc etc...any idea where to start fixing this up...

Do I report this on the phpBB website as well ?



Status: offline

Dirk

Site Admin
Admin
Registered: 12/01/02
Posts: 13073
Can't comment on the status of phpBBBridge (does it contain the current version of phpBB?). However, this:
Quote by: uKrease

And below that is the entire session data listing usernames, database password and tons of other info, ending with the text "(This text is only displayed to users in the group 'Root'Wink"


... means that you should set
PHP Formatted Code
// When set to true, this will display /detailed/ debug information in the event
// of a PHP error. ONLY set this to true with your non-production development
// environments!
$_CONF['rootdebug'] = false;

in your config.php ASAP. It's actually "false" by default, so you must have changed that at one point and forgotten to change it back.

bye, Dirk

Status: offline

uKrease

Forum User
Junior
Registered: 30/01/06
Posts: 24
Hi Dirk,

$_CONF['rootdebug'] was set to false, and I`m running the latest version of phpbbbridge which is 111 as per the plugins page and the latest Geeklog...

Some other info about the problem :

This was found in the log files as well :

PHP Formatted Code

Sat 28 Apr 2007 17:35:06 SAST - Error, invalid username: 'Gambrinus'
Sat 28 Apr 2007 18:54:29 SAST - Error, invalid username: 'Megabban'
Sat 28 Apr 2007 20:23:54 SAST - Error, invalid username: 'shroom'
Sun 29 Apr 2007 02:38:28 SAST - Error, invalid username: 'Tarasolas'
Sun 29 Apr 2007 10:14:01 SAST - Error, invalid username: 'Geoptruoi'
Sun 29 Apr 2007 10:21:22 SAST - Error, invalid username: 'Fapolasis'
Sun 29 Apr 2007 10:58:18 SAST - Error, invalid username: 'Mussolina'
Sun 29 Apr 2007 12:32:11 SAST - Error, invalid username: 'jimboboju'
Sun 29 Apr 2007 20:37:56 SAST - Error, invalid username: 'Bandarelad'
Sun 29 Apr 2007 20:48:02 SAST - Error, invalid username: 'Muronnist'
Mon 30 Apr 2007 02:08:11 SAST - Error, invalid username: 'their3114@ukrease.co.za'
Mon 30 Apr 2007 05:40:16 SAST - Error, invalid username: 'Hellsivin'
Mon 30 Apr 2007 06:11:25 SAST - Error, invalid username: 'dddddddab'
Mon 30 Apr 2007 10:01:41 SAST - Error, invalid username: 'Olikulirt'
Mon 30 Apr 2007 10:02:38 SAST - Error, invalid username: 'Kresturis'
Mon 30 Apr 2007 10:29:53 SAST - Error, invalid username: 'nubtestloa'
Mon 30 Apr 2007 12:21:05 SAST - Error, invalid username: 'gggggab'
Tue 01 May 2007 10:02:18 SAST - Error, invalid username: 'sea8078@ukrease.co.za
Content-Transfer-Encoding: 7bit
Content-Type: text/html
Subject: been called much you know at that
bcc: larry@tellingwellsoe.com

lab coats the of distances he grimly'


If that section is only shown to Root, then I guess without root perms no one gets to see the output I do, so I logged in with normal user rights and got an error :

PHP Formatted Code

Unfortunately, an error has occurred rendering this page. Please try again later.


This is however being shown due to me changing the db password, as it may have been exposed to unknown people (I`m slighly paranoid)

If I set the passwords correctly I get the same message.

Any suggestions would be great as I have no idea where else to look?

Status: offline

Dirk

Site Admin
Admin
Registered: 12/01/02
Posts: 13073
Quote by: uKrease

If that section is only shown to Root, then I guess without root perms no one gets to see the output I do, so I logged in with normal user rights and got an error :

PHP Formatted Code

Unfortunately, an error has occurred rendering this page. Please try again later.


Ah, okay. So that seems to work as expected, i.e. only Root users are shown all the details and normal visitors just get the non-informative message. So you should be fine there.

The "invalid username" messages in error.log are also "normal" - dictionary attacks and spambots that try to post to everything that looks like a web form.

The actual error (as quoted in your first post) seems to come from phpBB or the bridge, with which I'm not familiar, so I can't help you there, I'm afraid. It may be just some harmless error in phpBB or it's possible that someone hacked the phpBB portion of your site. But, as I said, I'm not in a position to make any judgements about that. All I can say is that it doesn't look like a problem on Geeklog's side.

bye, Dirk

Status: offline

uKrease

Forum User
Junior
Registered: 30/01/06
Posts: 24
Thanks Dirk ,

I`ll post to the phpBB forums and see if anything comes out of that...

:pray:

Status: offline

uKrease

Forum User
Junior
Registered: 30/01/06
Posts: 24
Hi again,

When I try to re-enable the phpbbbridge plugin I still get this error :
PHP Formatted Code
[client 196.2.124.251] PHP Fatal error:  Call to a member function on a non-object in /var/www/web23/web/phpBB2/includes/sessions.php on line 133, referer: http://www.ukrease.co.za/admin/plugins.php
 


Can anyone provide assistance with this one ?

Line 133 starts with
PHP Formatted Code
if (!($result = $db->sql_query($sql)))
                {
                        message_die(CRITICAL_ERROR, 'Error doing DB query userdata row fetch', '', __LINE__, __FILE__, $sql);
                }

 



Status: offline

garfy

Forum User
Full Member
Registered: 02/01/05
Posts: 437
I have the same problem, did you figure it out??

My site was hacked also in the past

uKrease

Anonymous
working
Hi there,

I tracked it down to the recent installation of the Docuwiki plugin....I initially installed it and it worked OK, then two days later is when I started getting the error messages I reported.

Eventually I disabled the Docuwiki plugin and everything worked fine, has been doing since.

The Docuwiki plugin still remains disabled though...I haven`t bothered to reactivate it and track down what causes it to crash the forum like that...

Status: offline

garfy

Forum User
Full Member
Registered: 02/01/05
Posts: 437
I dont have any docuwiki undr plugins

i only have captcha, spamx, polls, static pages, bridge

Status: offline

garfy

Forum User
Full Member
Registered: 02/01/05
Posts: 437
I dont have any docuwiki undr plugins

i only have captcha, spamx, polls, static pages, bridge

uKrease

Anonymous
If you are getting the same error I got initially, disable the plugins one by one and see if that helps any....

Does your Geeklog log file also have this message reported when it crashes :

"[client 196.2.124.251] PHP Fatal error: Call to a member function on a non-object in <path to webroot>/phpBB2/includes/sessions.php on line 133, referer: http://www.ukrease.co.za/admin/plugins.php"

When I saw that I started disabling the plugins...

Status: offline

garfy

Forum User
Full Member
Registered: 02/01/05
Posts: 437
No i could not find anything in the error file

I only use default plugins that comes with geeklog

only captcha is an addon

I wonder why this guy that is taking care of phpbridge is not answering at all

at least he could say I dont know or somthing

Status: offline

jmucchiello

Forum User
Full Member
Registered: 29/08/05
Posts: 985
Quote by: garfy

I wonder why this guy that is taking care of phpbridge is not answering at all

It's only be 2 hours since you posted your problem. How often is he supposed to check the forums?

Status: offline

garfy

Forum User
Full Member
Registered: 02/01/05
Posts: 437
I am talking about turias, I saw similar posts on his forum unanswered