How To Troubleshoot PHP Errors, php errors in your php error log

Home Forums BulletProof Security Pro How To Troubleshoot PHP Errors, php errors in your php error log

Viewing 15 posts - 151 through 165 (of 259 total)
  • Author
    Posts
  • #30083
    AITpro Admin
    Keymaster

    Ok so this plugin is first trying cURL and then using a fallback to file_get_contents (which is not filtered appropriately). So instead of looking at file_get_contents at all you should look at why cURL is not working on your server/website. Have you disabed any of the cURL functions shown in the code below: curl_init, curl_setopt, curl_exec, curl_close? If so, then do not disable any of these safe php functions.

    // reCAPTCHA open url
    if (!function_exists('xrvel_login_recaptcha_open_url')) {
    	function xrvel_login_recaptcha_open_url($url) {
    		if (function_exists('curl_init') && function_exists('curl_setopt') && function_exists('curl_exec')) {
    			$ch = curl_init();
    			curl_setopt($ch, CURLOPT_URL, $url);
    			curl_setopt($ch, CURLOPT_HEADER, false);
    			curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    			curl_setopt($ch, CURLOPT_TIMEOUT, 60);
    			curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    			$response = curl_exec($ch);
    			curl_close($ch);
    		} else {
    			$response = file_get_contents($url);
    		}
    		return trim($response);
    	}
    }
    #30084
    AITpro Admin
    Keymaster

    This code below is harsh and is a classic case of “WP doing it wrong”. Overall the sense I get is that the plugin author is a good coder, but not a great coder and maybe just needs some time to become a great coder. 😉 Been there done that. 😉

    if (!function_exists('xrvel_login_recaptcha_login_enqueue_script')) {
    function xrvel_login_recaptcha_login_enqueue_script() {
    	$opt = get_option('xrvel_login_recaptcha_options');
    	if (!isset($opt['language']) || '' == $opt['language']) {
    		$opt['language'] = 'en';
    	}
     ?>
     <script src="https://www.google.com/recaptcha/api.js?hl=<?php echo $opt['language']; ?>" async defer></script>
    
    #30091
    Pako
    Participant

    Have you disabed any of the cURL functions shown in the code below“?
    >Yes :

    disable_functions =exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source
    output_buffering = 0
    mysql.allow_persistent = 0
    register_argc_argv = 0
    expose_php = 0
    allow_url_fopen = 0
    variables_order = "GPCS"
    #30092
    AITpro Admin
    Keymaster

    By disabling the very safe cURL functions you are most likely going to cause a lot of problems for your website. WordPress, other plugins and your Theme.  All cURL functions are very safe so there is no reason to disable them.

    #30289
    Pako
    Participant

    [Topic has been merged into this relevant Topic]
    Hi
    My php error log is full of those errors:

    PHP Warning:  get_headers(https://graph.facebook.com/v2.5/1051066288305592/picture?width=310&type=normal&access_token=EAALpopgJRvABAHeBHbtdNu3sPwCZBuuEhAe3gZAbxc7jilQCZA3ZBtvNjLY7gUGogT5pHCGZAxD573ZCjtvI1hKrpxyZCouCj0BdGB0MYJiqTNUuhbg11ydQ4vkPoKrVD2MImWXZBS4Owb41jIqsZClI1u2GxZB33gJTUZD): failed to open stream: HTTP request failed!  in /home/XXXXXX/public_html/wp-content/plugins/flow-flow/includes/social/FFFacebook.php on line 462

    What does it means?
    Thanks

    #30291
    AITpro Admin
    Keymaster

    @ Pako – Send this php error to the flow-flow plugin author so that they can fix whatever coding issue/problem is occurring in the flow-flow plugin.

    #30537
    Hannah
    Participant

    Hi, I have 5 sites that present this PHP Warning:  http://newnapawineclub.com, http://pegismith.com, http://mountainglenharps.com, http://www.iriscoloreddreams.net and http://joanpechanec.com.

    [08-Aug-2016 21:39:51 UTC] PHP Warning:  Invalid argument supplied for foreach() in /home3/newnapaw/public_html/wp-content/plugins/jetpack/modules/contact-form/grunion-contact-form.php on line 204

    It appears at various times, so I suspect it’s happening each time someone send a message via the Jetpack contact form. I understand that a warning does not halt the script so (I hope) these clients are/should be receiving the emails sent from their websites, but wonder is this is a known issue that Automattic is working on, or do I need to do something about it?

    On http://www.carlajgriffin.com, I got this PHP warning/fatal error today:

    [08-Aug-2016 15:27:48 America/New_York] PHP Warning:  require(ABSPATHwp-includes/load.php): failed to open stream: No such file or directory in /hermes/bosnaweb27a/b1260/ipw.carlajgriffincom/public_html/wp-settings.php on line 21
    [08-Aug-2016 15:27:48 America/New_York] PHP Fatal error:  require(): Failed opening required ‘ABSPATHwp-includes/load.php’ (include_path=’.:/usr/local/lib/php-5.5.22-amd64/lib/php’) in /hermes/bosnaweb27a/b1260/ipw.carlajgriffincom/public_html/wp-settings.php on line 21

    The combination of warning, then fatal error happened twice today. On the same site, I got this warning/fatal error combo yesterday:

    [07-Aug-2016 11:08:19 America/New_York] PHP Fatal error:  Call to undefined function language_attributes() in /hermes/bosnaweb27a/b1260/ipw.carlajgriffincom/public_html/wp-content/themes/Divi/header.php on line 3
    [07-Aug-2016 11:08:21 America/New_York] PHP Fatal error:  Call to undefined function et_get_option() in /hermes/bosnaweb27a/b1260/ipw.carlajgriffincom/public_html/wp-content/themes/Divi/footer.php on line 1

    And this one, which appears to be related to the 8/7 erros:

    [05-Aug-2016 21:25:45 America/New_York] PHP Fatal error:  Call to undefined function add_action() in /hermes/bosnaweb27a/b1260/ipw.carlajgriffincom/public_html/wp-content/themes/Divi/functions.php on line 79

    These last three are connected with the divi theme, yet none of the other sites with Divi and BPS Pro installed are having this issue. Not sure what to do.

    On http://lindaabblettwatercolors.com I see this error occurring sporadically since July 27:

    [03-Aug-2016 03:27:23 UTC] PHP Warning:  copy(/home/content/p3pnexwpnas13_data02/88/3099388/html/wp-content/bps-backup/autorestore/wp-content/plugins/bulletproof-security/admin/htaccess/plugins.htaccess): failed to open stream: No such file or directory in /home/content/p3pnexwpnas13_data02/88/3099388/html/wp-content/plugins/bulletproof-security/includes/firewall-autopilot.php on line 850

    I’m not sure what’s happening here or what I should do. Thanks again for all your help!
    Hannah

    #30542
    AITpro Admin
    Keymaster

    @ Hannah – Post the Jetpack plugin php error in the Jetpack plugin support forum so they can tell you what the error means and if it needs to be fixed.

    The second php error is occuring because this path and code is not valid:  require(ABSPATHwp-includes/load.php): You will need to figure out where this coding mistake is. The coding mistake could be in a plugin or your theme.

    The 3rd and 4th php errors are coding mistakes in your Divi theme. Either contact the Divi theme folks or fix the coding mistakes at the code lines listed in the php errors.

    The 5th php error is insignificant and just means that the BPS Pro Plugin Firewall AutoPilot Mode cron was unable to copy this file: /bulletproof-security/admin/htaccess/plugins.htaccess to the AutoRestore Backup folder here: /wp-content/bps-backup/autorestore/wp-content/plugins/bulletproof-security/admin/htaccess/plugins.htaccess. The folder does not actually exist.  So we need to add an additional check in that code for: if folder x exists.

    #30543
    Hannah
    Participant

    Thanks so much! I’ll follow through after I’m finished with the work I’m doing. I appreciate all your hard work, especially with the latest round of brute force attacks in full swing!

    #30572
    Hannah
    Participant

    Thought I’d let you know that a Bluehost employee answered the first question yesterday and and a Jetpack plugin contributor clarified it this morning. (https://wordpress.org/support/topic/persistent-php-errors-re-jetpack-grunion-contact-form?replies=5#post-8749851)  It sounds like this has been fixed and will be included in the Jetpack 4.2 update. No answers from Elegant Themes on the other issues yet, but they’re pretty good at keeping up with support requests, so I expect to hear from them soon.

    #30580
    Hannah
    Participant

    Looks like the various errors I reported before have been resolved by Bluehost and Elegant Themes (thanks so much for the advice – the ET-related ones just required a reinstall of the WordPress core and Divi theme), but now another one has cropped up. I migrated another client’s site last week and all went well, but I’m seeing errors ike this repeating in the PHP error log ever since:

    [15-Aug-2016 14:00:26 UTC] WordPress database error Table 'cowboyfl_wordpress545.actions_cache' doesn't exist for query SELECT post_id FROM actions_cache WHERE post_id = -2 made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/themes/twentyten/single.php'), get_template_part, locate_template, load_template, require('/themes/twentyten/loop-single.php'), the_content, apply_filters('the_content'), call_user_func_array, ra_display, raGetRelated, raGetWordList, raWordPressCache->exists

    I am also seeing HEAD request warnings in the security log that could be related, but there are plenty of entries from July 28-29, predating the migration:

    [405 HEAD Request: August 15, 2016 - 5:46 am]
    Event Code: BFHS-HEAD - HEAD Request Blocked
    Solution: http://forum.ait-pro.com/forums/topic/security-log-event-codes/
    REMOTE_ADDR: 52.90.218.114
    Host Name: ec2-52-90-218-114.compute-1.amazonaws.com
    SERVER_PROTOCOL: HTTP/1.1
    HTTP_CLIENT_IP:
    HTTP_FORWARDED:
    HTTP_X_FORWARDED_FOR:
    HTTP_X_CLUSTER_CLIENT_IP:
    REQUEST_METHOD: HEAD
    HTTP_REFERER:
    REQUEST_URI: /blog/2010/pressed-flower-bookmarks/
    QUERY_STRING:
    HTTP_USER_AGENT: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)

    I tried to implement the HEAD block bypass you’ve recommended previously, but on this site it took it down, so I had to undo it.

    Thanks for your advice on this one!

    #30582
    AITpro Admin
    Keymaster

    @ Hannah – The php error looks like it has something to do with a Caching plugin.  Post the php error in the caching plugin support forum on wordpress.org for whichever caching plugin this is.  If the HEAD whitelist code caused your site to crash then you made a mistake in copying or editing the HEAD htaccess code in Custom Code and the htaccess code was invalid/bad.  Double check that you are creating valid Custom Code and do the steps again.

    #31002
    AITpro Admin
    Keymaster

    Email Question:
    Hi
    I saw the following many errors in my PHP Error Log today. I am not sure what are these errors about. Can you help to identify and advise if there is any plugin that I should whitelist.

    [22-Sep-2016 12:15:30 UTC] PHP Warning: mysqli_query(): MySQL server has gone away in /home/xxxxx/public_html/wp-includes/wp-db.php on line 1868
    [22-Sep-2016 12:15:30 UTC] PHP Warning: mysqli_query(): Error reading result set's header in /home/xxxxx/public_html/wp-includes/wp-db.php on line 1868
    [22-Sep-2016 12:15:38 UTC] WordPress database error MySQL server has gone away for query SELECT SQL_CALC_FOUND_ROWS xx_posts.ID FROM xx_posts INNER JOIN xx_postmeta ON ( xx_posts.ID = xx_postmeta.post_id ) INNER JOIN xx_postmeta AS mt1 ON ( xx_posts.ID = mt1.post_id ) WHERE 1=1 AND (
    xx_postmeta.meta_key = 'total_sales'
    AND
    (
    ( mt1.meta_key = '_visibility' AND mt1.meta_value IN ('visible','catalog') )
    )
    ) AND xx_posts.post_type = 'product' AND ((xx_posts.post_status = 'publish')) GROUP BY xx_posts.ID ORDER BY xx_postmeta.meta_value+0 DESC LIMIT 0, 12 made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/themes/superstore/index.php'), dynamic_sidebar, call_user_func_array, WP_Widget->display_callback, Woo_Best_Selling_Products->widget, do_shortcode, preg_replace_callback, do_shortcode_tag, call_user_func, WC_Shortcodes::best_selling_products, WP_Query->query, WP_Query->get_posts

    Answer:
    The BPS Pro PHP Error Log, logs all php errors that are occurring on your site (in other plugins, themes, in general).  Please read the very beginning of this forum topic to get a general understanding of what the BPS Pro PHP Error Log is for and does.

    The timestamps of the first 2 php errors indicate that your server may have temporarily had an issue/problem.  So the superstore theme php error that happened at the same time may have been caused by that temporary server connectivity issue/problem.  If this php error only happened once and is not happening frequently or constantly then you can ignore these php errors.  If the mysqli php errors are happening frequently/constantly then you need to contact your host and have them check your server.

    #31982
    Bruce
    Participant

    [Topic has been merged into this relevant Topic]
    I get these same errors multiple times per day since installing  BPS-Pro. Any suggesitons?

    [02-Jan-2017 05:32:14] PHP Fatal error: Class 'FilesystemIterator' not found in ../wp-content/plugins/all-in-one-wp-security-and-firewall/classes/wp-security-file-scan.php on line 203
    [02-Jan-2017 05:41:29] PHP Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 41168894 bytes) in ../wp-content/plugins/bulletproof-security/includes/hidden-plugin-folders-cron.php on line 288
    #31985
    AITpro Admin
    Keymaster

    @ Bruce – The 2 php errors are related in that both of them are trying to use the PHP Standard PHP Library (SPL).  /bulletproof-security/includes/hidden-plugin-folders-cron.php on line 288 uses an Object from the RecursiveIteratorIterator and RecursiveDirectoryIterator classes in the HPF cron check that checks for any unusual files in your /plugins/ folder.  The function has this condition below at the top of that function and will not be processed if the PHP Standard PHP Library (SPL) is not installed on your server.  So that means the PHP Standard PHP Library (SPL) is installed, but it looks like either there is a problem with SPL on your PHP server or some classes are not installed, such as:  RecursiveIteratorIterator, RecursiveDirectoryIterator and FilesystemIterator. It seems very unlikely to me that these classes would not be installed since they are default classes for the PHP Standard PHP Library (SPL). So I believe there is something wrong/bad with the PHP server compile/build on this particular server. Contact your host, refer them to this forum topic and ask them to switch you to another PHP server (PHP5.5.x, PHP5.6.x, etc) by using a php/php.ini handler. This is a quick and simple thing to do to determine if there is a problem with the particular PHP server build/compile that your website is using. Be sure to do these things when your host is working on your website: Unlock your root htaccess file and Turn Off AutoRestore. After your host is done making any changes, rerun the Pre-installation Wizard and Setup Wizard.

    if ( ! is_array( spl_classes() ) ) {
    exit();
    }
Viewing 15 posts - 151 through 165 (of 259 total)
  • You must be logged in to reply to this topic.