PHP Warning: Undefined variable $matches

[protection]

Hello –

When upgrading my PHP version from 7.4 to 8.0, I get the following warning:

PHP Warning: Undefined variable $matches in /home/xxxxxxx/public_html/wp-content/plugins/bulletproof-security/includes/db-security.php on line 469

I also get this if trying to switch to PHP 8.1. I noticed this thread from years ago, but it seems like it was fixed since then.

I’m using WordPress version 5.9.2, and BPS Pro 16.5. This also happened with BPS Pro 16.4.

Thanks

EDIT: I came across this doc from the PHP 8.0 manual. On that page if you search for the text “A number of notices have been converted into warnings:“, you’ll see that the reason this warning is appearing now is because it’s been elevated from a notice to a warning.

[AITpro Admin]

Thanks for pointing this php error out.  This php error is insignificant.  So nothing to worry about.  This php error will be fixed in the next BPS Pro version release.

Yep, PHP 8 and 8.1 have significantly increased checking for absolute “code correctness”.  I just happened to miss this one and I’m sure there will be others that I missed.  😉

[protection]

Thanks so much! Your response time never ceases to amaze me!

[protection]

Out of curiosity, is there a setting that I can change so that this doesn’t get triggered? If so, is this an important to have enabled?

[AITpro Admin]

That code has to do with the DB Monitor Alert.  The php error is completely insignificant.  You can change this option setting if the php error is bothering you > BPS Pro > Display & Alert Options > Database Monitor: DBM Alerts > choose > Turn Off Displayed Alerts.

[protection]

Perfect, thank you!

[protection]

Hello – I just wanted to give you a heads up that I found another undefined variable:

PHP Warning: Undefined variable $vcheckVersion in /home/xxxxxxx/public_html/wp-content/plugins/bulletproof-security/includes/functions.php on line 1934

Thanks!

[AITpro Admin]

The $vcheckVersion variable has to do with BPS Pro upgrade checks too and is tied into API external requests from your website to the api.ait-pro.com API server.  Since something is blocking API requests on your website/server then this variable will be undefined.

[protection]

Thanks for the quick response!

I’m wondering if maybe I should try completely uninstalling and re-installing BPS Pro. Yesterday I did a folder diff between the BPS Pro plugin on my server and a fresh copy I downloaded from the BPS Download Page. I did notice some differences that could be explained, such as .htaccess files within the sub-folders of /admin/. I know that the reason those are there is because of the settings I have on the htaccess File Options page.

There were a couple of files that I wasn’t sure about:

/admin/htaccess/mscan-pattern-match.php – This file is not on my installation, and when I try to copy it to the same location for debugging purposes, it vanishes (even if I have autorestore turned off).

/includes/class.php – I can see this is for excluding certain folders. I noticed in some lines of code on my installation, the values for public static $FILTERS = array are hardcoded. I would expect these values to be stored in the database as opposed to written in the file, but if that’s working as designed that’s cool. I just wanted to double-check 🙂

[AITpro Admin]

Yeah, you could try an uninstall/reinstall, but that would not change whatever is blocking the BPS Pro plugin upgrade checks. The mscan-pattern-match.php file is used to update your database with any new MScan pattern matches and then it is automatically deleted.  The class.php file contains some hard coded folder names, but others are created by using the AutoRestore wp-content folder exclude tool and added to the file.  Using the filters from a file instead of your database reduces website slowness by 1000%.  DB queries are the most resource consuming things about a WordPress website.  I only use the WP DB when absolutely necessary to avoid unnecessary resource usage, which would cause website performance slowness.

[AITpro Admin]

Have you tried using the Chrome Developer tools on your WordPress Plugins page to look for clues?  Check the Console tab for any errors.  Make sure the Query Monitor plugin is deactivated or you will get results that are not readable.  I use the Query Monitor plugin for debugging too, but since it is a debugging tool then it should only be turned on when you are debugging.

[protection]

OK then, it looks like there’s nothing crazy going on in the BPS Pro plugin on my site, so I’ll scrap the idea of uninstalling. Thanks for explaining that to me.

I did try Chrome dev tools on the plugins page, but the Console tab doesn’t give me any insight.

I did get off the phone with my hosting company and asked how we could confirm if they were blocking the upgrade checker. They told me they could only confirm if they’re blocking incoming calls if I provided them the IP (or IPs) that are using to connect back to my site. Are you able to provide those to me?

Thanks for everything!

[AITpro Admin]

Host name: api.ait-pro.com
IPv4 IP address: 107.180.40.142
IPv6 IP address: ::ffff:6bb4:288e

[protection]

I spoke with my hosting provider and they said they’re not blocking that IP.

Hmmm….is there a hack I can put in the code to disable the update check? I would definitely keep a copy of the unmodified file around to be safe so that I can restore it.

[AITpro Admin]

I did not include any option settings to turn off BPS Pro plugin update checking for obvious reasons.  I’ll add some additional code to keep the php errors from happening, but there is nothing I can do to fix the actual problem since it is being caused by a plugin or theme that you have installed or some custom code somewhere (.htaccess or php) or your host is blocking the API calls.  Just because they said they are not blocking the API requests does not mean that is true.

[Author]

Posts