Undefined variable: text in hud-dismiss-functions.php on line 450

[Max]

Hi AITpro,

I have a multisite network running as SiteGround. I am setting up BPS Pro on a fresh install of WP.

I am currently running WPMDev’s Dashboard, Domain Mapping & Multi-Domains plugins as well as CloudFlare’s plugin, and am also using the HTTPS for WordPress plugin to control my HTTPS redirects. (I only want HTTPS for admin, am concerned about URL canonicalization).

I ran through the setup tests with success, and then the setup wizards.

I then had the message about ‘PHP Error Log Path Does Not Match’ and saw that my currently set debug log file was being repeatedly quarantined  (similar to these recent forum threads: http://forum.ait-pro.com/forums/topic/php-error-log-path-does-not-match/ & http://forum.ait-pro.com/forums/topic/v9-2-error/).

I did my best to follow the included troubleshooting directions. (Including, if I recall correctly, running the diagnostic check in ini_set Options) In the end, I had to reset the PHP Error Log Location Set To value to match the value being seen by my server.

That seemed to solve that issue. However, I am now seeing the following error in my log file:

[22-Aug-2014 21:44:29 UTC] PHP Notice:  Undefined variable: text in /home/X/public_html/wp-content/plugins/bulletproof-security/includes/hud-dismiss-functions.php on line 450

My admin dashboard notifications now include “A PHP Error has been logged in your PHP Error Log”

However,  when I Reset Last Modified Time in DB as instructed the error returns.
I am also experiencing an (I believe unrelated) issue which is creating a steady flow of error log entries, so I am not sure if this is in fact acting properly, or if there is some issue related to the above quoted BPS Pro error log entry which refers to ‘HUD’ which I guessed might be ‘heads-up-display’?

In any case, can you help me understand what this error means?
Kind Regards
Max
_______

update:
1) above I said “In the end, I had to reset the PHP Error Log Location Set To value to match the value being seen by my server.”
1a) I have gotten this sorted so that the PHP Error Log Location Set To value is the suggested value and is settable using the button.

2) I continue to experience various behavior which seems to me to be possibly related to an issue with error messages being dismissed appropriately.
2a) for instance, after a security log entry generated by a get header request test I get the message about the log entry event yet after I click the Reset Last Modified Time in DB button, the log entry message persists on my admin area.

I am not sure if this is just me being an ignorant user or is there is in fact an issue somewhere within this.

Please advise. 🙂
Cheers,
Max

[AITpro Admin]

You have WordPress Debugging turned On / Set to true in your wp-config.php file.  More specifically if you use/set define('WP_DEBUG_LOG', true); to true then WordPress will use the default WordPress Debug log in the wp-content folder to log errors.  /wp-content/debug.log to log all errors.  BPS intentionally allows this to happen and will not override this default WordPress Debugging method and force errors to be logged in the BPS php error log instead of using the WordPress Debug log.  On a Live Production website you would use Debugging to check for any issues/problems/errors and then turn Off Debugging as soon as troubleshooting is completed.  You do NOT want to leave WordPress Debugging turned On all the time on a Live Production website.

Note:  There is actually a minor bug with the hud-dismiss-functions.php file on line 450, but it is a very insignificant issue that will be fixed in the next version of BPS Pro.  It does not adversly affect anything and is just a PHP Notice error.

define('WP_DEBUG', true);
define('WP_DEBUG_LOG', true);
define('WP_DEBUG_DISPLAY', true);

So anyway all you need to do is turn off WordPress Debugging in your wp-config.php file and all of the things you have mentioned in your topic post will go away.

Anytime you are manually modifying website files you need to follow these AutoRestore manual file modification procedural steps when manually modifying website files or you can just choose to restore the wp-config.php file from Quarantine when it is quarantined by ARQ.

http://forum.ait-pro.com/forums/topic/autorestore-quarantine-guide-read-me-first/

AutoRestore/Quarantine Correct Usage
AutoRestore/Quarantine (ARQ Infinity) IDPS is a real time file monitor that monitors all of your website files for any changes. When manually uploading files with FTP or modifying files or folders on your website follow these simple procedural steps for AutoRestore/Quarantine (ARQ) to avoid having those files autorestored and / or quarantined. If files are sent to Quarantine then use the Restore File option in Quarantine to restore those files. ARQ is amazing, but it cannot tell who you are if you are manually modifying files or folders outside of your WordPress Dashboard – that is not possible.

1. Turn ARQ Off.
2. Upload or modify files or folders on your website.
3. Click the appropriate Backup Files button: Root Files, wp-admin Files, wp-includes Files or wp-content Files Backup Files button.
4. Turn ARQ back On.

[Max]

Hi Keymaster,

1) Thank you 🙂

2) I figured out the debug conflict; thats what I meant in my update, point 1
2a) I was thinking to suggest a note in the plugin’s help file for that area advising people to turn off debugging if they had it on… I had simply forgotten (this is only a test site).

3) It did seem to me that there were some issues with the display of admin alert messages which did not clear away after following the ‘Reset Last Modified Time in DB’ instructions though the time values did seem to be changed.
3a) This behavior seemed to disappear after I logged out for a awhile; upon login, I was able to clear such messages as expected.

Things are going well now. I appreciate the assistance very much, thanks. I do have one fresh Q:

4) I have always been bugged at how WP offers user name data for discovery and love the ability to address that with BPSpro; I also have read this thread http://forum.ait-pro.com/forums/topic/wordpress-author-enumeration-bot-probe-protection-author-id-user-id/ from the forums here on ‘Author Enumeration Bot Probe Protection’ and wanted to check with you if the code example used here can be used or adapted to work with a multisite environment?

Kind Regards, Max

[AITpro Admin]

Oh ok I missed that in your update.

2a) I was thinking to suggest a note in the plugin’s help file for that area advising people to turn off debugging if they had it on… I had simply forgotten (this is only a test site).

This is an excellent idea and will be added to BPS as a displayed message something like this:  WordPress Debugging is turned On in your wp-config.php file.  This displayed message will go away automatically once WordPress Debugging is turned Off.

Yes, the WP AUTHOR ENUMERATION BOT PROBE PROTECTION code works on all WordPress single and Network site types except for: WordPress GWIOD (Giving WordPress Its Own Directory) website’s.

Regarding displayed user names/author urls on the frontend of a website see these Forum Topic links below for additional things you can do.  We have discussed adding a feature that would automate the process of doing some of the things in these links, but it would be a very complex task that could potentially cause a lot of problems.  Since BPS Pro Login Security and JTC Anti-Spam / Anti-Hacker are so effective at stopping all spambots and hackerbots then the need to do anything additional regarding author urls is considered more of a supplementary security measure or anti-nuisance measure vs a primary security protection method, such as LSM and JTC.  We are still discussing this though so maybe down the road something like that will be added to BPS.

http://forum.ait-pro.com/forums/topic/protect-login-page-from-brute-force-login-attacks/
http://forum.ait-pro.com/forums/topic/user-account-locked/
http://forum.ait-pro.com/forums/topic/revealing-the-admin-or-editor-user-name-and-not-knowing/
http://forum.ait-pro.com/forums/topic/wordpress-author-enumeration-bot-probe-protection-author-id-user-id/

[Author]

Posts