Jump to content

Recommended Posts

@@stefan21 I tested it here and it is working as it should though I don't have it installed on a php 5.5 shop so that may be the reason it fails. The failure seems to be due to a database statement but there are a number of database statements executed when that directory is visited and without knowing which one is causing the failure, I don't have any way of looking at this. You can try changing the bad bot trap setting to email since that will eliminate one statement. If it still fails, try setting it to off. If it still fails, then it is something else in the View Counter code. Let me know how it goes.

Share this post


Link to post
Share on other sites

@@Jack_mcs, thank you for your time and your reply.

 

To clarify: it's

 

HTTP Server: Apache/2.2.31 (Unix) PHP Version: 5.3.29 (Zend: 2.3.0)

 

I'll try out what you suggested and let you know.

Share this post


Link to post
Share on other sites

I tried what you suggested. While accessing the shop on the index.php the IP of my mobile device shows up in view counter. When I try to access view_counter_trap.php the attempt is not registered in the monitor. Same when I try to access /admin. No email is beeing sent and the IP is not beeing banned. Also no records in the faillog of the server. Just nothing.

 

Here's my .htaccess:

 

# $Id$

# view counter trap anyone trying to access admin
Options +FollowSymLinks
RewriteEngine On

RewriteCond %{REQUEST_URI} \"/admin/\"
RewriteRule (.*) view_counter_trap.php [L]

# Redirect domain.com to www.domain.com

RewriteCond %{HTTP_HOST} ^XXX.de [NC]
RewriteRule ^(.*)$ https://www.XXX.de/$1[L,R=301]

# stop hotlinking (gif/jpg) and serve alternate content
# I have included an image for you to upload, please note if you use your images out side of your server (like linked into EBAY) you cannot use # this.

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^https://(www\\.)?XXX\\.de/.*$ [NC]
RewriteRule .*\\.(gif|jpg)$ https://www.XXX.de/images/stolen.gif [R,NC,L]
</ifModule>

# deny most common except .php

<FilesMatch \"\\.(inc|tpl|h|ihtml|sql|ini|conf|class|bin|spd|theme|module|exe)$\">
 deny from all
</FilesMatch>

# Disable .htaccess viewing from browser

<Files ~ \"^\\.ht\">
 Order allow,deny
 Deny from all
 Satisfy All
</Files>

<Files .htaccess>
order allow,deny
deny from all
</Files>

# Disable access to config.php

<Files ~ \"includes\\configure.php$\">
</Files>

# The following makes adjustments to the SSL protocol for Internet
# Explorer browsers

<IfModule mod_setenvif.c>
 <IfDefine SSL>
 SetEnvIf User-Agent \".*MSIE.*\" \\
 nokeepalive ssl-unclean-shutdown \\
 downgrade-1.0 force-response-1.0
 </IfDefine>
</IfModule>

#
# This is used with Apache WebServers
#
# For this to work, you must include the parameter \'Options\' to
# the AllowOverride configuration
#
# Example:
#
# <Directory \"/usr/local/apache/htdocs\">
#   AllowOverride Options
# </Directory>
#
# \'All\' with also work. (This configuration is in the
# apache/conf/httpd.conf file)

AddType video/ogg .ogm
AddType video/ogg .ogv
AddType video/ogg .ogg
AddType video/webm .webm
AddType audio/webm .weba
AddType video/mp4 .mp4
AddType video/x-m4v .m4v

# The following makes adjustments to the SSL protocol for Internet
# Explorer browsers

#<IfModule mod_setenvif.c>
#  <IfDefine SSL>
#    SetEnvIf User-Agent \".*MSIE.*\" \\
#             nokeepalive ssl-unclean-shutdown \\
#             downgrade-1.0 force-response-1.0
#  </IfDefine>
#</IfModule>

# If Search Engine Friendly URLs do not work, try enabling the
# following Apache configuration parameter

# AcceptPathInfo On

# Fix certain PHP values
# (commented out by default to prevent errors occuring on certain
# servers)

# php_value session.use_trans_sid 0
# php_value register_globals 1

#AuthUserFile /mnt/webp/e3/52/51666952/htdocs/XXX/.htpasswd
#AuthName \"shop\"
#AuthType Basic
#  <Limit GET POST>
#   require valid-user
#  </Limit>

# Begin Ultimate SEO V2.2d
Options +FollowSymLinks
RewriteEngine On

  # RewriteBase instructions
  # Change RewriteBase dependent on how your shop is accessed as below.
  # https://www.XXX.de = RewriteBase /
  # https://www.XXX.de/catalog/ = RewriteBase /catalog/  
  # https://www.XXX.de/catalog/shop/ = RewriteBase /catalog/shop/

  # Change the following line using the instructions above  
 
RewriteBase /

RewriteRule ^(.*)-p-(.*).html$ product_info.php?products_id=$2&%{QUERY_STRING}
RewriteRule ^(.*)-c-(.*).html$ index.php?cPath=$2&%{QUERY_STRING}
RewriteRule ^(.*)-m-(.*).html$ index.php?manufacturers_id=$2&%{QUERY_STRING}
RewriteRule ^(.*)-pi-(.*).html$ popup_image.php?pID=$2&%{QUERY_STRING}
RewriteRule ^(.*)-by-(.*).html$ all-products.php?fl=$2&%{QUERY_STRING}
RewriteRule ^(.*)-t-(.*).html$ articles.php?tPath=$2&%{QUERY_STRING}
RewriteRule ^(.*)-a-(.*).html$ article_info.php?articles_id=$2&%{QUERY_STRING}
RewriteRule ^(.*)-au-(.*).html$ articles.php?authors_id=$2&%{QUERY_STRING}
RewriteRule ^(.*)-pr-(.*).html$ product_reviews.php?products_id=$2&%{QUERY_STRING}
RewriteRule ^(.*)-pri-(.*).html$ product_reviews_info.php?products_id=$2&%{QUERY_STRING}
RewriteRule ^(.*)-f-(.*).html$ faqdesk_info.php?faqdesk_id=$2&%{QUERY_STRING}
RewriteRule ^(.*)-fc-(.*).html$ faqdesk_index.php?faqPath=$2&%{QUERY_STRING}
RewriteRule ^(.*)-fri-(.*).html$ faqdesk_reviews_info.php?faqdesk_id=$2&%{QUERY_STRING}
RewriteRule ^(.*)-fra-(.*).html$ faqdesk_reviews_article.php?faqdesk_id=$2&%{QUERY_STRING}
RewriteRule ^(.*)-i-(.*).html$ information.php?info_id=$2&%{QUERY_STRING}
RewriteRule ^(.*)-links-(.*).html$ links.php?lPath=$2&%{QUERY_STRING}
RewriteRule ^(.*)-pm-([0-9]+).html$ extra_info_pages.php?pages_id=$2&%{QUERY_STRING}
RewriteRule ^(.*)-n-(.*).html$ newsdesk_info.php?newsdesk_id=$2&%{QUERY_STRING}
RewriteRule ^(.*)-nc-(.*).html$ newsdesk_index.php?newsPath=$2&%{QUERY_STRING}
RewriteRule ^(.*)-nri-(.*).html$ newsdesk_reviews_info.php?newsdesk_id=$2&%{QUERY_STRING}
RewriteRule ^(.*)-nra-(.*).html$ newsdesk_reviews_article.php?newsdesk_id=$2&%{QUERY_STRING}
RewriteRule ^(.*)-po-([0-9]+).html$ pollbooth.php?pollid=$2&%{QUERY_STRING}
# End Ultimate SEO V2.2d
 

Maybe there's the reason?

Share this post


Link to post
Share on other sites

Update:

 

1. Bad Bot Trap configured as ban

- accessing the directory /view_counter_badbottrap does not work

- accessing the file view_counter_trap.php or view_counter_trap_badbot.php does not work

- in any case IP does not show up in the monitor

 

2. Bad Bot Trap configured as email

- accessing the directory /view_counter_badbottrap sends an email to the specified email-adress

- accessing the file view_counter_trap_badbot.php sends an email to the specified email-adress

- accessing the file view_counter_trap.php leads to nothing

- in any case IP does not show up in the monitor

 

3. Bad Bot Trap configured as both

 

- accessing the directory /view_counter_badbottrap sends an email to the specified email-adress

- accessing the file view_counter_trap_badbot.php sends an email to the specified email-adress

- accessing the file view_counter_trap.php leads to nothing

- in any case IP does not show up in the monitor

 

The message is NOT FOUND

The requested URL /404.shtml was not found on this server

 

The redirection is always to https://www.XXX.de//404.shtml

Share this post


Link to post
Share on other sites

I'm confused by your replies. One said no emails are sent but the following post says they were. Also, is the error you mentioned no longer happening?

 

Contrary to what the setting says, the code can't ban such an IP. It could at one point but then I found that the search engines were not always following the robots directive and would end up getting banned. I have made changes in the next version for that but haven't tested it yet. The changes below will ban such an IP unless it is a search engine. Please test it and let me know how it goes.

In the includes/modules/view_counter.php file, find the following (around lines 228 through 266):

 if (basename($_SERVER['PHP_SELF']) === 'view_counter_trap_badbot.php') {
     if (VIEW_COUNTER_BAD_BOT_TRAP != 'Off') {  //otherwise ignore
         if (VIEW_COUNTER_BAD_BOT_TRAP != 'Email') {  //then ban or both is set
             if ($notBanned) { 
                 $sqlData = array('ip_number' => ip2long(tep_db_input($viewSqlArray['ip'])), 'ignore_status' => 0);
                 tep_db_perform(TABLE_VIEW_COUNTER_IGNORE, $sqlData); 
             }
         }
         if (VIEW_COUNTER_BAD_BOT_TRAP != 'Ban') {    //then email or both is set
             $mail_sent_query = tep_db_query("select 1 from " . TABLE_VIEW_COUNTER_EMAILS . " where ip_number = inet_aton('" . $viewSqlArray['ip'] . "') and sent = 1");
             if (tep_db_num_rows($email_sent) == 0) {
                 $subject = sprintf(TEXT_VIEW_COUNTER_EMAIL_TRAP_SUBJECT, $viewSqlArray['ip']); 
                 $msg = sprintf(TEXT_VIEW_COUNTER_EMAIL_TRAP_MSG_SPOOF, $viewSqlArray['ip'], 'http://www.projecthoneypot.org/ip_' .  $viewSqlArray['ip']);
                 $vcSendTo = (tep_not_null(VIEW_COUNTER_SEND_EMAILS_TO) ? VIEW_COUNTER_SEND_EMAILS_TO : STORE_OWNER_EMAIL_ADDRESS);
                 tep_db_query("insert into " . TABLE_VIEW_COUNTER_EMAILS . " (ip_number, sent) values (INET_ATON('" . $viewSqlArray['ip'] . "'), '1')");
                 tep_mail(STORE_OWNER, $vcSendTo, $subject, $msg, STORE_OWNER, $vcSendTo);
             }
         }
     }    
 }
  
 //don't record banned or ignored IP's
 if (isset($invalidAttempt) && $invalidAttempt) {
     $view_check_query = tep_db_query("select 1 from " . TABLE_VIEW_COUNTER_BANNED . " where ip_number = INET_ATON('" . $viewSqlArray['ip'] . "')");
     if (tep_db_num_rows($view_check_query) > 0) {
         $email_sent = tep_db_query("select 1 from " . TABLE_VIEW_COUNTER_EMAILS . " where ip_number = inet_aton('" . $viewSqlArray['ip'] . "') and sent = 1");
         if (tep_db_num_rows($email_sent) == 0) {
             $subject = sprintf(TEXT_VIEW_COUNTER_EMAIL_TRAP_SUBJECT, $viewSqlArray['ip']); 
             $msg = sprintf(TEXT_VIEW_COUNTER_EMAIL_TRAP_MSG, $viewSqlArray['ip'], 'http://www.projecthoneypot.org/ip_' .  $viewSqlArray['ip']);
             $vcSendTo = (tep_not_null(VIEW_COUNTER_SEND_EMAILS_TO) ? VIEW_COUNTER_SEND_EMAILS_TO : STORE_OWNER_EMAIL_ADDRESS);
             tep_db_query("insert into " . TABLE_VIEW_COUNTER_EMAILS . " (ip_number, sent) values (INET_ATON('" . $viewSqlArray['ip'] . "'), '1')");
             tep_mail(STORE_OWNER, $vcSendTo, $subject, $msg, STORE_OWNER, $vcSendTo);
         }    
     }
     return;
 }

 /**** Someone has attempted to access admin ****/
 $notBanned = false;

and replace with

 /**** A bot has accessed a file not meant to be accessed - good bots shouldn't do this ****/
 $notBanned = false; 
 if (! $viewSqlArray['isbot'] && basename($_SERVER['PHP_SELF']) === 'view_counter_trap_badbot.php') {
     if (VIEW_COUNTER_BAD_BOT_TRAP != 'Off') {  //otherwise ignore
         if (VIEW_COUNTER_BAD_BOT_TRAP != 'Email') {  //then ban or both is set
             if (! $notBanned) { 
                 $sqlData = array('ip_number' => ip2long(tep_db_input($viewSqlArray['ip'])), 'ignore_status' => 0);
                 tep_db_perform(TABLE_VIEW_COUNTER_IGNORE, $sqlData);  
                 $notBanned = true;
             }
         }
         if (VIEW_COUNTER_BAD_BOT_TRAP != 'Ban') {    //then email or both is set
             $mail_sent_query = tep_db_query("select 1 from " . TABLE_VIEW_COUNTER_EMAILS . " where ip_number = inet_aton('" . $viewSqlArray['ip'] . "') and sent = 1");
             if (tep_db_num_rows($email_sent) == 0) {
                 $subject = sprintf(TEXT_VIEW_COUNTER_EMAIL_TRAP_SUBJECT, $viewSqlArray['ip']); 
                 $msg = sprintf(TEXT_VIEW_COUNTER_EMAIL_TRAP_MSG_SPOOF, $viewSqlArray['ip'], 'http://www.projecthoneypot.org/ip_' .  $viewSqlArray['ip']);
                 $vcSendTo = (tep_not_null(VIEW_COUNTER_SEND_EMAILS_TO) ? VIEW_COUNTER_SEND_EMAILS_TO : STORE_OWNER_EMAIL_ADDRESS);
                 tep_db_query("insert into " . TABLE_VIEW_COUNTER_EMAILS . " (ip_number, sent) values (INET_ATON('" . $viewSqlArray['ip'] . "'), '1')");
                 tep_mail(STORE_OWNER, $vcSendTo, $subject, $msg, STORE_OWNER, $vcSendTo);
             }
         }
     }    
 }
  
 //don't record banned or ignored IP's
 if (! $viewSqlArray['isbot'] && isset($invalidAttempt) && $invalidAttempt) {
     $view_check_query = tep_db_query("select 1 from " . TABLE_VIEW_COUNTER_BANNED . " where ip_number = INET_ATON('" . $viewSqlArray['ip'] . "')");
     if (tep_db_num_rows($view_check_query) > 0) {
         $email_sent = tep_db_query("select 1 from " . TABLE_VIEW_COUNTER_EMAILS . " where ip_number = inet_aton('" . $viewSqlArray['ip'] . "') and sent = 1");
         if (tep_db_num_rows($email_sent) == 0) {
             $subject = sprintf(TEXT_VIEW_COUNTER_EMAIL_TRAP_SUBJECT, $viewSqlArray['ip']); 
             $msg = sprintf(TEXT_VIEW_COUNTER_EMAIL_TRAP_MSG, $viewSqlArray['ip'], 'http://www.projecthoneypot.org/ip_' .  $viewSqlArray['ip']);
             $vcSendTo = (tep_not_null(VIEW_COUNTER_SEND_EMAILS_TO) ? VIEW_COUNTER_SEND_EMAILS_TO : STORE_OWNER_EMAIL_ADDRESS);
             tep_db_query("insert into " . TABLE_VIEW_COUNTER_EMAILS . " (ip_number, sent) values (INET_ATON('" . $viewSqlArray['ip'] . "'), '1')");
             tep_mail(STORE_OWNER, $vcSendTo, $subject, $msg, STORE_OWNER, $vcSendTo);
         }    
     }
     return;
 }

 /**** Someone has attempted to access admin ****/

Share this post


Link to post
Share on other sites

Jack, I'm sorry for confusing you.

 

To clarify:

 

The first test I did was accessing the view_counter_trap.php.

While accessing this *file* no email was sent and the IP didn't show up in the monitor.

 

 

accessing the file view_counter_trap.php leads to nothing

 

Trying to access the /admin/ *directory* is not monitored, no email is sent.

 

With the configuration "email" the error seems to be gone and

- accessing the *directory* /view_counter_badbottrap sends an email to the specified email-adress

- accessing the *file* view_counter_trap_badbot.php sends an email to the specified email-adress

an email is beeing sent.

 

I'll try your suggested code and will report.

 

Thank's again for spending your time following.

stefan

Share this post


Link to post
Share on other sites

I tried the suggested code.

 

IP was not monitored and not banned and is still able to access the index.php from the shop, means not banned.

 

Result is still:

 

accessing the directory /view_counter_badbottrap sends an email to the specified email-adress

- accessing the file view_counter_trap_badbot.php sends an email to the specified email-adress

- accessing the file view_counter_trap.php leads to nothing

- in any case IP does not show up in the monitor

 

And a closer look at the logs is still bringing up:

 

PHP Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, null given in /mnt/web019/a2/52/51666952/htdocs/XXX/includes/functions/database.php on line 104

 

Access to /admin/ is not monitored, not banned and no email has been sent.

Share this post


Link to post
Share on other sites

To be clear about how it works. when access is through one of the traps, it won' show up in the monitor. With the change I posted, it should show up in the banned list. Are you seeing it there?

Share this post


Link to post
Share on other sites

@@Jack_mcs

Hi Jack

 

Not sure whether to post here or not..

Just checking thru View Monitor and notice under" File Name" someone was playing around with "autocomplete.php" so I decided to click on the file name to see what was going on, and this was what I was greeted with in the browser page;

Warning: include(includes/configure.php): failed to open stream: No such file or directory in /home/XXXX/public_html/includes/application_top.php on line 28

Warning: include(includes/configure.php): failed to open stream: No such file or directory in /home/XXXX/public_html/includes/application_top.php on line 28

Warning: include(): Failed opening 'includes/configure.php' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/XXXX/public_html/includes/application_top.php on line 28

Warning: require(DIR_WS_FUNCTIONScompatibility.php): failed to open stream: No such file or directory in /home/XXXX/public_html/includes/application_top.php on line 42

Warning: require(DIR_WS_FUNCTIONScompatibility.php): failed to open stream: No such file or directory in /home/XXXXX/public_html/includes/application_top.php on line 42

Fatal error: require(): Failed opening required 'DIR_WS_FUNCTIONScompatibility.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/XXXX/public_html/includes/application_top.php on line 42

Ive no idea what to do, if anything.

Are you able to throw any light on this please.

 

Many thanks

 

Cheers

Grandpa

Edited by grandpaj

Share this post


Link to post
Share on other sites

I just tried it here in a live BS shop, which I think is the version you are using, and it worked as it should, which is to open that page in a browser. But I don't know what the autocomplete.php file is for - it's not a stock file. My guess is that it is some file used for some addon but not meant to be called directly. View Counter is trying to load the file but if it is not a file that is meant to be displayed, that failure will happen. If it is a file that isn't meant for display, it shouldn't be in the root directory. It may be needed there for whatever it is used for but probably shouldn't be code-wise.

Share this post


Link to post
Share on other sites

@@Jack_mcs

 

Hi Jack

 

Im pretty sure the autocomplete.php file is from the addon, twitter typeahead from auzstar 

 

http://addons.oscommerce.com/info/9351

 

Any ideas as to what I should do, or is it something not to worry about. Im so paranoid about securoty.

 

Cheers

Grandpa

Edited by grandpaj

Share this post


Link to post
Share on other sites

@@grandpaj

 

The "autocomplete.php" file isn't a file that's meant to be displayed, it contains background processing for the "twitter typeahead" drop down list. It doesn't exist in the root directory, it exists within the "ext" folder buried inside other folders.

 

Why, what's the issue?

 

 


My Add-ons
Advanced Cache Control Tool for osCommerce 2.3.x (non-bootstrap) Download Support
Ajax Product Listing for osC 2.3.4 (bootstrap) Download Support
Category New Products Carousel for osC 2.3.4 (bootstrap) Download Support
Category Popular Products Carousel for osC 2.3.4 (bootstrap) Download Support
Customer Testimonials for osCommerce 2.3.4 (bootstrap and non-bootstrap) Download Support
Front Page New Products Carousel for osC 2.3.4 (bootstrap) Download Support

Index Nested - Product Listing for osC 2.3.4 (bootstrapDownload Support
Match Categories in Search Results for osCommerce versions 2.3.x (non-bootstrap) Download Support
Modular Category Page for osC 2.3.4 (bootstrap)
Download Support

NEW Australia Post Shipping Modules for osCommerce 2.3.x (non-bootstrap) Download Support
NEW Equal Height Module for osC 2.3.4 (bootstrapDownload Support
Products Low Stock Report for osC 2.3.x (bootstrap and non-bootstrap) Download Support
Twitter Typeahead Autocomplete Search for osCommerce 2.3.4 (bootstrap and non-bootstrap)
Download Support

Upcoming Products Modules for osC 2.3.4 (bootstrap) Download Support

 
Assisted Add-ons
Scroll Boxes for osCommerce 2.3.x (bootstrap and non-bootstrap) Download Support
 
Bootstrap Add-ons created by other members
osCommerce Bootstrap Addons and Code

Share this post


Link to post
Share on other sites

@@auzStar The autocomplete file is being viewed by someone or some script.

 

@@grandpa Given what Dominic said, I suspect you are seeing a data skimmer.  In the roots .htaccess file, if you have a command for Options, add -Indexes to it. If not add this line

Options -Indexes

Share this post


Link to post
Share on other sites

@@auzStar

Thanks Dom

 

@@Jack_mcs

Thanks Jack,

The  add -Indexes was already in the .htacess file.

 

Maybe Im being over cautious, and although I could see the warning in my browser which I got to by clicking in the View Monitor under File Name, perhaps no one else can see it. Just a thought.

 

Cheers

 

John

Share this post


Link to post
Share on other sites

@@Jack_mcs

@@auzStar

 

Hi Jack/Dom

 

Done a little more work on the above problem.

It seems when using autocomplete the "problem" arises as I did a search on our site using autocomplete, then went to View Monitor clicked the autocomplete.php file appearing in the File Name column,which took me to the browser, and the warning was there, so maybe the warning is nothing to worry about.

 

Thanks guys

 

Kind regards

Grandpa

Share this post


Link to post
Share on other sites

As mentioned, the warning is because the file doesn't have code in it to load a page, I'm assuming. If you can't go to it directly, like with ...com/autocomplete.php (or whatever the path is) and have the page load, then the error will occur. It is normal in this situation. The code in View Counter doesn't have a way to determine if the file is displayable or not.

Share this post


Link to post
Share on other sites

@@grandpaj

@@Jack_mcs

 

I don't know how View Counter works and why it is picking out the autocomplete.php file but to give you some background, the autocomplete.php file doesn't contain code in it to allow it to be viewed as a normal page, it only contains php code which extracts and returns the data to be displayed in the drop down list.

 

The file is called upon using ajax JavaScript code by another script (within the twitter typeahead header_tag module), where the typed "search keywords" are passed to the autocomplete.php file through a querystring. This is normal functionality of using ajax. The autocomplete.php file pretty much uses the same search results code that exists inside the advanced_search_result.php file, having all the necessary sanitizing code to remove any harmful text entered in the search bar. So there shouldn't be any security concerns.

 

So perhaps as Jack says you are only seeing a warning because the page can't be loaded as a normal page, but why is View Counter reporting the autocomplete.php file?

 

cheers


My Add-ons
Advanced Cache Control Tool for osCommerce 2.3.x (non-bootstrap) Download Support
Ajax Product Listing for osC 2.3.4 (bootstrap) Download Support
Category New Products Carousel for osC 2.3.4 (bootstrap) Download Support
Category Popular Products Carousel for osC 2.3.4 (bootstrap) Download Support
Customer Testimonials for osCommerce 2.3.4 (bootstrap and non-bootstrap) Download Support
Front Page New Products Carousel for osC 2.3.4 (bootstrap) Download Support

Index Nested - Product Listing for osC 2.3.4 (bootstrapDownload Support
Match Categories in Search Results for osCommerce versions 2.3.x (non-bootstrap) Download Support
Modular Category Page for osC 2.3.4 (bootstrap)
Download Support

NEW Australia Post Shipping Modules for osCommerce 2.3.x (non-bootstrap) Download Support
NEW Equal Height Module for osC 2.3.4 (bootstrapDownload Support
Products Low Stock Report for osC 2.3.x (bootstrap and non-bootstrap) Download Support
Twitter Typeahead Autocomplete Search for osCommerce 2.3.4 (bootstrap and non-bootstrap)
Download Support

Upcoming Products Modules for osC 2.3.4 (bootstrap) Download Support

 
Assisted Add-ons
Scroll Boxes for osCommerce 2.3.x (bootstrap and non-bootstrap) Download Support
 
Bootstrap Add-ons created by other members
osCommerce Bootstrap Addons and Code

Share this post


Link to post
Share on other sites

@@auzStar View Counter tracks any visited page. It might be seeing the load by ajax as a visited page or someone may have deliberately tried to access it. There's no way to know without troubleshooting it.

 

@@grandpa I suggest keeping an eye on it. If it continues to happen, note the IP to see if it is the same as before. And be sure to check that IP to see if it is a suspicious one. It is probably nothing to worry about but it doesn't hurt to be careful.

Share this post


Link to post
Share on other sites

@@Jack_mcs

 

Hi Jack

 

Just a wee "problem"

 

Under "Show" in View  Monitor

Admin

Bots

Visitors

All

WhenI check Visitors I get the following

 

Warning: Illegal string offset 'Country Code' in /home/grandp/public_html/My1975WeMini2a/view_counter.php on line 682

 

However under any of the others, when checked its all good.

 

Is it something Ive done, I did reinstall View Counter, but everything else works absolutely fine.Look

forward to your thoughts.

 

Many thanks

Grandpa

Share this post


Link to post
Share on other sites

Hi Forum, hi @@Jack_mcs !
 

Does anyone knows the problem, that the page changing doesnt work on monitor site ? The links were created correctly (.../view_counter.php?page=2)

but it will be ignored completely (Displaying 1 to 20 (of 184 links)). Further I got a Warning: Illegal string offset 'file_name' in .../admin/includes/functions/view_counter.php on line 97

if I try to watch the Hacking attempts from the reports... I try to have a closer look at it today, but maybe someone else has the same issues with the 2.3 BS Edge...

 

SEE YA

Denzel.

Share this post


Link to post
Share on other sites

I tried it in my BS shop here and it worked correctly. Though my BS shop doesn't have the last two updates in it so I suppose that might be the reason. But the code in the admin doesn't change that often so it seems unlikely that would be the reason. The warning you see (see previous posts on this) suggest you are using a later version of php. That could be the cause - some incompatibility between the code and your version of php.

Share this post


Link to post
Share on other sites

Hi @@Jack_mcs

 

my PHP Version is 5.6.29. I dont think, that it is a generally problem,

cause the page up/down function works on other admin sites. I'll

take a look now.

 

SEE YA

Denzel.

Share this post


Link to post
Share on other sites

The other Contrib which is using the pagination starts a session...

  if (isset($HTTP_GET_VARS['page']))
  {
    if ( ! tep_session_is_registered('page') ) tep_session_register('page');
    $page = $HTTP_GET_VARS['page'];
  }

maybe this is the clue ? 

 

SEE YA

Denzel.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×