Jump to content

Recommended Posts

Having you tried repairing the database? Have you tried using the database tables tool in admin to convert all of the tables?

Share this post


Link to post
Share on other sites
14 hours ago, Jack_mcs said:

Having you tried repairing the database? Have you tried using the database tables tool in admin to convert all of the tables?

Well, all the tables are UTF8_UNICODE_CI ... so I guess I don't need to convert?

I did notice that all my tables use a different engine than the view_counter tables.  (MyISAM vs InnoDB) not sure if that matters..

I tried a repair on those tables, and I received this response: "The storage engine for the table doesn't support repair"

Thanks!

Edited by phi148

Share this post


Link to post
Share on other sites

 If you are able to create a new shop to test with, you can upload the included files. If that works, then the problem is with your server. Other than that, I'm out of ideas. The problem is something specific to your situation and not something can be handled in a support thread.

Share this post


Link to post
Share on other sites

Hi Jack,

Today a hacker tried to use SQL injection on me.  I received an email from view_counter telling me what IP to ban.

However, then I noticed my website was down due to a change in the .htaccess file that view_counter made.

The .htaccess file had this:

deny from

And that was all!  Hence, my server raised an internal server error.  Once I deleted the "deny from" it worked fine again.

The email that was sent to me did have the IP address, so I went ahead and manually banned it.  Do you know what went wrong here?

Thanks

 

 

Edited by phi148
typo

Share this post


Link to post
Share on other sites

I installed this add on and have fixed a few bugs from other posts in this thread. Mostly seems to be running fine now. Any ideas why I wouldn't be seeing a single trace of admin activity from my own IP? I am obviously logged into admin but it's not showing any of my clicks around the admin panel in the monitor when I have "Show: Admin" selected. I didn't see any place to ad specific admin IP, thought it picked it up when that IP logs in to the admin panel. There is also an htpassword protection on that admin link as well, if that matters.

Share this post


Link to post
Share on other sites

The links to the admin should show by default. If you don't want to show your IP, you can enter it in the "Hide Admin Links" setting. If that setting does not have your IP and your IP doesn't show, I don't know what that might be. Does your IP show your clicks around the shop side? Does it show in the Bots section? Maybe you have the user agent of your browser set to spoof a bot? I've never tested it that way so I don't know if such bots will show in admin or not.

Share this post


Link to post
Share on other sites
On 1/23/2018 at 9:51 AM, Jack_mcs said:

the only other thing I can think of is that I haven't tested it under php 7 so if you are using that, that might be the reason.

2.3.4.1 CE

Installed today.  Nothing is appearing on the Monitor page, 0 of 0 links.

It does give me a running countdown of how many minutes/seconds til the page refreshes again but that's about it.

viewc.thumb.PNG.14dfe34d60b6c608c091f91b27c22c1e.PNG

Just read a post earlier up in the thread that I quoted you on, @Jack_mcs...and I am using PHP 7

Nothing whatsoever in the error logs.  No errors onscreen.  I believe I installed this correctly, it's just not working. 

Is this not compatible with PHP 7?

- Andrea

Share this post


Link to post
Share on other sites

Ignore me for now.  I just needed to click around a bit, I guess. 

Selecting different things like Admin, Bots, Visitors, All and next thing you know...the screen started filling with entries. 

My site must have been napping when I started playing with it.  :)

- Andrea

Share this post


Link to post
Share on other sites

Glad to hear it started working for you. For the record, I have tested it on a live site running php 7.2 and it worked as expected.

Share this post


Link to post
Share on other sites

I'm installing this addon, view counter v1.7, to a CE frozen test installation.

I noticed that the filename.php does not exist in the CE version, so I've added the following code in application_top.php

  require('includes/view_counter_defines.php');

But I still get the following error in reports

Warning: Illegal string offset 'Country Code' in ..........admin\includes\modules\view_counter\view_counter_report_referers.php on line 56

similar errors occur in the monitor when flags are switched on.

Warning: Illegal string offset 'Country Code' in ...........admin\view_counter.php on line 682

Is this addon ok for CE frozen running php 7.0?

thanks in advance

Mike


osC BS gold live - osC CE in development (awesome)

Share this post


Link to post
Share on other sites

All of those have been fixed in the next version. I hope to get it uploaded soon. In the meantime, you can apply the fix for the last two to make sure it works before I upload a new version. To do that, find the following in the admin/includes/functions/view_counter.php file

function GetDomainLocation($ip) {
    $visitorGeolocation = array();
    $storedData = GetDBCookie($ip);
      
  
    if (! $storedData) {
        $visitorGeolocation = GetIPDetails($ip);

        if (! isset($visitorGeolocation['Country Code'])) {
            $visitorGeolocation['Country Code'] = '';
        }
        
        if (isset($visitorGeolocation['Country Code'])) {
            $data = base64_encode(serialize($visitorGeolocation));
            tep_db_query("insert into view_counter_flags (ip_number, data) values (inet_aton('" . $ip . "'), '" . $data . "')");
        }

and replace it with

function GetDomainLocation($ip) {
    $visitorGeolocation = array();
    $storedData = GetDBCookie($ip);
      
  
    if (! $storedData) {
        $visitorGeolocation = GetIPDetails($ip);

        if (! isset($visitorGeolocation['Country Code'])) {
            $visitorGeolocation['Country Code'] = '';
        }
        
        if (tep_not_null($visitorGeolocation['Country Code'])) {
            $data = base64_encode(serialize($visitorGeolocation));
            tep_db_query("insert into view_counter_flags (ip_number, data) values (inet_aton('" . $ip . "'), '" . $data . "')");
        }

 

Share this post


Link to post
Share on other sites

@Jack_mcs

Thank you, that fixed it.  I'll keep an eye open for your next update.

Regards

Mike


osC BS gold live - osC CE in development (awesome)

Share this post


Link to post
Share on other sites

A new version has been uploaded with these changes:

  • Added a button next to the IP's in the Monitor section to display only that IP (Pro version only).
  • Added a check in the write to .htaccess code to be sure the IP exists.
  • Added a report to identify data skimmers (Pro version only).
  • Added a cron job to send a skimmer report (Pro version only).
  • Added more cross-scripting commands to watch for.
  • Changged all occurrences of FILENAME_ to real name.
  • Changed the .htaccess write code in tools so the IP's are correctly synced.
  • Changed the size of the user agent field in the database so it can handle longer strings for some new devices.
  • Changed the country retrieval code to add a missing array field if needed to prevent strict warnings.
  • Changed the Check Version code to work with the new apps section.
  • Changed all reports to use the main table, instead of the storage table, for more accurate results.
  • Changed the code in all reports to speed them up.
  • Corrected coding mistakes that would cause Tools to fail (pre 2.3 shops only).
  • Corrected coding mistake in the new address module that would cause a failure.
  • Corrected coding mistake in the check IP code (modules) that would cause some IP's to be ignored.
  • Fixed the code in the IP Counts report to link to a WhoIs page.
  • Fixed a few minor html errors.
  • Fixed the Hacker report since it was not displaying all hacking attempts.
  • Fixed the Referrers report to allow better control of that report.
  • Removed the edits needed in the admin for the filenames.php and english.php files (BS and later 2.3.4 shops only).
  • Removed the check for NONSSL in the country blocking code.
  • Removed NONSSL in the links in admin.

 

Share this post


Link to post
Share on other sites

So this had happened once before a while back, and I chalked it up as a fluke, now it's happened twice in the last 24 hours. When I recieve the email that says specifically about the url being altered, the site breaks. I end up with a server 500 error because the add on tries to add the ip to the htaccess, but it never adds the actual number, it just adds "deny from" at the bottom of the list. It's an easy quick fix because I know when I get that email I need to go in and check/fix the htaccess file. 

Was this covered in this thread and I missed it? Is this the fix included above about adding the check in the newest version? 

"The IP 87.238.193.48 attempted to alter the url in a way that is consistent with hacking attempts.

******* This IP should be banned *******.

Click this url, http://www.projecthoneypot.org/ip_87.238.193.48, to find out more information about this IP." 

Share this post


Link to post
Share on other sites

That was a problem for some sites in previous versions but I have not seen it happen in the latest version. Are you using the latest one I uploaded a few weeks ago?

Share this post


Link to post
Share on other sites

I haven't installed the newest, just saw it available this morning. I'll try to get it updated over the weekend. 

It just did it again. Any switch in the settings to temporarily turn this particular function off? 

Edit: I just set the "bad bot" switch to email only not both. Hopefully that will stop the site from getting knocked down all day. Until I can get this update installed. 

Edited by ericksaint

Share this post


Link to post
Share on other sites

Yes, changing that setting will prevent the problem in your version.

Share this post


Link to post
Share on other sites

Every so often I check View Counter to see what kind of activity we're getting and from what countries. Countries other than the US and Canada are not supposed to be allowed through, but some foreigners are gaining access. Their country flags are shown in the monitor next to the IP address and an IP lookup confirms they are from foreign countries.

 

Anyway, it would be nice if the country flag was in it's own sortable column. That way we could quickly skip to the ones that do not show a US or Canada flag and potentially block them with the Ban or Block Range features. As it is now, if I want to get anal and see who all is slipping through, I have to go page by page. I may find one out of every 5 pages sometimes. That's pretty time-consuming, which means I don't do it as often as I'd like.

 

Just something to think about next time you happen to be updating this add-on.

 

Thanks.

 


Add-Ons personally installed:

Step by Step Manual Order -- Request Reviews -- Reviews in Product Listing -- Reviews in Product Display -- Review Approval System -- Leverage Browser Cache --
Header Tag Controller -- Multilayer SEO Pop Out Menu -- Follow Us Box -- View All Products -- USPS Shipping Labels -- UPS Shipping Labels -- Monthly Sales/Tax Report --
htacess Optimisation -- Remove Unused Images -- Master Password -- Admin Change Customer Password -- Database Backup Manager -- Zero Stock Report --
Searchbox Search In Descriptions -- Easy Populate 2.76i -- Barcode Rendering -- Admin Sort By Model -- Products Purchased Report

Add-Ons personally developed:

Search for email address, etc in Orders -- Discontinue Product

Add-Ons installed by others:

View Counter -- Site Monitor -- Image Thumbnailer -- Database Optimizer -- Recaptcha -- Discount Coupons -- Add More Fields

Share this post


Link to post
Share on other sites

Here's a screen shot showing access from Vietnam. (I cross-checked the IP using a popular site, which also showed it as Vietnam.) It's not always Vietnam. That's just the first example I came upon.

 

I'm also including a screen shot from the Tools section, showing some countries we have blocked.

 

I'm not saying something is broken. (We have discussed this previously and you explained how this situation can sometimes happen.) I would just like to make it easier to identify them when it does happen...

 

 

view_counter_country_flag_2.jpg

view_counter_country_flag_3.jpg

Edited by kru
wrong pics

Add-Ons personally installed:

Step by Step Manual Order -- Request Reviews -- Reviews in Product Listing -- Reviews in Product Display -- Review Approval System -- Leverage Browser Cache --
Header Tag Controller -- Multilayer SEO Pop Out Menu -- Follow Us Box -- View All Products -- USPS Shipping Labels -- UPS Shipping Labels -- Monthly Sales/Tax Report --
htacess Optimisation -- Remove Unused Images -- Master Password -- Admin Change Customer Password -- Database Backup Manager -- Zero Stock Report --
Searchbox Search In Descriptions -- Easy Populate 2.76i -- Barcode Rendering -- Admin Sort By Model -- Products Purchased Report

Add-Ons personally developed:

Search for email address, etc in Orders -- Discontinue Product

Add-Ons installed by others:

View Counter -- Site Monitor -- Image Thumbnailer -- Database Optimizer -- Recaptcha -- Discount Coupons -- Add More Fields

Share this post


Link to post
Share on other sites
3 hours ago, kru said:

Countries other than the US and Canada are not supposed to be allowed through, but some foreigners are gaining access

The most common reason for that is because the IP's are not fixed to a particular country and the database doesn't recognize them, or may not even have them listed.  The database used for this addon will cease to be updated in 2019. The addon will still work but with databases that will fail more and more over time due to not being updated. There is a replacement database but it requires a code change and I haven't had time to look through that. Once that change is made, this country issue may no longer exist. But if it is I will take a look at sorting by flag.

Share this post


Link to post
Share on other sites

Greetings guys...

 

look what has coming back as an error:

 

Connect Error (1203) User naturhigia_owl already has more than 'max_user_connections' active connections

 

[07-Nov-2018 10:14:37 Europe/Lisbon] PHP Warning:  mysqli_connect(): (42000/1203): User naturhigia_owl already has more than 'max_user_connections' active connections in /home/naturhigia/public_html/loja/includes/classes/seo.class.php on line 86
[07-Nov-2018 11:24:23 Europe/Lisbon] PHP Warning:  mysqli_connect(): (08004/1040): Too many connections in /home/naturhigia/public_html/loja/includes/classes/seo.class.php on line 86

 

 

2924412 | naturhigia_owl  | localhost | naturhigia_FrozenEdge | Query   | 24796 | Waiting for table metadata lock | delete from view_counter where last_date < '2018-11-04 23:59:59'                                     | 0.000    |
| 2924627 | naturhigia_owl  | localhost | naturhigia_FrozenEdge | Query   | 24745 | Waiting for table metadata lock | select isbot, bot_name from view_counter where ip_number = INET_ATON('66.249.64.91')                 | 0.000    |
| 2924661 | naturhigia_owl  | localhost | naturhigia_FrozenEdge | Query   | 24735 | Waiting for table metadata lock | select isbot, bot_name from view_counter where ip_number = INET_ATON('207.46.13.204')                | 0.000    |
| 2925207 | naturhigia_owl  | localhost | naturhigia_FrozenEdge | Query   | 24553 | Waiting for table metadata lock | delete from view_counter where last_date < '2018-11-04 23:59:59'                                     | 0.000    |

 

 

PHP 5.6 & 7.0/7.2

 

any ideas?! and btw, the updated module from 5th Setember does not work in the frozen CE coz of the hardcoded paths...

Share this post


Link to post
Share on other sites
3 hours ago, Owl Sauron said:

Connect Error (1203) User naturhigia_owl already has more than 'max_user_connections' active connections

This isn't due to this addon, other than the fact that it causes more connections. The error is due to your site reaching the servers limit of connections. When your site is loading check for any IP's that are data skimmers and block those to reduce the number of requests. Also see the change in the Ultimate SEO thread that affects this, since it looks like you are running that addon..

3 hours ago, Owl Sauron said:

and btw, the updated module from 5th Setember does not work in the frozen CE coz of the hardcoded paths...

 I have VC running in quite a few CE shops without any problems. Please let me know the parts of the code causing the problem so I can check that.

Share this post


Link to post
Share on other sites
1 hour ago, Jack_mcs said:

This isn't due to this addon, other than the fact that it causes more connections. The error is due to your site reaching the servers limit of connections. When your site is loading check for any IP's that are data skimmers and block those to reduce the number of requests. Also see the change in the Ultimate SEO thread that affects this, since it looks like you are running that addon..

 I have VC running in quite a few CE shops without any problems. Please let me know the parts of the code causing the problem so I can check that.

you missed the rest of the report:

2924412 | naturhigia_owl  | localhost | naturhigia_FrozenEdge | Query   | 24796 | Waiting for table metadata lock | delete from view_counter where last_date < '2018-11-04 23:59:59'                                     | 0.000    |
| 2924627 | naturhigia_owl  | localhost | naturhigia_FrozenEdge | Query   | 24745 | Waiting for table metadata lock | select isbot, bot_name from view_counter where ip_number = INET_ATON('66.249.64.91')                 | 0.000    |
| 2924661 | naturhigia_owl  | localhost | naturhigia_FrozenEdge | Query   | 24735 | Waiting for table metadata lock | select isbot, bot_name from view_counter where ip_number = INET_ATON('207.46.13.204')                | 0.000    |
| 2925207 | naturhigia_owl  | localhost | naturhigia_FrozenEdge | Query   | 24553 | Waiting for table metadata lock | delete from view_counter where last_date < '2018-11-04 23:59:59'                                     | 0.000    |

 

no, im not running the ultimate SEO module.

view_counter generates over 80 queries for the DB user.

 

unless you have updated this module recently, errors i can remember are:

include(DIR_FS_CATALOG . DIR_WS_MODULES . FILENAME_VIEW_COUNTER); -> DIR_WS_MODULES define does not exist on the configure.php . You have to hardcode it to: include(DIR_FS_CATALOG . 'includes/modules/' . FILENAME_VIEW_COUNTER);

( i think that theres more than 1 entrance that you have to modify)

 

since Frozen CE does not have the filenames.php you have to put this somewhere else like in aplication_top.php:


  /***** Begin View Counter *****/
  require(DIR_WS_INCLUDES . 'view_counter_defines.php');
  /***** End View Counter *****/


as in:


  /***** Begin View Counter *****/
  require('includes/view_counter_defines.php');
  /***** End View Counter *****/

 

cant remember the rest of it...

 

Best regards.

 

Share this post


Link to post
Share on other sites
39 minutes ago, Owl Sauron said:

no, im not running the ultimate SEO module.

One of your errors shows "classes/seo.class.php on line 86". As far as I know, that file is only used by the Ultimate SEO addon, though I may be wrong.

41 minutes ago, Owl Sauron said:

view_counter generates over 80 queries for the DB user.

No, the visitor to the site generates the queries. VC is the go between. If you didn't have any visitors to the site, no queries would be made by VC. That is an important distinction because the failure has to do with the number of queries. The more visitors, the more queries. the "user" refers to the server account user, not to the visitor. So if you have 10 visitors on the site, there would only be one user.

The defined names are not in the files for the CE (BS) version. But I see they are in the install file so that may be where you picked them up from. I'll change that file in the next version. Thank you pointing it out.

Share this post


Link to post
Share on other sites
8 hours ago, Jack_mcs said:

One of your errors shows "classes/seo.class.php on line 86". As far as I know, that file is only used by the Ultimate SEO addon, though I may be wrong.

No, the visitor to the site generates the queries. VC is the go between. If you didn't have any visitors to the site, no queries would be made by VC. That is an important distinction because the failure has to do with the number of queries. The more visitors, the more queries. the "user" refers to the server account user, not to the visitor. So if you have 10 visitors on the site, there would only be one user.

The defined names are not in the files for the CE (BS) version. But I see they are in the install file so that may be where you picked them up from. I'll change that file in the next version. Thank you pointing it out.

this error happens when you try to use the view counter report tool in the admin area.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×