• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

XF 1.5 Several login attempts from russian IP

Finexes

Active member
#1
Hello guys,

I received several mysql errors in my admincp, there are obviously login attempts from a russian IP:

Code:
Error Info
Zend_Db_Statement_Mysqli_Exception: Mysqli statement execute error : Incorrect string value: '\xD1\x8D\xD1\x80\xD0\xB5...' for column 'data' at row 1 - library/Zend/Db/Statement/Mysqli.php:214
Generated By: Unknown Account, Today at 5:38 PM

Stack Trace
#0 /library/Zend/Db/Statement.php(317): Zend_Db_Statement_Mysqli->_execute(Array)
#1 /library/Zend/Db/Adapter/Abstract.php(479): Zend_Db_Statement->execute(Array)
#2 /library/phc/ACPPlus/Model/ACPPlus.php(364): Zend_Db_Adapter_Abstract->query('\r\n\t\t\tINSERT INT...', Array)
#3 /library/phc/ACPPlus/Extend/XenForo/ControllerPublic/Login.php(27): phc_ACPPlus_Model_ACPPlus->logLogins('37.57.231.134', 0, '\xD1\x8D\xD1\x80\xD0\xB5\xD0\xBA\xD1\x86\xD0\xB8\xD1\x8F....', 'user_not_exists', 'front')
#4 /library/XenForo/FrontController.php(351): phc_ACPPlus_Extend_XenForo_ControllerPublic_Login->actionLogin()
#5 /library/XenForo/FrontController.php(134): XenForo_FrontController->dispatch(Object(XenForo_RouteMatch))
#6 /index.php(13): XenForo_FrontController->run()
#7 {main}

Request State
array(3) {
  ["url"] => string(43) "https://tactical-riot-gaming.de/login/login"
  ["_GET"] => array(0) {
  }
  ["_POST"] => array(6) {
    ["login"] => string(21) "эрекция.орг"
    ["password"] => string(8) "********"
    ["submit"] => string(8) "Anmelden"
    ["cookie_check"] => string(1) "1"
    ["_xfToken"] => string(8) "********"
    ["redirect"] => string(12) "/login/login"
  }
}
Is there something I have to do? Or can I ignore it?

Thanks for your help, I appreciate it! :)
 

Chris D

XenForo developer
Staff member
#2
This actually could be a bug in the phc_ACPPlus add-on you're using.

It doesn't appear to be sanitising strings properly before attempting to insert them in the database.