• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

XF 1.5 Several login attempts from russian IP

#1
Hello guys,

I received several mysql errors in my admincp, there are obviously login attempts from a russian IP:

Code:
Error Info
Zend_Db_Statement_Mysqli_Exception: Mysqli statement execute error : Incorrect string value: '\xD1\x8D\xD1\x80\xD0\xB5...' for column 'data' at row 1 - library/Zend/Db/Statement/Mysqli.php:214
Generated By: Unknown Account, Today at 5:38 PM

Stack Trace
#0 /library/Zend/Db/Statement.php(317): Zend_Db_Statement_Mysqli->_execute(Array)
#1 /library/Zend/Db/Adapter/Abstract.php(479): Zend_Db_Statement->execute(Array)
#2 /library/phc/ACPPlus/Model/ACPPlus.php(364): Zend_Db_Adapter_Abstract->query('\r\n\t\t\tINSERT INT...', Array)
#3 /library/phc/ACPPlus/Extend/XenForo/ControllerPublic/Login.php(27): phc_ACPPlus_Model_ACPPlus->logLogins('37.57.231.134', 0, '\xD1\x8D\xD1\x80\xD0\xB5\xD0\xBA\xD1\x86\xD0\xB8\xD1\x8F....', 'user_not_exists', 'front')
#4 /library/XenForo/FrontController.php(351): phc_ACPPlus_Extend_XenForo_ControllerPublic_Login->actionLogin()
#5 /library/XenForo/FrontController.php(134): XenForo_FrontController->dispatch(Object(XenForo_RouteMatch))
#6 /index.php(13): XenForo_FrontController->run()
#7 {main}

Request State
array(3) {
  ["url"] => string(43) "https://tactical-riot-gaming.de/login/login"
  ["_GET"] => array(0) {
  }
  ["_POST"] => array(6) {
    ["login"] => string(21) "эрекция.орг"
    ["password"] => string(8) "********"
    ["submit"] => string(8) "Anmelden"
    ["cookie_check"] => string(1) "1"
    ["_xfToken"] => string(8) "********"
    ["redirect"] => string(12) "/login/login"
  }
}
Is there something I have to do? Or can I ignore it?

Thanks for your help, I appreciate it! :)
 

Chris D

XenForo developer
Staff member
#2
This actually could be a bug in the phc_ACPPlus add-on you're using.

It doesn't appear to be sanitising strings properly before attempting to insert them in the database.