1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

XF 1.5 Several login attempts from russian IP

Discussion in 'XenForo Questions and Support' started by TRGCommunity, Oct 6, 2016.

  1. TRGCommunity

    TRGCommunity Active Member

    Hello guys,

    I received several mysql errors in my admincp, there are obviously login attempts from a russian IP:

    Error Info
    Zend_Db_Statement_Mysqli_Exception: Mysqli statement execute error : Incorrect string value: '\xD1\x8D\xD1\x80\xD0\xB5...' for column 'data' at row 1 - library/Zend/Db/Statement/Mysqli.php:214
    Generated By: Unknown Account, Today at 5:38 PM
    Stack Trace
    #0 /library/Zend/Db/Statement.php(317): Zend_Db_Statement_Mysqli->_execute(Array)
    #1 /library/Zend/Db/Adapter/Abstract.php(479): Zend_Db_Statement->execute(Array)
    #2 /library/phc/ACPPlus/Model/ACPPlus.php(364): Zend_Db_Adapter_Abstract->query('\r\n\t\t\tINSERT INT...', Array)
    #3 /library/phc/ACPPlus/Extend/XenForo/ControllerPublic/Login.php(27): phc_ACPPlus_Model_ACPPlus->logLogins('', 0, '\xD1\x8D\xD1\x80\xD0\xB5\xD0\xBA\xD1\x86\xD0\xB8\xD1\x8F....', 'user_not_exists', 'front')
    #4 /library/XenForo/FrontController.php(351): phc_ACPPlus_Extend_XenForo_ControllerPublic_Login->actionLogin()
    #5 /library/XenForo/FrontController.php(134): XenForo_FrontController->dispatch(Object(XenForo_RouteMatch))
    #6 /index.php(13): XenForo_FrontController->run()
    #7 {main}
    Request State
    array(3) {
      ["url"] => string(43) "https://tactical-riot-gaming.de/login/login"
      ["_GET"] => array(0) {
      ["_POST"] => array(6) {
        ["login"] => string(21) "эрекция.орг"
        ["password"] => string(8) "********"
        ["submit"] => string(8) "Anmelden"
        ["cookie_check"] => string(1) "1"
        ["_xfToken"] => string(8) "********"
        ["redirect"] => string(12) "/login/login"
    Is there something I have to do? Or can I ignore it?

    Thanks for your help, I appreciate it! :)
    au lait likes this.
  2. Chris D

    Chris D XenForo Developer Staff Member

    This actually could be a bug in the phc_ACPPlus add-on you're using.

    It doesn't appear to be sanitising strings properly before attempting to insert them in the database.
    TRGCommunity likes this.
  3. TRGCommunity

    TRGCommunity Active Member

    Thanks Chris, I'll contact the author and ask him for more information :)
  4. au lait

    au lait Well-Known Member

    TRGCommunity likes this.

Share This Page