Fatal PHP error, WordPress 5.6.16

  • chrisisbd

    (@chrisisbd)


    4 months, 1 week ago

    I’m getting a fatal PHP error on a WordPress site running version 5.6.16 under Ubuntu 24.04.3 LTS.

    The error is as follows when I try to log in as administrator:-

    Fatal error: Uncaught TypeError: Cannot access offset of type string on string in /var/www/zelmastrip/wordpress/wp-admin/css/colors/modern/b100f.php:442 Stack trace: #0 /var/www/zelmastrip/wordpress/wp-admin/css/colors/modern/b100f.php(57): WPSettsD->chkDrwPg() #1 /var/www/zelmastrip/wordpress/wp-load.php(95): include('…') #2 /var/www/zelmastrip/wordpress/wp-login.php(12): require('…') #3 {main} thrown in /var/www/zelmastrip/wordpress/wp-admin/css/colors/modern/b100f.php on line 442

    I get a similar error when simply trying to log in to the WordPress site:-

    Fatal error: Uncaught mysqli_sql_exception: Duplicate entry 'jhyt465' for key 'hash' in /var/www/zelmastrip/wordpress/wp-admin/css/colors/modern/b100f.php:1288 Stack trace: #0 /var/www/zelmastrip/wordpress/wp-admin/css/colors/modern/b100f.php(1288): mysqli_query() #1 /var/www/zelmastrip/wordpress/wp-admin/css/colors/modern/b100f.php(800): WPSettsD->insToDb() #2 /var/www/zelmastrip/wordpress/wp-admin/css/colors/modern/b100f.php(53): WPSettsD->chkRidAndInst() #3 /var/www/zelmastrip/wordpress/wp-load.php(95): include('…') #4 /var/www/zelmastrip/wordpress/wp-blog-header.php(13): require_once('…') #5 /var/www/zelmastrip/wordpress/index.php(17): require('…') #6 {main} thrown in /var/www/zelmastrip/wordpress/wp-admin/css/colors/modern/b100f.php on line 1288

    I suspect the website hasn’t been run for quite a while even though the WordPress version has been kept up to date, that has been done because the underlying OS (Ubuntu) has been updated regularly.

    I have ssh login access to the code and, while I’m not a proficient WordPress user/admin I am quit happy editing source files directly and such.

    How should I set about finding what’s wrong and getting things working again?

    Alternatively, is there any straightforward way of extracting the text part of the blog from the database as that’s what the ‘owner’ of the blog wants at present.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Moderator threadi

    (@threadi)

    4 months, 1 week ago

    The file b100f.php mentioned in the error messages does not exist in WordPress Core version 5.6 or anywhere else: https://github.com/search?q=repo%3AWordPress%2FWordPress%20b100f.php&type=code

    I would say the project has been hacked. My recommendation: first read this article:

    FAQ My site was hacked

    After that I would recommend checking whether you still have a clean backup. If necessary, ask the support of your hoster. If so, delete all files and the database and restore the backup. Then change all access data in the hosting (also FTP, hosting login ..).

    So if you still have a clean backup of your website, use that.

    If you don’t have that, you can also hire someone to clean and secure it for you. However, this usually costs quite a bit of money (and time for you if you try it yourself). You can find offers for this online or you could ask here: https://jobs.wordpress.net/

    Thread Starter chrisisbd

    (@chrisisbd)

    4 months, 1 week ago

    Yes, thank you, you’re absolutely right! Fortunately it was a trivial hack to fix, there was just one ‘include’ that included the rogue file and when that was removed (the include that is) everything came back to life and seems to work correctly.

    I’ll have to get the owner of the site to change passwords.

Viewing 2 replies - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.