Support » Plugin: All In One WP Security & Firewall » PHP error: Trying to access array offset on value of type bool

  • Hi… I have AIOWP installed multisite and also a single site.
    One (only) of the multisite installations has started throwing a PHP error:

    Notice: Trying to access array offset on value of type bool in /home/xxx/public_html/wp-content/plugins/all-in-one-wp-security-and-firewall/classes/wp-security-process-renamed-login-page.php on line 205

    Clearly it may be something about my site causing this but testing is difficult to isolate with multisite live. Any suggestions or pointers. please?

    By the way, I am also seeing another error, not from AIOWP, which might be related but not occurring at the same moment.

    Notice: Undefined index: HTTP_REFERER in /home/xxx/public_html/wp-content/plugins/advanced-gutenberg/incl/advanced-gutenberg-main.php on line 1261

    Any suggestions/clues will be much appreciated.

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi, what PHP version is running in your server? Also which rename feature did you enabled in the plugin under Brute Force?

    Thank you

    Thread Starter Antipole

    (@antipole)

    Whoops – sorry about the omissions.
    WP 5.6
    PHP 7.4

    You ask “which rename feature?” Under the Brute Force section, I have Enable Rename Login Page checked and it sets my renamed login page. I do not see any other features on that page. I have been using that for a long time.
    I do not have the Cookie Based Brute Force Login Prevention enabled.

    Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi,

    I have been using that for a long time.

    What changed in your site and server before you started seeing this notice?

    Thank you

    Thread Starter Antipole

    (@antipole)

    I regret that I cannot say specifically what changed to cause this. I updated several plugins, etc. and maybe PHP before spotting it.
    However, I filter login_message to embellish what the user sees when requesting a password reset email. This code started to give errors with something like action not an array element. I fixed it by testing for the existence of the key first. So in this code, I had to insert the array_key_exists condition.

    // (M)	Add additional advice to the Lost Password page
    function ovni_embellish_retrieve_password_message($message){
    	if (array_key_exists('action', $_REQUEST)){
    		if (($action =  $_REQUEST['action' ]) == "lostpassword"){
    			$message_addition = " If you don't see the email, check your spam filter.<br>If you repeat your request for a reset link, note the time when you make the request. Use the link in the email sent at that time. The link in earlier emails will no longer be valid.</p>";
    			$message = substr_replace($message,$message_addition,-4);
    			}
    		}
    	return $message;
    	}
    add_filter('login_message', 'ovni_embellish_retrieve_password_message', 1);

    I think the issue I am seeing with AIOWP handling a redirection of the login page is related. And I think the other non-AIOWP error I mentioned in my original post arises from a similar issue.

    IMHO I think code needs to handle invalid indexes gracefully. Perhaps recent updates to PHP have made it less tolerant of them?
    I hope that helps.

    Plugin Contributor mbrsolution

    (@mbrsolution)

    Thank you for sharing your solution. I have submitted a message to the developers to investigate further your findings and solution.

    Kind regards

Viewing 5 replies - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.