Searching the forums I found another thread covering the same issue with a ZC 1.5.3 version:
https://www.zen-cart.com/showthread....iles-yesterday
Are you able to trigger it on-demand? That would be helpful for proper resolution.
Could possibly be caused by IP address spoofing, or malicious manipulation by the visitor to mask their address such that the $_SERVER array doesn't have a value there, or perhaps crafty DNS registration which reports invalid data.
Or a weird proxy server configuraiton if you're using one.
.
Zen Cart - putting the dream of business ownership within reach of anyone!
Donate to: DrByte directly or to the Zen Cart team as a whole
Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
Thanks
Can't trigger it on demand but found the corresponding server log entry for this error:
Log entry (adusted for server/UTC time difference):[28-Jan-2015 19:55:58 UTC] PHP Warning: strstr(): Empty needle in /home/sunnsand/public_html/includes/functions/functions_lookups.php on line 712
As far as I know my server is not using a weird proxy server configuration.78.129.250.17 - - [29/Jan/2015:06:55:58 +1100] "GET /index.php?main_page=index&cPath=13_15_23 HTTP/1.1" 200 11389 "-" "Mozilla/5.0 (compatible; aiHitBot/2.9; +http://www.aihitdata.com/about)"
I am frequently checking the logs of all (virtual) servers and have never seen this particular error before with any of the hosted ZC sites - this is a first in 5 years with the same host.
And - all sites are residing on the same physical server.
Perhaps not, but the issue could arise if the client is using a proxy and it is their proxy that is mangling things.
I have seen it before, but not enough for me to consider it worth worrying about.
I've just been doing a bit of Googling though and found that others have overcome the problem by adding a function to retrieve the IP address rather than simply relying on the $_SERVER['REMOTE_ADDR'] variable.
https://gist.github.com/cballou/2201933
It shouldn't be difficult to incorporate into ZenCart if you are really that concerned about it.
FYI, the $_SERVER['REMOTE_ADDR'] variable has never been 100% reliable, because even if the client is coming in from a correctly configured proxy the IP address returned will be for the Proxy server rather than the end user (To get the end users IP address in this case you'd need to use the $_SERVER['HTTP_X_FORWARDED_FOR'] variable).
If the proxy has been configured to use invalid data for its own IP address there isn't much you can do about it other than to retrieve the data from elsewhere (as per the function in the link above).
Cheers
RodG
That's good, FWIW that is what I suggested in post #2