AbuseIPDB Integration module

[johnjlarge]

Ok.

I tried renaming the jscript_framework.php temporarily to jscript_framework.php.bak just to see if the error went away & it then caused the same error with the jscript_plugin_structured_data.php script, so it would appear the code isn't playing well with other plugins.

[marcopolo]

I would check your tpl_header.php and tpl_main_page.php files against their originals and see if any modification made to them is causing the issue.

The issue is that you're encountering a "headers already sent" error. This is often caused when you attempt to send a header after the HTTP body content has started to be output. Since those files are listed in the log they may have something to do it it:

To fix this, you should check these lines in tpl_header.php and tpl_main_page.php and ensure there is no output before the header() function is called. Output can be any HTML outside PHP tags, any echo or print statement, or even a PHP closing tag (?>) followed by a newline or space.

Hope that helps

[marcopolo]

That file jscript_framework.php is part of zencart, I have the same file and it works on my store so I do not think it is that. Check the two files I outlined the previous post. If those are modified try using the originals and troubleshoot and see if that is your issue.

[lat9]

FWIW, that "headers already sent" issue is usually associated with a file (usual culprits are language files) that has an extra space after the PHP 'end', e.g.

Code:

<?

... where there is a blank line after the <?.

[johnjlarge]

Thanks both of you.

I checked tpl_header.php and tpl_main_page.php against originals and there are changes to do with my template in use compared to stock files from Zen Cart, but the core of the files are the same. I tried, just to test, dropping in the standard files without modifications & the error persists.

I also went through files looking for extra whitespace & couldn't find anything. The strange thing is, this site has been running for a long time & has quite a few plugins which work perfectly together. This is the first plugin I’ve used which fills up the log files, so it would seem if the error exists in one of my existing files, it doesn't affect any of the other plugins as the only file I ever get in logs is if a square payment is declined or fails.

I spent a few hours last night combing through files trying to find anything that could be issuing a header response before tpl_header.php, but I couldn't find anything. I'll just have to leave it disabled for now which is a shame.

[webchills]

Thanks for this great plugin, nice work!

Is there a reason why you redirect blocked IPs to the page_not_found page? I think a 410 redirect would be more suitable.

I have changed in includes/classes/observers/class.abuseipdb_observer.php the three instances of:

Code:

header('Location: /index.php?main_page=page_not_found');
                exit();

to:

Code:

header('HTTP/1.0 410 Gone');
                zen_exit();

@johnjlarge
could be a fix for your headers already sent issue as well

[johnjlarge]

Thanks for this great plugin, nice work!

Is there a reason why you redirect blocked IPs to the page_not_found page? I think a 410 redirect would be more suitable.

I have changed in includes/classes/observers/class.abuseipdb_observer.php the three instances of:

Code:

header('Location: /index.php?main_page=page_not_found');
                exit();

to:

Code:

header('HTTP/1.0 410 Gone');
                zen_exit();

@johnjlarge
could be a fix for your headers already sent issue as well

Just tried with these changes, still no go for me. Still getting the headers already sent error.

[johnjlarge]

So, I've found a way around this which works, are there any issues to doing it this way?

In the index.php file at the root of zen cart, adding the block code before allowing html_header.php to load makes the code work. Will this give me any issues downstream in the code flow?

Around line 40 of index.php I've added the code here

Code:

 

/**
 * We now load header code for a given page. 
 * Page code is stored in includes/modules/pages/PAGE_NAME/directory 
 * 'header_php.php' files in that directory are loaded now.
 */
    require($code_page_directory . '/' . $value);
  }
/**
 * We now load the html_header.php file. This file contains code that would appear within the HTML <head></head> code 
 * it is overridable on a template and page basis. 
 * In that a custom template can define its own common/html_header.php file 
 */
 // bof modification AbuseIPDB
if (ABUSEIPDB_ENABLED) {
$GLOBALS['zco_notifier']->notify('NOTIFY_HEADER_START');
}
// eof modification AbuseIPDB
  require($template->get_template_dir('html_header.php',DIR_WS_TEMPLATE, $current_page_base,'common'). '/html_header.php');
/**
 * Define Template Variables picked up from includes/main_template_vars.php unless a file exists in the
 * includes/pages/{page_name}/directory to overide. Allowing different pages to have different overall
 * templates.
 */

[marcopolo]

Thanks for this great plugin, nice work!

Is there a reason why you redirect blocked IPs to the page_not_found page? I think a 410 redirect would be more suitable.

I have changed in includes/classes/observers/class.abuseipdb_observer.php the three instances of:

Code:

header('Location: /index.php?main_page=page_not_found');
                exit();

to:

Code:

header('HTTP/1.0 410 Gone');
                zen_exit();

@johnjlarge
could be a fix for your headers already sent issue as well

Thank you glad you like it!

In regards to the redirect page I guess I thought giving it no information was better but maybe 410 option is better since it would indicate that the content is permanently gone and discourage further access attempts from the abusive IP addresses. It can also help search engines quickly remove the content from their indexes.

[marcopolo]

So, I've found a way around this which works, are there any issues to doing it this way?

In the index.php file at the root of zen cart, adding the block code before allowing html_header.php to load makes the code work. Will this give me any issues downstream in the code flow?

Around line 40 of index.php I've added the code here

Code:

 

/**
 * We now load header code for a given page. 
 * Page code is stored in includes/modules/pages/PAGE_NAME/directory 
 * 'header_php.php' files in that directory are loaded now.
 */
    require($code_page_directory . '/' . $value);
  }
/**
 * We now load the html_header.php file. This file contains code that would appear within the HTML <head></head> code 
 * it is overridable on a template and page basis. 
 * In that a custom template can define its own common/html_header.php file 
 */
 // bof modification AbuseIPDB
if (ABUSEIPDB_ENABLED) {
$GLOBALS['zco_notifier']->notify('NOTIFY_HEADER_START');
}
// eof modification AbuseIPDB
  require($template->get_template_dir('html_header.php',DIR_WS_TEMPLATE, $current_page_base,'common'). '/html_header.php');
/**
 * Define Template Variables picked up from includes/main_template_vars.php unless a file exists in the
 * includes/pages/{page_name}/directory to overide. Allowing different pages to have different overall
 * templates.
 */

That is fine for the index page however if one enters on a different page your not protected, that is why it is added to the tpl_header.php page since that will load on every page no matter the entry point.