Error Messages in the Log

[LordRazen]

It looks like I got a hacker recently who tried to manipulate the website with array inputs.

Those errors here are related to Octobercms / Rainlab Users plugin. You might wanna fix them:

OctoberCMS

TypeError: strlen(): Argument #1 ($string) must be of type string, array given in .../modules/system/traits/SecurityController.php:62

Rainlab Users

TypeError: trim(): Argument #1 ($string) must be of type string, array given in .../plugins/rainlab/user/components/Account.php:248

Page Url This error message seems to be related to $this->page->url. I've no idea how the attacker managed to put an array in there... but he did, cause line 10 of default.htm looks like the following: {% if this.page.url == "/login" %}

Next Twig\Error\RuntimeError: An exception has been thrown during the rendering of a template ("Array to string conversion") in ".../plugins/mch/users/components/accountextended/default.htm" at line 10. in .../vendor/twig/twig/src/Template.php:385
Stack trace:
#0 .../vendor/twig/twig/src/Template.php(335): Twig\Template->yield()
#1 .../vendor/twig/twig/src/TemplateWrapper.php(38): Twig\Template->render()
#2 .../modules/cms/classes/controller/HasRenderers.php(242): Twig\TemplateWrapper->render()
#3 .../modules/cms/classes/controller/HasRenderers.php(391): Cms\Classes\Controller->renderPartial()
#4 .../modules/cms/twig/Extension.php(197): Cms\Classes\Controller->renderComponent()
#5 .../storage/cms/twig/ca/caaf976d077788abf3f37167df173f4cf6f07fedae14814fdf049e4fe8f56f17.php(47): Cms\Twig\Extension->componentFunction()
#6 .../vendor/twig/twig/src/Template.php(360): __TwigTemplate_4e0855cceba894aae69c4689e676f4ce91833c2808e10fed41250736ae619258->doDisplay()
#7 .../vendor/twig/twig/src/Template.php(335): Twig\Template->yield()
#8 .../vendor/twig/twig/src/TemplateWrapper.php(38): Twig\Template->render()
#9 .../modules/cms/classes/controller/HasRenderers.php(83): Twig\TemplateWrapper->render()
#10 .../modules/cms/classes/Controller.php(425): Cms\Classes\Controller->renderPageContents()
#11 .../modules/cms/classes/Controller.php(226): Cms\Classes\Controller->runPage()
#12 .../modules/cms/classes/CmsController.php(72): Cms\Classes\Controller->run()
#13 .../vendor/laravel/framework/src/Illuminate/Routing/Controller.php(54): Cms\Classes\CmsController->run()
#14 .../vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php(43): Illuminate\Routing\Controller->callAction()
#15 .../vendor/laravel/framework/src/Illuminate/Routing/Route.php(260): Illuminate\Routing\ControllerDispatcher->dispatch()
#16 .../vendor/laravel/framework/src/Illuminate/Routing/Route.php(205): Illuminate\Routing\Route->runController()
#17 .../vendor/laravel/framework/src/Illuminate/Routing/Router.php(798): Illuminate\Routing\Route->run()
#18 .../vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(141): Illuminate\Routing\Router->Illuminate\Routing\{closure}()
#19 .../vendor/laravel/framework/src/Illuminate/Routing/Middleware/SubstituteBindings.php(50): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#20 .../vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(180): Illuminate\Routing\Middleware\SubstituteBindings->handle()
#21 .../vendor/laravel/framework/src/Illuminate/View/Middleware/ShareErrorsFromSession.php(49): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#22 .../vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(180): Illuminate\View\Middleware\ShareErrorsFromSession->handle()
#23 .../vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(121): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#24 .../vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(64): Illuminate\Session\Middleware\StartSession->handleStatefulRequest()
#25 .../vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(180): Illuminate\Session\Middleware\StartSession->handle()
#26 .../vendor/laravel/framework/src/Illuminate/Cookie/Middleware/AddQueuedCookiesToResponse.php(37): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#27 .../vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(180): Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse->handle()
#28 .../vendor/laravel/framework/src/Illuminate/Cookie/Middleware/EncryptCookies.php(67): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#29 .../vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(180): Illuminate\Cookie\Middleware\EncryptCookies->handle()
#30 .../vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(116): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#31 .../vendor/laravel/framework/src/Illuminate/Routing/Router.php(799): Illuminate\Pipeline\Pipeline->then()
#32 .../vendor/laravel/framework/src/Illuminate/Routing/Router.php(776): Illuminate\Routing\Router->runRouteWithinStack()
#33 .../vendor/laravel/framework/src/Illuminate/Routing/Router.php(740): Illuminate\Routing\Router->runRoute()
#34 .../vendor/october/rain/src/Router/CoreRouter.php(32): Illuminate\Routing\Router->dispatchToRoute()
#35 .../vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(190): October\Rain\Router\CoreRouter->dispatch()
#36 .../vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(141): Illuminate\Foundation\Http\Kernel->Illuminate\Foundation\Http\{closure}()
#37 .../vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/PreventRequestsDuringMaintenance.php(86): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#38 .../vendor/october/rain/src/Foundation/Http/Middleware/CheckForMaintenanceMode.php(23): Illuminate\Foundation\Http\Middleware\PreventRequestsDuringMaintenance->handle()
#39 .../vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(180): October\Rain\Foundation\Http\Middleware\CheckForMaintenanceMode->handle()
#40 .../vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(116): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#41 .../vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(165): Illuminate\Pipeline\Pipeline->then()
#42 .../vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(134): Illuminate\Foundation\Http\Kernel->sendRequestThroughRouter()
#43 .../index.php(43): Illuminate\Foundation\Http\Kernel->handle()
#44 {main}  

[daftspunk]

Hi @LordRazen

Thanks for this report. While these errors are generally benign, it looks like someone has taken an interest in your site.

A fix has been added to RainLab.User v2.1.1 and OCMS v3.6.30.

Feel free to make another issue if you notice any more of these.

Best regards

[LordRazen]

Willl do so, thx for fixing :)