Robin Somes Posted September 17, 2019 Share Posted September 17, 2019 Site: www.piscesconservation.com/cube CC 6.2.5 Foundation Looking at the Error Log section of the admin pages, I'm inundated with time zone errors. The error originates from August 18th; I'm not aware of that coinciding with anything I've done. I'm up to 51,225 error messages, across 2049 pages, so far, and they're arriving about every 2 seconds. Today, 13:26 File: [controller.admin.pre_session.inc.php] Line: [26] "SET @@time_zone = 'Europe/London'" - Unknown or incorrect time zone: 'Europe/London' Today, 13:26 File: [controller.index.inc.php] Line: [27] "SET @@time_zone = 'Europe/London'" - Unknown or incorrect time zone: 'Europe/London' Ad infinitum. Is it me, CubeCart or my ISP; any suggestions? Link to comment Share on other sites More sharing options...
havenswift-hosting Posted September 17, 2019 Share Posted September 17, 2019 This is a small change that needs to be done to MySQL at a system level - quite a few threads in the forums where this is documented. If you have root access it is easy to do yourself, if not you can ask your hosting company although it is just laziness that hosting companies dont do this on all servers - we certainly do and always have done Link to comment Share on other sites More sharing options...
Robin Somes Posted September 17, 2019 Author Share Posted September 17, 2019 Many thanks; could you just clarify what the change is - I'll throw it over to my hosting company. Cheers, R Link to comment Share on other sites More sharing options...
Al Brookbanks Posted September 17, 2019 Share Posted September 17, 2019 Have a search as this is answered many times on the forums. Link to comment Share on other sites More sharing options...
keat Posted September 17, 2019 Share Posted September 17, 2019 My site was updated yesterday from 6.1.7 to 6.2.6 and I had exactly these errors. I have full ssh access to our web server and ran the following command from a terminal window # mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root -p xxxxxx The errors subsequently stopped. Link to comment Share on other sites More sharing options...
Al Brookbanks Posted September 17, 2019 Share Posted September 17, 2019 Most people don't have a dedicated or virtual private server and most generic web hosting companies don't support this. CubeCart hosted does. https://hosted.cubecart.com Link to comment Share on other sites More sharing options...
keat Posted September 17, 2019 Share Posted September 17, 2019 I only uncovered the error after setting the time zone in 'store settings/advanced' Prior to this the time zone was disabled. There were no errors that I recall, but the order time stamps were out by an hour. Hence the reason I applied the time zone. Is it possible to disable the time zone in store settings, but instread add an offset to correct the time stamp ?? Link to comment Share on other sites More sharing options...
Al Brookbanks Posted September 17, 2019 Share Posted September 17, 2019 Setting to to disabled is the best option if your host won't add support for this other than moving your hosting to us of course. Link to comment Share on other sites More sharing options...
keat Posted September 17, 2019 Share Posted September 17, 2019 what about the time difference ? Link to comment Share on other sites More sharing options...
havenswift-hosting Posted September 17, 2019 Share Posted September 17, 2019 38 minutes ago, keat said: # mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root -p xxxxxx 1. Not a good idea to put your root mysql password on a public forum (I have deleted it for you) 2. Almost as bad is having such a basic and easily guessable root mysql password. You should consider changing it to a complex random password for both of these reasons as a matter of urgency 38 minutes ago, Al Brookbanks said: Most generic web hosting companies don't support this. CubeCart hosted does. https://hosted.cubecart.com And of course we support this on all servers including our those hosting our Fully-managed or Self-managed CubeCart hosting plans Link to comment Share on other sites More sharing options...
Al Brookbanks Posted September 17, 2019 Share Posted September 17, 2019 Whoops!! I didn't even notice as it didn't even look like a password. Definitely change the password right now!! I can be done quickly and easily via WHM. Link to comment Share on other sites More sharing options...
havenswift-hosting Posted September 17, 2019 Share Posted September 17, 2019 26 minutes ago, Al Brookbanks said: Whoops!! I didn't even notice as it didn't even look like a password. Definitely change the password right now!! Yep - whoever setup the server should be hung, drawn and quartered and then shot for good measure ! Link to comment Share on other sites More sharing options...
Robin Somes Posted September 17, 2019 Author Share Posted September 17, 2019 My hosting co. say "We have changed the timezone to Europe/London.". Looking at the error logs, I'm still getting the errors, albeit at a much reduced rate. Today, 17:06 File: [controller.admin.pre_session.inc.php] Line: [26] "SET @@time_zone = 'Europe/London'" - Unknown or incorrect time zone: 'Europe/London' Today, 17:03 File: [controller.admin.pre_session.inc.php] Line: [26] "SET @@time_zone = 'Europe/London'" - Unknown or incorrect time zone: 'Europe/London' Today, 17:02 File: [controller.index.inc.php] Line: [27] "SET @@time_zone = 'Europe/London'" - Unknown or incorrect time zone: 'Europe/London' Today, 17:02 File: [controller.index.inc.php] Line: [27] "SET @@time_zone = 'Europe/London'" - Unknown or incorrect time zone: 'Europe/London' Today, 17:02 File: [controller.index.inc.php] Line: [27] "SET @@time_zone = 'Europe/London'" - Unknown or incorrect time zone: 'Europe/London' Looking at info.php for the site, I see: date date/time support enabled "Olson" Timezone Database Version 2018.9 Timezone Database external Default timezone Europe/London Directive Local Value Master Value date.default_latitude 31.7667 31.7667 date.default_longitude 35.2333 35.2333 date.sunrise_zenith 90.583333 90.583333 date.sunset_zenith 90.583333 90.583333 date.timezone Europe/London no value Is that as it should be? Link to comment Share on other sites More sharing options...
bsmither Posted September 17, 2019 Share Posted September 17, 2019 The errors are being announced from the database server. Your hosting provider made a change to the PHP configuration. Link to comment Share on other sites More sharing options...
Robin Somes Posted September 17, 2019 Author Share Posted September 17, 2019 15 minutes ago, bsmither said: The errors are being announced from the database server. Your hosting provider made a change to the PHP configuration. Good point, and well made. Many thanks R Link to comment Share on other sites More sharing options...
bsmither Posted September 17, 2019 Share Posted September 17, 2019 "Is it possible to disable the time zone in store settings, but instead add an offset to correct the time stamp??" This will not get you what you want. After reviewing the code, it seems to me that the UTC Offset (admin, Store Settings, Advanced tab) value - which can be expressed as +3600 or -3600, for example, to add or subtract one hour - is used to affect the display of real timestamps. Thus, in many places in CubeCart's database tables, there are real UNIX (Epoch) timestamps. These values are converted using PHP functions to human-readable strings. (For unknown reasons to me, there are also real human-readable dates in the database tables.) The Offset is summed into the timestamp and then the result is used for display purposes only. The display of human-readable dates/times include "fuzzy" expressions, such as 'Today', 'Last Week', etc. So, disabling the the Time Zone setting, and relying solely on the UTC Offset will cause all timestamps in the database to be UTC (in my opinion, not a big deal), and then enter the appropriate number of positive or negative number of seconds in the Offset field to display the dates/times correct for you. Note that the Cart Order ID takes the form of a date-time-rand syntax. That is only to guarantee uniqueness. It is entirely coincidental that the ID could be used to judge when the order was placed. Link to comment Share on other sites More sharing options...
havenswift-hosting Posted September 17, 2019 Share Posted September 17, 2019 5 hours ago, Robin Somes said: My hosting co. say "We have changed the timezone to Europe/London." Robin Assuming that you gave them the details that Keat mentioned - you should be asking some serious questions about why they did what they did - they dont seem to have a clue ! But then, setting the root MySQL password to what it was shows the level of competence so maybe not surprised (assume you have got them to change this as that is a critical security issue for the server as a whole). For the sake of your business, I would serious question the expertise of your hosting company Link to comment Share on other sites More sharing options...
Robin Somes Posted September 17, 2019 Author Share Posted September 17, 2019 13 minutes ago, havenswift-hosting said: Robin Assuming that you gave them the details that Keat mentioned - you should be asking some serious questions about why they did what they did - they dont seem to have a clue ! But then, setting the root MySQL password to what it was shows the level of competence so maybe not surprised (assume you have got them to change this as that is a critical security issue for the server as a whole). For the sake of your business, I would serious question the expertise of your hosting company Bit of a mixed thread here, I think. I do agree their first line of tech support tends to jump to conclusions about what the customer's asking for, which isn't ideal. But thankfully it's a different hosting company to Keat's - no such password madness, yet at least! Link to comment Share on other sites More sharing options...
keat Posted September 18, 2019 Share Posted September 18, 2019 19 hours ago, havenswift-hosting said: 1. Not a good idea to put your root mysql password on a public forum (I have deleted it for you) 2. Almost as bad is having such a basic and easily guessable root mysql password. You should consider changing it to a complex random password for both of these reasons as a matter of urgency You had me worried there Ian. However, this wasn't my password, the code was cut and pasted from the SQL developers site. https://dev.mysql.com/doc/refman/8.0/en/time-zone-support.html If anyone could guess my root password, they deserve the right to take control of my server. (even i struggle with it) Link to comment Share on other sites More sharing options...
Robin Somes Posted September 18, 2019 Author Share Posted September 18, 2019 An update to this issue. After several emails back and forth with my hosting company, they're not willing (for which read, they can't be bothered) to load the required system time zone table to the DB server, because "it will affect other customers". So be it; lazy attitude, but we're stuck with them for the time being, so for now I've disabled 'Timezone' in the store settings. No more countless error messages. Thanks for the help. Link to comment Share on other sites More sharing options...
Al Brookbanks Posted September 18, 2019 Share Posted September 18, 2019 Just now, Robin Somes said: An update to this issue. After several emails back and forth with my hosting company, they're not willing (for which read, they can't be bothered) to load the required system time zone table to the DB server, because "it will affect other customers". So be it; lazy attitude, but we're stuck with them for the time being, so for now I've disabled 'Timezone' in the store settings. No more countless error messages. Thanks for the help. These companies provide generic web hosting and may have hundreds of servers ALL with the same configuration. If they change the configuration on one it can lead to an administrational nightmare and inconsistent "generic" service between clients. That kinda makes sense and in a way I don't blame them. You are best off using a dedicated or virtual private server that you can adjust the server software on or you could use specialist CubeCart hosting such as https://hosted.cubecart.com which is optimised for just CubeCart. Link to comment Share on other sites More sharing options...
Robin Somes Posted September 18, 2019 Author Share Posted September 18, 2019 1 minute ago, Al Brookbanks said: These companies provide generic web hosting and may have hundreds of servers ALL with the same configuration. If they change the configuration on one it can lead to an administrational nightmare and inconsistent "generic" service between clients. That kinda makes sense and in a way I don't blame them. You are best off using a dedicated or virtual private server that you can adjust the server software on or you could use specialist CubeCart hosting such as https://hosted.cubecart.com which is optimised for just CubeCart. Thanks Al, yes, I totally get that. Our issue really is that we've got at least 12 domains; the CubeCart shop, 3 or 4 Wordpress-based sites (I can't actually remember!) and the rest plain HTML-based. I think there would be some resistance, in terms of cost (since sales through the shop site are far from being our main source of income), and admin time, to having two separate hosting companies. And there's very limited time to devote to migrating all our sites to a new host. But for the longer term it's something we do need to consider and rationalise. Cheers, Robin Link to comment Share on other sites More sharing options...
havenswift-hosting Posted September 18, 2019 Share Posted September 18, 2019 11 minutes ago, Robin Somes said: An update to this issue. After several emails back and forth with my hosting company, they're not willing (for which read, they can't be bothered) to load the required system time zone table to the DB server, because "it will affect other customers". So be it; lazy attitude, but we're stuck with them for the time being, so for now I've disabled 'Timezone' in the store settings. No more countless error messages. Thanks for the help. That stops the error messages but obviously doesnt solve the problem. Most of the big hosting companies have standard images that they burn for every server and in this case it isnt the case that "it will affect other customers" as it cannot have any detrimental affect at all - they cant be bothered or getting it into their standard server image is complicated. Unfortunately when paying silly amounts for generic hosting (no idea who you are with or how much you are paying but just a guess) then there are lots of compromises many which are there without you knowing until there is an issue like this. Move your hosting to a specialist CubeCart hosting and get many more benefits that servers tuned especially for CubeCart 34 minutes ago, keat said: You had me worried there Ian. However, this wasn't my password, the code was cut and pasted from the SQL developers site. If anyone could guess my root password, they deserve the right to take control of my server. (even i struggle with it) Hi Keat That is a relief but just went from your post which said this was what you had run ! Bear in mind that the server root password is different to the MySQL root password although many people commissioning servers set them to the same. If you have problems with passwords then use a password manager like LastPass - we have thousands of passwords stored most of which are 20 random characters and all unique and only ever have to remember one password (the LastPass one) Ian Link to comment Share on other sites More sharing options...
keat Posted September 18, 2019 Share Posted September 18, 2019 Off topic, but i'm a little worried about online password managers. If the online account got hacked, then this would reveal all my passwords. But then the same could be said for my browser cache and bottom drawer. 17 random characters by the way, upper, lower, numbers and symbols. Link to comment Share on other sites More sharing options...
havenswift-hosting Posted September 18, 2019 Share Posted September 18, 2019 7 minutes ago, keat said: Off topic, but i'm a little worried about online password managers. If the online account got hacked, then this would reveal all my passwords. But then the same could be said for my browser cache and bottom drawer. LastPass password vault is encrypted and stored locally on the device although can be sync'd with multiple devices so the same vault is available on mobile devices as well. Even LastPass cannot access or decrypt the vault without the master password and as should be standard practice for any important login, you can have Two Factor Authentication as well - see https://www.forbes.com/sites/thomasbrewster/2019/04/10/what-happened-when-the-dea-demanded-passwords-from-lastpass/#14141b97ebeb and also read https://www.lastpass.com/how-lastpass-works 7 minutes ago, keat said: 17 random characters by the way, upper, lower, numbers and symbols. That is good for that one server root password but what about the hundreds of other sites you have logins on - if you have ever used the same combination of email address and password (and dont use 2FA as well) then there is a very good chance that this combination is known due to the huge breaches that have happened in the past which are used by hackers to randomly try on whichever site they are trying to hack - check out https://haveibeenpwned.com/ and see whether your email addresses have passwords in the public domain Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.