Jump to content

System error logs


Robin Somes

Recommended Posts

Site: www.piscesconservation.com/cube

CC 6.2.5 Foundation

Looking at the Error Log section of the admin pages, I'm inundated with time zone errors. The error originates from August 18th; I'm not aware of that coinciding with anything I've done. I'm up to 51,225 error messages, across 2049 pages, so far, and they're arriving about every 2 seconds.

Today, 13:26 File: [controller.admin.pre_session.inc.php] Line: [26] "SET @@time_zone = 'Europe/London'" - Unknown or incorrect time zone: 'Europe/London'

Today, 13:26 File: [controller.index.inc.php] Line: [27] "SET @@time_zone = 'Europe/London'" - Unknown or incorrect time zone: 'Europe/London'

Ad infinitum.

Is it me, CubeCart or my ISP; any suggestions?

Link to comment
Share on other sites

This is a small change that needs to be done to MySQL at a system level - quite a few threads in the forums where this is documented.  If you have root access it is easy to do yourself, if not you can ask your hosting company although it is just laziness that hosting companies dont do this on all servers - we certainly do and always have done

Link to comment
Share on other sites

My site was updated yesterday from 6.1.7 to 6.2.6 and I had exactly these errors.

I have full ssh access to our web server and ran the following command from a terminal window

# mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root -p xxxxxx

The errors subsequently stopped.

Link to comment
Share on other sites

I only uncovered the error after setting the time zone in 'store settings/advanced'

Prior to this the time zone was disabled.

There were no errors that I recall, but the order time stamps were out by an hour.

Hence the reason I applied the time zone.

 

Is it possible to disable the time zone in store settings, but instread add an offset to correct the time stamp ??

Link to comment
Share on other sites

38 minutes ago, keat said:

# mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root -p xxxxxx

1. Not a good idea to put your root mysql password on a public forum (I have deleted it for you) 2. Almost as bad is having such a basic and easily guessable root mysql password.  You should consider changing it to a complex random password for both of these reasons as a matter of urgency

 

38 minutes ago, Al Brookbanks said:

Most generic web hosting companies don't support this. CubeCart hosted does. https://hosted.cubecart.com 

And of course we support this on all servers including our those hosting our Fully-managed or Self-managed CubeCart hosting plans  

Link to comment
Share on other sites

My hosting co. say "We have changed the timezone to Europe/London.". Looking at the error logs, I'm still getting the errors, albeit at a much reduced rate.

Today, 17:06 File: [controller.admin.pre_session.inc.php] Line: [26] "SET @@time_zone = 'Europe/London'" - Unknown or incorrect time zone: 'Europe/London'
Today, 17:03 File: [controller.admin.pre_session.inc.php] Line: [26] "SET @@time_zone = 'Europe/London'" - Unknown or incorrect time zone: 'Europe/London'
Today, 17:02 File: [controller.index.inc.php] Line: [27] "SET @@time_zone = 'Europe/London'" - Unknown or incorrect time zone: 'Europe/London'
Today, 17:02 File: [controller.index.inc.php] Line: [27] "SET @@time_zone = 'Europe/London'" - Unknown or incorrect time zone: 'Europe/London'
Today, 17:02 File: [controller.index.inc.php] Line: [27] "SET @@time_zone = 'Europe/London'" - Unknown or incorrect time zone: 'Europe/London'

Looking at info.php for the site, I see:

date

date/time support enabled
"Olson" Timezone Database Version 2018.9
Timezone Database external
Default timezone Europe/London
Directive Local Value Master Value
date.default_latitude 31.7667 31.7667
date.default_longitude 35.2333 35.2333
date.sunrise_zenith 90.583333 90.583333
date.sunset_zenith 90.583333 90.583333
date.timezone Europe/London

no value

 

Is that as it should be?

Link to comment
Share on other sites

"Is it possible to disable the time zone in store settings, but instead add an offset to correct the time stamp??"

This will not get you what you want. After reviewing the code, it seems to me that the UTC Offset (admin, Store Settings, Advanced tab) value - which can be expressed as +3600 or -3600, for example, to add or subtract one hour - is used to affect the display of real timestamps.

Thus, in many places in CubeCart's database tables, there are real UNIX (Epoch) timestamps. These values are converted using PHP functions to human-readable strings. (For unknown reasons to me, there are also real human-readable dates in the database tables.) The Offset is summed into the timestamp and then the result is used for display purposes only. The display of human-readable dates/times include "fuzzy" expressions, such as 'Today', 'Last Week', etc.

So, disabling the the Time Zone setting, and relying solely on the UTC Offset will cause all timestamps in the database to be UTC (in my opinion, not a big deal), and then enter the appropriate number of positive or negative number of seconds in the Offset field to display the dates/times correct for you.

Note that the Cart Order ID takes the form of a date-time-rand syntax. That is only to guarantee uniqueness. It is entirely coincidental that the ID could be used to judge when the order was placed.

Link to comment
Share on other sites

5 hours ago, Robin Somes said:

My hosting co. say "We have changed the timezone to Europe/London."

Robin

Assuming that you gave them the details that Keat mentioned - you should be asking some serious questions about why they did what they did - they dont seem to have a clue !  But then, setting the root MySQL password to what it was shows the level of competence so maybe not surprised (assume you have got them to change this as that is a critical security issue for the server as a whole).  For the sake of your business, I would serious question the expertise of your hosting company

Link to comment
Share on other sites

13 minutes ago, havenswift-hosting said:

Robin

Assuming that you gave them the details that Keat mentioned - you should be asking some serious questions about why they did what they did - they dont seem to have a clue !  But then, setting the root MySQL password to what it was shows the level of competence so maybe not surprised (assume you have got them to change this as that is a critical security issue for the server as a whole).  For the sake of your business, I would serious question the expertise of your hosting company

Bit of a mixed thread here, I think. I do agree their first line of tech support tends to jump to conclusions about what the customer's asking for, which isn't ideal. But thankfully it's a different hosting company to Keat's - no such password madness, yet at least!

Link to comment
Share on other sites

19 hours ago, havenswift-hosting said:

1. Not a good idea to put your root mysql password on a public forum (I have deleted it for you) 2. Almost as bad is having such a basic and easily guessable root mysql password.  You should consider changing it to a complex random password for both of these reasons as a matter of urgency

 

 

You had me worried there Ian.

However, this wasn't my password, the code was cut and pasted from the SQL developers site.

https://dev.mysql.com/doc/refman/8.0/en/time-zone-support.html

If anyone could guess my root password, they deserve the right to take control of my server. (even i struggle with it)

Link to comment
Share on other sites

An update to this issue. After several emails back and forth with my hosting company, they're not willing (for which read, they can't be bothered) to load the required system time zone table to the DB server, because "it will affect other customers". So be it; lazy attitude, but we're stuck with them for the time being, so for now I've disabled 'Timezone' in the store settings. No more countless error messages. Thanks for the help.

Link to comment
Share on other sites

Just now, Robin Somes said:

An update to this issue. After several emails back and forth with my hosting company, they're not willing (for which read, they can't be bothered) to load the required system time zone table to the DB server, because "it will affect other customers". So be it; lazy attitude, but we're stuck with them for the time being, so for now I've disabled 'Timezone' in the store settings. No more countless error messages. Thanks for the help.

These companies provide generic web hosting and may have hundreds of servers ALL with the same configuration. If they change the configuration on one it can lead to an administrational nightmare and inconsistent "generic" service between clients. That kinda makes sense and in a way I don't blame them. 

You are best off using a dedicated or virtual private server that you can adjust the server software on or you could use specialist CubeCart hosting such as https://hosted.cubecart.com which is optimised for just CubeCart. 

Link to comment
Share on other sites

1 minute ago, Al Brookbanks said:

These companies provide generic web hosting and may have hundreds of servers ALL with the same configuration. If they change the configuration on one it can lead to an administrational nightmare and inconsistent "generic" service between clients. That kinda makes sense and in a way I don't blame them. 

You are best off using a dedicated or virtual private server that you can adjust the server software on or you could use specialist CubeCart hosting such as https://hosted.cubecart.com which is optimised for just CubeCart. 

Thanks Al, yes, I totally get that. Our issue really is that we've got at least 12 domains; the CubeCart shop, 3 or 4 Wordpress-based sites (I can't actually remember!) and the rest plain HTML-based. I think there would be some resistance, in terms of cost (since sales through the shop site are far from being our main source of income), and admin time, to having two separate hosting companies. And there's very limited time to devote to migrating all our sites to a new host. But for the longer term it's something we do need to consider and rationalise.

Cheers,

Robin

Link to comment
Share on other sites

11 minutes ago, Robin Somes said:

An update to this issue. After several emails back and forth with my hosting company, they're not willing (for which read, they can't be bothered) to load the required system time zone table to the DB server, because "it will affect other customers". So be it; lazy attitude, but we're stuck with them for the time being, so for now I've disabled 'Timezone' in the store settings. No more countless error messages. Thanks for the help.

That stops the error messages but obviously doesnt solve the problem.  Most of the big hosting companies have standard images that they burn for every server and in this case it isnt the case that "it will affect other customers" as it cannot have any detrimental affect at all - they cant be bothered or getting it into their standard server image is complicated.  Unfortunately when paying silly amounts for generic hosting (no idea who you are with or how much you are paying but just a guess) then there are lots of compromises many which are there without you knowing until there is an issue like this. Move your hosting to a specialist CubeCart hosting and get many more benefits that servers tuned especially for CubeCart

34 minutes ago, keat said:

You had me worried there Ian.

However, this wasn't my password, the code was cut and pasted from the SQL developers site.

If anyone could guess my root password, they deserve the right to take control of my server. (even i struggle with it)

Hi Keat

That is a relief but just went from your post which said this was what you had run !  Bear in mind that the server root password is different to the MySQL root password although many people commissioning servers set them to the same.

If you have problems with passwords then use a password manager like LastPass - we have thousands of passwords stored most of which are 20 random characters and all unique and only ever have to remember one password (the LastPass one)

Ian

Link to comment
Share on other sites

Off topic, but i'm a little worried about online password managers.

If the online account got hacked, then this would reveal all my passwords.

But then the same could be said for my browser cache and bottom drawer.

 

17 random characters by the way, upper, lower, numbers and symbols.

 

😄

 

Link to comment
Share on other sites

7 minutes ago, keat said:

Off topic, but i'm a little worried about online password managers.

If the online account got hacked, then this would reveal all my passwords.

But then the same could be said for my browser cache and bottom drawer.

LastPass password vault is encrypted and stored locally on the device although can be sync'd with multiple devices so the same vault is available on mobile devices as well.

Even LastPass cannot access or decrypt the vault without the master password and as should be standard practice for any important login, you can have Two Factor Authentication as well - see https://www.forbes.com/sites/thomasbrewster/2019/04/10/what-happened-when-the-dea-demanded-passwords-from-lastpass/#14141b97ebeb and also read https://www.lastpass.com/how-lastpass-works

7 minutes ago, keat said:

17 random characters by the way, upper, lower, numbers and symbols.

That is good for that one server root password but what about the hundreds of other sites you have logins on - if you have ever used the same combination of email address and password (and dont use 2FA as well) then there is a very good chance that this combination is known due to the huge breaches that have happened in the past which are used by hackers to randomly try on whichever site they are trying to hack - check out https://haveibeenpwned.com/ and see whether your email addresses have passwords in the public domain

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...