Fatal error: Uncaught Error: Call to undefined function validate_ip()

  • Resolved preetindersodhi

    (@preetindersodhi)


    3 years, 3 months ago

    What is causing this error?

    Fatal error: Uncaught Error: Call to undefined function validate_ip() in /xxx/xxx/xxx//staging/wp-content/plugins/wp-post-views/wp-post-views.php:99

    Stack trace: #0 /xxx/xxx/xxx//staging/wp-content/plugins/wp-post-views/wp-post-views.php(135): WP_Post_Views->get_ip_address()
    #1 /xxx/xxx/xxx//staging/wp-includes/class-wp-hook.php(303): WP_Post_Views->counter(”)
    #2 /xxx/xxx/xxx//staging/wp-includes/class-wp-hook.php(327): WP_Hook->apply_filters(NULL, Array)
    #3 /xxx/xxx/xxx//staging/wp-includes/plugin.php(470): WP_Hook->do_action(Array)
    #4 /xxx/xxx/xxx//staging/wp-includes/general-template.php(3015): do_action(‘wp_head’)
    #5 /xxx/xxx/xxx//staging/wp-content/themes/hello-elementor-child/header.php(23): wp_head()
    #6 /xxx/xxx/xxx//staging/wp-includes/template.php(770): require_once(‘/home2/patialat…’)
    #7 /home2/patialat/p in /xxx/xxx/xxx//staging/wp-content/plugins/wp-post-views/wp-post-views.php on line 99

    Server architecture Linux 4.19.150-76.ELK.el7.x86_64 x86_64
    Web server Apache
    PHP version 7.4.22 (Supports 64bit values)

Viewing 3 replies - 1 through 3 (of 3 total)

  • The code is incorrect and was probably taken online, it should be $this->validate_ip when calling it.
    The plugin author probably had copied this function also in his theme, outside of a class, and didn’t realize it is calling that one. You should try the plugin on a fresh WP.

    The function get_ip_address is unsafe though, the plugin author shouldn’t try to implement his own way to get the IP, if every plugin does this, this can only go bad.

    In fact this function is vulnerable, it gets the CLIENT_IP header if it’s set, in most cases it can be spoofed (if it’s not set by the webservers).

    The second check, it gets the first IP in X_FORWARDED_FOR = spoofed.

    I understand you don’t want people abusing and refreshing an article to increase the counter, but you shouldn’t attempt to reinvent the wheel when trying to fetch the IP.

    $_SERVER[‘REMOTE_ADDR’] should be used, it’s for the hosting of the websites to make sure it is populated with the correct IP.

    • This reply was modified 3 years, 2 months ago by briandd.
    • This reply was modified 3 years, 2 months ago by briandd.
    • This reply was modified 3 years, 2 months ago by briandd.
    Plugin Author Ronak J Vanpariya

    (@vanpariyar)

    @briandd Thanks for the replay will check the code and update it

    Plugin Author Ronak J Vanpariya

    (@vanpariyar)

    This has been fixed with the version 1.8.

    Thanks for addressing the issues.

    @briandd @preetindersodhi

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Fatal error: Uncaught Error: Call to undefined function validate_ip()’ is closed to new replies.