I am having trouble in logging in to my blog. I get this error Warning: htmlspecialchars() [function.htmlspecialchars]: charset `_CHARSET' not supported, assuming iso-8859-1 in /home/careeing/public_html/easydestination.net/blog/nucleus/plugins/NP_SecurityEnforcer.php on line 154
This is the part of the securityenforcher.php that seems to be causing problem,
$info = sprintf(_SECURITYENFORCER_LOGIN_DISALLOWED, htmlspecialchars($login), htmlspecialchars($ip));
Line 154 of NP_SecurityEnforcer.php should read:
$info = sprintf(_SECURITYENFORCER_LOGIN_DISALLOWED, htmlspecialchars($login,ENT_QUOTES,_CHARSET), htmlspecialchars($ip,ENT_QUOTES,_CHARSET));
which is more consistent with your error message. Not that it helps much, since the error message indicates that the _CHARSET constant is not defined as it should be. And I don't see any reason it should not have been defined.
Try to disable the plugin by renaming the NP_SecurityEnforcer.php file and see if the login succeeds.
Have your provider done any PHP changes/upgrades lately? If not your site may have had some files corrupted or infected.
It may be that the language file isn't loaded. If your language is set to english should the language be defined in \nucleus\language\english.php file.
You were right about the code. I accidentally posted code from earlier version of SecurityEnforcer.php file. Anyway I deleted the plugin file and it fixed the issue. I can now login to my blog. Thanks for the help Leo.
I am not sure if hosting company has made any changes to the php file. I have send them a mail to find that out.
In case some files are corrupted as you mentioned, how should I fix them? Should I upload all the files again or is there a way to identify the corrupted files on the server.
As far as language file is concerned. The default language is set to english and there is a english.php file in the language folder in the server. Therefore I am not sure if this is causing the issue.
Does the all of the blog and admin area work without errors now? If they do, the error you had is very strange.
Does it give the same error if you upload the SecurityEnforcer.php file again and activate the plugin?
A quick way to get an indication of infected files is to check the change date for the php-files on your site. It should be set to the date when you originally uploaded them. Suspicious files will have a newer date.
The safest solution is to upload all files again, but it may be a little excessive, if there are no other problems with your blog.