Hello,

I found the following in the Drupal system log. It looks like this is an intrusion via PHP or SQL.

Apparently the attack failed. C Correct ? What should I do to enforce or correct the Drupal security ?

Current version is latest 7.32 and it is reported 'Up to date' via drush.

http://www.xxx.xxx%7C1415110013%7Cphp%7C103.228.71.39%7Chttp://www.xxx.xxx/?...: mb_strlen() expects parameter 1 to be string, array given in drupal_strlen() (line 478 of /var/www/drupal7/includes/unicode.inc).

http://www.xxx.xxx%7C1415110013%7Cphp%7C103.228.71.39%7Chttp://www.xxx.xxx/?...: addcslashes() expects parameter 1 to be string, array given in DatabaseConnection->escapeLike() (line 984 of /var/www/drupal7/includes/database/database.inc).

http://www.xxx.xxx%7C1415110013%7Cphp%7C103.228.71.39%7Chttp://www.xxx.xxx/?...: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' '111111' AND status = 1' at line 1: SELECT * FROM {users} WHERE name = :name_0, :name_1 AND status = 1; Array#012(#012 [:name_0] => admin#012 [:name_1] => 111111#012)#012 in user_login_authenticate_validate() (line 2149 of /var/www/drupal7/modules/user/user.module).

Thanks for follow-up and help. Bruno