Support Forums - All Posts - XOOPS Web Application System

1

Re: one of my sites got hacked :(

2005/9/8 21:47
marijun
Just popping in
Posts: 53
Since: 2004/6/4 1

i dunno about that, it was working fine up until last night. (that error is due to the fact that the xoops_session table was one that was indeed deleted)

Marion Morris
Gravity Squared Media - The Science of Design
www.gravitysquared.com

2

Re: one of my sites got hacked :(

2005/9/8 8:18
marijun
Just popping in
Posts: 53
Since: 2004/6/4 1

oh yes, i'm quite sure the tables are gone. not all of them though, just the last 10 or so (xoops_profile_category through xoops_users). it stopped at xoops_protector.

it hasn't been defaced, just deleted tables.

here's my server stats:

linux (that's honestly all i know lol)
php 4.4.0
mysql 4.0.25
apache 1.3.33

Marion Morris
Gravity Squared Media - The Science of Design
www.gravitysquared.com

3

one of my sites got hacked :(

2005/9/8 6:01
marijun
Just popping in
Posts: 53
Since: 2004/6/4 1

yeah, i know, its probably my fault for not upgrading...it was running 2.0.9.2 i think. i did have the protector module installed though and it appears to have done its job well for a few minutes anyway.

i found this in the error log:


[Thu Sep  8 00:17:34 2005] [error] PHP Warning:  mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/centaur/public_html/modules/protector/include/precheck.inc.php on line 16

[Thu Sep  8 00:17:33 2005] [error] PHP Warning:  mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/centaur/public_html/modules/protector/include/precheck.inc.php on line 16

[Thu Sep  8 00:17:33 2005] [error] PHP Warning:  mysql_result(): supplied argument is not a valid MySQL result resource in /home/centaur/public_html/modules/protector/class/protector.php on line 485

anyone know what that means?

this is from around the same time as the hack happened, so i assume this had something to do with it. i posted a news article just a few minutes before, and i went back about an hour later to find the site hacked.

here's the busted site, if anyone's interested -http://www.halfmanhalfhorse.com

it appears as though almost all the default XOOPS tables have been deleted from the database. i emailed my host and asked for a backup, so hopefully they have something mroe recent than i do. until then, i'm just curious as to what happened. any ideas, guys?

Marion Morris
Gravity Squared Media - The Science of Design
www.gravitysquared.com

4

Re: Calendar for me?

2005/8/27 10:45
marijun
Just popping in
Posts: 53
Since: 2004/6/4 1

i'm working on a module called Calendar VE (dev forge page) but its not complete yet. i un-prioritized the project for a while cuz my client no longer needed it, but its back now. a full release should be available within a couple weeks.

i made this module simply because my clients and i were really fed up with pical and agenda-x

no offense to their creators, of course. we just need something more configurable and rock solid.

this will only be available for XOOPS 2.2.x. its kind of a good thing i dropped the project for a while - i'd have to do a lot of recoding to now!

Marion Morris
Gravity Squared Media - The Science of Design
www.gravitysquared.com

5

Re: Xoops 2.2 and timezones

2005/8/6 4:01
marijun
Just popping in
Posts: 53
Since: 2004/6/4 1

yep, i'm logged in and the correct time zone is set in my profile.

i think i figured it out. my module (as well as the news module, i suspect - my times are still an hour off in the news module) uses the time() function to grab the initial timestamp, which is being pulled from the server's time zone - not the user's. so i went through my module and changed all my time() functions to xoops_getUserTimestamp(time()) instead. it now pulls the correct date/time. then, to store it in the database, i changed it to userTimeToServerTime($startdatetime). now formatTimestamp is working as it should.

when i initially created this module, my server was in the same time zone as me and i must have overlooked the time zone situation.

Marion Morris
Gravity Squared Media - The Science of Design
www.gravitysquared.com

6

Re: Xoops 2.2 and timezones

2005/8/5 7:50
marijun
Just popping in
Posts: 53
Since: 2004/6/4 1

i'm having a similar problem, but i haven't found a fix for it yet.

i have the timezone selectable and working in the extended profiles module, and i have the correct time zone set there and in the XOOPS settings. (server time zone as well). my server is in the -5:00 time zone, and i'm in the -6:00 time zone. in both the news module and my calendar module, the times are all in the server time zone. the offset doesn't seem to be working at all.

Marion Morris
Gravity Squared Media - The Science of Design
www.gravitysquared.com

7

Re: javascript in admin head tags

2005/3/26 16:40
marijun
Just popping in
Posts: 53
Since: 2004/6/4 1

ah, i wasn't sure if you'd tested it or not ;)

good work, it works perfectly! included 2 javascripts and a stylesheet with no probs.

8

Re: javascript in admin head tags

2005/3/26 14:56
marijun
Just popping in
Posts: 53
Since: 2004/6/4 1

whoa! i'm definitely going to try that. if it really works, you should post that as a code snippet in the dev forge.

9

Re: i need some fresh eyes and/or a guru :)

2005/3/23 17:40
marijun
Just popping in
Posts: 53
Since: 2004/6/4 1

thanks a million! that's just what i needed.

you wanna know what's tragically funny though?

it still didn't work. not until after i noticed a !$%#*& typo in my sql query.

>_<

i'll have a good laugh at this later when i'm done bashing my head on the wall.

10

Re: i need some fresh eyes and/or a guru :)

2005/3/23 13:47
marijun
Just popping in
Posts: 53
Since: 2004/6/4 1

hmm. $eid is supposed to be passed from the form if it is set (ie: in edit mode, which is called by index.php?op=edit&eid=whatevereventid). without that code you pasted, php debug gave me an error saying $eid wasn't set.

how can i make sure $eid is set and passed to the save function properly, and make the save function still add new events properly?

Stats
Goal:	$100.00
Due Date:	May 31
Gross Amount:	$0.00
Net Balance:	$0.00
Left to go:	$100.00

Forum Index

Re: one of my sites got hacked :(

Re: one of my sites got hacked :(

one of my sites got hacked :(

Re: Calendar for me?

Re: Xoops 2.2 and timezones

Re: Xoops 2.2 and timezones

Re: javascript in admin head tags

Re: javascript in admin head tags

Re: i need some fresh eyes and/or a guru :)

Re: i need some fresh eyes and/or a guru :)

Login

Search

Recent Posts

Re: Rebuilding and Updating a 20 years old Xoops Website from 2.0.18? to 2.5.11

Rebuilding and Updating a 20 years old Xoops Website from 2.0.18? to 2.5.11

Re: NewBB v 5.1.0 b 6

Re: NewBB v 5.1.0 b 6

NewBB v 5.1.0 b 6

Re: XOOPS 2.5.11 search user is not working

Re: oledrion

Re: oledrion

Re: oledrion

Re: oledrion

Who's Online

Donat-O-Meter

Latest GitHub Commits

{{ record.sha.slice(0, 7) }} - {{ record.commit.message | truncate }}