I had an email from one of my users this morning telling me that my site had been hacked. Sure enough, when I went there I saw a single political page rather than my XOOPS home page. The page kept coming up even when I tried to access through files like user.php or register.php.

Basically, it turned out that theme.html.php in templates_c was displaying the foreign page. Once I deleted that file, everything went back to normal. I've checked the theme settings in preferences and the database, but haven't found anything so far. I'm using XOOPS 2.2.3 btw.

I've been in touch with my host, just to make sure they know what's going on. But none of my files were altered, and I'm not seeing anything that shouldn't be there, so I'm guessing this was some sort of injection attack.

Does anyone have any ideas what might have caused this? Aside from using the outdated. 2.2 branch, I have a couple of different things I'm looking at:

1. XoopsGallery recently had a security hole revealed. Currently I'm running 1.3, but I'm working on upgrading to the new version.

2. I recently activated WF-Downloads in order to host some files. Not sure if this could be the culprit, or if it's just a coincidence.

After deleting the theme file, it looks like everything is working, though I still have a placeholder index.html on the site atm. My plan now is to make backups and then upgrade to the most recent XOOPS release (is there a script that will roll back from 2.2?)

If anyone else has any help or advice on what to check, it would be much appreciated. Thanks!

If you're using CBB for XOOPS 2.2.3, there's a setting called "Allow requiring reply to read a post" under general preferences. I think it does what you're looking for.

I don't think that it's possible to restrict access via post count like you want. From what I can tell, all forum permissions are handled through groups now. You might be able to make a particular group of people who match the criteria you want, and then populate it as you go. But that kind of sounds like a pain.

Hello-

Instead of running upgrade scripts for the new XOOPS release, I decided to do a fresh install and tranfer the database info into the new environment. I've gotten pretty much everything transferred over successfully, but there's two tables in the old newbb configuration that I couldn't find in cbb:

xoops_bb_forum_access
xoops_bb_forum_mods

Basically these tables store the data on forum permissions and moderators, I think. I use a lot of private forums on my site, so I'd like to get these transferred over without having to reset everything from the panel. I haven't seen anywhere they could go in the cbb tables.

Can anyone tell me where this information would go in the new release? Thanks!

Ok, I found a workaround for this. Since all of these labels are defined in the language file main.php, I added the following line to the top of /newbb/header.php:

include_once XOOPS_ROOT_PATH.'/modules/newbb/language/english/main.php';

This manually loads all the english language variables. The search page now displays correctly, and from what I can tell search and everything else in the forums is working fine.

I have no idea why the language file wasn't loading; I tried putting the line in search.php and it loaded all of the variables except for the menu one which was said to be missing from header. So I moved the line to header and everything loaded fine.

The problem with this workaround is that you'll have to hardcode in every language that you use, so dynamic translation isn't going to work as well. Since I don't use translation on my site it's not a problem for me, but it still seems like something the bug team or whoever should check into.

Update- I tried changing the theme and template sets to the default ones, and the error still occurred. So I'm pretty sure that I can rule out possibility #1.

Anyone have any other ideas?

I'm having this problem with my CBB search, as well. Has anyone come up with a solution?

I'm using the latest version of Xoops, fresh install, with the CBB package that came with it. So there's no old versions of anything to get in the way. I've checked various files in the newbb directory (header.php, etc) and everything looks ok and has permissions set correctly. All my modules and templates are up to date.

It looks like the fields or search options aren't getting created, either in Smarty or because the file can't be seen. There's a few possible reasons I can think of, but they're all just guess. I have no real idea if any of them are possible causes or not:

1. I'm using a custom theme set, which has caused stuff to act oddly in previous versions if a module expects something from a theme that isn't there.

2. I'm not in the root directory of the server, but actually in a subdirectory. I was thinking this might be causing problems with either XOOPS_URL or XOOPS_ROOT_PATH, but I know that those have been getting translated ok in other modules.

3. The newbb template set has three .css files that are hilighted yellow, waiting to be generated. However, when I try to generate them, it says that the files cannot be found. The hover and click files are obviously for the menus, but there's also a newbb.css file that could have related information in it. Whether or not these files are still used in cbb, I don't know.

That's about all I can think of that might be related. I know that my PHP and SQL versions and all that are sufficient for XOOPS 2.2.3. Can anyone think of anything else to check?

I had some similar problems- after removing the Content and Multimenu modules, I couldn't get my login or search blocks to display. Rebuilding the System module took care of the problem.

Thanks for the tips!

I'm sorry, but I'm not certain what you're saying the problem is here. Is it that the templates somehow became corrupted, and I need go back to the original default ones?

This might work, but the problem is that I (and I think the others) are using custom templates we've made. In my case, I made a backup of my site, installed NewBB, and used that to lay out the templates and HTML the way I wanted. Then, when I upgraded on my live site and moved the templates over, this was the result.

Does anyone know what could have caused this?

bump

I'm having the same problem, I posted a thread asking about it yesterday. I even get similar looking broken tags at the bottom of the forum.

I'm also using a custom theme for my site. I laid out the theme for the forums on a mirror site; basically I did a second install of xoops, put in Newbb 2.0, and altered the templates to where I wanted them.

Then, when I went back to my main site and did the upgrade, the problems occurred. I never actually put the custom template files onto the main site; since the forums weren't working with their base files, I didn't think uploading my new ones would help matters any.

Anyone know what's going on here? As far as I can tell, this was just an upgrade bug; doing a new install, adding my custome theme, and then installing NewBB everything worked fine.