I've tracked the problem down to this line in agendax:

bindtextdomain( 'agendax', $agendax_path . '/locale/' );

in ../modules/agendax/i18n.php

Not sure why this would cause a fatal error?!? Anyone had this happen?

Commenting out the entire block of code fixes it.

Carmine

install info:
xoops 2.0.16
agendax 2.2
bmsurvey 0.5
php 4.4.4 (with...
allow_call_time_pass_reference = on
allow_url_fopen = on
register_globals = off )

Hello all. Yesterday my ISP upgraded to PHP 4.4.4, from an earlier 4.x version. Now I get errors in the agendax and bmsurvey modules, but other ones like CBB and wfsection work fine. Accessing the problem modules (any page) gives me a "64 - Host not available" error.

Turning php debug on isn't much help.

Doing an include of an agendax file from an external php script (which my site has always done and it worked fine) like so:

include("http://www.mydomain.com/modules/agendax/index.php?op=week");

...now generates the following errors:

Warning: main(http://www.mydomain.com/modules/agendax/index.php?op=week) [<a href='function.main'>function.main</a>]: failed to open stream: HTTP request failed! in file /someDirectory/index.php line 19

Warning: main() [<a href='function.include'>function.include</a>]: Failed opening 'http://www.mydomain.com/modules/agendax/index.php?op=week' for inclusion (include_path='.:/usr/local/share/pear/') in file /someDirectory/index.php line 19

Anyone come across anything similar?

Carmine

Just in case anyone is following this thread (or searches for it later on), turns out it wasn't hacked via xoops, but via one of my own php pages that foolishly did an "include" of whatever was passed in through a GET variable. Zoinks!

Thanks for all the replies.

Nah, I'm not surpass.

So if I change the perms to 755 it won't affect XOOPS at all? Why the need to "let them rebuild" for a day or so once in a while?

Also, this wouldn't protect the uploads directory, as that _must_ be 777, no?

Sorry about all the questions!

Carmine

A couple days ago, someone hacked my XOOPS site by uploading files to the cache directory. It was a fake bank site scam. Anyone had this happen before? Any chance they could have done this via XOOPS itself and not ftp?

xoops 2.0.13.1
modules:
- wfsection
- agendax
- wiwimod
- myMedia
- CBB

Thanks,
Carmine

Figured out a hack to make it work, so thought I'd post it here for others to find.

Before including header.php, just force your page to "pretend" it's a module that does show the right hand side. Like so:

<?php
include(XOOPS_ROOT_PATH."/mainfile.php");
// hack! we pretend to be the wfsection module so the right blocks show
$moduleid = 2;
include(XOOPS_ROOT_PATH."/header.php");
?>

my custom html...

<?php
include(XOOPS_ROOT_PATH."/footer.php");
?>

There you are.

Hey folks. Thanks in advance for any help.

Trying to wrap some html content in xoops, but I can't get my right blocks to show. The right blocks are not visible in all pages, and I assume that's why they're not showing.

Any way to get the wrapped content to show them?

<?php
include("/path/to/mainfile.php");
$xoopsOption['show_rblock'] = 1;
include(XOOPS_ROOT_PATH."/header.php");
?>
my html here
<?php
include(XOOPS_ROOT_PATH."/footer.php");
?>

Thanks again,
Carmine