peterng3 Posted April 25, 2008 Share Posted April 25, 2008 Hi all, I'm new to this forum and new to PHP. Here's my problem. I don't know how but someone was able to modify my index.php page and added these lines <!--startpos2--!> <font style='position: absolute;overflow: hidden;height: 0;width: 0'> <a href="http://images.archives.utah.gov/cdm4/results.php?CISOOP1=all&CISOBOX1=buy-viagra" title="buy viagra">buy viagra</a> <!--endpos2--!> I deleted couple times and it keeps coming back. help. Link to comment https://forums.phpfreaks.com/topic/102935-someone-inserted-weird-code-to-my-php-pages/ Share on other sites More sharing options...
p2grace Posted April 25, 2008 Share Posted April 25, 2008 Do you have any forms on your website where the data isn't being cleaned? Link to comment https://forums.phpfreaks.com/topic/102935-someone-inserted-weird-code-to-my-php-pages/#findComment-527328 Share on other sites More sharing options...
phpSensei Posted April 25, 2008 Share Posted April 25, 2008 Is this code in your Index.php CODE or just on some sort of Comment or Text he posted on your site? If he managed to implant that code there, then he had FTP access to your index.php, because he took it, edited it, and reuploaded it. Otherwise, if he inputted through a FORM, then you need to protect yourself against XSS.. try strip_tags($text); Link to comment https://forums.phpfreaks.com/topic/102935-someone-inserted-weird-code-to-my-php-pages/#findComment-527364 Share on other sites More sharing options...
peterng3 Posted April 25, 2008 Author Share Posted April 25, 2008 It's actually on index.php at the end, after all the php codes I have. I don't think he had access to ftp. if he does he could do more harm than that right? Link to comment https://forums.phpfreaks.com/topic/102935-someone-inserted-weird-code-to-my-php-pages/#findComment-527410 Share on other sites More sharing options...
phpSensei Posted April 25, 2008 Share Posted April 25, 2008 It's actually on index.php at the end, after all the php codes I have. I don't think he had access to ftp. if he does he could do more harm than that right? Or he probably uploaded to your site with your uploader or something. Either that, or he has FTP access, which yes it is harmful Link to comment https://forums.phpfreaks.com/topic/102935-someone-inserted-weird-code-to-my-php-pages/#findComment-527462 Share on other sites More sharing options...
bilis_money Posted April 25, 2008 Share Posted April 25, 2008 no worries, it's harmless... Link to comment https://forums.phpfreaks.com/topic/102935-someone-inserted-weird-code-to-my-php-pages/#findComment-527486 Share on other sites More sharing options...
phpSensei Posted April 26, 2008 Share Posted April 26, 2008 no worries, it's harmless... The code is harmless, but they could in the future add something dangerous if they wish (if it was hacked). Link to comment https://forums.phpfreaks.com/topic/102935-someone-inserted-weird-code-to-my-php-pages/#findComment-527519 Share on other sites More sharing options...
p2grace Posted April 26, 2008 Share Posted April 26, 2008 Agreed. This isn't something to take lightly. Link to comment https://forums.phpfreaks.com/topic/102935-someone-inserted-weird-code-to-my-php-pages/#findComment-527528 Share on other sites More sharing options...
phpSensei Posted April 26, 2008 Share Posted April 26, 2008 I suggest changing your password, and warn your host provider to see which strange IPs entered your Cpanel. Link to comment https://forums.phpfreaks.com/topic/102935-someone-inserted-weird-code-to-my-php-pages/#findComment-527543 Share on other sites More sharing options...
haku Posted April 26, 2008 Share Posted April 26, 2008 I agree. Change your password immediately. Link to comment https://forums.phpfreaks.com/topic/102935-someone-inserted-weird-code-to-my-php-pages/#findComment-527562 Share on other sites More sharing options...
peterng3 Posted April 28, 2008 Author Share Posted April 28, 2008 I have changed my password last week. it's still showing today. I do have an php file uploader, and a contact form. can they access the page thru these? How? Link to comment https://forums.phpfreaks.com/topic/102935-someone-inserted-weird-code-to-my-php-pages/#findComment-529070 Share on other sites More sharing options...
kenrbnsn Posted April 28, 2008 Share Posted April 28, 2008 Contact your host support people. Ask them to check your system for any rogue programs and/or Trojan Horse type programs. You're host may have been compromised somehow. Ken Link to comment https://forums.phpfreaks.com/topic/102935-someone-inserted-weird-code-to-my-php-pages/#findComment-529082 Share on other sites More sharing options...
dezkit Posted April 28, 2008 Share Posted April 28, 2008 try going into FTP and deleting it Link to comment https://forums.phpfreaks.com/topic/102935-someone-inserted-weird-code-to-my-php-pages/#findComment-529090 Share on other sites More sharing options...
Steven8294 Posted April 28, 2008 Share Posted April 28, 2008 That would just do the same as deleting through file manager.. hey dude if your still online add my msn at [email protected] Link to comment https://forums.phpfreaks.com/topic/102935-someone-inserted-weird-code-to-my-php-pages/#findComment-529095 Share on other sites More sharing options...
peterng3 Posted April 30, 2008 Author Share Posted April 30, 2008 I have contacted my host and still waiting for their answer. Thanks for your help Link to comment https://forums.phpfreaks.com/topic/102935-someone-inserted-weird-code-to-my-php-pages/#findComment-530671 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.