peterng3 Posted April 25, 2008 Share Posted April 25, 2008 Hi all, I'm new to this forum and new to PHP. Here's my problem. I don't know how but someone was able to modify my index.php page and added these lines <!--startpos2--!> <font style='position: absolute;overflow: hidden;height: 0;width: 0'> <a href="http://images.archives.utah.gov/cdm4/results.php?CISOOP1=all&CISOBOX1=buy-viagra" title="buy viagra">buy viagra</a> <!--endpos2--!> I deleted couple times and it keeps coming back. help. Quote Link to comment Share on other sites More sharing options...
p2grace Posted April 25, 2008 Share Posted April 25, 2008 Do you have any forms on your website where the data isn't being cleaned? Quote Link to comment Share on other sites More sharing options...
phpSensei Posted April 25, 2008 Share Posted April 25, 2008 Is this code in your Index.php CODE or just on some sort of Comment or Text he posted on your site? If he managed to implant that code there, then he had FTP access to your index.php, because he took it, edited it, and reuploaded it. Otherwise, if he inputted through a FORM, then you need to protect yourself against XSS.. try strip_tags($text); Quote Link to comment Share on other sites More sharing options...
peterng3 Posted April 25, 2008 Author Share Posted April 25, 2008 It's actually on index.php at the end, after all the php codes I have. I don't think he had access to ftp. if he does he could do more harm than that right? Quote Link to comment Share on other sites More sharing options...
phpSensei Posted April 25, 2008 Share Posted April 25, 2008 It's actually on index.php at the end, after all the php codes I have. I don't think he had access to ftp. if he does he could do more harm than that right? Or he probably uploaded to your site with your uploader or something. Either that, or he has FTP access, which yes it is harmful Quote Link to comment Share on other sites More sharing options...
bilis_money Posted April 25, 2008 Share Posted April 25, 2008 no worries, it's harmless... Quote Link to comment Share on other sites More sharing options...
phpSensei Posted April 26, 2008 Share Posted April 26, 2008 no worries, it's harmless... The code is harmless, but they could in the future add something dangerous if they wish (if it was hacked). Quote Link to comment Share on other sites More sharing options...
p2grace Posted April 26, 2008 Share Posted April 26, 2008 Agreed. This isn't something to take lightly. Quote Link to comment Share on other sites More sharing options...
phpSensei Posted April 26, 2008 Share Posted April 26, 2008 I suggest changing your password, and warn your host provider to see which strange IPs entered your Cpanel. Quote Link to comment Share on other sites More sharing options...
haku Posted April 26, 2008 Share Posted April 26, 2008 I agree. Change your password immediately. Quote Link to comment Share on other sites More sharing options...
peterng3 Posted April 28, 2008 Author Share Posted April 28, 2008 I have changed my password last week. it's still showing today. I do have an php file uploader, and a contact form. can they access the page thru these? How? Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted April 28, 2008 Share Posted April 28, 2008 Contact your host support people. Ask them to check your system for any rogue programs and/or Trojan Horse type programs. You're host may have been compromised somehow. Ken Quote Link to comment Share on other sites More sharing options...
dezkit Posted April 28, 2008 Share Posted April 28, 2008 try going into FTP and deleting it Quote Link to comment Share on other sites More sharing options...
Steven8294 Posted April 28, 2008 Share Posted April 28, 2008 That would just do the same as deleting through file manager.. hey dude if your still online add my msn at steven8294@hotmail.co.uk Quote Link to comment Share on other sites More sharing options...
peterng3 Posted April 30, 2008 Author Share Posted April 30, 2008 I have contacted my host and still waiting for their answer. Thanks for your help Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.