| Author |
Message |
|
|
|
If you do not have phpMyAdmin then email me the url along with the username and password for the guestbook and I will delete it. Once I delete it you will need to apply the exploit fix I've posted in several places to prevent it happening again.
|
 |
|
|
|
As I said the table widths can be set in templates/body.php.
|
|
|
|
|
I wouldn't be concerned. If you updated from 2.2 to 2.3.1 then the problem is that he changed the type of variable used for the date when logged in. There are several threads on the matter or try www.carbonize.co.uk/install.zip (It reports errors which I'm working on but does the job).
|
|
|
|
|
He wants the column widths not the table width :p
|
|
|
|
|
Sounds like the admin loop problem you get when updating from 2.2 to 2.3.1
|
|
|
|
|
www.carbonize.co.uk/verification.zip for the image verification. Most of the guestbooks text can be editted via the lang/english.php file. The HTML is to be found in the templates folder.
|
|
|
|
|
In templates/body.php I believe. I have altered my copy so it's hard for me to locate the exact file for template editting. I should keep a copy of the default installation to hand.
|
|
|
|
|
I have spoken to them and what they want is some serious modding. Would be easier to write a script to fit their needs rather than modding the guestbook script.
|
|
|
|
Glad to hear it. You may also want to use my image verification mod to prevent sutomated spamming of your guestbook. Not that I saw any.
Just a suggestion, why not edit the templates a little so that you could have the guestbook load in the iframe you use for the rest of the site?
|
|
|
|
|
As some of you are aware I altered the text on my guestbook to make it look like it was version 2.2 of the script. I did this to lure the morons into trying to access my guestbook using the exploit. I then logged all attempts at accessing my guestbook and the results can be viewed at http://www.carbonize.co.uk/guestbooklogins.php
|
|
|
|
|
No problems with using the admin section after you upgraded? There is a known bug whereby you end up in a login loop when trying to use the admin section after upgrading from 2.2 to 2.3.1.
|
|
|
|
glad to have helped. You could of just as easily deleted the post using the admin section of the guestbook but it was probably easier to identify the entry via phpMyAdmin.
I'm still curious as to how they gained access so as I said change your password.
|
|
|
|
|
Sorry my mistake. They have editted a post via the admin area. The exploit for the guestbook does not work on your site though so I am curious as to how they got in. Anyway you can delete the post that got editted to fix the problem then change your password. Or if you wish email me the login details and I will deal with it. My email is on my site.
|
|
|
|
|
looks like they edited the header.php in the templates file or possibly body.php I doubt they did this via the guestbook though. Did you chmod the template files to 777? Possibly this person has an account on the same server as you. Simply remove the cde from the appropriate template file.
|
|
|
|
|
I posted the fix for the exploit earlier in this thread.
|
|
|
|
![[Search]](/forum/templates/html/images/icon_mini_search.gif){kind=icon}
![[Hottest Topics]](/forum/templates/html/images/icon_mini_recentTopics.gif){kind=icon}
![[Members]](/forum/templates/html/images/icon_mini_members.gif){kind=icon}
![[FAQ]](/forum/templates/html/images/icon_mini_faq.gif){kind=icon}
![[Register]](/forum/templates/html/images/icon_mini_register.gif){kind=icon}
Register![[Login]](/forum/templates/html/images/icon_mini_login.gif){kind=icon}
Login