captainB
-
Posts
16 -
Joined
-
Last visited
Content Type
Profiles
Forums
phpVMS Resources
Downloads
Posts posted by captainB
-
-
That would be a nice feature, feel free to fork the repo and contribute.
Done that now, already made the code that produces the MD5 from all the files, will work on the script that will do the checks and then try to integrate that somehow ( in the admin panel? or a CRON outside script? )
-
Gents,
Check for log.php in your root, looks like malicious code too,
Olly
Files I found at my site, worth to check if you guys have those:
x.txt
components.zip;unzip.1
e.php
kliverz.php
log.php
php.ini(multiple)
pijar.php
cwd.php
bim.php
default.php(multiple)
sunnah.html
-
we could use this instead of that Flash thing :http://www.chartjs.org/
-
I assume that would work for a "clean" install only? My installation was highly customized
Upload the install folder and run the file checkinstall.php, dont forget to delete it again afterwards.
-
Well, my site has been hacked. Would be nice if we had a CRC check feature like some of the CMS have.
-
Any built in mechanism for accessing the DB( looked at the docs, but maybe missed it ) , or the usual php way?
Thanks!
Semir
-
Any news on this? i have been messing with error_reporting and display_errors at the php.ini and also changing the values at local.config as suggested here, with no results.
-
servetas: Thanks, this fixed the problem
/Semir
-
This is a fresh install, downloaded today ( well yesterday now ) it is 2.1.935
-
Well, i managed to find where the double / is, and remove it, however that is not the issue, the problem persists.
Funny thing is that the rest of the site is working correctly.
-
Hello,
I just made a new install of phpvms, it is not my first as i have installed it in the past ( older versions ), this time however i have a broken access panel and this notice when accessing tha admin panel after the successful install:
Notice: The template file "/home/semgeb/domains/myflyva.eu/public_html//admin/lib/layout/header.php" doesn't exist in /home/semgeb/domains/myflyva.eu/public_html/core/classes/TemplateSet.class.php on line 231 Notice: The template file "/home/semgeb/domains/myflyva.eu/public_html//admin/lib/layout/footer.php" doesn't exist in /home/semgeb/domains/myflyva.eu/public_html/core/classes/TemplateSet.class.php on line 231
Now I can see that there's a double "//" there in the URL before admin which I think is the problem, however I not sure where to change that, would appreciate some help on this one
Oh and one more thing, of course both header.tpl and footer.tpl are at the correct directories.
Thanks,
Semir
-
nope, ubuntu server/apache/php5 on virtualbox
Using WAMP or XAMP? Might be something specific to that, I'm not sure
-
SITE_URL is set to '192.168.2.5/va'
DBASE_SERVER is set to 'localhost'
I have installed it on a remote server and it is working there.
I'm assuming it's on localhost? Alot of AJAX related things don't work on localhost due to security restrictions
-
yes, everything is allowed. I must note that I use this enviroment for Drupal, Joomla and others, and so I do not suspect a problem with php.ini for example.
Also, it is interesting that I cannot check the database connectivity from the installer as the button does not react at all.
Hey
Are cookies enabled and allowed? What about sessions?
-
Hi everyone,
I have just installed phpVMS, the installation procedure was succesful, however after I log in with the e-mail/pass supplied at the installation time, I cannot acces /admin I get : An Error Was Encountered Unauthorized access.
I tried to do a clean install ( deleted database and files ) whith no results.
I have noticed that the last page during the installation phase does not look as the one in the installation instructions on the site - it is an empty page and does not ahave a link to the admin panel or the main site, and no footer.
I do not provide any links as this is installed on a VM and my IP is dynamic.
Thanks.
[NOTICE] - Open Flash Chart Exploit
in Support Forum
Posted
Sadly, when there is a vulnurability, you find out when it's too late. As I mentioned earlier a checksum would at least give us early indication that some files have been tampered with. Maybe it would be possible to automate site backups/restores based on that information.
By the way, before this happened, I got bots trying to get through the login system at phpVMS and phpBB for months. They finally managed to break into phpBB a few months ago. Afterwards I was able to reduce bot attcks by blocking a LOT of ip ranges, and reduce it further by implementing a "human check" on the register page, which by the way I think should be standard since some of their attempts have managed to overcome captcha.