SOPDIOS Posted May 24, 2011 Share Posted May 24, 2011 Hi I had installed Simple Multiple Images (Unlimited) with Fancy Popups v1.3.5 in my store with no problem, but now it does anything touching the effect ina opening image, open the images on a separate page in the browser here yo the web so you can make, thanks. http://frikibot.com/tiendaonline Quote Link to comment Share on other sites More sharing options...
germ Posted May 24, 2011 Share Posted May 24, 2011 Read this You don't realize it but the shop is hacked now... :o Quote If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
SOPDIOS Posted May 24, 2011 Author Share Posted May 24, 2011 Hello is not hacked, this newly installed practically, please can you tell me I can do to fix the problem of the images?, thanks, I leave the product_info.php here if you see something strange <?php /* $Id: product_info.php 1739 2007-12-20 00:52:16Z hpdl $ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2003 osCommerce Released under the GNU General Public License */ require('includes/application_top.php'); require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_PRODUCT_INFO); // Simple multi image addon $image_group = TINY_IMAGE_GROUP_SIZE; //Number of images to show per row/column $vertical_format = (ADDITIONAL_IMAGE_FORMAT == 'vertical'); $max_title_length = 40; //Set the maximm length of popup titles before they are broken into multiple lines. $product_info_query = tep_db_query("select p.products_id, pd.products_name, pd.products_description, p.products_model, p.products_quantity, p.products_image, p.products_image_array, pd.products_url, p.products_price, p.products_tax_class_id, p.products_date_added, p.products_date_available, p.manufacturers_id from " . TABLE_PRODUCTS . " p, " . TABLE_PRODUCTS_DESCRIPTION . " pd where p.products_status = '1' and p.products_id = '" . (int)$HTTP_GET_VARS['products_id'] . "' and pd.products_id = p.products_id and pd.language_id = '" . (int)$languages_id . "'"); $product_info = tep_db_fetch_array($product_info_query); $products_image_array = unserialize($product_info['products_image_array']); if (!is_array($products_image_array)) $products_image_array = array(); // EOF Simple multi image addon ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html <?php echo HTML_PARAMS; ?>> <head> <!-- Simple multi image addon --> <meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" /> <!-- Simple multi image addon --> <script type="text/javascript" src="<?php echo DIR_WS_IMAGES ?>js/jquery.js"></script> <script type="text/javascript" src="<?php echo DIR_WS_IMAGES ?>js/jquery.fancybox.js"></script> <script type="text/javascript" src="<?php echo DIR_WS_IMAGES ?>js/jquery.easing.js"></script> <script type="text/javascript" src="<?php echo DIR_WS_IMAGES ?>js/jquery.easydrag.handler.beta2.js"></script> <link rel="stylesheet" href="<?php echo DIR_WS_IMAGES ?>js/fancybox.css" type="text/css" media="screen"> <script type="text/javascript"> var $jQ = jQuery.noConflict(); $jQ(document).ready(function() { $jQ("div#fancy a").fancybox({ 'zoomSpeedIn': 800, 'zoomSpeedOut': 700, 'imageScale' : true, 'centerOnScroll': true, 'overlayShow': <?php echo (DIM_BACKGROUND == 'true' ? 'true' : 'false'); ?>, 'overlayOpacity': <?php echo (BKG_LUMA/10); ?>, 'zoomOpacity': true, <?php if (SWING_POPUP == 'true') echo "'easingIn' : 'easeOutBack',"; ?> 'hideOnContentClick': true, 'hideOnOverlayClick': false }); <?php if (DRAG_POPUP == 'true') echo '$("#fancy_outer").easydrag();'; ?> }); </script> <style type="text/css"> <?php if (SHOW_NAV == 'true') echo 'span#fancy_left_ico {left: 20px;} span#fancy_right_ico {right: 20px;}'; switch (POS_NAV) { case 'top': echo 'span.fancy_ico { top: 38px; }'; break; case 'bottom': echo 'span.fancy_ico { bottom: 20px; }'; break; default: echo 'span.fancy_ico { top: 50%; }'; break; } ?> </style> <!-- EOF Simple multi image addon --> <?php require(DIR_WS_INCLUDES . 'header_includes.php'); ?> <script language="javascript"><!-- function popupWindow(url) { window.open(url,'popupWindow','toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=no,resizable=yes,copyhistory=no,width=100,height=100,screenX=150,screenY=150,top=150,left=150') } //--></script> </head> <body> <!-- header //--> <?php require(DIR_WS_INCLUDES . 'header.php'); ?> <!-- header_eof //--> <!-- body //--> <table border="0" class="<?php echo MAIN_TABLE; ?>" cellspacing="0" cellpadding="0"> <tr> <td class="<?php echo BOX_WIDTH_TD_LEFT; ?>"><table border="0" class="<?php echo BOX_WIDTH_LEFT; ?>" cellspacing="0" cellpadding="0"> <!-- left_navigation //--> <?php require(DIR_WS_INCLUDES . 'column_left.php'); ?> <!-- left_navigation_eof //--> </table></td> <!-- body_text //--> <td class="<?php echo CONTENT_WIDTH_TD; ?>"><?php include(DIR_WS_BOXES . 'panel_top.php');?><?php echo tep_draw_form('cart_quantity', tep_href_link(FILENAME_PRODUCT_INFO, tep_get_all_get_params(array('action')) . 'action=add_product')); ?> <?php // Simple multi image addon if (!tep_db_num_rows($product_info_query)) { // EOF Simple multi image addon ?> <?php echo tep_draw_top();?> <?php echo tep_draw_title_top();?> <?php echo TEXT_PRODUCT_NOT_FOUND; ?> <?php echo tep_draw_title_bottom();?> <?php echo tep_draw1_top();?> <?php echo tep_draw_infoBox2_top();?> <table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr><td align="right"><?php echo '<a href="' . tep_href_link(FILENAME_DEFAULT) . '">' . tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>'; ?></td></tr> </table> <?php echo tep_draw_infoBox2_bottom();?> <?php echo tep_draw1_bottom();?> <?php } else { // Simple multi image addon section moved $product_info_query = tep_db_query("select p.products_id, pd.products_name, pd.products_description, p.products_model, p.products_quantity, p.products_image, pd.products_url, p.products_price, p.products_tax_class_id, p.products_date_added, p.products_date_available, p.manufacturers_id from " . TABLE_PRODUCTS . " p, " . TABLE_PRODUCTS_DESCRIPTION . " pd where p.products_status = '1' and p.products_id = '" . (int)$HTTP_GET_VARS['products_id'] . "' and pd.products_id = p.products_id and pd.language_id = '" . (int)$languages_id . "'"); $product_info = tep_db_fetch_array($product_info_query); tep_db_query("update " . TABLE_PRODUCTS_DESCRIPTION . " set products_viewed = products_viewed+1 where products_id = '" . (int)$HTTP_GET_VARS['products_id'] . "' and language_id = '" . (int)$languages_id . "'"); if ($new_price = tep_get_products_special_price($product_info['products_id'])) { $products_price2 = '<span class="productSpecialPrice">' . $currencies->display_price($new_price, tep_get_tax_rate($product_info['products_tax_class_id'])) . '</span><br><s>' . $currencies->display_price($product_info['products_price'], tep_get_tax_rate($product_info['products_tax_class_id'])) . '</s>'; } else { $products_price2 = '<span class="productSpecialPrice">'.$currencies->display_price($product_info['products_price'], tep_get_tax_rate($product_info['products_tax_class_id'])).'</span>'; } if ($new_price = tep_get_products_special_price($product_info['products_id'])) { $products_price = '<s>' . $currencies->display_price($product_info['products_price'], tep_get_tax_rate($product_info['products_tax_class_id'])) . '</s> <b class="productSpecialPrice">' . $currencies->display_price($new_price, tep_get_tax_rate($product_info['products_tax_class_id'])) . '</b>'; } else { $products_price = '<b class="productSpecialPrice">'.$currencies->display_price($product_info['products_price'], tep_get_tax_rate($product_info['products_tax_class_id'])).'</b>'; } if (tep_not_null($product_info['products_model'])) { $products_name = $product_info['products_name'] . '<br> <span class="smallText">[' . $product_info['products_model'] . ']</span>'; } else { $products_name = $product_info['products_name']; } ?> <?php echo tep_draw_top();?> <?php echo tep_draw_title_top();?> <?php echo $breadcrumb->trail(' » ')?> » <?php echo $products_name; ?> <?php echo tep_draw_title_bottom();?> <?php echo tep_draw4_top();?> <?php echo tep_draw2_top(); ?> <?php /* echo tep_pixel_trans(); */?> <?php if (tep_not_null($product_info['products_image'])) { ?> <!-- Simple multi image addon --> <div id="fancy"> <table border="0" cellspacing="0" cellpadding="2" align="right"> <tr> <td align="right" class="smallText"> <?php if (strlen($product_info['products_name']) > $max_title_length) { $title = wordwrap(htmlspecialchars($product_info['products_name']), $max_title_length, '<br>'); } else { $title = htmlspecialchars($product_info['products_name']); } $m_source = ''; $thumb = (class_exists('oscthumb') && CFG_MASTER_SWITCH == 'On'); if ($thumb) { preg_match('/"([^"]+)"/',htmlentities ( tep_image(DIR_WS_IMAGES . $product_info['products_image'],'','','','','',5), ENT_NOQUOTES), $image); $m_source=str_replace('&','&',$image[1]); } echo '<a rel="image_group" title="'.$title.'" href="' . ($m_source ? $m_source : DIR_WS_IMAGES . $product_info['products_image']) . '" alt="' . $product_info['products_name'] . '" target="_blank">' . tep_image(DIR_WS_IMAGES . $product_info['products_image'], $product_info['products_name'], SMALL_IMAGE_WIDTH, SMALL_IMAGE_HEIGHT, 'hspace="5" vspace="5"', false, 5) . '<br /></a>'; if(!$vertical_format) { echo ''; $row = 1; reset($products_image_array); foreach($products_image_array as $value) { if ($thumb) { $source = ''; preg_match('/"([^"]+)"/',htmlentities ( tep_image(DIR_WS_IMAGES . $value,'','','','','',5), ENT_NOQUOTES), $image); $source=str_replace('&','&',$image[1]); } echo '<a rel="image_group" title="'.$title.'" href="' . ($source ? $source : DIR_WS_IMAGES . $value) . '" target="_blank">' . tep_image(DIR_WS_IMAGES . $value, $product_info['products_name'], TINY_IMAGE_WIDTH, TINY_IMAGE_HEIGHT, 'hspace="5" vspace="5"') . '</a>'; ++$row; if ($row > $image_group) { echo '<br />'; $row = 1; } } } echo '</td>'; if($vertical_format) { echo '<td>'; $row = 1; reset($products_image_array); foreach($products_image_array as $value) { if ($thumb) { $source = ''; preg_match('/"([^"]+)"/',htmlentities ( tep_image(DIR_WS_IMAGES . $value,'','','','','',5), ENT_NOQUOTES), $image); $source=str_replace('&','&',$image[1]); } echo '<a rel="image_group" title="'.$title.'" href="' . ($source ? $source : DIR_WS_IMAGES . $value) . '" target="_blank">' . tep_image(DIR_WS_IMAGES . $value, $product_info['products_name'], TINY_IMAGE_WIDTH, TINY_IMAGE_HEIGHT, 'hspace="5" vspace="5"') . '<br />' . '</a>'; ++$row; if ($row > $image_group) { echo '</td><td>'; $row = 1; } } echo '</td>'; } ?> </tr><?php echo '<tr><td class="smallText">' . TEXT_CLICK_TO_ENLARGE . '</td></tr>'; ?> </table> </div> <!-- EOF Simple multi image addon --> <?php } ?> <div class="main"><div class="desc2"><?php echo stripslashes($product_info['products_description']); ?></div><br> <br><div><?php echo $products_price?></div></div><br> <div style="clear:both;"></div> <?php echo tep_draw2_bottom();?> <div class="cart_line_x padd2_gg"><?php echo tep_draw_separator('spacer.gif', '1', '2'); ?></div> <?php echo tep_draw2_top(); ?> <?php $products_attributes_query = tep_db_query("select count(*) as total from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_ATTRIBUTES . " patrib where patrib.products_id='" . (int)$HTTP_GET_VARS['products_id'] . "' and patrib.options_id = popt.products_options_id and popt.language_id = '" . (int)$languages_id . "'"); $products_attributes = tep_db_fetch_array($products_attributes_query); if ($products_attributes['total'] > 0) { ?> <table border="0" cellspacing="4" cellpadding="2"> <tr> <td class="main" colspan="2"><strong class="strong"><?php echo TEXT_PRODUCT_OPTIONS; ?></strong></td> </tr> <?php $products_options_name_query = tep_db_query("select distinct popt.products_options_id, popt.products_options_name from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_ATTRIBUTES . " patrib where patrib.products_id='" . (int)$HTTP_GET_VARS['products_id'] . "' and patrib.options_id = popt.products_options_id and popt.language_id = '" . (int)$languages_id . "' order by popt.products_options_name"); while ($products_options_name = tep_db_fetch_array($products_options_name_query)) { $products_options_array = array(); $products_options_query = tep_db_query("select pov.products_options_values_id, pov.products_options_values_name, pa.options_values_price, pa.price_prefix from " . TABLE_PRODUCTS_ATTRIBUTES . " pa, " . TABLE_PRODUCTS_OPTIONS_VALUES . " pov where pa.products_id = '" . (int)$HTTP_GET_VARS['products_id'] . "' and pa.options_id = '" . (int)$products_options_name['products_options_id'] . "' and pa.options_values_id = pov.products_options_values_id and pov.language_id = '" . (int)$languages_id . "'"); while ($products_options = tep_db_fetch_array($products_options_query)) { $products_options_array[] = array('id' => $products_options['products_options_values_id'], 'text' => $products_options['products_options_values_name']); if ($products_options['options_values_price'] != '0') { $products_options_array[sizeof($products_options_array)-1]['text'] .= ' (' . $products_options['price_prefix'] . $currencies->display_price($products_options['options_values_price'], tep_get_tax_rate($product_info['products_tax_class_id'])) .') '; } } if (isset($cart->contents[$HTTP_GET_VARS['products_id']]['attributes'][$products_options_name['products_options_id']])) { $selected_attribute = $cart->contents[$HTTP_GET_VARS['products_id']]['attributes'][$products_options_name['products_options_id']]; } else { $selected_attribute = false; } ?> <tr><td><?php echo tep_draw_separator('spacer.gif', '1', '9'); ?></td><td></td></tr> <tr> <td class="main"><?php echo $products_options_name['products_options_name'] . ':'; ?></td> <td class="main"><?php echo tep_draw_pull_down_menu('id[' . $products_options_name['products_options_id'] . ']', $products_options_array, $selected_attribute); ?></td> </tr> <?php } ?> </table> <?php } ?> <?php $reviews_query = tep_db_query("select count(*) as count from " . TABLE_REVIEWS . " where products_id = '" . (int)$HTTP_GET_VARS['products_id'] . "'"); $reviews = tep_db_fetch_array($reviews_query); if ($reviews['count'] > 0) { ?> <table cellpadding="0" cellspacing="4" border="0"> <tr> <td class="main"><?php echo TEXT_CURRENT_REVIEWS . ' ' . $reviews['count']; ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> </table> <?php } if (tep_not_null($product_info['products_url'])) { ?> <table cellpadding="0" cellspacing="4" border="0"> <tr> <td class="main"><?php echo sprintf(TEXT_MORE_INFORMATION, tep_href_link(FILENAME_REDIRECT, 'action=url&goto=' . urlencode($product_info['products_url']), 'NONSSL', true, false)); ?></td> </tr> </table> <?php echo tep_pixel_trans();?> <?php } if ($product_info['products_date_available'] > date('Y-m-d H:i:s')) { ?> <?php echo tep_pixel_trans();?> <table cellpadding="0" cellspacing="4" border="0"> <tr> <td class="main"><?php echo sprintf(TEXT_DATE_AVAILABLE, tep_date_long($product_info['products_date_available'])); ?></td> </tr> </table> <?php } else { ?> <?php echo tep_pixel_trans();?> <table cellpadding="0" cellspacing="4" border="0"> <tr> <td class="main"><?php echo sprintf(TEXT_DATE_ADDED, tep_date_long($product_info['products_date_added'])); ?></td> </tr> </table> <?php } ?> <?php echo tep_draw2_bottom();?> <?php echo tep_pixel_trans();?> <div class="cart_line_x padd2_gg"><?php echo tep_draw_separator('spacer.gif', '1', '2'); ?></div> <?php echo tep_draw2_top(); ?> <?php echo tep_pixel_trans();?> <?php echo tep_pixel_trans();?> <?php /* echo tep_draw_infoBox2_top(); */ ?> <table border="0" width="100%" cellspacing="0" cellpadding="0"><tr> <td class="main button_marg"><?php echo '<a href="' . tep_href_link(FILENAME_PRODUCT_REVIEWS, tep_get_all_get_params()) . '">' . tep_image_button('button_reviews.gif', IMAGE_BUTTON_REVIEWS) . '</a>'; ?></td> <td class="main button_marg" align="right"><?php echo tep_draw_hidden_field('products_id', $product_info['products_id']) . tep_image_submit('button_add_to_cart1.gif', IMAGE_BUTTON_IN_CART); ?></td> </tr> </table> <?php /* echo tep_draw_infoBox2_bottom(); */ ?> <?php echo tep_draw2_bottom();?> <?php echo tep_draw4_bottom();?> <?php if ((USE_CACHE == 'true') && empty($SID)) { echo tep_cache_also_purchased(3600); } else { include(DIR_WS_MODULES . FILENAME_ALSO_PURCHASED_PRODUCTS); } } ?> <?php echo tep_draw_bottom();?> </form></td> <!-- body_text_eof //--> <td class="<?php echo BOX_WIDTH_TD_RIGHT; ?>"><table border="0" class="<?php echo BOX_WIDTH_RIGHT; ?>" cellspacing="0" cellpadding="0"> <!-- right_navigation //--> <?php require(DIR_WS_INCLUDES . 'column_right.php'); ?> <!-- right_navigation_eof //--> </table></td> </tr> </table> <!-- body_eof //--> <!-- footer //--> <?php require(DIR_WS_INCLUDES . 'footer.php'); ?> <!-- footer_eof //--> </body> <?php require(DIR_WS_INCLUDES . 'footer_includes.php'); ?> </html> <?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?> Quote Link to comment Share on other sites More sharing options...
germ Posted May 24, 2011 Share Posted May 24, 2011 Not hacked you say... I suppose you're the one that put the r57 PHP Shell in the shop then? :unsure: If you don't know what that is then you'd better start checking your files.... :-" Quote If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
SOPDIOS Posted June 8, 2011 Author Share Posted June 8, 2011 Hi, thanks for your answer, is there any way to examine the code all the files in my shop at once? thanks. Quote Link to comment Share on other sites More sharing options...
germ Posted June 8, 2011 Share Posted June 8, 2011 There are contributions that I think can do that (never tried them so no clue on how relialble they are). Some people FTP their site to their PC and scan it with their antivirus (personally this sounds very unreliable to me for several reasons I won't go into detail about). If you can't recognize "rogue code" when you see it you may have to get someone to do it for you. And I hate to be the bearer of bad news but there are more "rogue" files now than the last time I looked... :'( Quote If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.