If you are not registered or logged in, you may still use these forums but with limited features. Show recent topics
  [Search] Search   [Hottest Topics] Hottest Topics   [Members]  Member Listing   [FAQ]  FAQ 
[Register] Register / 
[Login] Login 
Hacked SERIOUSLY!!!  XML
Forum Index » Advanced Guestbook Forum
Author Message
VegasBoxers
Newbie

Joined: 11/05/2006 04:54:24
Messages: 3
Location: Las Vegas, NV
Offline

I had my agb installed and up for a little over a week and it was spammed. I entered into the admin portion and deleted the crap. However, this morning, I checked my agb and I saw that one of the GB entries had an anddendum (sp?) to it that was all html looking code. I went into the GB and deleted the additional entry and then went to the password tab to change the existing ID & PW. It hung up and wouldn't let me enter the info. You can type into the fields, but then there is no buttons or anyhing to submit the change. The page hangs like it's taking forever to load. This was on 2 different machines, in 2 different parts of town.

So since the site hasn't gone public yet, and there was only 1 entry in it, I deleted the install and reinstalled it. I went and deleted all the tables on my database. However the same problem happened with the fresh upload and install with not being able to change the ID and PW. Any ideas?

Feel free to view it here: http://www.meyerracingonline.com/Guest/admin
THANKS!
Scott Faivre
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

1 - You need to disable HTML.

2 - The admin url is actually http://www.meyerracingonline.com/Guest/admin.php

Your main problem is your host is still using PHP 4.4.1 so you get an infinite loop on password change page. Hence you are still using default username and pasword. I'd recommend updating to 2.4.1 whilst your guestbook is empty as this also has a password reset script with it as well as anti spam.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
VegasBoxers
Newbie

Joined: 11/05/2006 04:54:24
Messages: 3
Location: Las Vegas, NV
Offline

Carbonize wrote:1 - You need to disable HTML.


I believe I did do that if it's the option inside the admin panel. Did I not do that correctly?


2 - The admin url is actually http://www.meyerracingonline.com/Guest/admin.php

Your main problem is your host is still using PHP 4.4.1 so you get an infinite loop on password change page. Hence you are still using default username and pasword. I'd recommend updating to 2.4.1 whilst your guestbook is empty as this also has a password reset script with it as well as anti spam.


Thank you! I will do! Do you recommend I upgrade, or should I just delete and reinstall with 2.4.1?

THANK YOU!!!

Scott Faivre
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

May as well upgrade to save messing with database again.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
VegasBoxers
Newbie

Joined: 11/05/2006 04:54:24
Messages: 3
Location: Las Vegas, NV
Offline

...EDITED...

Nevermind. I switched to Lazarus. I'm up and going!
THANKS STUART!!!

Scott Faivre
 
Forum Index » Advanced Guestbook Forum
Go to:   
Based on the open source JForum