Mad!! a Hacker wiped out my guestbook of moer than 2 years

Well my ISP provided me with advanced guestbook when I signed up 2 yrs ago.
I was confident and stupid to assume that it was secure, now I am crying, bcz some boozo hacked into the guestbook and destroyed all my 2 yr worth of comments. This was the old version sorry to say that. This is just a church website that does not bother anyone and really of no value.
I am just here venting my frustration or maybe could I have been able to restore it?
Now today I have installed version 2.3.1, and lo and behold my second guestbook visit was unfortunately some stupid boozo again from Turkey who tried to hack it. Now I have become very paranoid. Is this version very secure?

Here are some screen shots

http://www.aids-epidemic.com/images/hacker.jpg

http://www.aids-epidemic.com/images/hacker2005.jpg

Now the guy who unsuccessfully tried to hack the guestbook today only managed to leave this behind. I was able to delete this gargabe, lame attempt.
Any help, advice !!!

Rawkmetal
<div id=\"Layer1\" style=\"position:absolute; left:0; top:1; width:1000; height:1034;
z-index:1; background-color: #000000; layer-background-color: #ccccc; border: 1px none #000000\"> 
<title>HACKED BY Rawkmetal : Ç&#305;x Ç&#305;x Ay&#305;pt&#305;r Karde&#351;im </title>

<body bgcolor=\"#000000\" leftmargin=\"0\" topmargin=\"8\" rightmargin=\"0\" bottommargin=\"8\" marginwidth=\"0\" marginheight=\"0\">

&nbsp;
&nbsp;
&nbsp;

<center>
.:: HACKED BY RAWKMETAL ::. 

<center>
<center>
Veritaban&#305;n&#305; daha bir çok &#351;eyi silebilirdim ama bak&#305;n&#305;z efendi insan&#305;m 
Gidiyorum Ama Hep Buralarda Olacag&#305;m... 
www.rawkmetal.tk // rawkmetal@rawkmetal.tk

A link to the guestbook would be useful. Do you have HTML enabled in the guestbook? If so disable it.

Gudos299 wrote:
Now today I have installed version 2.3.1, and lo and behold my second guestbook visit was unfortunately some stupid boozo again from Turkey who tried to hack it. Now I have become very paranoid. Is this version very secure?

Now the guy who unsuccessfully tried to hack the guestbook today only managed to leave this behind. I was able to delete this gargabe, lame attempt.
Any help, advice !!!

Your guestbook has probably been "googlized" by the hackers/spammers. They will probably continue to come back now that they have found you....

As Carbonize suggests, you should disable html and there are some simple suggestions for spam and some script-edits for guestbook spam that can be found on this forum if you use the search engine to seek them out.

Good luck with this problem.

Also if you made regular backups of your websites and database you really havnt lost a thing.

Ask your host if they make backups of either the server or MySQL databases. Some do.

I have HTML disabled, though. I think I cant recover it anyway because I reinstalled the new one over the old and gave it the same folder so as not to compromise my links on the site that I manually did with FP. Well I am just a noobie to webpage design.

The link is

The guest's entries are not in the folders but in the database. Your reinstallation has nothing to do with the database. Ask your host if they have a backup of the database, or, if all else fails:

http://proxy2.de/forum/viewtopic.php?t=4082

Sorry this is not even connected to my thread. I am retarded !!as far as php and mysql, what can this error possibly mean.

Warning: mysql_connect(): Access denied for user: 'XXXXXXX@localhost' (Using password: YES) in /backup/XXXXXX_html/user_config.php on line 26
Error connecting

At a guess it means you put the wrong information into the admin/config.inc.php file.

Thanks Carbo,,,I have a website at
www.gilbertmatare.com/signup.php I host church songs I let people download from my site. I needed to control bandwidth, so a friend wrote me a php script to force them to register before they can download.. Previuosly they had to email me a password and username then I would enter it manually into my password folder in Cpanel.
The script wont work now, and I have no clue what to do.
I dont know if its even allowed to post this but if you feel sorry to want to help me I can send you all the other details to my site via PM!!!

You could of simply installed the IPB forum and set it to only allow registered users to view the board. Then you just upload the songs as attachments to your posts. If the script is not to large simply email it to me at webmaster@carbonize.co.uk as this sites PM system is disabled.

ps. It is now 06:12 GMT and I am coming to the end of a 12 hour night shift so don't expect anything soon.

Script deleted

Well if it was working then suddenly stopped did you request a new MySQL password? I guess your MySQL details for that script are in user_config.php.

Gudos wrote:so a friend wrote me a php script to force them to register before they can download.. Previuosly they had to email me a password and username then I would enter it manually into my password folder in Cpanel.
The script wont work now, and I have no clue what to do.
I dont know if its even allowed to post this but if you feel sorry to want to help me I can send you all the other details to my site via PM!!!

Have you considered contacting your friend who wrote the script for assistance?

Essentially, this is saying that it is attempting to get the information to open MySQL from a backup file -
/backup/gilbertm/public_html/user_config.php at about line on line 26
The file it is trying to pull the information from is user_config.php and the error is occurring at (around) line 26.

It seems unusual that the system would be trying to run from a backup directory unless you did an incorrect restore process.

Okay I will try to contact him and let you know where the problem was ,.....