Fatal error

[nahkuri]

Hi!

My coppermine-gallery was hacked three days ago and the hacker managed to modify my index.php -file. I replaced the index.php -file with the original one, but now I'm getting a fatal error saying:

While executing query "select user_id as id, user_password as password from `pankki`.cpg14x_users where user_id=0" on Resource id #5

mySQL error: Table 'pankki.cpg14x_users' doesn't exist

So it seems that the hacker also managed to terrorise the coppermine database. Is there anything to be done that can rescue my gallery? Can I reconstruct the database by hand?

The database contains following tables (16):
# cpg14x_albums
# cpg14x_banned
# cpg14x_bridge
# cpg14x_categories
# cpg14x_comments
# cpg14x_config
# cpg14x_dict
# cpg14x_ecards
# cpg14x_exif
# cpg14x_favpics
# cpg14x_filetypes
# cpg14x_hit_stats
# cpg14x_plugins
# cpg14x_sessions
# cpg14x_temp_data
# cpg14x_vote_stats

I'm running 1.4.18 (yes, I know, I should have upgraded to 1.4.19 but I didn't notice there was a new version). I already uploaded files from version 1.4.19 and run "update.php" but the error remains.

Any help is appreciated!

[Joachim Müller]

Restore the missing table from a backup. If you don't have a backup, re-create the missing table by running the query

Code Select Expand

CREATE TABLE cpg14x_users (
  user_id int(11) NOT NULL auto_increment,
  user_group int(11) NOT NULL default '2',
  user_active enum('YES','NO') NOT NULL default 'NO',
  user_name varchar(25) NOT NULL default '',
  user_password varchar(40) NOT NULL default '',
  user_lastvisit datetime NOT NULL default '0000-00-00 00:00:00',
  user_regdate datetime NOT NULL default '0000-00-00 00:00:00',
  user_group_list varchar(255) NOT NULL default '',
  user_email varchar(255) NOT NULL default '',
  user_profile1 varchar(255) NOT NULL default '',
  user_profile2 varchar(255) NOT NULL default '',
  user_profile3 varchar(255) NOT NULL default '',
  user_profile4 varchar(255) NOT NULL default '',
  user_profile5 varchar(255) NOT NULL default '',
  user_profile6 text NOT NULL,
  user_actkey varchar(32) NOT NULL default '',

  PRIMARY KEY  (user_id),
  UNIQUE KEY user_name (user_name)
) TYPE=MyISAM COMMENT='Used to store users, not used when bridged';in phpMyAdmin or similar. This will just give you the empty table back. You will then have to populate it with at least one user (an admin user).

[nahkuri]

Thank you very much for your reply!

Ok, I executed that SQL code and a users table was created. Then I added one row to that table using 'user_group' value 1 (I assumed that would be an admin group). Now I'm getting the following error:

While executing query "SELECT MAX(group_quota) as disk_max, MIN(group_quota) as disk_min, MAX(can_rate_pictures) as can_rate_pictures, MAX(can_send_ecards) as can_send_ecards, MAX(upload_form_config) as ufc_max, MIN(upload_form_config) as ufc_min, MAX(custom_user_upload) as custom_user_upload, MAX(num_file_upload) as num_file_upload, MAX(num_URI_upload) as num_URI_upload, MAX(can_post_comments) as can_post_comments, MAX(can_upload_pictures) as can_upload_pictures, MAX(can_create_albums) as can_create_albums, MAX(has_admin_access) as has_admin_access, MIN(pub_upl_need_approval) as pub_upl_need_approval, MIN( priv_upl_need_approval) as  priv_upl_need_approval FROM cpg14x_usergroups WHERE group_id in (3)" on 0

mySQL error: Table 'pankki.cpg14x_usergroups' doesn't exist

So now I have to build the usergroups table? Can you provide me a code for it?

[Nibbler]

Look in sql/schema.sql. Just change the prefix from CPG_ to cpg14x_

[nahkuri]

Looks like the hacker destroyed cpg14x_pictures table so all the information about the pictures is long gone :'( I'm guessing there is no other way but manually adding all the pictures again.

This whole mess wouldn't be so bad if my webhotel provider's automatic backuping tool took backups of mySQL databases too, but it apparently doesn't.

Thank you very much for your help and time.

[Joachim Müller]

It's not your webhost's task to perform regular backups, but your task as owner of the site. The backups performed by the webhost are for webhost-internal purposes (i.e. if they have a hard disk crash or similar) unless explicitely stated otherwise in your webhosting contract. If you want to be able to restore a backup at a later stage, perform your backups for yourself.