[Solved]: Can't save new configuration [Solved]: Can't save new configuration
 

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Main Menu

[Solved]: Can't save new configuration

Started by ullielfan, February 07, 2009, 05:58:06 PM

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

ullielfan

Everytime I click on "save new configuration", it just leads me to a strange page and doesn't save any changes. Here is the source codes of that page.



<form action='/pix/admin.php' method='POST'><input type='text' name='login'><br/><input name='pass' type='password'><br /><input type='submit' value='authenticate'></form>



Coppermine version is 1.4.19 , gallery url is http://www.j-marsden.com/pix

Nibbler

You need to update to 1.4.20. That will probably fix this issue also.

ullielfan

Upgraded to 1.4.20 with modpack 1.4.19, but the problem still remains.

czyrkr

I have the same problem.

Few days ago I realized that my web site was hacked. I found some hidden files and hidden text in my cpg. I was running version 1.4.14 . I couldn't save new configuration. Now I updated to version 1.4.20 and I still cannot save configuration. It just sends me to Authentication page where I enter my Login info and.... Noting happens I get blank page admin.php. When I refresh it takes me back to admin.php which is that same configuration file but with the same configuration as before. Any help or suggestions will be appreciated.

Aeronautic

Quote from: ullielfan on February 07, 2009, 06:58:07 PM
Upgraded to 1.4.20 with modpack 1.4.19, but the problem still remains.


I may be completely wrong here but I think modpack is version specific. By adding modpack 1.4.19 after you upgraded to cpg 1.4.20 you overwrote some of those upgraded files with files of the same name but earlier version.

Devs?


ullielfan

I noticed something like <?php /**/eval(base64_decode(...... has been written into my config.inc.php file. Just deleted it, and my gallery seems to work fine now. ;D

czyrkr

<?php /**/eval(base64_decode(......
Yes that was the case with my gallery as well. It works now. Thank you.

Joachim Müller

Means that you have been subject of a hacking attempt. Clear your gallery thoroughly - just cleaning include/config.inc.php might not be enough, the attacker might have left other payload or backdoors behind!

czyrkr

Quote from: Joachim Müller on February 13, 2009, 09:15:25 AM
Means that you have been subject of a hacking attempt. Clear your gallery thoroughly - just cleaning include/config.inc.php might not be enough, the attacker might have left other payload or backdoors behind!


What is your suggestion? Should I delete all files and reinstall the whole gallery?

Fabricio Ferrero

Read Docs and Search the Forum before posting. - Soporte en español
--*--
Fabricio Ferrero's Website

Catching up! :)

Joachim Müller

Quote from: czyrkr on February 15, 2009, 01:15:14 AMShould I delete all files and reinstall the whole gallery?
No.

Quote from: Fabricio Ferrero on February 15, 2009, 11:26:19 AM
Read: Yikes, I've been hacked! Now what? ;)
Exactly! The only recommended solution is being explained in that thread.

thehau

I decoded the string and it came up with something from joomla, which I did install. 

thehau

Sorry hit Post too early.

Good news is that my site hasn't been compromised, a good online base64 decoder is here:

http://www.motobit.com/util/base64-decoder-encoder.asp

On the safe side, I did upgrade to the latest version of coppermine.

Joachim Müller