Album list & thumbnail views mysteriously changed

[sharpo]

I'm using 1.14.16 (upgraded yesterday)

Short time ago the thumb nail views on home page of my coppermine gallery had changed, also albums were not listed. I wondered if I had accidentally restored factory defaults by mistake, but the settings were not the defaults.

Examples are, 1 "most viewed" thumbnail across the page instead of 4, rows of thumbnails had been set to 1, levels of categories set to 1 and a few other minor alterations.

I changed back the settings in config & changed my coppermine password (I am the only admin)

I have searched to see if anybody had a similar problem.

[Nibbler]

Hmm, could be the same issue as http://forum.coppermine-gallery.net/index.php/topic,51693.0.html

Number of columns and number of tabs to display were set to 1 on that gallery. Did this happen before or after the update?

[sharpo]

(I should have said 1.4.16 in original post)


May have been the same problem, any idea of a cause?

[sharpo]

Just had a look in the logs file at my host, didn't really know what I was looking for, but searched for "config" and noticed nearby there was mention of www. hacking-gps .com (purposely put a couple of spaces in)

This seems a strange sort of entry to see alongside references to config & I wondered if this was anything to do with the setup being altered?

It appeared several times and may have corresponded with the number of alterations made to the settings?

[Nibbler]

Better to search for admin.php since that's the admin page.

[sharpo]

Better to search for admin.php since that's the admin page.

That crops up in many places, but I wouldn't really know what was valid use or not - so I'm not really much help.

[sharpo]

Sometime during the last couple of hours, the settings have changed again - e.g 1 thumbnail across the page instead of 2 etc.

Looks exactly the same as when it happened the first time:-

http://www.sharpos-world.co.uk/cpg/index.php

[sharpo]

Sometime during the last couple of hours, the settings have changed again - e.g 1 thumbnail across the page instead of 2 etc.

Looks exactly the same as when it happened the first time:-

http://www.sharpos-world.co.uk/cpg/index.php

Correction to that, 1 thumbnail instead of 4 across a page etc.

[sharpo]

Just checked the logs & this might be something to do with it......


195.5.117.252 - - [09/Apr/2008:22:29:40 +0200] "POST /cpg/admin.php HTTP/1.1" 200 7500 www.sharpos-world.co.uk "-" "User-Agent: Opera/9.27 (Windows NT 5.2; U; ru)" "-"
195.5.117.252 - - [09/Apr/2008:22:29:42 +0200] "POST /cpg/admin.php HTTP/1.1" 200 7500 www.sharpos-world.co.uk "-" "User-Agent: Opera/9.27 (Windows NT 5.2; U; ru)" "-"

[sharpo]

It's me again. My upload boxes had been set to 0 as suggested elsewhere, but I have just found this which might have reset it, as one now reads 10

195.5.117.252 - - [09/Apr/2008:22:29:34 +0200] "POST /cpg/upload.php HTTP/1.1" 200 6925

[Nibbler]

Clean up your gallery and change your admin pass. Then disable all uploads from untrusted users.

[sharpo]

Clean up your gallery and change your admin pass. Then disable all uploads from untrusted users.

Only me as admin can upload, that is the way it has always been. I changed the password after it happened the first time and to be safe all upload boxes were set at 0 earlier this evening.

I will change the password again & also set uploads to 0 again

[Nibbler]

Check for any additional admin accounts that may have been created by the attacker.

[sharpo]

Check for any additional admin accounts that may have been created by the attacker.

No others, just me

[lordprodigy]

I have the exact same problem

www.b514.com/photos

[Joachim Müller]

Then the same piece of advise applies to you as well. You're running cpg1.4.4, while the most recent stable release currently is cpg1.4.16. You have been told in previous threads already that you need to upgrade, but you constantly ignore this. There is no other piece of advice for you except to upgrade. I'm not ready to discuss this even further. Again, you misbehave by hijacking someone else's thread...

[lordprodigy]

Joachim,

Firstly, as in previous threads, you know very well why I have been postponing my upgrade. Secondly, I posted a note, and not a question or demand for support. I was simply indicating that I have the same problem, and that this might be more widespread issue, than an isolated 'reset value' incident. Sharpo is using 1.4.16 and I have 1.4.4, two quite different versions but same problem... Thats all.

Having said that, I find your hijacking accuse irrelevant.

Thanks as always.

[shiftsrl]

This is the same issue happened to me

http://forum.coppermine-gallery.net/index.php/topic,51671.msg250586.html#msg250586

the gallery was hacked and I've discovered the problem because my view settings are changed. I don't know why but this happened two times from yesterday and the results, apart from the hack, was the changed settings...

[lordprodigy]

Thank you very much Shiftsrl, I am reading that thread too.

[Joachim Müller]

@shiftsrl: don't!