Migrated after hacking - Images not showing Migrated after hacking - Images not showing
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Migrated after hacking - Images not showing

Started by MaverickLal101, May 22, 2009, 09:56:53 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

MaverickLal101

Long story short -

Site hacked due to no upgrades since I have been traveling lately. Tried fixing. Server tells me 'Sorry, this is not working and shuts us down.'  :o :o
Tried to clean files as best as could, moved to new server and migrated everything. Gallery is not showing images. There's gotta be a script I am not catching or something else that is wrong. I searched the boards and will continue searching for answers. I am not anywhere near a programmer or coppermine expert so I have no clue what the debug is telling me.

Site: http://vluvanita.net/galley

Debug

Quote
USER:
------------------
Array
(
    [ID] => 9c2b14ecaf22b8a0b469e8c6d4e8f50e
    [am] => 1
    [lang] => english
    [liv] => Array
        (
           
  • => 3465
                [1] => 5112
            )

        [theme] => hardwired
    )

    ==========================
    USER DATA:
    ------------------
    Array
    (
        [user_id] => 1
        [user_name] => Prerna
        [groups] => Array
            (
               
  • => 1
            )

        [disk_max] => 0
        [disk_min] => 0
        [can_rate_pictures] => 1
        [can_send_ecards] => 1
        [ufc_max] => 3
        [ufc_min] => 3
        [custom_user_upload] => 0
        [num_file_upload] => 10
        [num_URI_upload] => 10
        [can_post_comments] => 1
        [can_upload_pictures] => 1
        [can_create_albums] => 1
        [has_admin_access] => 1
        [pub_upl_need_approval] => 0
        [priv_upl_need_approval] => 0
        [group_name] => Administrators
        [upload_form_config] => 3
        [group_quota] => 0
        [can_see_all_albums] => 1
        [group_id] => 1
    )

    ==========================
    Queries:
    ------------------
    Array
    (
       
  • => SELECT extension, mime, content, player FROM cpg_filetypes; (0s)
        [1] => select * from cpg_plugins order by priority asc; (0s)
        [2] => delete from `prernala_AnitaGallery`.cpg_sessions where time<1243018254 and remember=0; (0s)
        [3] => delete from `prernala_AnitaGallery`.cpg_sessions where time<1241812254; (0s)
        [4] => select user_id from `prernala_AnitaGallery`.cpg_sessions where session_id=md5("8610c2bc1de29850f583db4c2da35e75fa27acbabcc6ac62da1eaf8b599564de"); (0.001s)
        [5] => select user_id as id, user_password as password from `prernala_AnitaGallery`.cpg_users where user_id=1 (0s)
        [6] => SELECT u.user_id AS id, u.user_name AS username, u.user_password AS password, u.user_group+100 AS group_id FROM `prernala_AnitaGallery`.cpg_users AS u INNER JOIN `prernala_AnitaGallery`.cpg_usergroups AS g ON u.user_group=g.group_id WHERE u.user_id='1' (0s)
        [7] => SELECT user_group_list FROM `prernala_AnitaGallery`.cpg_users AS u WHERE user_id='1' and user_group_list <> ''; (0s)
        [8] => SELECT MAX(group_quota) as disk_max, MIN(group_quota) as disk_min, MAX(can_rate_pictures) as can_rate_pictures, MAX(can_send_ecards) as can_send_ecards, MAX(upload_form_config) as ufc_max, MIN(upload_form_config) as ufc_min, MAX(custom_user_upload) as custom_user_upload, MAX(num_file_upload) as num_file_upload, MAX(num_URI_upload) as num_URI_upload, MAX(can_post_comments) as can_post_comments, MAX(can_upload_pictures) as can_upload_pictures, MAX(can_create_albums) as can_create_albums, MAX(has_admin_access) as has_admin_access, MIN(pub_upl_need_approval) as pub_upl_need_approval, MIN( priv_upl_need_approval) as  priv_upl_need_approval FROM cpg_usergroups WHERE group_id in (1) (0s)
        [9] => SELECT group_name FROM  cpg_usergroups WHERE group_id= 1 (0s)
        [10] => update `prernala_AnitaGallery`.cpg_sessions set time='1243021854' where session_id=md5('8610c2bc1de29850f583db4c2da35e75fa27acbabcc6ac62da1eaf8b599564de'); (0s)
        [11] => SELECT user_favpics FROM cpg_favpics WHERE user_id = 1 (0s)
        [12] => DELETE FROM cpg_banned WHERE expiry < '2009-05-22 19:50:54' (0s)
        [13] => SELECT * FROM cpg_banned WHERE (ip_addr='24.6.56.57' OR ip_addr='24.6.56.57' OR user_id=1) AND brute_force=0 (0s)
        [14] => SELECT COUNT(*) FROM cpg_pictures WHERE approved = 'NO' (0s)
        [15] => SELECT user_name AS user_name, aid, a.title
                                                                                    FROM cpg_albums AS a
                                                                                    LEFT JOIN `prernala_AnitaGallery`.cpg_users AS u
                                                                                    ON (category - 10000) = user_id
                                                                                    WHERE category > 10000 (0.001s)
        [16] => SELECT aid, title, name FROM cpg_albums LEFT JOIN cpg_categories ON cid = category WHERE category < 10000 ORDER BY title (0.001s)
    )

    ==========================
    GET :
    ------------------
    Array
    (
    )

    ==========================
    POST :
    ------------------
    Array
    (
    )

    ==========================
    VERSION INFO :
    ------------------
    PHP version: 5.2.9 - OK
    ------------------
    mySQL version: 5.0.75-community-log
    ------------------
    Coppermine version: 1.4.16(stable)
    ==========================
    Module: GD
    ------------------
    GD Version: bundled (2.0.34 compatible)
    FreeType Support: 1
    FreeType Linkage: with freetype
    T1Lib Support:
    GIF Read Support: 1
    GIF Create Support: 1
    JPG Support: 1
    PNG Support: 1
    WBMP Support: 1
    XPM Support: 1
    XBM Support: 1
    JIS-mapped Japanese Font Support:

    ==========================
    Module: mysql
    ------------------
    MySQL Supportenabled
    Active Persistent Links 0
    Active Links 1
    Client API version 5.0.75
    MYSQL_MODULE_TYPE external
    MYSQL_SOCKET /var/lib/mysql/mysql.sock
    MYSQL_INCLUDE -I/usr/include/mysql
    MYSQL_LIBS -L/usr/lib64 -lmysqlclient_r 
    ==========================
    Module: zlib
    ------------------
    ZLib Support enabled
    Stream Wrapper support compress.zlib://
    Stream Filter support zlib.inflate, zlib.deflate
    Compiled Version 1.2.1.2
    Linked Version 1.2.1.2
    ==========================
    Server restrictions (safe mode)?
    ------------------
    Directive | Local Value | Master Value
    safe_mode | Off | Off
    safe_mode_exec_dir | no value | no value
    safe_mode_gid | Off | Off
    safe_mode_include_dir | no value | no value
    safe_mode_exec_dir | no value | no value
    sql.safe_mode | Off | Off
    disable_functions | no value | no value
    file_uploads | On | On
    include_path | .:/usr/lib/php:/usr/local/lib/php | .:/usr/lib/php:/usr/local/lib/php
    open_basedir | no value | no value
    ==========================
    email
    ------------------
    Directive | Local Value | Master Value
    sendmail_from | no value | no value
    sendmail_path | /usr/sbin/sendmail -t -i | /usr/sbin/sendmail -t -i
    SMTP | localhost | localhost
    smtp_port | 25 | 25
    ==========================
    Size and Time
    ------------------
    Directive | Local Value | Master Value
    max_execution_time | 30 | 30
    max_input_time | 60 | 60
    upload_max_filesize | 2M | 2M
    post_max_size | 8M | 8M
    ==========================
    Page generated in 0.129 seconds - 17 queries in 0.003 seconds - Album set : ; Meta set: ;
Take your time and thank you for any assistance you can provide me.

Nibbler

You can easily see the issue at http://vluvanita.net/gallery/albums/userpics/ - You didn't upload all the files, you only have up to (capital) K.

Joachim Müller

After fixing that you might want to turn indexes off ;-)

MaverickLal101

Oh fantastic, the hacker deleted half my files. Thanks for the heads-up. This will take months to fix.

Joachim Müller

...which shows the importance of frequent backups...

Nibbler

Probably not. FTP servers are often limited in the number of files they will display in a directory. Yours is apparently set with a limit of 2000. The other files are there but you can't see them via FTP. You should contact your host for advice.

Joachim Müller

Seems to me that this was caused by needlessly enabling silly_safe_mode even though safe_mode appears to be off PHP-wise. The pics wouldn't reside inside userpics if coppermine would be allowed to work as it was intended to work.