Getting red X's on Coppermine Photo Gallery

[capntawful]

My customers Coppermine Photo Gallery was working just fine until today, now she's getting re x's on all of photos.  I updated the database and did a repair in cpanel.  But this did not work to fix the problem.  You can see the problem at http://countryclublabradoodles.com/gallery/

I'm also attacking a copy of the debug info.  Amy help to reslove this issue would be appricatd.

USER:
------------------
Array
(
    [ID] => c19750921edff3bd58b61079b81486ae
    [am] => 1
    [lang] => english
)

==========================
USER DATA:
------------------
Array
(
    [user_id] => 1
    [user_name] => shelly
    [groups] => Array
        (
           

• => 1
          )
  
      [disk_max] => 0
      [disk_min] => 0
      [can_rate_pictures] => 1
      [can_send_ecards] => 1
      [ufc_max] => 3
      [ufc_min] => 3
      [custom_user_upload] => 0
      [num_file_upload] => 5
      [num_URI_upload] => 3
      [can_post_comments] => 1
      [can_upload_pictures] => 1
      [can_create_albums] => 1
      [has_admin_access] => 1
      [pub_upl_need_approval] => 0
      [priv_upl_need_approval] => 0
      [group_name] => Administrators
      [upload_form_config] => 3
      [group_quota] => 0
      [can_see_all_albums] => 1
      [group_id] => 1
  )
  
  ==========================
  Queries:
  ------------------
  Array
  (
     
• => SELECT extension, mime, content, player FROM cpg_filetypes; (0s)
      [1] => select * from cpg_plugins order by priority asc; (0s)
      [2] => delete from `countryc_copp1`.cpg_sessions where time<1245254229 and remember=0; (0s)
      [3] => delete from `countryc_copp1`.cpg_sessions where time<1244048229; (0s)
      [4] => select user_id from `countryc_copp1`.cpg_sessions where session_id = '995abbb4bd1cb9750945243c2d81e1b2' (0s)
      [5] => select user_id as id, user_password as password from `countryc_copp1`.cpg_users where user_id=1 (0s)
      [6] => SELECT u.user_id AS id, u.user_name AS username, u.user_password AS password, u.user_group+100 AS group_id FROM `countryc_copp1`.cpg_users AS u INNER JOIN `countryc_copp1`.cpg_usergroups AS g ON u.user_group=g.group_id WHERE u.user_id='1' (0s)
      [7] => SELECT user_group_list FROM `countryc_copp1`.cpg_users AS u WHERE user_id='1' and user_group_list <> ''; (0s)
      [8] => SELECT MAX(group_quota) as disk_max, MIN(group_quota) as disk_min, MAX(can_rate_pictures) as can_rate_pictures, MAX(can_send_ecards) as can_send_ecards, MAX(upload_form_config) as ufc_max, MIN(upload_form_config) as ufc_min, MAX(custom_user_upload) as custom_user_upload, MAX(num_file_upload) as num_file_upload, MAX(num_URI_upload) as num_URI_upload, MAX(can_post_comments) as can_post_comments, MAX(can_upload_pictures) as can_upload_pictures, MAX(can_create_albums) as can_create_albums, MAX(has_admin_access) as has_admin_access, MIN(pub_upl_need_approval) as pub_upl_need_approval, MIN( priv_upl_need_approval) as  priv_upl_need_approval FROM cpg_usergroups WHERE group_id in (1) (0s)
      [9] => SELECT group_name FROM  cpg_usergroups WHERE group_id= 1 (0s)
      [10] => update `countryc_copp1`.cpg_sessions set time='1245257829' where session_id = '995abbb4bd1cb9750945243c2d81e1b2' (0s)
      [11] => SELECT user_favpics FROM cpg_favpics WHERE user_id = 1 (0s)
      [12] => DELETE FROM cpg_banned WHERE expiry < '2009-06-17 12:57:09' (0s)
      [13] => SELECT * FROM cpg_banned WHERE (ip_addr='12.175.230.58' OR ip_addr='12.175.230.58' OR user_id=1) AND brute_force=0 (0s)
      [14] => SELECT cid, name, description, thumb FROM cpg_categories WHERE parent = ''  ORDER BY pos (0s)
      [15] => SELECT aid FROM cpg_albums as a WHERE category>=10000 (0s)
      [16] => SELECT count(*) FROM cpg_pictures as p, cpg_albums as a WHERE p.aid = a.aid AND approved='YES' AND category >= 10000 (0s)
      [17] => SELECT cid, name, description, thumb FROM cpg_categories WHERE parent = '1'  ORDER BY pos (0s)
      [18] => SELECT aid FROM cpg_albums WHERE category = 2 (0s)
      [19] => SELECT count(*) FROM cpg_pictures as p, cpg_albums as a WHERE p.aid = a.aid AND approved='YES' AND category = 2 (0s)
      [20] => SELECT count(*) FROM cpg_albums as a WHERE category = '2' (0s)
      [21] => SELECT a.aid, a.title, a.description, visibility, filepath, filename, url_prefix, pwidth, pheight FROM cpg_albums as a LEFT JOIN cpg_pictures as p ON a.thumb=p.pid WHERE category=2 ORDER BY a.pos LIMIT 0,1 (0s)
      [22] => SELECT a.aid, count( p.pid )  AS pic_count, max( p.pid )  AS last_pid, max( p.ctime )  AS last_upload, a.keyword FROM cpg_albums AS a  LEFT JOIN cpg_pictures AS p ON a.aid = p.aid AND p.approved =  'YES' WHERE a.aid IN (2)GROUP BY a.aid (0s)
      [23] => SELECT filepath, filename, url_prefix, pwidth, pheight FROM cpg_pictures WHERE pid='217' (0s)
      [24] => SELECT cid, name, description, thumb FROM cpg_categories WHERE parent = '2'  ORDER BY pos (0s)
      [25] => SELECT aid FROM cpg_albums as a WHERE category = '0' (0s)
      [26] => SELECT count(*) FROM cpg_albums as a WHERE 1 (0s)
      [27] => SELECT count(*) FROM cpg_pictures as p LEFT JOIN cpg_albums as a ON a.aid=p.aid WHERE 1 AND approved='YES' (0s)
      [28] => SELECT count(*) FROM cpg_comments as c LEFT JOIN cpg_pictures as p ON c.pid=p.pid LEFT JOIN cpg_albums as a ON a.aid=p.aid WHERE 1 (0s)
      [29] => SELECT count(*) FROM cpg_categories WHERE 1 (0s)
      [30] => SELECT sum(hits) FROM cpg_pictures as p LEFT JOIN cpg_albums as a ON p.aid=a.aid WHERE 1 (0s)
      [31] => SELECT COUNT(*) FROM cpg_pictures WHERE approved = 'NO' (0s)
      [32] => SELECT count(*) FROM cpg_albums as a WHERE category = '0' (0s)
      [33] => SELECT * FROM cpg_pictures WHERE approved = 'YES'  ORDER BY RAND() LIMIT 8 (0.004s)
      [34] => SELECT COUNT(*) from cpg_pictures WHERE approved = 'YES'  (0s)
      [35] => SELECT * FROM cpg_pictures WHERE approved = 'YES'  ORDER BY pid DESC  LIMIT 0 ,8 (0s)
  )
  
  ==========================
  GET :
  ------------------
  Array
  (
  )
  
  ==========================
  POST :
  ------------------
  Array
  (
  )
  
  ==========================
  VERSION INFO :
  ------------------
  PHP version: 5.2.9 - OK
  ------------------
  mySQL version: 5.0.77-community-log
  ------------------
  Coppermine version: 1.4.20(stable)
  ==========================
  Module: GD
  ------------------
  GD Version: bundled (2.0.34 compatible)
  FreeType Support: 1
  FreeType Linkage: with freetype
  T1Lib Support:
  GIF Read Support: 1
  GIF Create Support: 1
  JPG Support: 1
  PNG Support: 1
  WBMP Support: 1
  XPM Support: 1
  XBM Support: 1
  JIS-mapped Japanese Font Support:
  
  ==========================
  Module: mysql
  ------------------
  MySQL Supportenabled
  Active Persistent Links 0
  Active Links 1
  Client API version 5.0.77
  MYSQL_MODULE_TYPE external
  MYSQL_SOCKET /var/lib/mysql/mysql.sock
  MYSQL_INCLUDE -I/usr/include/mysql
  MYSQL_LIBS -L/usr/lib -lmysqlclient 
  ==========================
  Module: zlib
  ------------------
  ZLib Support enabled
  Stream Wrapper support compress.zlib://
  Stream Filter support zlib.inflate, zlib.deflate
  Compiled Version 1.2.1.2
  Linked Version 1.2.3
  ==========================
  Server restrictions (safe mode)?
  ------------------
  Directive | Local Value | Master Value
  safe_mode | Off | Off
  safe_mode_exec_dir | no value | no value
  safe_mode_gid | Off | Off
  safe_mode_include_dir | no value | no value
  safe_mode_exec_dir | no value | no value
  sql.safe_mode | Off | Off
  disable_functions | no value | no value
  file_uploads | On | On
  include_path | .:/usr/lib/php:/usr/local/lib/php | .:/usr/lib/php:/usr/local/lib/php
  open_basedir | no value | no value
  ==========================
  email
  ------------------
  Directive | Local Value | Master Value
  sendmail_from | no value | no value
  sendmail_path | /usr/sbin/sendmail -t -i  | /usr/sbin/sendmail -t -i
  SMTP | localhost | localhost
  smtp_port | 25 | 25
  ==========================
  Size and Time
  ------------------
  Directive | Local Value | Master Value
  max_execution_time | 30 | 30
  max_input_time | 60 | 60
  upload_max_filesize | 200M | 200M
  post_max_size | 200M | 200M
  ==========================
  Page generated in 0.046 seconds - 36 queries in 0.004 seconds - Album set : ; Meta set: ;

[Joachim Müller]

Congrats - your site has been hacked. Search the board to find out how to sanitize it. Hint: there is a .htaccess file that redirects to google

[capntawful]

Mr. Muller,

Thank you for the info.  I seach CPG fourm and could not find any help on fixing this problem.  Please help.

Thank you

[Fabricio Ferrero]

Weird, I found tons of threads with the word "hacked". And even a sticky post named "Yikes, I've been hacked! Now what?" that seems to be what you're looking for.

[capntawful]

I found them too, none of the make any since to me.... sorry for being a newbie at this.

[Joachim Müller]

Read the Yikes-thread ("Yikes, I've been hacked! Now what?") and do as suggested there. It doesn't get any easier than that, nor can you expect more from free support. I already told you what you need to do - if that is not enough information, then I suggest hiring a pro or reviewing the idea to run a website of your own.
You broke several rules already. Please do some reading now. Reading the board rules won't hurt neither.

Some threads that are very similar to yours:

• All Photos/Thumbnails Gone
• All my images points to different address! possible hacker attack?