upgrade by deleting

[diedhert]

I wasn't sure about the title - sorry - to make things clear.

My website has been hacked twice in two weeks. It consist of a joomla website and a coppermine forum.
After the first hack, I upgraded the forum without any problems. I do not know if they hacked it via the joomla or coppermine part.

When I install the latest version of coppermine 'over' the old version, maybe some residual (infected) files are left.
To avoid this, I would prefer to install from 'scratch'.

Can I just delete everything, then move all files from 1.5.38 to my website, then copy the old albums folder and config.inc.php to the website and then run the update script ?

Diederik

[Αndré]

Can I just delete everything, then move all files from 1.5.38 to my website, then copy the old albums folder and config.inc.php to the website and then run the update script ?

Yes, but make sure that there are no malicious files in your albums folder. Additionally, you need to re-upload plugins and a custom theme if you used any (same here, make sure that they aren't the vulnerability). Also consider the anycontent.php file, if you modified it.

You should also upgrade any outdated software on your server.

[diedhert]

Thanks

The server is servage, so I cannot update anything there.
I have no plugins or custom themes as far as I know.
I have uploaded the old anycontent.php file, but when I run version checker this file seems to be version 1.4.19 and there is a red cross in the column revision. Can I update that file?

Diedrik

[Αndré]

Please attach that file as zip file to your next reply (or just post its content).

[diedhert]

Hi

This is the content of the file:

<?php
/*************************
  Coppermine Photo Gallery
  ************************
  Copyright (c) 2003-2008 Dev Team
  v1.1 originally written by Gregory DEMAR

  This program is free software; you can redistribute it and/or modify
  it under the terms of the GNU General Public License version 3
  as published by the Free Software Foundation.
 
  ********************************************
  Coppermine version: 1.4.19
  $HeadURL: https://coppermine.svn.sourceforge.net/svnroot/coppermine/trunk/cpg1.4.x/anycontent.php $
  $Revision: 4392 $
  $Author: gaugau $
  $Date: 2008-04-16 09:25:35 +0200 (Mi, 16 Apr 2008) $
**********************************************/

/**
* Coppermine Photo Gallery 1.4.14 anycontent.php
*
* This file file gets included in the index.php if you set the option in admin
* can be used to display any content from any program, it is always to be edited
* according to tastes and then used
*
* @copyright 2002,2007 Gregory DEMAR, Coppermine Dev Team
* @license http://www.gnu.org/licenses/gpl.html GNU General Public License V3
* @package Coppermine
* @version $Id: anycontent.php 4392 2008-04-16 07:25:35Z gaugau $
*/

if (!defined('IN_COPPERMINE')) die('Not in Coppermine...');

starttable("100%", "Welcome");

?>
<tr><td class="tableb" >
This is for any content block - just a test - Edit the file "anycontent.php" to change what is shown here
</td></tr>
<?php
endtable();

?>



Thanks in advance
Diederik

[Αndré]

You can simply replace that file, as there are no custom modifications.