Solved

urgent - osCommerce suddenly throwing errors - not sure if hacked

Posted on 2006-11-06
6
324 Views
Last Modified: 2012-05-05
Hello - I have started receiving a variety of random errors (they seem random to me) that are intermittent - do not always occur - and often clear upon one or more page refreshes. I've listed some below:

########### ERRORS ##########################
Warning: Unexpected character in input: ' in /usr/local/apache/htdocs/catalog/includes/functions/general.php on line 54

Warning: Cannot modify header information - headers already sent by (output started at /usr/local/apache/htdocs/catalog/includes/functions/general.php:54) in
/usr/local/apache/htdocs/catalog/includes/functions/general.php on line 1326

Fatal error: Unknown function: àéG@ÂF() in /usr/local/apache/htdocs/catalog/includes/languages/english.php on line 191

Warning: Cannot modify header information - headers already sent by (output started at /usr/local/apache/htdocs/catalog/includes/functions/general.php:54) in /usr/local/apache/htdocs/catalog/includes/functions/general.php on line 1326

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /usr/local/apache/htdocs/catalog/includes/functions/general.php:54) in /usr/local/apache/htdocs/catalog/includes/functions/sessions.php on line 128

Warning: main(pub/): failed to open stream: No such file or directory in /usr/local/apache/htdocs/catalog/admin/includes/application_top.php on line 44

Fatal error: main(): Failed opening required 'pub/' (include_path='.:/usr/local/lib/php') in /usr/local/apache/htdocs/catalog/admin/includes/application_top.php on line 44

Fatal error: main(): Failed opening required 'tep_db_nufilenames.php' (include_path='.:/usr/local/lib/php') in /usr/local/apache/htdocs/catalog/includes/application_top.php on line 57

Warning: main(type): failed to open stream: No such file or directory in /usr/local/apache/htdocs/catalog/includes/application_top.php on line 57

Fatal error: main(): Failed opening required 'type' (include_path='.:/usr/local/lib/php') in /usr/local/apache/htdocs/catalog/includes/application_top.php on line 57

Fatal error: main(): Failed opening required 'messageStfilenames.php' (include_path='.:/usr/local/lib/php') in /usr/local/apache/htdocs/catalog/includes/application_top.php on line 57
########################

Here are the "offending" lines of code in the pages mentioned in the errors - all seems OK to me and no changes had been made to these files, prior to receiving the errors:

includes/functions/general.php on line 54:
if ($protected == true) {

includes/functions/general.php on line 1326:
setcookie($name, $value, $expire, $path, (tep_not_null($domain) ? $domain : ''), $secure);

includes/functions/sessions.php on line 128:
return session_start();


includes/application_top.php on line 44:
//$request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL';

/includes/application_top.php on line 57:
require(DIR_WS_INCLUDES . 'filenames.php');

-------------------------

I'm really quite baffled and not sure of where to look - particularly at the errors like this one:
Fatal error: main(): Failed opening required 'messageStfilenames.php' (include_path='.:/usr/local/lib/php') in /usr/local/apache/htdocs/catalog/includes/application_top.php on line 57

It seems some random string is getting prepended to the require('filenames.php') and I have no idea how.

Thanks in advance for any assistance!
0
Comment
Question by:betagirl
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 29

Expert Comment

by:TeRReF
ID: 17883774
You probably have register_globals set to on in your php.ini and do not initialize your vars properly. Which means that script kiddies can assign values to certain vars by passing them via GET or POST.

You should either turn register_globals off, or initialize your vars properly. Be aware, turning register_globals off might stop the application from working at all (some rewriting will be necessary...

0
 

Author Comment

by:betagirl
ID: 17884879
That's the problem - register_globals needs to be on for this app to work and there is a considerable amount of code in this open source software, so I'm unsure of where to specifically begin in shoring up the initialization of vars.  I'm hoping someone with considerable experience with osCommerce might have experienced something similar and have a fix.  

Thanks so much for your help!
0
 
LVL 29

Expert Comment

by:TeRReF
ID: 17885278
You're welcome, hope you're able to resolve this proplem soon...
0
 

Author Comment

by:betagirl
ID: 17886525
TeRReF - a follow up question - you wrote:

"Which means that script kiddies can assign values to certain vars by passing them via GET or POST. " 

I'm trying to imagine how this is being accomplished - specifically so that it is completely random. I've been testing the site all day long and there is no consistent pattern to the errors - no specific actions that bring them on.  Often I can cruise through the store and after 20 clicks or more, still no error.  Close the browser, start again, and then an error pops after just a click or two. Is there possibly a roque script that has been placed on the server? Any ideas as to how I could locate it?  I just took a look through all the files in the directory for the store (including admin) to look for new/changed files based on timestamp - but I'm not finding anything out of order.  

I appreciate any further assistance with this.  I'm not finding anything online that is helpful, which kind of surprises me given the number or osCommerce installations out there.  I'm not sure what I'm missing but I'd really like to get this sorted out for my client.
0
 
LVL 29

Accepted Solution

by:
TeRReF earned 500 total points
ID: 17887553
You can find an example of how to pass values to vars here:
http://php.net/register_globals

If you're the one accessing the site and you receive the errors as well, then you should look at other options:
1. Hackers could have tampered with the PHP scripts (to get credit card information for instance)
2. Your Harddisk might be corrupted or full or damaged
3. If your site is hosted by a third party, they might have upgraded PHP or changed some configuration settings which could cause the errors

The randomness of the errors would make me investigate possibility 2 first.

Another good source of information are your webserver logs. They might tell you more about the source of the errors as well...
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Author Note: Since this E-E article was originally written, years ago, formal testing has come into common use in the world of PHP.  PHPUnit (http://en.wikipedia.org/wiki/PHPUnit) and similar technologies have enjoyed wide adoption, making it possib…
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question