Solved

urgent - osCommerce suddenly throwing errors - not sure if hacked

Posted on 2006-11-06
6
299 Views
Last Modified: 2012-05-05
Hello - I have started receiving a variety of random errors (they seem random to me) that are intermittent - do not always occur - and often clear upon one or more page refreshes. I've listed some below:

########### ERRORS ##########################
Warning: Unexpected character in input: ' in /usr/local/apache/htdocs/catalog/includes/functions/general.php on line 54

Warning: Cannot modify header information - headers already sent by (output started at /usr/local/apache/htdocs/catalog/includes/functions/general.php:54) in
/usr/local/apache/htdocs/catalog/includes/functions/general.php on line 1326

Fatal error: Unknown function: àéG@ÂF() in /usr/local/apache/htdocs/catalog/includes/languages/english.php on line 191

Warning: Cannot modify header information - headers already sent by (output started at /usr/local/apache/htdocs/catalog/includes/functions/general.php:54) in /usr/local/apache/htdocs/catalog/includes/functions/general.php on line 1326

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /usr/local/apache/htdocs/catalog/includes/functions/general.php:54) in /usr/local/apache/htdocs/catalog/includes/functions/sessions.php on line 128

Warning: main(pub/): failed to open stream: No such file or directory in /usr/local/apache/htdocs/catalog/admin/includes/application_top.php on line 44

Fatal error: main(): Failed opening required 'pub/' (include_path='.:/usr/local/lib/php') in /usr/local/apache/htdocs/catalog/admin/includes/application_top.php on line 44

Fatal error: main(): Failed opening required 'tep_db_nufilenames.php' (include_path='.:/usr/local/lib/php') in /usr/local/apache/htdocs/catalog/includes/application_top.php on line 57

Warning: main(type): failed to open stream: No such file or directory in /usr/local/apache/htdocs/catalog/includes/application_top.php on line 57

Fatal error: main(): Failed opening required 'type' (include_path='.:/usr/local/lib/php') in /usr/local/apache/htdocs/catalog/includes/application_top.php on line 57

Fatal error: main(): Failed opening required 'messageStfilenames.php' (include_path='.:/usr/local/lib/php') in /usr/local/apache/htdocs/catalog/includes/application_top.php on line 57
########################

Here are the "offending" lines of code in the pages mentioned in the errors - all seems OK to me and no changes had been made to these files, prior to receiving the errors:

includes/functions/general.php on line 54:
if ($protected == true) {

includes/functions/general.php on line 1326:
setcookie($name, $value, $expire, $path, (tep_not_null($domain) ? $domain : ''), $secure);

includes/functions/sessions.php on line 128:
return session_start();


includes/application_top.php on line 44:
//$request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL';

/includes/application_top.php on line 57:
require(DIR_WS_INCLUDES . 'filenames.php');

-------------------------

I'm really quite baffled and not sure of where to look - particularly at the errors like this one:
Fatal error: main(): Failed opening required 'messageStfilenames.php' (include_path='.:/usr/local/lib/php') in /usr/local/apache/htdocs/catalog/includes/application_top.php on line 57

It seems some random string is getting prepended to the require('filenames.php') and I have no idea how.

Thanks in advance for any assistance!
0
Comment
Question by:betagirl
  • 3
  • 2
6 Comments
 
LVL 29

Expert Comment

by:TeRReF
ID: 17883774
You probably have register_globals set to on in your php.ini and do not initialize your vars properly. Which means that script kiddies can assign values to certain vars by passing them via GET or POST.

You should either turn register_globals off, or initialize your vars properly. Be aware, turning register_globals off might stop the application from working at all (some rewriting will be necessary...

0
 

Author Comment

by:betagirl
ID: 17884879
That's the problem - register_globals needs to be on for this app to work and there is a considerable amount of code in this open source software, so I'm unsure of where to specifically begin in shoring up the initialization of vars.  I'm hoping someone with considerable experience with osCommerce might have experienced something similar and have a fix.  

Thanks so much for your help!
0
 
LVL 29

Expert Comment

by:TeRReF
ID: 17885278
You're welcome, hope you're able to resolve this proplem soon...
0
 

Author Comment

by:betagirl
ID: 17886525
TeRReF - a follow up question - you wrote:

"Which means that script kiddies can assign values to certain vars by passing them via GET or POST. "  

I'm trying to imagine how this is being accomplished - specifically so that it is completely random. I've been testing the site all day long and there is no consistent pattern to the errors - no specific actions that bring them on.  Often I can cruise through the store and after 20 clicks or more, still no error.  Close the browser, start again, and then an error pops after just a click or two. Is there possibly a roque script that has been placed on the server? Any ideas as to how I could locate it?  I just took a look through all the files in the directory for the store (including admin) to look for new/changed files based on timestamp - but I'm not finding anything out of order.  

I appreciate any further assistance with this.  I'm not finding anything online that is helpful, which kind of surprises me given the number or osCommerce installations out there.  I'm not sure what I'm missing but I'd really like to get this sorted out for my client.
0
 
LVL 29

Accepted Solution

by:
TeRReF earned 500 total points
ID: 17887553
You can find an example of how to pass values to vars here:
http://php.net/register_globals

If you're the one accessing the site and you receive the errors as well, then you should look at other options:
1. Hackers could have tampered with the PHP scripts (to get credit card information for instance)
2. Your Harddisk might be corrupted or full or damaged
3. If your site is hosted by a third party, they might have upgraded PHP or changed some configuration settings which could cause the errors

The randomness of the errors would make me investigate possibility 2 first.

Another good source of information are your webserver logs. They might tell you more about the source of the errors as well...
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Wordpress type image upload 10 30
Creating a slider 12 34
Not needed 13 57
XML Data Missing in PHP SimpleXML 8 23
This article will explain how to display the first page of your Microsoft Word documents (e.g. .doc, .docx, etc...) as images in a web page programatically. I have scoured the web on a way to do this unsuccessfully. The goal is to produce something …
I imagine that there are some, like me, who require a way of getting currency exchange rates for implementation in web project from time to time, so I thought I would share a solution that I have developed for this purpose. It turns out that Yaho…
The viewer will learn how to count occurrences of each item in an array.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now