Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

urgent - osCommerce suddenly throwing errors - not sure if hacked

Posted on 2006-11-06
6
Medium Priority
?
347 Views
Last Modified: 2012-05-05
Hello - I have started receiving a variety of random errors (they seem random to me) that are intermittent - do not always occur - and often clear upon one or more page refreshes. I've listed some below:

########### ERRORS ##########################
Warning: Unexpected character in input: ' in /usr/local/apache/htdocs/catalog/includes/functions/general.php on line 54

Warning: Cannot modify header information - headers already sent by (output started at /usr/local/apache/htdocs/catalog/includes/functions/general.php:54) in
/usr/local/apache/htdocs/catalog/includes/functions/general.php on line 1326

Fatal error: Unknown function: àéG@ÂF() in /usr/local/apache/htdocs/catalog/includes/languages/english.php on line 191

Warning: Cannot modify header information - headers already sent by (output started at /usr/local/apache/htdocs/catalog/includes/functions/general.php:54) in /usr/local/apache/htdocs/catalog/includes/functions/general.php on line 1326

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /usr/local/apache/htdocs/catalog/includes/functions/general.php:54) in /usr/local/apache/htdocs/catalog/includes/functions/sessions.php on line 128

Warning: main(pub/): failed to open stream: No such file or directory in /usr/local/apache/htdocs/catalog/admin/includes/application_top.php on line 44

Fatal error: main(): Failed opening required 'pub/' (include_path='.:/usr/local/lib/php') in /usr/local/apache/htdocs/catalog/admin/includes/application_top.php on line 44

Fatal error: main(): Failed opening required 'tep_db_nufilenames.php' (include_path='.:/usr/local/lib/php') in /usr/local/apache/htdocs/catalog/includes/application_top.php on line 57

Warning: main(type): failed to open stream: No such file or directory in /usr/local/apache/htdocs/catalog/includes/application_top.php on line 57

Fatal error: main(): Failed opening required 'type' (include_path='.:/usr/local/lib/php') in /usr/local/apache/htdocs/catalog/includes/application_top.php on line 57

Fatal error: main(): Failed opening required 'messageStfilenames.php' (include_path='.:/usr/local/lib/php') in /usr/local/apache/htdocs/catalog/includes/application_top.php on line 57
########################

Here are the "offending" lines of code in the pages mentioned in the errors - all seems OK to me and no changes had been made to these files, prior to receiving the errors:

includes/functions/general.php on line 54:
if ($protected == true) {

includes/functions/general.php on line 1326:
setcookie($name, $value, $expire, $path, (tep_not_null($domain) ? $domain : ''), $secure);

includes/functions/sessions.php on line 128:
return session_start();


includes/application_top.php on line 44:
//$request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL';

/includes/application_top.php on line 57:
require(DIR_WS_INCLUDES . 'filenames.php');

-------------------------

I'm really quite baffled and not sure of where to look - particularly at the errors like this one:
Fatal error: main(): Failed opening required 'messageStfilenames.php' (include_path='.:/usr/local/lib/php') in /usr/local/apache/htdocs/catalog/includes/application_top.php on line 57

It seems some random string is getting prepended to the require('filenames.php') and I have no idea how.

Thanks in advance for any assistance!
0
Comment
Question by:betagirl
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 29

Expert Comment

by:TeRReF
ID: 17883774
You probably have register_globals set to on in your php.ini and do not initialize your vars properly. Which means that script kiddies can assign values to certain vars by passing them via GET or POST.

You should either turn register_globals off, or initialize your vars properly. Be aware, turning register_globals off might stop the application from working at all (some rewriting will be necessary...

0
 

Author Comment

by:betagirl
ID: 17884879
That's the problem - register_globals needs to be on for this app to work and there is a considerable amount of code in this open source software, so I'm unsure of where to specifically begin in shoring up the initialization of vars.  I'm hoping someone with considerable experience with osCommerce might have experienced something similar and have a fix.  

Thanks so much for your help!
0
 
LVL 29

Expert Comment

by:TeRReF
ID: 17885278
You're welcome, hope you're able to resolve this proplem soon...
0
 

Author Comment

by:betagirl
ID: 17886525
TeRReF - a follow up question - you wrote:

"Which means that script kiddies can assign values to certain vars by passing them via GET or POST. " 

I'm trying to imagine how this is being accomplished - specifically so that it is completely random. I've been testing the site all day long and there is no consistent pattern to the errors - no specific actions that bring them on.  Often I can cruise through the store and after 20 clicks or more, still no error.  Close the browser, start again, and then an error pops after just a click or two. Is there possibly a roque script that has been placed on the server? Any ideas as to how I could locate it?  I just took a look through all the files in the directory for the store (including admin) to look for new/changed files based on timestamp - but I'm not finding anything out of order.  

I appreciate any further assistance with this.  I'm not finding anything online that is helpful, which kind of surprises me given the number or osCommerce installations out there.  I'm not sure what I'm missing but I'd really like to get this sorted out for my client.
0
 
LVL 29

Accepted Solution

by:
TeRReF earned 1500 total points
ID: 17887553
You can find an example of how to pass values to vars here:
http://php.net/register_globals

If you're the one accessing the site and you receive the errors as well, then you should look at other options:
1. Hackers could have tampered with the PHP scripts (to get credit card information for instance)
2. Your Harddisk might be corrupted or full or damaged
3. If your site is hosted by a third party, they might have upgraded PHP or changed some configuration settings which could cause the errors

The randomness of the errors would make me investigate possibility 2 first.

Another good source of information are your webserver logs. They might tell you more about the source of the errors as well...
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Part of the Global Positioning System A geocode (https://developers.google.com/maps/documentation/geocoding/) is the major subset of a GPS coordinate (http://en.wikipedia.org/wiki/Global_Positioning_System), the other parts being the altitude and t…
There are times when I have encountered the need to decompress a response from a PHP request. This is how it's done, but you must have control of the request and you can set the Accept-Encoding header.
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question