I closed my site down for maintenance for 3 months due to bad coding, I bought the website about 12 months ago but couldnt cary on with all the errors.

I have fixed most part of the site but have now noticed when I go to register, in the "user name" box it is showing my database name, and in my password box.. im presuming its showing my database password!!

Where do I find how this is happening and how do I delete it?!?

Regards

Matt

Do you have the same issue if you disable hooks / plugins?

thats something thats going to be almost impossible to check, the site has like... hundreds of plugins and hooks.

Guaranteed its probably one of the most hacked VB's you'd have seen and it isnt pretty.

Besides, it was all ok until I changed the database names... so it cant be plugins and hooks.

What file would i check, where would it pick this up from?

--------------- Added 1357054366 at 1357054366 ---------------

just searched the database and there no where that it stated the database name in any tables, i searched the templates and this is the same.

Is there a way to search the plugins?

You'll have to globally disable plugins first to determine if the issue is a plugin or a template or injected code.

To disable the plugin/hook system completely without accessing the Admin CP options, you need to edit includes/config.php and add the following code:
define('DISABLE_HOOKS', true);
With this code in config.php, no plugins will run at all.

To re-enable the plugin system, remove the code again from config.php.

wow the forum looked BARE!!

tried that, and then went to register and its still there...

I appreciate you trying to help me here, very much appreciated.

I cant help but think its a php file, if i do a page source it tells it to include a cirtain controlling page which was created for the forum. To be honest, i dont wat to say too much on this site as its quite public.

--------------- Added 1357055317 at 1357055317 ---------------

in one of my main files, there are 20 instances of the database name... im gonna have to get this looked at properly i think this is terrible......

Upload all files again and run upgrade.php see if that help make sure you disable all plugins and turn off forum first

now, this is something id love to do.. im going to have to make some major backups though. The site is hacked to bits and im worried that if i upload new files itll completely break the site.

O well.... here goes.............

Update on this problem, someone had changed the register.php to have global username and password for the DB which made it visible to people registering...

Blimeh!