ok, all of the accounts I have created with the panel, will not let me log in for some reason.

I get the following message

Wrong Password. Please press the back button, enter the correct password and try again. Don't forget that the password is case sensitive. Forgotten your password? Click here!

hmmmmm.. so do this click on the link.. and you will get emailed.. try it and let me know..

in my test board, i created 5 accounts.. and accessed all of them.. so check the steps in restoring your folder to old fashion way you had it before it started the mess..

also email me the file admin/user.php ... i need to adjust adduser.php for your version, if you still have problems

click on the link and get a file not found 404 error page.

Do you want me to restore them back to the original folder, like when all of this happened?

I will e-mail you the user.php now.

ya. restore it the exact same way you had it in the beginning.

still waiting.......... ;)

ok. i emailed you the new file. it will work perfect now. ;)

also, in /admin/config.php, add this code at the top: that should prevent from running any file from outside the server. do you have any shared accounts? let me know.

Check your e-mail. I hope I explained myself. I have modified the config.php now. Get back with me by e-mailing my phone or my regular address. I will be back in a couple of hours. I am preparing to go without sleep for a long time tonight.

So now that this is hopefully, soon to be over. Does anyone know how someone could have created an account that should not have been allowed "admin", create the same exact username 4 times, and give themself administrative access? There has got to be an explanation for this and I want to make sure that it doesn't happen to anyone else now. Anyone have any ideas?

With the original vB comes a script called "getadmin.php". Have you ever tryed to use it to get back your admin-rights?

And maybe someone has moded it to get access to your board. I don't if its working or if someone can use it to abuse, my knowledge in PHP and MySQL is to small to understand this script, maybe FireFly or an other Moderator can tell.

Good luck!!

Yeah, I am trying to get a hold of the getadmin.php. I realized that they removed it from the folder after installation was complete. But I am trying to get a hold of that to use now. But if that was not in the folder, how could he have done the things he did?

jason, don'y use getadmin.php, due to security issue, i make addadmin.php for you, is a more secure way to add an admin. run it and you will add yourself as admin with a password and email already integrated. let me know how it went. ;) also check your email.. or get on msn messenger..

ok jason, i just had a pribvate discussion with firefly, he debated your case with other devellopers and they came to the conclusion that it's all related to your host, not VB. in a way we came to the same conclusion, me and you, after discussiong in detail all the aspects of your setup. now that you upgraded to v222, change your account provider password. until then, to stop others create other accounts, even if this is just a small hack, the hacker can easily undo it, do this:

open root/admin/global.php and find the code:replace it with:just replace the names i came up with to the real usernames ;)

you can add as many loginusernames you want.

hurry up and change the password!!! lol.. we discuss it enough on messenger.. :)

You guys were great to help this guy out like you did keep up the good work.