Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 10-12-2006, 11:49 PM
Slingblade61 Slingblade61 is offline
 
Join Date: Aug 2004
Posts: 32
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default looking for a new Gallery..

photopost, long story, short....has a bug. I had my site shut down by my host because showimage.php was exploited and someone was running spam through it.

I have gotten zero support from the usual suspects so I am looking for alternatives that might mesh well with VB.

Suggestions?
Reply With Quote
  #2  
Old 10-13-2006, 01:03 AM
Zachariah's Avatar
Zachariah Zachariah is offline
 
Join Date: Feb 2002
Location: Canoga Park, CA
Posts: 2,125
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

It was not exploited.

Quote:
035 Subject: vBulletin Database Error!
071 X-PHP-Script: www.shottalk.com/gallery/showimage.php
The mass email you are getting is when there is an error in mySQL.
- Every page load by a user is shooting an e-mail off to the Admin.

http://www.photopost.com/forum/showp...8&postcount=11

I got 2500+ e-mails in 30min once when there was an error on a page.
- Now I log errors to file.
Reply With Quote
  #3  
Old 10-13-2006, 09:25 AM
Slingblade61 Slingblade61 is offline
 
Join Date: Aug 2004
Posts: 32
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

OK, Thanks.

I just want to clarify....I did not recieve any email myself.
Here is what my host sent me;

Quote:
www.shottalk.com/gallery/showimage.php and was running a lot of mail activity

exploited, but valid email, not spam

root@washington [/var/spool/exim/input]# cat b/1GXJHb-0007W5-C8-H
1GXJHb-0007W5-C8-H
nobody 99 32004

1160493159 0
-ident nobody
-received_protocol local
-body_linecount 25
-auth_id nobody
-auth_sender nobody@washington.hostforweb.net
-allow_unqualified_recipient
-allow_unqualified_sender
-local
XX
1
dbmaster@example.com

154P Received: from nobody by washington.hostforweb.net with local (Exim 4.52)
id 1GXJHb-0007W5-C8
for dbmaster@example.com; Tue, 10 Oct 2006 10:12:39 -0500
025T To: dbmaster@example.com
035 Subject: vBulletin Database Error!
071 X-PHP-Script: www.shottalk.com/gallery/showimage.php for 213.235.5.109
027F From: dbmaster@example.com
058I Message-Id:
038 Date: Tue, 10 Oct 2006 10:12:39 -0500
root@washington [/var/spool/exim/input]# cat b/1GXJHb-0007W5-C8-D
1GXJHb-0007W5-C8-D
Database error in vBulletin 3.6.0:

Invalid SQL:

SELECT posts.postid, posts.pagetext, posts.title, posts.userid, posts.username AS postusername, posts.dateline, posts.ipaddress AS ip, posts.iconid, posts.allowsmilie, posts.showsignature, user.*, userfield.* ,icon.title as icontitle, icon.iconpath ,avatar.avatarpath, NOT ISNULL(customavatar.filedata) AS hascustom, customavatar.dateline AS avatardateline, avatarrevision , level , usertextfield.signature
FROM adv_gallery_posts AS posts
LEFT JOIN user AS user ON (posts.userid = user.userid)
LEFT JOIN userfield AS userfield ON (posts.userid = userfield.userid)
LEFT JOIN avatar AS avatar ON (avatar.avatarid = user.avatarid)
LEFT JOIN customavatar AS customavatar ON (customavatar.userid = user.userid)
LEFT JOIN icon AS icon ON (posts.iconid = icon.iconid)
LEFT JOIN reputationlevel AS reputationlevel ON (user.reputationlevelid = reputationlevel.reputationlevelid)
LEFT JOIN usertextfield AS usertextfield ON (usertextfield.userid = posts.userid)
WHERE imageid = '178' AND posts.visible = 1
ORDER BY posts.dateline
LIMIT 0, 10;

MySQL Error : Unknown column 'level' in 'field list'
Error Number : 1054
Date : Tuesday, October 10th 2006 @ 10:12:39 AM
Script : http://www.shottalk.com/gallery/showimage.php?i=178&c=2
Referrer : http://www.shottalk.com/gallery/browseimages.php?c=2
IP Address : 213.235.5.109
Username : demetri
Classname : vb_database
root@washington [/var/spool/exim/input]#
Joshua Brown
Technical Support
HostForWeb, Inc.
http://www.hostforweb.com
Is this the same thing?
Reply With Quote
  #4  
Old 10-13-2006, 12:19 PM
BigJohnny's Avatar
BigJohnny BigJohnny is offline
 
Join Date: Jun 2006
Location: Canada
Posts: 500
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

thats an SQL error....
your missing the table "level" in your database so when someone visits that page it is sending oput an error email....somewhere.

if you manually add the table "level" it should work again.... but i cant tell from the error where the table is supposed to go.
Reply With Quote
  #5  
Old 10-13-2006, 01:00 PM
Zachariah's Avatar
Zachariah Zachariah is offline
 
Join Date: Feb 2002
Location: Canoga Park, CA
Posts: 2,125
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Slingblade61
OK, Thanks.

I just want to clarify....I did not recieve any email myself.
Here is what my host sent me;



Is this the same thing?

In the post above
- 035 Subject: vBulletin Database Error!

The subject of the e-mail that is being sent.

To fix your gallery from causing the error:
Database Error on showimage (fixed) - August 3rd, 2006, 09:03 AM
http://www.photopost.com/forum/showthread.php?t=126400
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 05:12 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04844 seconds
  • Memory Usage 2,208KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (3)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (5)post_thanks_box
  • (5)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (5)post_thanks_postbit_info
  • (5)postbit
  • (5)postbit_onlinestatus
  • (5)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete