Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
  #1  
Old 09-03-2009, 04:13 PM
lordi lordi is offline
 
Join Date: Dec 2005
Posts: 52
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default how do I stop these errors from occuring?

Hello

I have a 3.8.4 version

It keeps on giving me errors SYNTAX ERROR in functions.php and in admincp with files adminfunctions.php

Quote:
Parse error: syntax error, unexpected T_STRING in /home/content/l/x/x/xxx/html/forum/includes/functions.php on line 5725
I uploaded a clean version of 3.8.4 many many times...and each time it works for 2 days and then gives same error

I stopped all the hooks from config.php

And when I run a diagnosis test for suspicious files....Each time it gives me new suspicious files...and I keep on replacing with binary transfer mode

Does any any anybody have a clue of what am I passing through ????????????????????
Reply With Quote
  #2  
Old 09-03-2009, 05:13 PM
Lynne's Avatar
Lynne Lynne is offline
 
Join Date: Sep 2004
Location: California/Idaho
Posts: 41,180
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

You don't upload php files in binary mode, you need to upload them in ASCII mode. Binary is for images, not text files.
Reply With Quote
  #3  
Old 09-03-2009, 08:05 PM
lordi lordi is offline
 
Join Date: Dec 2005
Posts: 52
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Hey Lynne....

I did that (Uploaded files with ASCII and Images with BINARY) too and still

BTW...the first day I uploaded a clean new original copy of VB 384 it didn't show any suspicious files....but after 2 days it gives errors and shows many suspicious files

advise?
Reply With Quote
  #4  
Old 09-03-2009, 08:55 PM
Lynne's Avatar
Lynne Lynne is offline
 
Join Date: Sep 2004
Location: California/Idaho
Posts: 41,180
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Have you tried downloading one of these files and comparing them to a default file and seeing what the differences are? Or, have you looked at the last modification date on the files? Are you on shared hosting or your own server?
Reply With Quote
  #5  
Old 09-03-2009, 09:05 PM
Brother Malachi Brother Malachi is offline
 
Join Date: Jun 2008
Posts: 208
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Someone is likely modifying and adding malicious code into your files.
Reply With Quote
  #6  
Old 09-04-2009, 05:29 AM
lordi lordi is offline
 
Join Date: Dec 2005
Posts: 52
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I dun really know

I am on a VPS from NS1.us

today morning I got a Syntax error in Profile.php

it's driving me nuts :S:S:S

--------------- Added [DATE]1252046144[/DATE] at [TIME]1252046144[/TIME] ---------------

for instance, I found a suspicious file: private.php

I downloaded it from my forum and compared it to the original one

and found it bigger in size in 5 KB than the original one

attached below

--------------- Added [DATE]1252046272[/DATE] at [TIME]1252046272[/TIME] ---------------

for instance, I found a suspicious file: private.php

I downloaded it from my forum and compared it to the original one

and found it bigger in size in 5 KB than the original one

attached below.
Reply With Quote
  #7  
Old 09-04-2009, 06:00 PM
Lynne's Avatar
Lynne Lynne is offline
 
Join Date: Sep 2004
Location: California/Idaho
Posts: 41,180
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Go compare your downloaded file to the default file you have on your computer. SEe what the differences are. I'm guessing someone is accessing your server and doing it which means you need to talk to your host about getting your site secure.
Reply With Quote
  #8  
Old 09-06-2009, 01:02 AM
Brother Malachi Brother Malachi is offline
 
Join Date: Jun 2008
Posts: 208
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Make sure none of the files are chmodded 777.
Change your password to something more secure. If you're running a VPS, first look in your ftp client the edit date of the files in question, then go into WHM and check the access logs. Find out who's editing you're files.
Also, some FTP clients display an "Owner/Group" column. Check and see what it says under there for the file.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 04:45 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04254 seconds
  • Memory Usage 2,219KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (8)post_thanks_box
  • (8)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (8)post_thanks_postbit_info
  • (8)postbit
  • (8)postbit_onlinestatus
  • (8)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete