UGAChance Posted June 23, 2011 Share Posted June 23, 2011 I had this error come up in the system log... is someone trying to hack the site through Search? Hello(2) and World(11) were mine by the way. Looks like either in the code or in the search string someone was trying to use C code comments /* */ and it came through as +(*http://pwtsyccqipcw.com/*)? Search Term Hits Percentage of total hits 1 Http://nndntmejcauj.com/ 1 100.00 2 Hello 0 0.00 3 Http://pwtsyccqipcw.com/ 0 0.00 4 Nickels 0 0.00 5 Buffalo 0 0.00 6 Http://mdgajhuotdjg.com/ 0 0.00 7 Certfiates 0 0.00 8 Silver 0 0.00 9 Http://npicsqhutuar.com/ 0 0.00 10 1.00 0 0.00 11 World 0 0.00 12 Nndntmejcauj 0 0.00 Today, 22:26 File: [catalogue.class.php] Line: [915] "SELECT I.*, MATCH (I.product_code,I.name,I.description) AGAINST('+(*http://pwtsyccqipcw.com/*)' IN BOOLEAN MODE) AS Relevance FROM CubeCart_inventory AS I LEFT JOIN (SELECT product_id, MAX(price) as price, MAX(sale_price) as sale_price FROM CubeCart_pricing_group WHERE group_id = 0 GROUP BY product_id) as G ON G.product_id = I.product_id WHERE I.product_id IN (SELECT product_id FROM `CubeCart_category_index` as CI INNER JOIN CubeCart_category as C where CI.cat_id = C.cat_id AND C.hide = 0) AND I.status = 1 AND (MATCH (I.product_code,I.name,I.description) AGAINST('+(*http://pwtsyccqipcw.com/*)' IN BOOLEAN MODE)) >= 0.500000 AND IF (G.price IS NULL, I.price >= 83.81, G.price >= 83.81) AND IF (G.price IS NULL, I.price <= 8.4, G.price <= 8.4) AND I.featured = '1' AND ((I.use_stock_level = '0') OR (I.use_stock_level = '1' AND (I.stock_level > 0 OR I.stock_by_option = '1')) ORDER BY name ASC LIMIT 20 OFFSET 0" - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'ORDER BY name ASC LIMIT 20 OFFSET 0' at line 1 Today, 22:26 File: [catalogue.class.php] Line: [918] "SELECT COUNT(I.product_id) as count, MATCH (I.product_code,I.name,I.description) AGAINST('+(*http://pwtsyccqipcw.com/*)' IN BOOLEAN MODE) AS Relevance FROM CubeCart_inventory AS I LEFT JOIN (SELECT product_id, MAX(price) as price, MAX(sale_price) as sale_price FROM CubeCart_pricing_group WHERE group_id = 0 GROUP BY product_id) as G ON G.product_id = I.product_id WHERE I.product_id IN (SELECT product_id FROM `CubeCart_category_index` as CI INNER JOIN CubeCart_category as C where CI.cat_id = C.cat_id AND C.hide = 0) AND I.status = 1 AND (MATCH (I.product_code,I.name,I.description) AGAINST('+(*http://pwtsyccqipcw.com/*)' IN BOOLEAN MODE)) >= 0.500000 AND IF (G.price IS NULL, I.price >= 83.81, G.price >= 83.81) AND IF (G.price IS NULL, I.price <= 8.4, G.price <= 8.4) AND I.featured = '1' AND ((I.use_stock_level = '0') OR (I.use_stock_level = '1' AND (I.stock_level > 0 OR I.stock_by_option = '1')) GROUP BY I.product_id ORDER BY name ASC" - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'GROUP BY I.product_id ORDER BY name ASC' at line 1 Today, 22:26 File: [catalogue.class.php] Line: [915] "SELECT I.*, MATCH (I.product_code,I.name,I.description) AGAINST('+(*http://pwtsyccqipcw.com/*)' IN BOOLEAN MODE) AS Relevance FROM CubeCart_inventory AS I LEFT JOIN (SELECT product_id, MAX(price) as price, MAX(sale_price) as sale_price FROM CubeCart_pricing_group WHERE group_id = 0 GROUP BY product_id) as G ON G.product_id = I.product_id WHERE I.product_id IN (SELECT product_id FROM `CubeCart_category_index` as CI INNER JOIN CubeCart_category as C where CI.cat_id = C.cat_id AND C.hide = 0) AND I.status = 1 AND (MATCH (I.product_code,I.name,I.description) AGAINST('+(*http://pwtsyccqipcw.com/*)' IN BOOLEAN MODE)) >= 0.500000 AND IF (G.price IS NULL, I.price >= 83.81, G.price >= 83.81) AND IF (G.price IS NULL, I.price <= 8.4, G.price <= 8.4) AND I.featured = '1' AND ((I.use_stock_level = '0') OR (I.use_stock_level = '1' AND (I.stock_level > 0 OR I.stock_by_option = '1')) ORDER BY name ASC LIMIT 20 OFFSET 0" - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'ORDER BY name ASC LIMIT 20 OFFSET 0' at line 1 Today, 22:26 File: [catalogue.class.php] Line: [918] "SELECT COUNT(I.product_id) as count, MATCH (I.product_code,I.name,I.description) AGAINST('+(*http://pwtsyccqipcw.com/*)' IN BOOLEAN MODE) AS Relevance FROM CubeCart_inventory AS I LEFT JOIN (SELECT product_id, MAX(price) as price, MAX(sale_price) as sale_price FROM CubeCart_pricing_group WHERE group_id = 0 GROUP BY product_id) as G ON G.product_id = I.product_id WHERE I.product_id IN (SELECT product_id FROM `CubeCart_category_index` as CI INNER JOIN CubeCart_category as C where CI.cat_id = C.cat_id AND C.hide = 0) AND I.status = 1 AND (MATCH (I.product_code,I.name,I.description) AGAINST('+(*http://pwtsyccqipcw.com/*)' IN BOOLEAN MODE)) >= 0.500000 AND IF (G.price IS NULL, I.price >= 83.81, G.price >= 83.81) AND IF (G.price IS NULL, I.price <= 8.4, G.price <= 8.4) AND I.featured = '1' AND ((I.use_stock_level = '0') OR (I.use_stock_level = '1' AND (I.stock_level > 0 OR I.stock_by_option = '1')) GROUP BY I.product_id ORDER BY name ASC" - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'GROUP BY I.product_id ORDER BY name ASC' at line 1 Today, 19:18 File: [catalogue.class.php] Line: [915] "SELECT I.*, MATCH (I.product_code,I.name,I.description) AGAINST('+(*http://nndntmejcauj.com/*)' IN BOOLEAN MODE) AS Relevance FROM CubeCart_inventory AS I LEFT JOIN (SELECT product_id, MAX(price) as price, MAX(sale_price) as sale_price FROM CubeCart_pricing_group WHERE group_id = 0 GROUP BY product_id) as G ON G.product_id = I.product_id WHERE I.product_id IN (SELECT product_id FROM `CubeCart_category_index` as CI INNER JOIN CubeCart_category as C where CI.cat_id = C.cat_id AND C.hide = 0) AND I.status = 1 AND (MATCH (I.product_code,I.name,I.description) AGAINST('+(*http://nndntmejcauj.com/*)' IN BOOLEAN MODE)) >= 0.500000 AND IF (G.price IS NULL, I.price >= 81.905, G.price >= 81.905) AND IF (G.price IS NULL, I.price <= 10.5, G.price <= 10.5) AND I.featured = '1' AND ((I.use_stock_level = '0') OR (I.use_stock_level = '1' AND (I.stock_level > 0 OR I.stock_by_option = '1')) ORDER BY date_added ASC LIMIT 20 OFFSET 0" - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'ORDER BY date_added ASC LIMIT 20 OFFSET 0' at line 1 Today, 19:18 File: [catalogue.class.php] Line: [918] "SELECT COUNT(I.product_id) as count, MATCH (I.product_code,I.name,I.description) AGAINST('+(*http://nndntmejcauj.com/*)' IN BOOLEAN MODE) AS Relevance FROM CubeCart_inventory AS I LEFT JOIN (SELECT product_id, MAX(price) as price, MAX(sale_price) as sale_price FROM CubeCart_pricing_group WHERE group_id = 0 GROUP BY product_id) as G ON G.product_id = I.product_id WHERE I.product_id IN (SELECT product_id FROM `CubeCart_category_index` as CI INNER JOIN CubeCart_category as C where CI.cat_id = C.cat_id AND C.hide = 0) AND I.status = 1 AND (MATCH (I.product_code,I.name,I.description) AGAINST('+(*http://nndntmejcauj.com/*)' IN BOOLEAN MODE)) >= 0.500000 AND IF (G.price IS NULL, I.price >= 81.905, G.price >= 81.905) AND IF (G.price IS NULL, I.price <= 10.5, G.price <= 10.5) AND I.featured = '1' AND ((I.use_stock_level = '0') OR (I.use_stock_level = '1' AND (I.stock_level > 0 OR I.stock_by_option = '1')) GROUP BY I.product_id ORDER BY date_added ASC" - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'GROUP BY I.product_id ORDER BY date_added ASC' at line 1 Today, 14:22 File: [catalogue.class.php] Line: [915] "SELECT I.*, MATCH (I.product_code,I.name,I.description) AGAINST('+(*http://mdgajhuotdjg.com/*)' IN BOOLEAN MODE) AS Relevance FROM CubeCart_inventory AS I LEFT JOIN (SELECT product_id, MAX(price) as price, MAX(sale_price) as sale_price FROM CubeCart_pricing_group WHERE group_id = 0 GROUP BY product_id) as G ON G.product_id = I.product_id WHERE I.product_id IN (SELECT product_id FROM `CubeCart_category_index` as CI INNER JOIN CubeCart_category as C where CI.cat_id = C.cat_id AND C.hide = 0) AND I.status = 1 AND (MATCH (I.product_code,I.name,I.description) AGAINST('+(*http://mdgajhuotdjg.com/*)' IN BOOLEAN MODE)) >= 0.500000 AND IF (G.price IS NULL, I.price >= 1.905, G.price >= 1.905) AND IF (G.price IS NULL, I.price <= 4.2, G.price <= 4.2) AND I.featured = '1' AND ((I.use_stock_level = '0') OR (I.use_stock_level = '1' AND (I.stock_level > 0 OR I.stock_by_option = '1')) ORDER BY name DESC LIMIT 20 OFFSET 0" - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'ORDER BY name DESC LIMIT 20 OFFSET 0' at line 1 Today, 14:22 File: [catalogue.class.php] Line: [918] "SELECT COUNT(I.product_id) as count, MATCH (I.product_code,I.name,I.description) AGAINST('+(*http://mdgajhuotdjg.com/*)' IN BOOLEAN MODE) AS Relevance FROM CubeCart_inventory AS I LEFT JOIN (SELECT product_id, MAX(price) as price, MAX(sale_price) as sale_price FROM CubeCart_pricing_group WHERE group_id = 0 GROUP BY product_id) as G ON G.product_id = I.product_id WHERE I.product_id IN (SELECT product_id FROM `CubeCart_category_index` as CI INNER JOIN CubeCart_category as C where CI.cat_id = C.cat_id AND C.hide = 0) AND I.status = 1 AND (MATCH (I.product_code,I.name,I.description) AGAINST('+(*http://mdgajhuotdjg.com/*)' IN BOOLEAN MODE)) >= 0.500000 AND IF (G.price IS NULL, I.price >= 1.905, G.price >= 1.905) AND IF (G.price IS NULL, I.price <= 4.2, G.price <= 4.2) AND I.featured = '1' AND ((I.use_stock_level = '0') OR (I.use_stock_level = '1' AND (I.stock_level > 0 OR I.stock_by_option = '1')) GROUP BY I.product_id ORDER BY name DESC" - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'GROUP BY I.product_id ORDER BY name DESC' at line 1 Today, 14:22 File: [catalogue.class.php] Line: [915] "SELECT I.*, MATCH (I.product_code,I.name,I.description) AGAINST('+(*http://mdgajhuotdjg.com/*)' IN BOOLEAN MODE) AS Relevance FROM CubeCart_inventory AS I LEFT JOIN (SELECT product_id, MAX(price) as price, MAX(sale_price) as sale_price FROM CubeCart_pricing_group WHERE group_id = 0 GROUP BY product_id) as G ON G.product_id = I.product_id WHERE I.product_id IN (SELECT product_id FROM `CubeCart_category_index` as CI INNER JOIN CubeCart_category as C where CI.cat_id = C.cat_id AND C.hide = 0) AND I.status = 1 AND (MATCH (I.product_code,I.name,I.description) AGAINST('+(*http://mdgajhuotdjg.com/*)' IN BOOLEAN MODE)) >= 0.500000 AND IF (G.price IS NULL, I.price >= 1.905, G.price >= 1.905) AND IF (G.price IS NULL, I.price <= 4.2, G.price <= 4.2) AND I.featured = '1' AND ((I.use_stock_level = '0') OR (I.use_stock_level = '1' AND (I.stock_level > 0 OR I.stock_by_option = '1')) ORDER BY name DESC LIMIT 20 OFFSET 0" - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'ORDER BY name DESC LIMIT 20 OFFSET 0' at line 1 Today, 14:22 File: [catalogue.class.php] Line: [918] "SELECT COUNT(I.product_id) as count, MATCH (I.product_code,I.name,I.description) AGAINST('+(*http://mdgajhuotdjg.com/*)' IN BOOLEAN MODE) AS Relevance FROM CubeCart_inventory AS I LEFT JOIN (SELECT product_id, MAX(price) as price, MAX(sale_price) as sale_price FROM CubeCart_pricing_group WHERE group_id = 0 GROUP BY product_id) as G ON G.product_id = I.product_id WHERE I.product_id IN (SELECT product_id FROM `CubeCart_category_index` as CI INNER JOIN CubeCart_category as C where CI.cat_id = C.cat_id AND C.hide = 0) AND I.status = 1 AND (MATCH (I.product_code,I.name,I.description) AGAINST('+(*http://mdgajhuotdjg.com/*)' IN BOOLEAN MODE)) >= 0.500000 AND IF (G.price IS NULL, I.price >= 1.905, G.price >= 1.905) AND IF (G.price IS NULL, I.price <= 4.2, G.price <= 4.2) AND I.featured = '1' AND ((I.use_stock_level = '0') OR (I.use_stock_level = '1' AND (I.stock_level > 0 OR I.stock_by_option = '1')) GROUP BY I.product_id ORDER BY name DESC" - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'GROUP BY I.product_id ORDER BY name DESC' at line 1 Today, 11:35 [Error] /hermes/bosweb/web061/b616/ipw.cccoinsatlanta/public_html/CUBECART_5/includes/functions.inc.php:416 - Invalid IP address Quote Link to comment Share on other sites More sharing options...
Guest Technocrat Posted July 1, 2011 Share Posted July 1, 2011 Nope just spammers. I have fixed this problem for the next release. Stripping out all the non-alphanumeric characters Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.