pdl Posted September 11, 2015 Share Posted September 11, 2015 Hi i have no Admin Login can anyone help. I have turned abit on in class.debug.php and got thisParse error: syntax error, unexpected '*' in /var/www/vhosts/zedjet.com/httpdocs/includes/extra/snippet_a8b9b4f9211d7b723d78d29ad11f5cb5.php on line 2 How do i fix the problem it was working fine Pete Quote Link to comment Share on other sites More sharing options...
bsmither Posted September 12, 2015 Share Posted September 12, 2015 Please look in the folder /includes/extra/ and open the file snippet_a8b9b4f9211d7b723d78d29ad11f5cb5.php for editing.The problem appears to be on line 2. Quote Link to comment Share on other sites More sharing options...
havenswift-hosting Posted September 12, 2015 Share Posted September 12, 2015 Hi PeteEither you added that snippet to alter the functionality or somebody else did and if you dont know anything about it and dont know who added it, then you have a lot more problems than not being able to login as the admin user !Ian Quote Link to comment Share on other sites More sharing options...
pdl Posted September 12, 2015 Author Share Posted September 12, 2015 Hi Guys this is line 2 include(CC_ROOT_DIR.'/files/upload.txt')**; thanksPete Quote Link to comment Share on other sites More sharing options...
pdl Posted September 12, 2015 Author Share Posted September 12, 2015 I have upgraded to the latest version 6.07 hoping that this would fix the problem.But it has not anyone got and ideas the snippet_a8b9b4f9211d7b723d78d29ad11f5cb5.php is the samethanksPete Quote Link to comment Share on other sites More sharing options...
bsmither Posted September 12, 2015 Share Posted September 12, 2015 That file is not found in a stock CubeCart package, and won't be overwritten in an update. So, it survives.You will need to get some help to determine what plugin it belongs to, when it was put there, and fully what it does.More importantly, if we cannot learn of its provenance, you may need some assistance in removing it from your files and database.PHP is complaining about the two asterisks near the end of the statement. The syntax error is preventing this statement from executing. And that may be a good thing until we learn what the snippet is and where it came from. Quote Link to comment Share on other sites More sharing options...
pdl Posted September 12, 2015 Author Share Posted September 12, 2015 i have removed it but the minute i try to login to admin it returns.thanksPete Quote Link to comment Share on other sites More sharing options...
bsmither Posted September 12, 2015 Share Posted September 12, 2015 Yes, you will also need to remove it from the database. (That's how CubeCart works with respect to snippets.)Using an external utility such as phpMyAdmin, look in your database at CubeCart_code_snippet. Find the record with the same php_code as what you see in the file. Since the code is stored in the database table as a 'blob', you will need to have phpMyAdmin show the contents of the blob field in a popup editor (maybe, I am not too familiar with phpMyAdmin).Take note of all the other items of data for that table record. Then set 'enabled' to zero.If the 'unique_id', or 'description', or 'author' looks suspicious, then delete that table record.Let us know what the rest of the data for that record is. Quote Link to comment Share on other sites More sharing options...
pdl Posted September 13, 2015 Author Share Posted September 13, 2015 Wow that sorted it Setting the Enable to Zero Thanks Pete Quote Link to comment Share on other sites More sharing options...
pdl Posted September 13, 2015 Author Share Posted September 13, 2015 here is a capture of the entry in MySql thanks Pete Quote Link to comment Share on other sites More sharing options...
bsmither Posted September 13, 2015 Share Posted September 13, 2015 Ok, so a nonsensical 'unique_id', a nonsensical 'description', no 'version' or 'author'.I have seen this once before and there isn't any way to discover how it got into the database.Delete the table record. Quote Link to comment Share on other sites More sharing options...
havenswift-hosting Posted September 14, 2015 Share Posted September 14, 2015 It is possible that your store has been exploited similar to https://forums.cubecart.com/topic/50318-code-snippet-exploit/ alhough your case is different to the much more common one shown in that thread (the "vohair" exploit that we and others have seen)Ian Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.