someone hacked my site - most of the damage was in my zenphoto folders... they got in somehow, overwrote & created new nefarious .htaccess files, and deleted a bunch of stuff (all so they could e-mail spam for 2 hours). I think I've managed to clean all that up, changed ftp passwords, etc... but, now I'm left with a real mess.
I had been running an older version of zenphoto (I can't even look up the version, as all those files are gone). I think it was around 1.3.? or so? Anyway, I tried essentially starting over, only keeping my album folder, and a custom theme folder. I then uploaded version 1.4.2.4, and tried running the setup...
I worked through numerous errors and warnings all through the setup, and had almost everything fixed, except the mapping to my SQL database - it simply would not connect. Error I kept seeing was:
Parse error: syntax error, unexpected '/' in /gallery/zp-core/functions-basic.php(48) : eval()'d code on line 65
but, there were other errors too... then, I tried getting back to this this morning, and virtually nothing worked. I can't even run setup anymore. So, I am deleting everything and attempting to start over.
I tried looking for older versions of zenphoto, but the old versions archive page has nothing to download:
http://www.zenphoto.org/pages/older-versions-archiveAny ideas? I have (had?) thousands of images indexed, everything had been working smoothly for 3+ years. If I have to recreate all this... well, I don't even know if I could at this point. I do still have all my images, and my sql database seems ok, but I have no engine to map the two together.
Zenphoto
Comments
I hope it's not related to the securiy issue half a year ago.
http://www.zenphoto.org/news/alert-security-hole-in-zenphoto-1.4.1.4
http://www.zenphoto.org/news/security-alert-part-2
It's indeed the safest to clean out your site/serverspace completely and start fresh.
Please be sure to set the file/folder permissions then as strict as possible because that may cause the greatest vulnerability.
As for the download page: There are some issues currently with the site. The developers are working hard to solve them.
Anyway, you should make a copy of the file to be sure you know your MySQL credentials and then remove it so setup will re-create the file fresh.
I'm monitoring my site to see if any of these .htaccess files re-appear, which would indicate the database(s) are compromised. I'm also checking with my hosting company to see if I can just revert my entire site to whatever it was a few days ago, before all this happened. Then, maybe I can do a smoother upgrade and plug this security hole correctly.
in the meantime, it seems that upgrading from whatever version of zenphoto I had to the latest release might not be so smooth... so, I might have to upgrade in steps, I'm not sure. Anyway, I could really use access to those interim releases... so thanks in advance to whoever is working on that.
Bad news is that my old theme appears incompatible with the upgrade. I had a heavily-modified version of Cimi running. now, i've switched to Zenpage... nice, except I need to change the colors, and make the page width wider. I think I can handle that, but it's a pain. Seems everyone has wide monitors these days, so why not have themes/pages that take advantage of it - especially when the purpose is to look at photos? Anyway, I'm rambling.
Thanks to everyone here for your help & support. I hadn't upgraded Zenphoto in a while as I had just thought it was "dead", but surprised & happy to see that it seems to have been resurrected sometime in the intervening years.
Seems everyone has wide monitors these days, so why not have themes/pages that take advantage of it - especially when the purpose is to look at photos?
All these themes are meant as a starting point to customize as it never will fit anyone's needs completly be it layout and/or functionality. The hosted and actually unsuppprted 3rd party cimi theme has been roughly updated to support 1.4.3 just recently. Try the version from our site. As it is quite simpley you probably can find out the changes.
Regarding wide monitors I think you are not right. Smartphones, tablets, netbooks and even smaller (older) laptops don't not have that wide monitors and those get more important. There is more various screensizes than ever before and not every normal user updates that frequently (that's why site still use 960-1000px width as the guide -> iPad has 1024x768 (excl. Retina stuff) so 17inch screen!). The latest way would be to make responsive layouts but that is quite some work as you can imagine (as making a usable theme in general is, too).
Even if someone has a wide monitor it does not mean he uses the browser full screen, More likely is that several programs are open at the time and share that space.
The issue is that I work really hard to get my images looking like I want at 100% viewing, which is usually about 700-800 pixels on the long end (that's how I upload them). But, the themes I like generally have stuff in the left/right margins that take up a lot of horizontal space. Plus, I'm having a really hard time modifying themes to account for a different maximum size. The themes often resize my images to around 550px on the long end... no matter what I change in the css or theme options. And the result is a kind of crummy html resize job that looks bad.
I remember it took me a long time to modify Cimi to get it like I wanted it (and it still wasn't really what I wanted). I'm just dreading starting that all over. I'm not a css & php expert, so have to do a lot of trial-n-error to modify these things. Basically, I look for stuff that might give the result I want, try it, and then usually have to undo what I did because it messed everything up.
I'm just looking for a really basic theme with only a few parameters to adjust, which has simple navigation, and will scale to the image size
anyway, I'll keep plugging away.
http://www.phlumf.com/gallery/
Note - I might change or tweak this, so I can't guarantee what you'll see at the link is the modified Cimi.