Hacking?

dsoldi

Hi, I'm experiencing a strange problem: after upgrading to 1.4.6, some files (e.g. "full-image.php" and "functions-image.php") are immediately delete from "zp-core" directory as they are uploaded. No way to keep these files on the site.
RUN SETUP function report this warning:

... Verify following files:
index.php
zp-core/full-image.php
zp-core/functions-image.php
zp-core/zp-extensions/cloneZenphoto/clone.php
zp-core/zp-extensions/elFinder/php/elFinderVolumeDriver.class.php
zp-core/zp-extensions/elFinder/php/elFinderVolumeLocalFileSystem.class.php

any ideas?

dsoldi

Edit.
By removing the last two "if" statements from "full-image.php" it is no longer deleted (it doesn't work, of course) ... opened a ticket to my provider...

acrylian

Zenphoto does not delete anything automatically. If it lists files on setup that "might" be a problem it offers to delete them but you have to take action yourself to actually delete them.
http://www.zenphoto.org/news/installation-and-upgrading#re-running-and-re-uploading-setup-files

dsoldi

Ty acrylian, I know ... and I've strictly followed the directions you linked. I suspect that my provider has something watching into php fiels. After removing lines from 202 to the end in full-image.php it is no longer deleted (!!!).
Still waiting a replay from my provider ...

acrylian

All right. Do you use any install helper? Then that might be its fault. Zenphoto for sure does not delete anything.

dsoldi

Problem solved.
The files was deleted by an antivirus on the web server (now disabled).
The file full-image.php (e.g.) was deleted due to the SYMLINK command in line 208 (!)
Thinking to change web provider ....

sbillard

Good information. Thanks for the update.

It is ironic that they would trigger on the function call and delete the script rather than just disabling the `simlink` feature. Zenphoto can work perfectly well without using `symlink`, it is just faster and more space efficient if it can use the function.

dsoldi

More ironic?
Symlink feature IS disabled!