Home General support

Malicious comment posting crashed my gallery

richrockwell Member
in General support
I got an email that someone posted a comment to my gallery, and when I go to log in to look at the comment, it doesn't accept my password, and when I try to go to the gallery, I get a "web page cannot be found" error. The photos are there, but I can't get to them. The posting came from dempsterpl - dempsterplour@rutgers.edu, website: http://thesaurus.reference.com. The comment is `partially annual store end page expected forcings serious [url=http://en.wikipedia.org]individual release led[/url] http://www.tomshardware.com` Has anyone else experienced this, and have any tips for how to repair it?

Comments

  • sbillard Member
    delete the comment from your database. Then add some spam filtering of some kind.
  • richrockwell Member
    I deleted the admin table and re-ran setup to set a new password. I deleted the comment, but the comment page displays the message "extract()[function extract]" first argument should be an array in [my directory]/zenphoto/zp-core/admin-comments.php on line 119". I can see the gallery from the admin tool, but the photos don't show on the web site. I still get a "page cannot be found" error.
  • acrylian Administrator, Developer
    You might need to check or renew your installation, maybe that comment did hack the site..
  • sbillard Member
    You should also run the database refresh fuction to clean up any dangling references to the comments
  • richrockwell Member
    ISSUE RESOLVED: I reinstalled and updated to version 1.2.8, and refreshed the database, and that got the gallery back up, but I was getting the an error message "call to undefined function getImageEXIFData() in ...\themes\default\image.php" on every page where the comment section would be. When I did a web search, I discovered several other ZenPhoto sites with the same error, and I discovered that the function had been renamed to getImageMetaData(). I changed "getImageEXIFData()" to "getImageMetaData()" in my image.php file, and that solved the problem, so everything is back to normal. My mistake was that I used my old version of image.php when I updated to 1.2.8 because I had customized the theme.
  • acrylian Administrator, Developer
    The old function is still in the deprecated functions plugin but that is naturally not enabled by default.
Sign In or Register to comment.