Database.PHP erased! Oh noes! Helps?

ChadFenwick

Okay, why am I getting this?

pushingpixels.net


Am I dealing with a gay hacker that can't leave a site that only has 13 members alone?

Stash

Descriptive topic...

Looks like you have your username/password wrong for your database to me — but someone more skilled in these matters will be able to tell you exactly.

ChadFenwick

Well its been fine the last month. But now when I start having people I get this.

And I can't do to much about it because I'm at work and using my phone to do this.

Minisweeper

Looks like a problem with the 'David' Extension. Try deleting the line which includes it out of conf/extensions.php when you get chance. That should bring your forum back online. Then you can look to the root of the problem.

ChadFenwick

Alright, I'll try that when I get home...

Sucks not having computer access all day.

ChadFenwick

Okay, seems my database.php file has been completely deleted. All thats left in it is "?>" and thats it.

Umm... Do I have to completely reinstall vanilla or can someone give me a copy of the database file with everything included because I can't find one and I didn't make a backup of it.

Vaz

You can download Vanilla again & upload the file thats missing. Here's my conf/database.php file (if this is the one your talking about) <?php // Database Configuration Settings $Configuration['DATABASE_HOST'] = 'xxxxxx'; $Configuration['DATABASE_NAME'] = 'xxxx'; $Configuration['DATABASE_USER'] = 'xxxxxx'; $Configuration['DATABASE_PASSWORD'] = 'xxxxxx'; // Saved Searches Table Structure $DatabaseTables['UserSearch'] = 'UserSearch'; $DatabaseColumns['UserSearch']['SearchID'] = 'SearchID'; $DatabaseColumns['UserSearch']['Label'] = 'Label'; $DatabaseColumns['UserSearch']['UserID'] = 'UserID'; $DatabaseColumns['UserSearch']['Keywords'] = 'Keywords'; $DatabaseColumns['UserSearch']['Type'] = 'Type'; // Attachments Table Structure $DatabaseTables['Attachment'] = 'Attachment'; $DatabaseColumns['Attachment']['AttachmentID'] = 'AttachmentID'; $DatabaseColumns['Attachment']['UserID'] = 'UserID'; $DatabaseColumns['Attachment']['DiscussionID'] = 'DiscussionID'; $DatabaseColumns['Attachment']['CommentID'] = 'CommentID'; $DatabaseColumns['Attachment']['Title'] = 'Title'; $DatabaseColumns['Attachment']['Description'] = 'Description'; $DatabaseColumns['Attachment']['Name'] = 'Name'; $DatabaseColumns['Attachment']['Path'] = 'Path'; $DatabaseColumns['Attachment']['Size'] = 'Size'; $DatabaseColumns['Attachment']['MimeType'] = 'MimeType'; $DatabaseColumns['Attachment']['DateCreated'] = 'DateCreated'; $DatabaseColumns['Attachment']['DateModified'] = 'DateModified'; // Pre-Moderation Table Structure $DatabaseColumns['Discussion']['Approved'] = 'Approved'; $DatabaseColumns['Comment']['Approved'] = 'Approved'; // Discussions Table Structure $DatabaseColumns['Discussion']['Draft'] = 'Draft'; ?> Be sure to make the neccessary changes to xxxx

ChadFenwick

Thats the one....

Gah... Keeps saying invalid user. I have all the right information...

I'm thinking about redoing the whole damn site... Now I know what I need and how to do it. Dang it!

nathan

Over the past month or so, I am having a similar problem. The <?php at the start is being overwritten to ?>, so that it displays an error while at the same time, showing the contents of my database.php file.

Is this happening to anyone else, or is it just me?

Nathan

Vaz

I'm not sure about database.php but a little while back my settings.php file was getting messed (need to see if it still is by the way).

I remember making the following changes to stop the problem as suggested here on the forums by little_peet:

The following add-ons seem to be causing the glitch where your settings.php file gets erased:
JQthickbox
Jquery
Discussion view counters
zip2mail

To solve this problem you have to modify part of the framework by replacing the function "AddConfigurationSetting" in the \library\framework\framework.functions.php

This modification has already been placed into Vanilla2 but just incase you can't wait and don't mind modifying - go ahead and do it!

Replace the current function with:

function AddConfigurationSetting(&$Context, $SettingName, $SettingValue = '1') {
if ((!array_key_exists($SettingName, $Context->Configuration))|($Context->Configuration[$SettingName]!=$SettingValue)){
$Context->Configuration[$SettingName] = '';
$SettingsManager = $Context->ObjectFactory->NewContextObject($Context, 'ConfigurationManager');
$SettingsFile = $Context->Configuration['APPLICATION_PATH'].'conf/settings.php';
$SettingsManager->DefineSetting($SettingName, $SettingValue, 1);
$SettingsManager->SaveSettingsToFile($SettingsFile);
}
}

Dinoboff

Vanilla 1.1.3, Vanilla didn't start yet coding Vanilla 2.

fmimoso

Just to report a similar happening. My database.php file was transformed to a simple

?>

Using Vanilla 1.1.2.

It's solved but nonetheless let it be noted.

Dinoboff

Vanilla 1.1.3 should prevent a similar issue with settings.php but not with database.php.

which extensions are you using?

fmimoso

Extended Text Formatter 1.2 Mark O'Sullivan lussumo.com/docs Google Analytics 1.2 dinoboff / ithcy lussumo.com/community/discussion/3507 Guest Post 1.4.1 Gerrard Cowburn lussumo.com/docs Hidden Text 1.4 Justin (Krak) Haury lussumo.com/addons Html Formatter 2.2 SirNotAppearingOnThisForum lussumo.com/docs Low-Cal Vanilla 0.1.1 Dinoboff lussumo.com/docs ModTools 0.06.10b jawele lussumo.com/addons Nuggets 1.1.4 MySchizoBuddy lussumo.com/addons Panel Lists 1.2 Mark O'Sullivan lussumo.com/docs Preview Post 2.5 SirNotAppearingOnThisForum lussumo.com/addons Quicktags 0.5 James Greig lussumo.com/addons Quotations 1.6 Joel Bernstein lussumo.com/community/discussion/2069 Sitemaps 0.1 David Kitchen (buro9 on vanilla.com) lussumo.com/docs Thankful People 1.2 Maurice (Jazzman) Krijtenberg www.krijtenberg.nl Could it be related to http://lussumo.com/community/discussion/5614/thankful-people/#Item_22 ?

Dinoboff

Only Thankful People (I think) write something in database.php, but it should only update it one time. So I don't what could be the problem.

jakob_r

Over the past month or so, I am having a similar problem. The <?php at the start is being overwritten to ?>, so that it displays an error while at the same time, showing the contents of my database.php file.

Isn't this potentially very dangerous? If the contents of database.php are rendered readable, then the hacker can access the database directly, read out whatever infos it contains or overwrite it entirely.

Dinoboff

yep, it is, you should put database.php out of the docroot (and set $Configuration['DATABASE_PATH'] to the new path).

jakob_r

isn't it out of the docroot as standard – conf/database.php – or have I misunderstood something? How can it have been accessed and overwritten? What chmod settings should it have to ensure the conf/ folder and files within cannot be accessed from outside vanilla?

Dinoboff

once everything is set-up, the permission of any vanilla files (except some extension files, like cache files) should be 400 or 440 (500 or or 550 for the folders - except some extensions folder).

database.php is in the web server document root like all the other vanilla file. But the .htaccess should prevent direct access (with an apache server). But it is more secure to put it out of the document root. Not everybody can do that but if you can, do it.