It appears the former developers of one of my sites was angry at his termination from the project (he wasn't doing a very good job) - well today he spammed my e-mail box with messages referencing the site. As I checked on it, a table from the database was removed! He is messing with my site and I have no idea. He doesn't have any of the passwords or anything - so I'm entirely confused. Please help me! Note: My 'class' folder has the settings, DB information, etc. what should I CHMOD this? Everything seems to be set to 755. Edit: I tried adding this stuff to the .htaccess in the directory where users can upload files: Another Edit: Okay. It seems to be working. I suspect this was how he infiltrated - as there was a .php file in that directory.
Yes, the easiest way he can do anythin, is using some scripts he left there with that intention. Check them and remove/rename if neccessary.
Thanks, Cormack. At first I was entirely unaware of how he could have done it - then it hit me that I allow members to upload data, and that was his way in! So, problem solved. =]