Can anyone explain this. Certain files have appeared on a site of mine, plus a folder called wyiswygPro A file of mine had been copied and then changed to .wysywigPro_edit_contact_us_html Some of the code is below, whioch is all NEW to me (the random Id is a lot longer much of it removed) : <?php ob_start() ?> <?php if ($_GET['randomId'] != "hTYbTHzjWH7E5tZzvTg_hs2BGMg") { echo "Access Denied"; exit(); } ?> Code (markup): And then this: <script language="javascript"> <!--// // this function updates the code in the textarea and then closes this window function do_save() { var code = htmlCode.getCode(); document.open(); document.write("<html><form METHOD=POST name=mform action='http://www.REMOVED.com:1875/frontend/cpanelxp2004/files/savehtmlfile.html'><input type=hidden name=dir value='/REMOVED/REMOVED/public_html'><input type=hidden name=file value='contact_us.html'>Saving ....<br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><textarea name=page rows=1 cols=1></textarea></form></html>"); document.close(); document.mform.page.value = code; document.mform.submit(); } function do_abort() { var code = htmlCode.getCode(); document.open(); document.write("<html><form METHOD=POST name=mform action='http://www.REMOVED.com:1875/frontend/cpanelxp2004/files/aborthtmlfile.html'><input type=hidden name=dir value='/REMOVED/REMOVED/public_html'><input type=hidden name=file value='contact_us.html'>Aborting Edit ....</form></html>"); document.close(); document.mform.submit(); } //--> </script> <?php // make sure these includes point correctly: include_once ('/REMOVED/REMOVED/public_html/WysiwygPro/editor_files/config.php'); include_once ('/REMOVED/REMOVED/public_html/WysiwygPro/editor_files/editor_class.php'); // create a new instance of the wysiwygPro class: $editor = new wysiwygPro(); // add a custom save button: $editor->addbutton('Save', 'before:print', 'do_save();', WP_WEB_DIRECTORY.'images/save.gif', 22, 22, 'undo'); // add a custom cancel button: $editor->addbutton('Cancel', 'before:print', 'do_abort();', WP_WEB_DIRECTORY.'images/cancel.gif', 22, 22, 'undo'); $body = '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> Code (markup): Thanks Ian
Please keep us posted IAN. I have seen a copy of wysywigPro on my site. Am off to see if my form still works. Shannon
I have to log off now but a about 3 weeks ago i had some weird attack on my email forms which someone added header info to my email forms...will post more tomorrow. Not sure if it is connected? My forms work fine, but not sure if mail was going to someone else aswell? Ian
That is very scary. I have already sent message to my guru whom I thought was probably responsible for the html editor being online. We have been working with someone who generates html code using Word and Excel. Have never seen so much garbaged code in my life. I thought he was trying to get our Word doc guy to use. Shannon
Have done some searching and only found one item reating to unknown files appearing on your site with the code like above, have emailed the person awaiting responce. One possible reason given was: Yes I've got cpanel, but I didn't ever create it/copy it etc..... Ian
Contact your host support? To make your form generated email send to some other address as well, they would have to add another recipient to mail(); function in php script.