Found two files in the store public_html main directory.
First was:
wysiwygPro_edit_5bd49fd5ed460b570895eccada2be614.php
File and date stamp were a week ago.
Contents here:
-------------------------------------------------------------------
<?php ob_start() ?>
<?php
if ($_GET['randomId'] != "bMshtM0VDHpisnS1U1k0BLwOL9i0UCS92h4u5qySzithI5o7Gwa4hlVgm09HPdz8lBeeuJYLBxyy3SY eY__BnIJ6zAWjjHrNRPrqxERL2FTpTl6C1g93IzyZiMFRlWcYNJfxZUrXpKthUDOzufIk1P75bCmGHks QOwwHtfwpH8wFAzUz3Psg3vO2jHxxF_FZNog4Z1BwoadRtygpjHytH2sTpcRR0gzBLgkWCv8IUAGDUCV rx_pGujDPB3phOVD4") {
echo "Access Denied";
exit();
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Editing index.html.old</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css">body {background-color:threedface; border: 0px 0px; padding: 0px 0px; margin: 0px 0px}</style>
</head>
<body>
<div align="center">
<div id="saveform" style="display:none;">
<form METHOD="POST" name=mform action="http://208.116.53.80:2082/frontend/x/files/savehtmlfile.html">
<input type="hidden" name="charset" value="iso-8859-1">
<input type="hidden" name="baseurl" value="http://www.broadwayfloral.com/public_html/">
<input type="hidden" name="basedir" value="/home/xxxxxxxx/public_html/">
<input type="hidden" name="udir" value="/home/xxxxxxxx/public_html">
<input type="hidden" name="ufile" value="index.html.old">
<input type="hidden" name="dir" value="%2fhome%2fxxxxxxxx%2fpublic_html">
<input type="hidden" name="file" value="index.html.old">
<input type="hidden" name="doubledecode" value="1">
<textarea name=page rows=1 cols=1></textarea></form>
</div>
<div id="abortform" style="display:none;">
<form METHOD="POST" name="abortform" action="http://208.116.53.80:2082/frontend/x/files/aborthtmlfile.html">
<input type="hidden" name="charset" value="iso-8859-1">
<input type="hidden" name="baseurl" value="http://www.broadwayfloral.com/public_html/">
<input type="hidden" name="basedir" value="/home/xxxxxxxx/public_html/">
<input type="hidden" name="dir" value="%2fhome%2fxxxxxxxx%2fpublic_html">
<input type="hidden" name="file" value="index.html.old">
<input type="hidden" name="udir" value="/home/xxxxxxxx/public_html">
<input type="hidden" name="ufile" value="index.html.old">
</form>
</div>
<script language="javascript">
<!--//
function setHtmlFilters(editor) {
// Design view filter
editor.addHTMLFilter('design', function (editor, html) {
return html.replace(/\<meta\s+http\-equiv\="Content\-Type"[^\>]+\>/gi, '<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />');
});
// Source view filter
editor.addHTMLFilter('source', function (editor, html) {
return html.replace(/\<meta\s+http\-equiv\="Content\-Type"[^\>]+\>/gi, '<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />');
});
}
// this function updates the code in the textarea and then closes this window
function do_save() {
document.mform.page.value = WPro.editors[0].getValue();
document.mform.submit();
}
function do_abort() {
document.abortform.submit();
}
//-->
</script>
<?php
// make sure these includes point correctly:
include_once ('/usr/local/cpanel/base/3rdparty/wysiwygPro/wysiwygPro.class.php');
// create a new instance of the wysiwygPro class:
$editor = new wysiwygPro();
$editor->registerButton('save', 'Save',
'do_save();', '##buttonURL##save.gif', 22, 22,
'savehandler');
$editor->addRegisteredButton('save', 'beforerint' );
$editor->addJSButtonStateHandler ('savehandler', 'function (EDITOR,srcElement,cid,inTable,inA,range){
return "wproReady";
}');
$editor->registerButton('cancel', 'Cancel',
'do_abort();', '##buttonURL##close.gif', 22, 22,
'cancelhandler');
$editor->addRegisteredButton('cancel', 'beforerint' );
$editor->addJSButtonStateHandler ('cancelhandler', 'function (EDITOR,srcElement,cid,inTable,inA,range){
return "wproReady";
}');
$editor->theme = 'blue';
$editor->addJSEditorEvent('load', 'function(editor){editor.fullWindow();setHtmlFilters(editor);}');
$editor->baseURL = "http://www.broadwayfloral.com/public_html/";
$editor->loadValueFromFile('/home/xxxxxxxx/public_html/index.html.old');
$editor->registerSeparator('savecan');
// add a spacer:
$editor->addRegisteredButton('savecan', 'after:cancel');
//$editor->set_charset('iso-8859-1');
$editor->mediaDir = '/home/xxxxxxxx/public_html/';
$editor->mediaURL = 'http://www.broadwayfloral.com/';
$editor->imageDir = '/home/xxxxxxxx/public_html/';
$editor->imageURL = 'http://www.broadwayfloral.com/';
$editor->documentDir = '/home/xxxxxxxx/public_html/';
$editor->documentURL = 'http://www.broadwayfloral.com/';
$editor->emoticonDir = '/home/xxxxxxxx/public_html/.smileys/';
$editor->emoticonURL = 'http://www.broadwayfloral.com/.smileys/';
$editor->loadPlugin('serverPreview');
$editor->plugins['serverPreview']->URL = 'http://www.broadwayfloral.com/public_html/.wysiwygPro_preview_5bd49fd5ed460b570895eccada2be614.php?randomId=bMshtM0VDHpisn S1U1k0BLwOL9i0UCS92h4u5qySzithI5o7Gwa4hlVgm09HPdz8lBeeuJYLBxyy3SYeY__BnIJ6zAWjjH rNRPrqxERL2FTpTl6C1g93IzyZiMFRlWcYNJfxZUrXpKthUDOzufIk1P75bCmGHksQOwwHtfwpH8wFAz Uz3Psg3vO2jHxxF_FZNog4Z1BwoadRtygpjHytH2sTpcRR0gzBLgkWCv8IUAGDUCVrx_pGujDPB3phOV D4';
// print the editor to the browser:
$editor->htmlCharset = 'iso-8859-1';
$editor->urlFormat = 'relative';
$editor->display('100%','450');
?>
</div>
<script>
</script>
</body>
</html>
<?php ob_end_flush() ?>
-------------------------------------
Second file:
file name: wysiwygPro_previewt_5bd49fd5ed460b570895eccada2be614.php
Same time and date stamp.
-------------------------------------
<?php
if ($_GET['randomId'] != "bMshtM0VDHpisnS1U1k0BLwOL9i0UCS92h4u5qySzithI5o7Gwa4hlVgm09HPdz8lBeeuJYLBxyy3SY eY__BnIJ6zAWjjHrNRPrqxERL2FTpTl6C1g93IzyZiMFRlWcYNJfxZUrXpKthUDOzufIk1P75bCmGHks QOwwHtfwpH8wFAzUz3Psg3vO2jHxxF_FZNog4Z1BwoadRtygpjHytH2sTpcRR0gzBLgkWCv8IUAGDUCV rx_pGujDPB3phOVD4") {
echo "Access Denied";
exit();
}
// display the HTML code:
echo stripslashes($_POST['wproPreviewHTML']);
?>
------------------------------------------------
Question may not be a Zen Cart issue but I thought if anyone knew, the experts here would know.
So what are these??
Directory permissions all 755
All File permissions 644
Doug
Bookmarks