Cry for help!

[4defcon]

Hello guys,

I have a major problem that I have spent 2 nights going round and round in circles... after a recent hack attack, I tried to update to 1.5.0 (I think i'm on 1.3.9) - for some reason or other this failed. So I decided just to delete *everything* including the SQL database and restore from backup ready to try again.

Store was up and running ok (locked in maintenance mode where I left it at the time of taking the last backup) but everytime I access admin directory on the site, I get the following:

Hello. Thank you for loading Zen Cart™.

You are seeing this page for one or more reasons:
1.This is your first time using Zen Cart™ and you haven't yet completed the normal Installation procedure.
If this is the case for you, you will need to upload the "zc_install" folder using your FTP program, and then run zc_install/index.php via your browser (or reload this page to see a link to it).

2.Your /includes/configure.php and/or /admin/includes/configure.php file contains invalid path information and/or invalid database-connection information.
If you recently edited your configure.php files for any reason, or maybe moved your site to a different folder or different server, then you'll need to review and update all your settings to the correct values for your server.
See the Online FAQ and Tutorials area on the Zen Cart™ website for assistance.

I can confirm that the includes/configure.php and the admindir/configure.php files are present, have the correct information in them with regards to paths and SQL data and the relevant permissions on the files and folders seem to be correct.

So I thought, ok, I'll go back even further - a backup of 3 weeks ago which I know 100% to be working it was the copy I used to migrate to the new host..

same problem, 'thank you for loading zen cart...' when accessing admin directory.

I manually (by editing the sql database) took the website off maintenance mode and ran the fix_cache_key.php - it found a mismatch (probably old from previous host) and fixed it.

Still same problem.

Any other ideas? Please let me know if you need anything further from me. I'm not a Zen expert and i've not posted here often.

Thanks for reading.

[stevesh]

I can confirm that the includes/configure.php and the admindir/configure.php files are present, have the correct information in them with regards to paths and SQL data and the relevant permissions on the files and folders seem to be correct.

I always hate to see that, because in almost all cases, the problem that presents that message is incorrect path(s) in that configure file.

Try posting the contents (minus DB name and login info) of that configure.php file here.

[4defcon]

I always hate to see that, because in almost all cases, the problem that presents that message is incorrect path(s) in that configure file.

Try posting the contents (minus DB name and login info) of that configure.php file here.

Thank you, but in the time of writing the above message I was hacked for a 3rd time in two days. These scumbags don't even give me a chance to try and fix the problem. They managed to login even though I couldn't, set the payment type to offline CC processing and then leave again.

Unfortuately i'm simply had enough so I've completely deleted the shop and will start again from a clean and fresh installation.

Thanks for responding though.

[stevesh]

Good idea, I think, but check any other files on your server to make sure they didn't get in some other way, and change your hosting account password.

[niccol]

And possibly change your hosting??

Despite what every hosting company will claim, hacks can be due to the security of the hosting as well as the security of the scripts.