Should I try to patch my existing installation or would it be better to do a fresh install with 4.2.4?
I've downloaded and installed 4.2.4 and I have a recent (pre-hacked) database. What do I do now? Is there a wiki page or a tutorial on how to "migrate" my data into the new site?
Thanks in advance.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Anonymous
-
2011-01-14
Update: The hacker made a copy of my index.php file and named it index_edit.php. So I removed the hacker's index.php file and renamed index_edit.php to index.php. Now when I go to http://www.gontzfamily.org/genealogy2/ I get, "Access Denied."
I would really like to be able to see my old site so that as I am setting up my new, 4.2.4 site I can verify that I have everything the same as I did before. I am a little confused about how phpgedview stores its data. For example, I have my new site up and running at http://www.gontzfamily.org/phpgedview/ and I've added/imported all of my GEDCOMs but my customized welcome page for each GEDCOM does not appear. Where is this data stored?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
The hacker did NOT re-name "index.php" to "index_edit.php".
You need to re-name the "index.php" file back to "index_edit.php" (undo the previous re-name), and then restore "index.php" from the original set of downloaded files
You're seeing the "access denied" message because you're launching "index_edit.php" (which you re-named) without first being logged in.
The "blocks" database table contains a description of all the customized Welcome pages. It also contains the News and FAQ texts. Furthermore, this is where you'll find all the configuration information for each block that's configurable.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
My site was hacked in a similar fashion. The index.php file was replaced with a hacked copy and a few extra PHP files were added, specifically dmar.php and rs57.php.
So you will want to make sure that you not only replace the index.php file that was hacked, but also make sure that no extra files were added as back doors to let them back in again.
If it were me, I would upgrade to 4.2.4 in a brand new directory and copy over my media directories, index, directory, and config.php file.
-John
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Correction on the stuff that's in the "blocks" table: The "news" table contains the News text and also the FAQ texts. The "blocks" table is reserved for the various block configurations and also the description of the various Welcome pages.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
It wouldn't hurt to change the database password too.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Anonymous
-
2011-01-16
canajun2eh,
Thanks for the info! That got my old site working again. I guess I should have checked to see if the index.php file was a part of the installation before assuming that it was a copy of index.php.
In regards to the customized welcome pages:
After setting up 4.2.4 with a new database I dropped all of the tables in the database and then imported the tables from a backup of my old, 4.2.2 site. None of my custom pages loaded so I compared the contents of the pgv_blocks table between my new database and my old database and they were different. So I dropped the pgv_blocks table from my new database and imported just the pgv_blocks table from my backup. However, this didn't make any difference. So, then, as you said, I discoverd that the information that I was looking for is actually stored in the pgv_news table. So again, I compared the contents of the pgv_news table between my new database and my old database and they were different. So just like the pgv_blocks table I dropped the pgv_news table from my new database and imported just the pgv_blocks table from my backup. However, this didn't make any difference.
Also, my database backup has 39 tables and my newly created table only has 29 tables. This is very odd to me because I dropped tables and then imported them from a back for numerous site/installations (Joomla!, Gallery, Coppermine, ZenCart, etc.) and I've never had any problems. What am I missing / overlooking?
I can simply copy and paste or recreate the information that I have in the News block but I would like to know why it isn't working.
Also, where does the Google Map module store its information? Google Maps is not working with my new site. Any information about my media (pictures) is also missing.
Everyone,
Thanks for all of the suggestions about changing account information.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
As part of the upgrade, did you first export your database from the old installation? This creates a GEDCOM that contains the media information. You then have to import that GEDCOM into your new installation, telling PGV to erase all old database data and not keep media links.
These instructions have been echoed over and over again in this forum. In your particular case, you should simply have done an upgrade-in-place.
Some of the missing tables are created by various modules, such as the Research Assistant.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
It happened to several clients we were hosting. Does 4.2.4 fix this? Is there a fixed version of module.php that we can drop in a 4.2.3 installation to fix this?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
nwod888:
Why can't you check the "patches" section and other posts in this forum for your answers to both questions?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Anonymous
-
2011-01-21
To update all of my previous posts
One of my original questions was about how to migrate data from one installation. I now know how to do this and plan to add a few things regarding this process to the wiki.
As an FYI for others who have been/get hacked. Like yahlnifj, I found extra php files in the root diretory of my phpGedView installation, the media folder, and the modules folder. And as canajun2eh pointed out, re-uploading the index.php file from an original installation set allowed me to regain access to my old, hacked site.
Redarding my troubles with the database, there was a problem with the backup that I was using that when I imported it into my new database it was not bringing all of the tables with it. Once I got my hacked site up and running and was sure that the database was ok I exported this database via phpMyAdmin and then imported it into my new database and all was well!
As for my missing Google Map information. I failed to copy /modules/googlemap/config.php to my new installation. I assumed that this information would be present in the database - I did not realize that it was stored in a config file.
Thanks for everyone's help!
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
My site has been hacked so I have a couple of questions:
The main page of my site says only, "DeRf ownz you" and the rest of the screen is blank. (See http://www.gontzfamily.org/genealogy2/.
Should I try to patch my existing installation or would it be better to do a fresh install with 4.2.4?
I've downloaded and installed 4.2.4 and I have a recent (pre-hacked) database. What do I do now? Is there a wiki page or a tutorial on how to "migrate" my data into the new site?
Thanks in advance.
Update: The hacker made a copy of my index.php file and named it index_edit.php. So I removed the hacker's index.php file and renamed index_edit.php to index.php. Now when I go to http://www.gontzfamily.org/genealogy2/ I get, "Access Denied."
I would really like to be able to see my old site so that as I am setting up my new, 4.2.4 site I can verify that I have everything the same as I did before. I am a little confused about how phpgedview stores its data. For example, I have my new site up and running at http://www.gontzfamily.org/phpgedview/ and I've added/imported all of my GEDCOMs but my customized welcome page for each GEDCOM does not appear. Where is this data stored?
The hacker did NOT re-name "index.php" to "index_edit.php".
You need to re-name the "index.php" file back to "index_edit.php" (undo the previous re-name), and then restore "index.php" from the original set of downloaded files
You're seeing the "access denied" message because you're launching "index_edit.php" (which you re-named) without first being logged in.
The "blocks" database table contains a description of all the customized Welcome pages. It also contains the News and FAQ texts. Furthermore, this is where you'll find all the configuration information for each block that's configurable.
My site was hacked in a similar fashion. The index.php file was replaced with a hacked copy and a few extra PHP files were added, specifically dmar.php and rs57.php.
So you will want to make sure that you not only replace the index.php file that was hacked, but also make sure that no extra files were added as back doors to let them back in again.
If it were me, I would upgrade to 4.2.4 in a brand new directory and copy over my media directories, index, directory, and config.php file.
-John
Correction on the stuff that's in the "blocks" table: The "news" table contains the News text and also the FAQ texts. The "blocks" table is reserved for the various block configurations and also the description of the various Welcome pages.
Remember to change your passwords - PGV and website.
It wouldn't hurt to change the database password too.
canajun2eh,
Thanks for the info! That got my old site working again. I guess I should have checked to see if the index.php file was a part of the installation before assuming that it was a copy of index.php.
In regards to the customized welcome pages:
After setting up 4.2.4 with a new database I dropped all of the tables in the database and then imported the tables from a backup of my old, 4.2.2 site. None of my custom pages loaded so I compared the contents of the pgv_blocks table between my new database and my old database and they were different. So I dropped the pgv_blocks table from my new database and imported just the pgv_blocks table from my backup. However, this didn't make any difference. So, then, as you said, I discoverd that the information that I was looking for is actually stored in the pgv_news table. So again, I compared the contents of the pgv_news table between my new database and my old database and they were different. So just like the pgv_blocks table I dropped the pgv_news table from my new database and imported just the pgv_blocks table from my backup. However, this didn't make any difference.
Also, my database backup has 39 tables and my newly created table only has 29 tables. This is very odd to me because I dropped tables and then imported them from a back for numerous site/installations (Joomla!, Gallery, Coppermine, ZenCart, etc.) and I've never had any problems. What am I missing / overlooking?
You can see screenshot of the differences between my to databases at: http://www.gontzfamily.org/phpgedview_screenshots/.
I can simply copy and paste or recreate the information that I have in the News block but I would like to know why it isn't working.
Also, where does the Google Map module store its information? Google Maps is not working with my new site. Any information about my media (pictures) is also missing.
Everyone,
Thanks for all of the suggestions about changing account information.
As part of the upgrade, did you first export your database from the old installation? This creates a GEDCOM that contains the media information. You then have to import that GEDCOM into your new installation, telling PGV to erase all old database data and not keep media links.
These instructions have been echoed over and over again in this forum. In your particular case, you should simply have done an upgrade-in-place.
Some of the missing tables are created by various modules, such as the Research Assistant.
This page describes how the attackers are getting in - http://osvdb.org/show/osvdb/70295
It happened to several clients we were hosting. Does 4.2.4 fix this? Is there a fixed version of module.php that we can drop in a 4.2.3 installation to fix this?
nwod888:
Why can't you check the "patches" section and other posts in this forum for your answers to both questions?
To update all of my previous posts
One of my original questions was about how to migrate data from one installation. I now know how to do this and plan to add a few things regarding this process to the wiki.
As an FYI for others who have been/get hacked. Like yahlnifj, I found extra php files in the root diretory of my phpGedView installation, the media folder, and the modules folder. And as canajun2eh pointed out, re-uploading the index.php file from an original installation set allowed me to regain access to my old, hacked site.
Redarding my troubles with the database, there was a problem with the backup that I was using that when I imported it into my new database it was not bringing all of the tables with it. Once I got my hacked site up and running and was sure that the database was ok I exported this database via phpMyAdmin and then imported it into my new database and all was well!
As for my missing Google Map information. I failed to copy /modules/googlemap/config.php to my new installation. I assumed that this information would be present in the database - I did not realize that it was stored in a config file.
Thanks for everyone's help!
tgontz:
Thank you for keeping us informed. I'm relieved that your site is now running well on the latest PGV version 4.2.4 .