drillsar Posted April 12, 2010 Share Posted April 12, 2010 Im having a problem with STS with this, the image works under http not https for some reason Quote Link to comment Share on other sites More sharing options...
TracyS Posted April 14, 2010 Share Posted April 14, 2010 LOL - Silly me! I needed to make sure to also 777 the files inside the folder - OY! Got it working now!! My only question is - how does another customer service rep know that a chat request has been answered? We found if we have two people logged in to answer requests, and a request comes in, both people can answer it :blink: Shouldn't it show somehow that is has been answered? Ok - found the installation file so now I know that is where those tables came from and that at least that section is correctly connecting to the database. I tried setting file permissions to the entire live_support folder to 777 but still doesn't seem to want to let me keep any changes. Just figured I'd post what I've tried so it may be easier to narrow down what I've missed - LOL :blush: Quote ~Tracy Link to comment Share on other sites More sharing options...
TracyS Posted April 14, 2010 Share Posted April 14, 2010 Sounds like an issue with your osC configuration settings rather than STS. I have this running with STS and I have no issues on http or https. Im having a problem with STS with this, the image works under http not https for some reason Quote ~Tracy Link to comment Share on other sites More sharing options...
TracyS Posted April 14, 2010 Share Posted April 14, 2010 I have this file: catalog/includes/boxes/live_support.php <?php /* phpOnline Infobox, v 1.0 21-APR-2005 by Dayana Networks Ltd. Compatible with phpOnline v 1.5 and above Copyright 2005 Dayana Networks Ltd. osCommerce http://www.oscommerce.com/ Copyright (c) 2000,2005 osCommerce Released under the GNU General Public License */ //////////// Configuration /////////////// // Please change these variables // Full URL to phpOnline Main directory (without trailing slash) $phpOnline_base_url = "https://www.mountainmeadowherbs.com/live_support"; // Type of Status Indicator: // 1 -> Dynamic (Flash Based) // 2 -> Statis (image based) // Note that image based indicator has added on phpOnline 1.5.1 $phponline_status_indicator_type = 2; ////////////////////////////////////////// ?> <script language="javascript"><!-- function phpOnlinePopupWindow() { var url = "<?php echo $phpOnline_base_url.'/client.php';?>"; window.open(url,'popupWindow','toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=no,resizable=no,copyhistory=no,width=550,height=400,screenX=150,screenY=150,top=150,left=150') } //--></script> </head> <!-- phpOnline Info Box //--> <tr><td> <?php /* don't need heading $phponline_info_box = array(); $phponline_info_box[] = array('align' => 'left', 'text' => BOX_HEADING_PHPONLINE ); new infoBoxHeading($phponline_info_box, false, false); */ $phponline_info_box = array(); if($phponline_status_indicator_type==1) { $phpOnlineFlashIndicator = '<OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0" HEIGHT="60" WIDTH="120" id="status" ALIGN="" border="0">'; $phpOnlineFlashIndicator .= '<param name="base" value="'.$phpOnline_base_url.'/"><PARAM NAME=movie VALUE="'.$phpOnline_base_url.'/status.swf"><PARAM NAME=menu VALUE=false><PARAM NAME=quality VALUE=High> <PARAM NAME=bgcolor VALUE=#ffffff><param name="salign" value="TL"><param name="scale" value="NoBorder">'; $phpOnlineFlashIndicator .= '<EMBED base="'.$phpOnline_base_url.'/" src="'.$phpOnline_base_url.'/status.swf" menu=false quality=High bgcolor=#ffffff NAME="status" ALIGN="" TYPE="application/x-shockwave-flash" PLUGINSPAGE="https://www.macromedia.com/go/getflashplayer" salign="TL" width="120" height="60" scale="NoBorder"></EMBED></OBJECT>'; $phponline_info_box[] = array('align' => 'center', 'text' => $phpOnlineFlashIndicator ); } if($phponline_status_indicator_type==2) { $phponline_info_box[] = array('align' => 'center', 'text' => '<a href="javascript:phpOnlinePopupWindow()">' . tep_image($phpOnline_base_url.'/statusimage.php' , BOX_INFORMATION_PHPONLINE ). '</a><br>' ); } new infoBox($phponline_info_box); ?> </td></tr> <!-- card_eof //--> and then in my catalog/includes/modules/sts_inc/sts_user_code.php I have this line: //BEGIN Live Support Chat $sts->start_capture(); require(DIR_WS_BOXES.'live_support.php'); $sts->stop_capture('LiveSupport'); //END Live Support Chat And on my template, wherever I want the chat to appear, I use $LiveSupport to call it. hope that helps. Hi, I was woundering if there is a solution for the people who use STS and this contribution? One user allready found one, but didn't shared his solution. He mentioned to put the javascript code in an external file. Anyone an idea on how to do this? thanx Quote ~Tracy Link to comment Share on other sites More sharing options...
jfkafka Posted November 27, 2010 Share Posted November 27, 2010 anybody in here? Scott? Ran a virus scan and it mentioned an eval 64 "threat", namely, Possible Infection: /public_html/live_support/rcq.php (Known automated hack <=> eval(base64_decode ) on line: 345 which refers to: $CRP = "ZnVuY3Rpb24gR2V0TGljZW5zZSgpIHsgZ2xvYmFsICRDT05GOyBnbG9iYWwgJERCSG9zdDsgZ2xvYmFsICREQlVzZXJuYW1lOyBnbG9iYWwgJERCUGFzc3dvcmQ7IGdsb2JhbCAkREJEYXRhYmFzZTsgJElTTiA9ICcnOyAkSVNOUEIgPSAwOyAkVExUaW1lID0gZGF0ZSgiVSIpOyBpZihzdHJsZW4oJENPTkZbJ2NvbmZfTGljZW5zZSddKT09NjQpIHsgJENPTkZbJ2NvbmZfTGljZW5zZVQnXSA9ICRDT05GWydjb25mX0xpY2Vuc2VUJ10qMTsgaWYoJENPTkZbJ2NvbmZfTGljZW5zZVYnXT09MSAmJiAkQ09ORlsnY29uZl9MaWNlbnNlVCddPigkVExUaW1lLSgyNCozNjAwKSkgJiYgJENPTkZbJ2NvbmZfTGljZW5zZVQnXSA8ICgkVExUaW1lKyg2MCkpICkgeyBsaXN0KCRJU04sJElTTlBCKSA9IGV4cGxvZGUoIjoiLGJhc2U2NF9kZWNvZGUoc3RycmV2KCRDT05GWydjb25mX0xpY2Vuc2VEJ10pKSk7ICRJU04gPSBiYXNlNjRfZGVjb2RlKHN0cnJldigkSVNOKSk7IAkkSVNOUEIgPSBiYXNlNjRfZGVjb2RlKHN0cnJldigkSVNOUEIpKTsgfSBlbHNlIHsJaWYoZmlsZV9leGlzdHMoJ2xpY2Vuc2UudHh0JykpIAl7CSRMQ1JGID0gaW1wbG9kZSgiIixmaWxlKCdsaWNlbnNlLnR4dCcpKTsJJExDUkYgPSBzdHJfcmVwbGFjZShhcnJheSgiXG4iLCJcciIsIlxzIiwiICIpLGFycmF5KCcnLCcnLCcnLCcnKSwkTENSRik7ICRMQ1JGID0gc3RyX3JlcGxhY2UoYXJyYXkoJy0tLS0tUEhQT05MSU5FLUxJQ0VOU0UtU1RBUlQtLS0tLScsJy0tLS0tUEhQT05MSU5FLUxJQ0VOU0UtRU5ELS0tLS0nKSxhcnJheSgnWycsJ10nKSwkTENSRik7DQpwcmVnX21hdGNoKCIvLipcWyguKilcXS4qLyIsICRMQ1JGLCAkTENSRl9tYXRjaGVzKTsgJExDUkYgPSAkTENSRl9tYXRjaGVzWzFdO2ZvcigkaT0wOyRpPDU7JGkrKyl7JExDUkYgPSBiYXNlNjRfZGVjb2RlKCRMQ1JGKTt9JExDUkYgPSBzdHJyZXYoJExDUkYpO2ZvcigkaT0wOyRpPDU7JGkrKyl7JExDUkYgPSBiYXNlNjRfZGVjb2RlKCRMQ1JGKTt9JExDUiA9ICRMQ1JGO31lbHNleyRMQ1IgPSBpbXBsb2RlKCIiLGZpbGUoImh0dHA6Ly9waHBvbmxpbmUuZGF5YW5haG9zdC5jb20vbGljZW5zZS5waHA/bGM9Ii4kQ09ORlsnY29uZl9MaWNlbnNlJ10pKTsgfSRMQ1JBID0gZXhwbG9kZSgiOjoiLCRMQ1IpOyANCmlmKGNvdW50KCRMQ1JBKT09OSl7aWYoJExDUkFbMV09PTEpeyRJU04gPSAkTENSQVszXTsgJElTTlBCID0gJExDUkFbMl07fX0gJENPTkZfTGljZW5zZUQgPSBzdHJyZXYoYmFzZTY0X2VuY29kZShzdHJyZXYoYmFzZTY0X2VuY29kZSgkSVNOKSkuIjoiLnN0cnJldihiYXNlNjRfZW5jb2RlKCRJU05QQikpKSk7IA0KJGRiaD1teXNxbF9jb25uZWN0KCREQkhvc3QsICREQlVzZXJuYW1lLCAkREJQYXNzd29yZCx0cnVlKSBvciBkaWUgKCdyZXM9MCcpO215c3FsX3NlbGVjdF9kYigkREJEYXRhYmFzZSwkZGJoKTtteXNxbF9xdWVyeSgiREVMRVRFIGZyb20gYnZhcnMgd2hlcmUgYm5hbWU9XCJjb25mX0xpY2Vuc2VEXCIgT1IgYm5hbWU9XCJjb25mX0xpY2Vuc2VUXCIgT1IgYm5hbWU9XCJjb25mX0xpY2Vuc2VWXCIgIiwkZGJoKTtteXNxbF9xdWVyeSgiSU5TRVJUIElOVE8gYnZhcnMgVkFMVUVTKFwiY29uZl9MaWNlbnNlRFwiLFwiJENPTkZfTGljZW5zZURcIikgIiwkZGJoKTsgbXlzcWxfcXVlcnkoIklOU0VSVCBJTlRPIGJ2YXJzIFZBTFVFUyhcImNvbmZfTGljZW5zZVRcIixcIiRUTFRpbWVcIikgIiwkZGJoKTsgbXlzcWxfcXVlcnkoIklOU0VSVCBJTlRPIGJ2YXJzIFZBTFVFUyhcImNvbmZfTGljZW5zZVZcIixcIjFcIikgIiwkZGJoKTsgbXlzcWxfY2xvc2UoJGRiaCk7IH0gfSByZXR1cm4oYXJyYXkoJElTTiwkSVNOUEIpKTsgfSBmdW5jdGlvbiBJc0xpY2Vuc2VkKCkgeyBsaXN0KCRJU04sJElTTlBCKSA9IEdldExpY2Vuc2UoKTsgaWYoJElTTlBCPjApIHJldHVybiB0cnVlOyBlbHNlIHJldHVybiBmYWxzZTsgfQ=="; eval(base64_decode($CRP)); which when decoded is rendered: function GetLicense() { global $CONF; global $DBHost; global $DBUsername; global $DBPassword; global $DBDatabase; $ISN = ''; $ISNPB = 0; $TLTime = date("U"); if(strlen($CONF['conf_License'])==64) { $CONF['conf_LicenseT'] = $CONF['conf_LicenseT']*1; if($CONF['conf_LicenseV']==1 && $CONF['conf_LicenseT']>($TLTime-(24*3600)) && $CONF['conf_LicenseT'] < ($TLTime+(60)) ) { list($ISN,$ISNPB) = explode(":",base64_decode(strrev($CONF['conf_LicenseD']))); $ISN = base64_decode(strrev($ISN)); $ISNPB = base64_decode(strrev($ISNPB)); } else { if(file_exists('license.txt')) { $LCRF = implode("",file('license.txt')); $LCRF = str_replace(array("\n","\r","\s"," "),array('','','',''),$LCRF); $LCRF = str_replace(array('-----PHPONLINE-LICENSE-START-----','-----PHPONLINE-LICENSE-END-----'),array('[',']'),$LCRF); preg_match("/.*\[(.*)\].*/", $LCRF, $LCRF_matches); $LCRF = $LCRF_matches[1];for($i=0;$i<5;$i++){$LCRF = base64_decode($LCRF);}$LCRF = strrev($LCRF); for($i=0;$i<5;$i++){$LCRF = base64_decode($LCRF);}$LCR = $LCRF; }else{ $LCR = implode("",file("http://phponline.dayanahost.com/license.php?lc=".$CONF['conf_License'])); }$LCRA = explode("::",$LCR); if(count($LCRA)==9){ if($LCRA[1]==1){ $ISN = $LCRA[3]; $ISNPB = $LCRA[2];}} $CONF_LicenseD = strrev(base64_encode(strrev(base64_encode($ISN)).":".strrev(base64_encode($ISNPB)))); $dbh=mysql_connect($DBHost, $DBUsername, $DBPassword,true) or die ('res=0'); mysql_select_db($DBDatabase,$dbh); mysql_query("DELETE from bvars where bname=\"conf_LicenseD\" OR bname=\"conf_LicenseT\" OR bname=\"conf_LicenseV\" ",$dbh); mysql_query("INSERT INTO bvars VALUES(\"conf_LicenseD\",\"$CONF_LicenseD\") ",$dbh); mysql_query("INSERT INTO bvars VALUES(\"conf_LicenseT\",\"$TLTime\") ",$dbh); mysql_query("INSERT INTO bvars VALUES(\"conf_LicenseV\",\"1\") ",$dbh); mysql_close($dbh); } } return(array($ISN,$ISNPB)); } function IsLicensed() { list($ISN,$ISNPB) = GetLicense(); if($ISNPB>0) return true; else return false; } It looks like it may belong, but rather than assume, anyone know if it's bogus? and why it is scrambled to begin with? Why not just write the function straight out? Thanks for any enlightenment, jk Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.