Help! Cant Load Admin Panel

[robertw477]

I have been making some tweaks on my site and now I cant load the admin panel page. I resotred one of my backups which idid not work. THis is the error I get on load. I did not make any changes to line 67 as noted here.

 

Fatal error: Call to undefined function: tep_get_languages() in /home/robertw4/public_html/admin/index.php on line 67

 

I appreciate any help!

Rob

 

 

My (admin index.php file is shown below)

 

 

 

 

 

<?php

/*

$Id: index.php,v 1.19 2003/06/27 09:38:31 dgw_ Exp $

 

osCommerce, Open Source E-Commerce Solutions

http://www.oscommerce.com

 

Copyright © 2003 osCommerce

 

Released under the GNU General Public License

*/

 

require('includes/application_top.php');

 

$cat = array(array('title' => BOX_HEADING_CONFIGURATION,

'image' => 'configuration.gif',

'href' => tep_href_link(FILENAME_CONFIGURATION, 'selected_box=configuration&gID=1'),

'children' => array(array('title' => BOX_CONFIGURATION_MYSTORE, 'link' => tep_href_link(FILENAME_CONFIGURATION, 'selected_box=configuration&gID=1')),

array('title' => BOX_CONFIGURATION_LOGGING, 'link' => tep_href_link(FILENAME_CONFIGURATION, 'selected_box=configuration&gID=10')),

array('title' => BOX_CONFIGURATION_CACHE, 'link' => tep_href_link(FILENAME_CONFIGURATION, 'selected_box=configuration&gID=11')))),

array('title' => BOX_HEADING_MODULES,

'image' => 'modules.gif',

'href' => tep_href_link(FILENAME_MODULES, 'selected_box=modules&set=payment'),

'children' => array(array('title' => BOX_MODULES_PAYMENT, 'link' => tep_href_link(FILENAME_MODULES, 'selected_box=modules&set=payment')),

array('title' => BOX_MODULES_SHIPPING, 'link' => tep_href_link(FILENAME_MODULES, 'selected_box=modules&set=shipping')))),

array('title' => BOX_HEADING_CATALOG,

'image' => 'catalog.gif',

'href' => tep_href_link(FILENAME_CATEGORIES, 'selected_box=catalog'),

'children' => array(array('title' => CATALOG_CONTENTS, 'link' => tep_href_link(FILENAME_CATEGORIES, 'selected_box=catalog')),

array('title' => BOX_CATALOG_MANUFACTURERS, 'link' => tep_href_link(FILENAME_MANUFACTURERS, 'selected_box=catalog')))),

array('title' => BOX_HEADING_LOCATION_AND_TAXES,

'image' => 'location.gif',

'href' => tep_href_link(FILENAME_COUNTRIES, 'selected_box=taxes'),

'children' => array(array('title' => BOX_TAXES_COUNTRIES, 'link' => tep_href_link(FILENAME_COUNTRIES, 'selected_box=taxes')),

array('title' => BOX_TAXES_GEO_ZONES, 'link' => tep_href_link(FILENAME_GEO_ZONES, 'selected_box=taxes')))),

array('title' => BOX_HEADING_CUSTOMERS,

'image' => 'customers.gif',

'href' => tep_href_link(FILENAME_CUSTOMERS, 'selected_box=customers'),

'children' => array(array('title' => BOX_CUSTOMERS_CUSTOMERS, 'link' => tep_href_link(FILENAME_CUSTOMERS, 'selected_box=customers')),

array('title' => BOX_CUSTOMERS_ORDERS, 'link' => tep_href_link(FILENAME_ORDERS, 'selected_box=customers')))),

array('title' => BOX_HEADING_LOCALIZATION,

'image' => 'localization.gif',

'href' => tep_href_link(FILENAME_CURRENCIES, 'selected_box=localization'),

'children' => array(array('title' => BOX_LOCALIZATION_CURRENCIES, 'link' => tep_href_link(FILENAME_CURRENCIES, 'selected_box=localization')),

array('title' => BOX_LOCALIZATION_LANGUAGES, 'link' => tep_href_link(FILENAME_LANGUAGES, 'selected_box=localization')))),

array('title' => BOX_HEADING_REPORTS,

'image' => 'reports.gif',

'href' => tep_href_link(FILENAME_STATS_PRODUCTS_PURCHASED, 'selected_box=reports'),

'children' => array(array('title' => REPORTS_PRODUCTS, 'link' => tep_href_link(FILENAME_STATS_PRODUCTS_PURCHASED, 'selected_box=reports')),

array('title' => REPORTS_ORDERS, 'link' => tep_href_link(FILENAME_STATS_CUSTOMERS, 'selected_box=reports')))),

 

//BEGIN -- newsdesk

array('title' => BOX_HEADING_NEWSDESK,

'image' => 'catalog.gif',

'href' => tep_href_link(FILENAME_NEWSDESK, 'selected_box=newsdesk'),

'children' => array(array('title' => NEWSDESK_ARTICLES, 'link' => tep_href_link(FILENAME_NEWSDESK, 'selected_box=newsdesk')),

array('title' => NEWSDESK_REVIEWS, 'link' => tep_href_link(FILENAME_NEWSDESK_REVIEWS, 'selected_box=newsdesk')))),

//END -- newsdesk

 

array('title' => BOX_HEADING_TOOLS,

'image' => 'tools.gif',

'href' => tep_href_link(FILENAME_BACKUP, 'selected_box=tools'),

'children' => array(array('title' => TOOLS_BACKUP, 'link' => tep_href_link(FILENAME_BACKUP, 'selected_box=tools')),

array('title' => TOOLS_BANNERS, 'link' => tep_href_link(FILENAME_BANNER_MANAGER, 'selected_box=tools')),

array('title' => TOOLS_FILES, 'link' => tep_href_link(FILENAME_FILE_MANAGER, 'selected_box=tools')))));

 

$languages = tep_get_languages();

$languages_array = array();

$languages_selected = DEFAULT_LANGUAGE;

for ($i = 0, $n = sizeof($languages); $i < $n; $i++) {

$languages_array[] = array('id' => $languages[$i]['code'],

'text' => $languages[$i]['name']);

if ($languages[$i]['directory'] == $language) {

$languages_selected = $languages[$i]['code'];

}

}

?>

<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">

<html <?php echo HTML_PARAMS; ?>>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">

<title><?php echo TITLE; ?></title>

<style type="text/css"><!--

a { color:#003366; text-decoration:none; }

a:hover { color:#003366; text-decoration:underline; }

a.text:link, a.text:visited { color: #003366; text-decoration: none; }

a:text:hover { color: #003366; text-decoration: underline; }

a.main:link, a.main:visited { color: #003366; text-decoration: none; }

A.main:hover { color: #003366; text-decoration: underline; }

a.sub:link, a.sub:visited { color: #003366; text-decoration: none; }

A.sub:hover { color: #003366; text-decoration: underline; }

.heading { font-family: Tahoma, Arial, Helvetica, sans-serif; font-size: 18px; line-height: 1.5; color: #003366; }

.main { font-family: Tahoma, Arial, Helvetica, sans-serif; font-size: 14px; font-weight: bold; line-height: 1.5; color: #003366; }

.sub { font-family: Tahoma, Arial, Helvetica, sans-serif; font-size: 12px; line-height: 1.5; color: #003366; }

.text { font-family: Tahoma, Arial, Helvetica, sans-serif; font-size: 11px; line-height: 1.5; color: #003366; }

.menuBoxHeading { font-family: Tahoma, Arial, Helvetica, sans-serif; font-size: 12px; color: #ffffff; font-weight: bold; background-color: #003366; border-color: #003366; border-style: solid; border-width: 1px; }

.infoBox { font-family: Tahoma, Arial, Helvetica, sans-serif; font-size: 10px; color: #003366; background-color: #FFDF9D; border-color: #003366; border-style: solid; border-width: 1px; }

.smallText { font-family: Tahoma, Arial, Helvetica, sans-serif; font-size: 10px; }

//--></style>

</head>

<body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0" bgcolor="#FFFFFF">

 

<table border="0" width="100%" height="100%" cellspacing="0" cellpadding="0" align="center" valign="middle">

<tr>

<td><table border="0" width="100%" height="440" cellspacing="0" cellpadding="0" align="center" valign="middle">

<tr bgcolor="#000000">

<td><table border="0" width="100%" height="440" cellspacing="0" cellpadding="0">

<tr bgcolor="#ffffff" height="50">

<td height="50"><?php echo tep_image(DIR_WS_IMAGES . 'oscommerce.gif', 'Big Apple Card Co.', '280', '120'); ?></td>

<td align="right" class="text" nowrap><?php echo '<a href="' . tep_catalog_href_link() . '" target="_blank">' . HEADER_TITLE_ONLINE_CATALOG . '</a>'; ?>  </td>

</tr>

<tr bgcolor="#FFEECC">

<td colspan="2"><table width="100%" border="0" cellpadding="0" cellspacing="0" bgcolor="#003366">

<tr>

<td> </td>

</tr>

</table> <table width="460" height="390" border="0" align="center" cellpadding="2" cellspacing="0">

<tr valign="top">

<td width="140" valign="top"><table border="0" width="140" height="390" cellspacing="0" cellpadding="2">

<tr>

<td valign="top"><br>

<?php

$heading = array();

$contents = array();

 

$heading[] = array('params' => 'class="menuBoxHeading"',

'text' => 'Support & Info.');

 

$contents[] = array('params' => 'class="infoBox"',

'text' => '<a href="http://www.bigapplecard.com" target="_blank">Contact Big Apple Card Co.</a><br>');

 

$box = new box;

echo $box->menuBox($heading, $contents);

 

echo '<br>';

 

$orders_contents = '';

$orders_status_query = tep_db_query("select orders_status_name, orders_status_id from " . TABLE_ORDERS_STATUS . " where language_id = '" . $languages_id . "'");

while ($orders_status = tep_db_fetch_array($orders_status_query)) {

$orders_pending_query = tep_db_query("select count(*) as count from " . TABLE_ORDERS . " where orders_status = '" . $orders_status['orders_status_id'] . "'");

$orders_pending = tep_db_fetch_array($orders_pending_query);

$orders_contents .= '<a href="' . tep_href_link(FILENAME_ORDERS, 'selected_box=customers&status=' . $orders_status['orders_status_id']) . '">' . $orders_status['orders_status_name'] . '</a>: ' . $orders_pending['count'] . '<br>';

}

$orders_contents = substr($orders_contents, 0, -4);

 

$heading = array();

$contents = array();

 

$heading[] = array('params' => 'class="menuBoxHeading"',

'text' => BOX_TITLE_ORDERS);

 

$contents[] = array('params' => 'class="infoBox"',

'text' => $orders_contents);

 

$box = new box;

echo $box->menuBox($heading, $contents);

 

echo '<br>';

 

$customers_query = tep_db_query("select count(*) as count from " . TABLE_CUSTOMERS);

$customers = tep_db_fetch_array($customers_query);

$products_query = tep_db_query("select count(*) as count from " . TABLE_PRODUCTS . " where products_status = '1'");

$products = tep_db_fetch_array($products_query);

$reviews_query = tep_db_query("select count(*) as count from " . TABLE_REVIEWS);

$reviews = tep_db_fetch_array($reviews_query);

 

$heading = array();

$contents = array();

 

$heading[] = array('params' => 'class="menuBoxHeading"',

'text' => BOX_TITLE_STATISTICS);

 

$contents[] = array('params' => 'class="infoBox"',

'text' => BOX_ENTRY_CUSTOMERS . ' ' . $customers['count'] . '<br>' .

BOX_ENTRY_PRODUCTS . ' ' . $products['count'] . '<br>' .

BOX_ENTRY_REVIEWS . ' ' . $reviews['count']);

 

$box = new box;

echo $box->menuBox($heading, $contents);

 

echo '<br>';

 

$contents = array();

 

if (getenv('HTTPS') == 'on') {

$size = ((getenv('SSL_CIPHER_ALGKEYSIZE')) ? getenv('SSL_CIPHER_ALGKEYSIZE') . '-bit' : '<i>' . BOX_CONNECTION_UNKNOWN . '</i>');

$contents[] = array('params' => 'class="infoBox"',

'text' => tep_image(DIR_WS_ICONS . 'locked.gif', ICON_LOCKED, '', '', 'align="right"') . sprintf(BOX_CONNECTION_PROTECTED, $size));

} else {

$contents[] = array('params' => 'class="infoBox"',

'text' => tep_image(DIR_WS_ICONS . 'unlocked.gif', ICON_UNLOCKED, '', '', 'align="right"') . BOX_CONNECTION_UNPROTECTED);

}

 

$box = new box;

echo $box->tableBlock($contents);

?>

</td>

</tr>

</table></td>

<td width="460"><table border="0" width="460" height="390" cellspacing="0" cellpadding="2">

<tr>

<td colspan="2"><table border="0" width="100%" cellspacing="0" cellpadding="2">

<tr><?php echo tep_draw_form('languages', 'index.php', '', 'get'); ?>

<td class="heading"><?php echo HEADING_TITLE; ?></td>

<td align="right"><?php echo tep_draw_pull_down_menu('language', $languages_array, $languages_selected, 'onChange="this.form.submit();"'); ?></td>

</form></tr>

</table></td>

</tr>

<?php

$col = 2;

$counter = 0;

for ($i = 0, $n = sizeof($cat); $i < $n; $i++) {

$counter++;

if ($counter < $col) {

echo ' <tr>' . "\n";

}

 

echo ' <td><table border="0" cellspacing="0" cellpadding="2">' . "\n" .

' <tr>' . "\n" .

' <td><a href="' . $cat[$i]['href'] . '">' . tep_image(DIR_WS_IMAGES . 'categories/' . $cat[$i]['image'], $cat[$i]['title'], '32', '32') . '</a></td>' . "\n" .

' <td><table border="0" cellspacing="0" cellpadding="2">' . "\n" .

' <tr>' . "\n" .

' <td class="main"><a href="' . $cat[$i]['href'] . '" class="main">' . $cat[$i]['title'] . '</a></td>' . "\n" .

' </tr>' . "\n" .

' <tr>' . "\n" .

' <td class="sub">';

 

$children = '';

for ($j = 0, $k = sizeof($cat[$i]['children']); $j < $k; $j++) {

$children .= '<a href="' . $cat[$i]['children'][$j]['link'] . '" class="sub">' . $cat[$i]['children'][$j]['title'] . '</a>, ';

}

echo substr($children, 0, -2);

 

echo '</td> ' . "\n" .

' </tr>' . "\n" .

' </table></td>' . "\n" .

' </tr>' . "\n" .

' </table></td>' . "\n";

 

if ($counter >= $col) {

echo ' </tr>' . "\n";

$counter = 0;

}

}

?>

</table></td>

</tr>

</table>

<table width="100%" border="0" cellpadding="0" cellspacing="0" bgcolor="#003366">

<tr>

<td> </td>

</tr>

</table></td>

</tr>

</table></td>

</tr>

<tr>

<td><?php require(DIR_WS_INCLUDES . 'footer.php'); ?></td>

</tr>

</table></td>

</tr>

</table>

 

</body>

 

</html>

[germ]

You've accidentally uploaded /catalog/includes/functions/general.php into the /catalog/admin/includes/functions folder.

 

The admin version has that function while the catalog one doesn't (there are more differences than that).

[Guest]

Robert,

 

 

Ya, what Jim said...........lol

 

 

 

Chris

[robertw477]

Robert,

 

 

Ya, what Jim said...........lol

 

 

 

Chris

 

 

I deleted that file as noted but I still cant load it? Any other ideas?

 

Rob

[germ]

I deleted that file general.php in the catalog/includes/functions and I still dont load the admin page?

 

Rob

Because that isn't the way to fix the problem.

 

Upload the correct file into the admin.

[robertw477]

I deleted that file as noted but I still cant load it? Any other ideas?

 

Rob

 

 

Somebody else mentioned I might have been hacked. I also found hidden spam keywords in my google cache of my website toward the bottom of the page. I could get my provided to restore from backup to see if this is the case.

 

Rob

[germ]

Somebody else mentioned I might have been hacked. I also found hidden spam keywords in my google cache of my website toward the bottom of the page. I could get my provided to restore from backup to see if this is the case.

 

Rob

Finding code in your files that you didn't put there is a definite "you've been hacked".

 

Restoring the files is only part of the solution.

 

If you don't fix the security problem the hackers will return.

[robertw477]

Finding code in your files that you didn't put there is a definite "you've been hacked".

 

Restoring the files is only part of the solution.

 

If you don't fix the security problem the hackers will return.

 

I have not found any code myself. I dont know what in the world happened. I could have my Host restore earlier files from maybe one week old to see if that helps. The bigger picture is probably that OScommerce has become a difficult tool for us to deal with. Every time we have hired outside work it has cost us a fortune to run this stuff and we dont do alot of changes etc. I do the majority of the site maint myself.

 

Rob

[germ]

I have not found any code myself. I dont know what in the world happened. I could have my Host restore earlier files from maybe one week old to see if that helps. The bigger picture is probably that OScommerce has become a difficult tool for us to deal with. Every time we have hired outside work it has cost us a fortune to run this stuff and we dont do alot of changes etc. I do the majority of the site maint myself.

 

Rob

There is an index file in your /images folder that says:

 

HACKED BY 1923TURK GRUP OZEL KUVVETLER

Also, browsing some of your subfolders in your /images folder reveals many PHP files.

 

This isn't normal (unless you put them there).

[Ben Nevis]

I have not found any code myself. I dont know what in the world happened. I could have my Host restore earlier files from maybe one week old to see if that helps. The bigger picture is probably that OScommerce has become a difficult tool for us to deal with. Every time we have hired outside work it has cost us a fortune to run this stuff and we dont do alot of changes etc. I do the majority of the site maint myself.

 

Rob

 

Well, you're going to have to do some site maintenance yourself pretty quick now. You need to clear out the hacked files and code and secure your site. Read this thread.

[robertw477]

There is an index file in your /images folder that says:

 

 

Also, browsing some of your subfolders in your /images folder reveals many PHP files.

 

This isn't normal (unless you put them there).

 

Thanks for finding that html file. I have no idea what happened or when. My site doesnt take orders so there is no real data to steal. They did bury those hidden keywords on my front page. Once I secure the site as shown I need to find out where to look for the hacked or modified files that made those keywords. I hope I dont have to redo the entire site. This is really incredible. Now I really regret getting involved with oscommerce.

 

Rob

[Ben Nevis]

Thanks for finding that html file. I have no idea what happened or when. My site doesnt take orders so there is no real data to steal. They did bury those hidden keywords on my front page. Once I secure the site as shown I need to find out where to look for the hacked or modified files that made those keywords. I hope I dont have to redo the entire site. This is really incredible. Now I really regret getting involved with oscommerce.

 

Rob

Your site doesn't need to take orders or have data to steal for it to be useful to hackers - they can use it to do a myriad of things when they have control over it, not limited to spam, and all bad for your reputation and possibly that of anyone innocently visiting your site.

 

Part of securing your site will be to find all the hacked files and either delete them or remove the malicious code from them, where the code has been added to genuine osc files. The Site Monitor addon will help you do this, and you must use it. If you experience difficulties installing it, ask in the contribution thread for that addon. Note the hacked files didn't make the keywords, they are just symptom of being hacked as is the presence of other files that should not be in the images directory. The hacker did it using the insecurity of your site, and it will remain insecure so long as 1) there are hacker files in it and 2) the necessary measures to secure osc haven't been taken.

[robertw477]

Your site doesn't need to take orders or have data to steal for it to be useful to hackers - they can use it to do a myriad of things when they have control over it, not limited to spam, and all bad for your reputation and possibly that of anyone innocently visiting your site.

 

Part of securing your site will be to find all the hacked files and either delete them or remove the malicious code from them, where the code has been added to genuine osc files. The Site Monitor addon will help you do this, and you must use it. If you experience difficulties installing it, ask in the contribution thread for that addon. Note the hacked files didn't make the keywords, they are just symptom of being hacked as is the presence of other files that should not be in the images directory. The hacker did it using the insecurity of your site, and it will remain insecure so long as 1) there are hacker files in it and 2) the necessary measures to secure osc haven't been taken.

 

 

Ben thank you very much for this information. I will get working on it. Have a Happy New Year!

 

Rob