Thank you Joachim! I'll do that as soon as I can. I do have more than 2 members hehe. Its just that we have only heard of this issue from 2 members though. I'm sending out a notice today to see if this has happened to anyone else though.
One thing I noticed, the userpics folders and files were 777. Would that probably be how the hacker did it? If it was hacked anyway.
Though the reason I had them that way was, if I set the folders to 755 people get an uploading error when they try to upload. It will say "Impossible to move." I set them that way a long time ago, that is why I just remembered.
Is there anyway to set them to 755 without getting an upload error? My web host said I needed to find a way to make them 755 because they think it is a big security hazard.
I followed the upload error instructions here:
http://coppermine-gallery.net/demo/cpg14x/docs/index.htm#upload_troubleThe debug message below is what I got. I'm not sure if I should make this a new thread, but I'm thinking it may be related to how I got hacked, so thats why I posted it here. Just let me know if I need to make a new thread.
I also made you an account like the upload error instructions said to do:
Username: coppermine
Password: coppermine123
Debug Message:
...............................................................
Selected album does not exist or you don't have permission to upload in this album
File: /hsphere/local/home/socuteanime/pixprincess.com/cg/db_input.php - Line: 299
USER:
------------------
Array
(
[ID] => 7ee799f7ec7e3501058ec34e8caddc56
[am] => 1
[lang] => english
[liv] => Array
(
- => 4934
[1] => 6306
[2] => 6311
[3] => 6372
[4] => 6312
)
[lap] => 3
)
==========================
USER DATA:
------------------
Array
(
[user_id] => 1441
[user_name] => baby22
[groups] => Array
(
)
[disk_max] => 30720
[disk_min] => 30720
[can_rate_pictures] => 0
[can_send_ecards] => 0
[ufc_max] => 0
[ufc_min] => 0
[custom_user_upload] => 0
[num_file_upload] => 1
[num_URI_upload] => 0
[can_post_comments] => 0
[can_upload_pictures] => 1
[can_create_albums] => 1
[has_admin_access] => 0
[pub_upl_need_approval] => 0
[priv_upl_need_approval] => 0
[group_name] => Registered
[upload_form_config] => 0
[group_quota] => 30720
[can_see_all_albums] => 0
[group_id] => 2
)
==========================
Queries:
------------------
Array
(
- => SELECT extension, mime, content, player FROM cpg14x_filetypes; (0.001s)
[1] => select * from cpg14x_plugins order by priority asc; (0s)
[2] => delete from `socutea_pixie`.cpg14x_sessions where time<1264546826 and remember=0; (0.017s)
[3] => delete from `socutea_pixie`.cpg14x_sessions where time<1263340826; (0.011s)
[4] => select user_id from `socutea_pixie`.cpg14x_sessions where session_id = 'b343f262e97e1fa579872c941debd7b6' (0.001s)
[5] => select user_id as id, user_password as password from `socutea_pixie`.cpg14x_users where user_id=1441 (0.001s)
[6] => SELECT u.user_id AS id, u.user_name AS username, u.user_password AS password, u.user_group+100 AS group_id FROM `socutea_pixie`.cpg14x_users AS u INNER JOIN `socutea_pixie`.cpg14x_usergroups AS g ON u.user_group=g.group_id WHERE u.user_id='1441' (0.004s)
[7] => SELECT user_group_list FROM `socutea_pixie`.cpg14x_users AS u WHERE user_id='1441' and user_group_list <> ''; (0.002s)
[8] => SELECT MAX(group_quota) as disk_max, MIN(group_quota) as disk_min, MAX(can_rate_pictures) as can_rate_pictures, MAX(can_send_ecards) as can_send_ecards, MAX(upload_form_config) as ufc_max, MIN(upload_form_config) as ufc_min, MAX(custom_user_upload) as custom_user_upload, MAX(num_file_upload) as num_file_upload, MAX(num_URI_upload) as num_URI_upload, MAX(can_post_comments) as can_post_comments, MAX(can_upload_pictures) as can_upload_pictures, MAX(can_create_albums) as can_create_albums, MAX(has_admin_access) as has_admin_access, MIN(pub_upl_need_approval) as pub_upl_need_approval, MIN( priv_upl_need_approval) as priv_upl_need_approval FROM cpg14x_usergroups WHERE group_id in (2) (0.003s)
[9] => SELECT group_name FROM cpg14x_usergroups WHERE group_id= 2 (0s)
[10] => update `socutea_pixie`.cpg14x_sessions set time='1264550426' where session_id = 'b343f262e97e1fa579872c941debd7b6' (0s)
[11] => SELECT user_favpics FROM cpg14x_favpics WHERE user_id = 1441 (0.005s)
[12] => DELETE FROM cpg14x_banned WHERE expiry < '2010-01-26 18:00:26' (0.004s)
[13] => SELECT * FROM cpg14x_banned WHERE (ip_addr='76.186.111.89' OR ip_addr='76.186.111.89' OR user_id=1441) AND brute_force=0 (0.001s)
[14] => SELECT aid FROM cpg14x_albums WHERE visibility != '0' AND visibility !='11441' AND visibility NOT IN (2) (0.001s)
[15] => SELECT category FROM cpg14x_albums WHERE aid='0' and (uploads = 'YES' OR category = '11441') (0.037s)
)
==========================
GET :
------------------
Array
(
)
==========================
POST :
------------------
Array
(
[album] =>
[MAX_FILE_SIZE] => 1048576
[title] => My Title
[caption] => Here is the description
[keywords] => These are my keywords
[event] => picture
)
==========================
Page generated in 0.191 seconds - 16 queries in 0.088 seconds - Album set : AND aid NOT IN (22,28,89,116,224,239,241,647,257,314,431,435,455,656,525,590,607,610,617,653,672) ; Meta set: ;