This page is safe <#FullProductName#>

diafol · 2014-05-25T10:07:32+00:00

You didn't put it there?!

aquilina 0 Newbie Poster · 2014-05-25T10:17:18+00:00

no i didnt ..its appear for admin/index.php but it didnt appear at my index.php.. since i got 2 different directory for different user index.php ..

here my admin/index.php

<?php session_start(); ?>
<?php ob_start(); ?>
<?php
include('header.php');
//Unset the variables stored in session
unset($_SESSION['id']);
?>
<body>

    <div class="row-fluid">
        <div class="span12">


            <div class="navbar navbar-fixed-top navbar-inverse">
                <div class="navbar-inner">
                    <div class="container">

                        <!-- .btn-navbar is used as the toggle for collapsed navbar content -->
                        <a class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse">
                            <span class="icon-bar"></span>
                            <span class="icon-bar"></span>
                            <span class="icon-bar"></span>
                        </a>

                        <!-- Be sure to leave the brand out there if you want it shown -->


                        <!-- Everything you want hidden at 940px or less, place within here -->



                        <div class="nav-collapse collapse">
                            <!-- .nav, .navbar-search, .navbar-form, etc -->


                        </div>

                    </div>
                </div>
            </div>

            <div class="hero-unit-header">
                <div class="container">
                    <div class="row-fluid">
                        <div class="span12">


                            <div class="row-fluid">
                                <div class="span6">
                                    <img src="images/head.png">
                                </div>
                                <div class="span6">

                                    <div class="pull-right">
                                        <i class="icon-calendar icon-large"></i>
                                        <?php
                                        $Today = date('y:m:d');
                                        $new = date('l, F d, Y', strtotime($Today));
                                        echo $new;
                                        ?>
                                    </div>
                                </div>
                            </div>
                        </div>
                    </div>

                </div>
            </div>

            <div class="container">
                <div class="row-fluid">
                       <div class="span6">
                    <div class="hero-unit-3">
                        <div class="alert alert-info">Mission</div>
                        <p>
                            mission

                        </p>
                    </div>
                    <div class="hero-unit-3">
                        <div class="alert alert-info">Vision</div>
                        <p>
                            Vision
                        </p>
                    </div>
                </div>
                    <div class="span6">

                        <div class="alert alert-info"><strong>Login</strong> Please Enter The Details Below</div>
                        <!-- login -->
                        <form class="form-horizontal" method="post">
                            <div class="control-group">
                                <label class="control-label" for="inputEmail">Username</label>
                                <div class="controls">
                                    <input type="text" name="username" id="inputEmail" placeholder="Username" required>
                                </div>
                            </div>
                            <div class="control-group">
                                <label class="control-label" for="inputPassword">Password</label>
                                <div class="controls">
                                    <input type="password" name="password" id="inputPassword" placeholder="Password" required>
                                </div>
                            </div>


                            <div class="control-group">
                                <div class="controls">
                                    <button type="submit" name="login" class="btn btn-info"><i class="icon-signin icon-large"></i>&nbsp;Sign in</button>
                                </div>
<br>
                                <?php
                                if (isset($_POST['login'])) {

                                    function clean($str) {
                                        $str = @trim($str);
                                        if (get_magic_quotes_gpc()) {
                                            $str = stripslashes($str);
                                        }
                                        return mysql_real_escape_string($str);
                                    }

                                    $username = clean($_POST['username']);
                                    $password = clean($_POST['password']);

                                    $query = mysql_query("select * from user where username='$username' and password='$password'") or die(mysql_error());
                                    $count = mysql_num_rows($query);
                                    $row = mysql_fetch_array($query);


                                    if ($count > 0) {
                                        session_start();
                                        session_regenerate_id();
                                        $_SESSION['id'] = $row['user_id'];
                                        header('location:home.php');
                                        session_write_close();
                                        exit();
                                    } else {
                                        session_write_close();
                                        ?>


                                        <div class="alert alert-danger"><i class="icon-remove-sign"></i>&nbsp;Access Denied</div>

                                        <?php

                                    }
                                }
                                ?>
                            </div>


                    </form>
                </div>
                   <?php include('footer_fixed.php'); ?>
            </div>

        </div>
    </div>
</div>

</body>
</html>

and my admin/footer_fixed.php

<div class="navbar navbar-fixed-bottom navbar-inverse">
    <div class="navbar-inner">
        <div class="footerindex">
            <center><img width="25" height="25" src="img/chmsc.png">&nbsp;Programmed by :-P</center>

            <div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
                <div class="modal-header">
                </div>
                <div class="modal-body">
                    <div class="alert alert-info">Are you Sure you Want to <strong>Logout</strong>?</div>
                </div>
                <div class="modal-footer">
                    <button class="btn" data-dismiss="modal" aria-hidden="true"><i class="icon-remove icon-large"></i>&nbsp;Close</button>
                    <a href="logout.php" class="btn btn-info"><i class="icon-signout icon-large"></i>&nbsp;Logout</a>
                </div>
            </div>
        </div>
    </div>
</div>
</div>

diafol · 2014-05-25T10:26:06+00:00

SO the question is, if you didn't put it there, either a rogue script did and you have a security hole somewhere in your code or your browser has been infected. Try the site on a different PC.

aquilina 0 Newbie Poster · 2014-05-25T10:33:54+00:00

so it mean that the current version of my firefox browser will detect the hole automatically? hmmm i see.. so nth can fix it?

iamthwee · 2014-05-25T10:49:49+00:00

Your website or your own machine has been compromised.

I would do an anti-virus scan to check for keyloggers and such. The actual website will need wiping back to a time your know it is clean, change your ftp passwords and login passwords. Also, check your plugins if you are using them.

aquilina 0 Newbie Poster · 2014-05-25T10:54:52+00:00

i checked my plugin already .. installed only basic plugin for browser.. keylogger? u mean the maybe theres a keylogger script in the code or? i think is website.. my machine is working fine.. since it appear on the website that i run..

JIJU_1 0 Newbie Poster · 2021-02-24T02:23:59+00:00

Remove this from header.php