 | |  | | | General Discussion General use discussion forum for PhotoPost products. | 
July 27th, 2007, 10:03 AM
|
#1 (permalink)
| | Member Verified Customer
Join Date: Apr 2005
Posts: 68
| Exploited! Now what?
Hi all,
Granted, It's my fault. I installed PhotoPost two years ago and haven't look at it since.
My host says my site was compromised using the upload function in PhotoPost.
Now, I need to upgrade but I don't even know what version I had. The exploit deleted my admin account so I can't log-in to my site. It's being restored.
I bought PhotoPost about the middle of 2005 and I need to get current. Can someone tell me what my upgrade path would/should be?
Thank you,
Layne
| 
|  | |
July 27th, 2007, 10:07 AM
|
#2 (permalink)
| | Photopost Developer Verified Customer
Join Date: Jun 2002 Location: Abingdon,MD
Posts: 71,653
|
I have never heard of any upload exploit through our program since we explicitly check filetypes but anyway your upgrade path is to download the latest of the code and upload everything except the config-inc.php file and run upgrade.php and select every upgrade you need till from your current version to the latest
| 
| | |
July 27th, 2007, 10:17 AM
|
#3 (permalink)
| | Member Verified Customer
Join Date: Apr 2005
Posts: 68
|
Sorry Chuck. I may have mis-spoke. Here's what they sent me. http://www.securityfocus.com/bid/20028/exploit
When I try to download the upgrade I get "No valid license type for this file." Do I need to buy something? If so, what? The $39 member renewal?
| |
| | |
July 27th, 2007, 10:29 AM
|
#4 (permalink)
| | Photopost Developer Verified Customer
Join Date: Jun 2002 Location: Abingdon,MD
Posts: 71,653
|
Yes just purchase the members renewal
| |
| | |
July 27th, 2007, 10:43 AM
|
#5 (permalink)
| | Member Verified Customer
Join Date: Apr 2005
Posts: 68
|
Thanks Chuck.
| |
| | |
July 27th, 2007, 11:01 AM
|
#6 (permalink)
| | Member Verified Customer
Join Date: Apr 2005
Posts: 68
| Quote:
Originally Posted by Chuck S  upload everything except the config-inc.php file | "config-inc.php.NEW" IS this the one I'm not supposed to upload? Thanks.
| |
| | |
July 27th, 2007, 11:37 AM
|
#7 (permalink)
| | PhotoPost Developer Verified Customer
Join Date: Jan 2002
Posts: 11,834
|
You would edit the contents and upload it as config-inc.php - we put .NEW onto the end to avoid unintentional overwrites of existing files.
__________________
Please do not PM me for support or sales questions. Thank you for your understanding. | |
| | |
July 27th, 2007, 11:39 AM
|
#8 (permalink)
| | Member Verified Customer
Join Date: Apr 2005
Posts: 68
|
Ahh, I see. Thank you.
| |
| | |
July 27th, 2007, 02:38 PM
|
#9 (permalink)
| | Member Verified Customer
Join Date: Apr 2005
Posts: 68
|
Okay, dumb question. When I drag all those files, except for the config ones, will that replace my existing photos? Or are the actual images and thumbs and stuff saved somewhere else? If so, where?
Thanks,
Layne
| |
| | |
July 27th, 2007, 03:07 PM
|
#10 (permalink)
| | Photopost Developer Verified Customer
Join Date: Jun 2002 Location: Abingdon,MD
Posts: 71,653
|
No that just updates your old files to the newer ones you still need to run the upgrade script. Upgrade documentation is in the documentation folder of the download
| |
| | |
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | | | | Thread Tools | | | | Display Modes | Rate This Thread |  Linear Mode | | 
Posting Rules
| You may not post new threads You may not post replies You may not post attachments You may not edit your posts
HTML code is Off
| | | All times are GMT -5. The time now is 06:16 PM. | |
