FOR ADMIN: URGENT: Code modification for dolphin?

THIS MESSAGE IS FOR THE ADMIN/PEOPLE WHO CODE DOLPHIN:

Hi, I host my dolphin sites at kiosk.ws and due to a recent hacker attack on their server, relating to unsecure wordpress blogs they have disabled some php functions, and now my dolphin script is not working.

First of all my cron jobs are now producing these two error emails:

Warning: set_time_limit() has been disabled for security reasons in /home/juliepot/public_html/periodic/cupid.php on line 27

and this one:

Warning: require_once([path_to]inc/header.inc.php): failed to open stream:
No such file or directory in /home/freemc/public_html/periodic/notifies.php
on line 21

Fatal error: require_once(): Failed opening required
'[path_to]inc/header.inc.php'
(include_path='.:/usr/lib/php:/usr/local/lib/php') in
/home/freemc/public_html/periodic/notifies.php on line 21

My host has said this:

There was a virus attack on our servers and hence we have stepped up security. For that we have disabled some php functions on the server. As the scripts executed through cronjob take value of varialbles from global php.ini only we cannot enable the function for your scripts.
Please ask the developer of your scripts to make changes such that the disabled functions are not used.

I am receiving over 2000 of these error message emails every day now and its tiring me out.

Basically its the cupid.php cron and notifies.php cron

Is there any way you guys can help out with a fix for this?  I am relucatnt to move hots for various reasons, but they did it because of a security issue.

Some hacker had managed to upload malicious iframe code into the index.php files of dolphin, and my wordpress blogs, as well as add an index.html with the same code, so this does need addressing.

Here is some information, in an email from my host provider, all about this issue, remember it affected BOTH my wordpress blogs AND the Boonex script, so this does need addressing asap.  The wordpress recent update(made yesterday for this issue) fixes the issue, so I am guessing it is a quick fix.

Here is the information from my host:

http://storage.joelthieren.com/wordpress/

Hope you guys can help me out on this!  Wordpress version 2.8.6 FIXES this issue.

Thanks

shaun

Hello!

First of all - strange post reason - hackers broke ur Wordpress but need to repair Dolphin...

Second - seems periodic/cupid.php file was got from uninstall Dolphin because working package doesn't contain [path_to] code (it is replaced during installation on ur correct server way).

Try to repalce it for example on /home/juliepot/public_html.

Regard

What I meant was that Dolphin has a vulnerability.

The vulnerability affected wordpress blogs, so wordpress made a fix for it (version 2.8.6).

I know Dolphin has the same vulnerability because each time my wordpress blog got hit, both my dolphin installs got attacked too.

So Dolphin could do with a fix.

Thanks for your reply, I'm not sure I fully follow the reply (sorry), but I think you are telling me to re-upload some of those files, which I will now try.  Thanks

Shaun

1.  Get a new host.  If your host is such an idiot that that they are telling you that Boonex has to rewrite an entire script to satisfy them, then they need to grow a brain.

2.  From what you posted, your saying that wordpress got hacked.  Now, wordpress & dolphin are 2 totally and completely seperate programs.  While they both utilize php/sql, that is about the limit of what they share in common.  Just because your host took a hit on a site with a wordpress blog does not mean that Dolphin was at fault for this.  (For those who are wondering what I'm talking about, read his post directly above this)

3.  From what you've posted your host does not want to run cron jobs because they take up server resources.  This makes your host a complete and total idiot in saying that because a wordpress blog had a virus inside of it's cron jobs that no cron jobs will run.  Again, get a new host and move the site over to them, this host is a friggin idiot who needs to grow a brain and learn how to properly secure a server instead of trying to play god and tell the site owners what they can and can't run.

 4.  To say there was a virus attack and not tell what the attack was does no good in fixing it.  That's like telling a mechanic you need your car fixed and then refusing to let him see the car to figure out what's wrong with it. 

WOW!!! I am not sure how to react to this.

I too have been getting errors when the cron jobs run. I cam here to see if anyone else was having the same issues.

I too use Kiosk now known as GVO as a hosting provider, plus I also gave a hosting account with a totally different hosting company as well.

Both hosting providers have made changes to their server security,because someone figured out a way of attacking servers via WordPress.

Now I have my own views with both the hosting providers that I use, after all we do not live in a perfect world. However I would like to think that I am a professional enough to get my point acrossed without having to resort to berating others and resorting to name calling.

I really like the Boonex Community Builder software and have spent the last several days getting familiar with it.

I was very excited and my mind was racing with all the things that can be done with it and my mind has been racing just thinking of it.

I still love the software, but if this reply is the kind of treatment and behavior that I can expect when I have a question or a problem. Then maybe I should consider looking for different software provided by a company that behaves in a little more of a professional manner.

I usually don't stick my nose into things, except in this case it was the same issue that I was looking for help with so that I can get the script working properly with BOTH of my hosting providers.

All I can say at this point I'm glad that I wasn't the one who made the original post on this subject. I would have hated to be the one that was treated the way that the original poser was treated, simply because they were having a problem and asked for assistance.

Hi just thought id point out....

1.4 BoonEx Unity Administration does not necessarily endorse, support, sanction, encourage, verify, or agree with the comments, opinions, or statements posted on forums, blogs or otherwise contained in the Unity.

http://www.boonex.com/unity/blog/entry/BoonEx_Unity_Constitution_Draft_1_

not everyone here is so opinionated, if you do have a problem that needs resolving open up a new thread many of us will be happy to try and help you.

Well i for one dont think the other posters really read the original post, it clearly stated that this host got hacked because of some wordpress venerability, so they decided to stop some functions on its server which then effected the use of dolphin working properly, some people on here like to voice their opinions just to come across smart and clever, (read arrogant) and that doesn't help people much. I agree with trusted on this, and i have to say what is wrong with you people on here. Shaun i can only imagine the panic you must be in if your site is now not working as it should, but realistically, i dont think you will get Boonex to alter its code in this busy time of the early RC and all the work they must have on at that moment. The best advice really is to change your host for somebody a bit more robust and tech savay who know how to prevent these things without limiting its servers.

hello, change provider request a refund
1) Always ask a web host by email if it supports dolphin
2) keep the email as evidence
3) request a refund on the day he no longer supports the dolphins

I myself have had to change hosts due to them disabling PHP functions. Your problem lies on the version of Dolphin you are still running. Most new developments are on Dolphin 7 now, which only uses 1 cron job for everything. Not saying this version will solve your problems, but the future of Dolphin is in version 7. I do not see where they will go back versions to recode specifically for someone who's host decided to disable php functions.

Althought the responses may have seemed harsh and direct, in the end they were true. Also, you never stated if you run a Dolphin site or Wordpress site with dolphin somehow integrated.

Either way, If your host has disabled functions that allow you to run Dolphin, I would suggest looking for another host.

Chris

Thanks to everyone who gave their opinion, aggressively, nasty and decent and honest....

I went with Arvixe hosting in the end and they have been very good in helping me out.

In fact they've taken several hours trying to reinstall the old 6.1.4 for me and reintegrating the databse (almost there) then its going to be a case of patching and ultimately migrating to 7.

At least some of you understood what I was trying to say.

 Noone in this thread was rude, agressive or berating towards you.  I called your host an idiot.  Go back and read it again and again and again.  If you like, I'll be happy to get you a copy of Hooked on Phonics so you can begin to comprehend the difference between the words "you're" and "your" (*please note the apostrophe re in the first version, as that is where the huge difference lies.)

Now, I'm going to call you and IDIOT for thinking that people are being harsh/rude to you when they offered you sound advice. 

And Kosmic, I strongly suggest you learn how to read.  Noone was rude to him.  Of course, it is like you to try and make something out of nothing.  Here's a suggestion for you.  Next time, try to actually offer a solution instead of a useless, uncomprehending, ignorant opinion that serves no purpose beyond trying to flame others. 

Of course, what else could we expect from a leech who just browses through looking for things and never contributes. 

Still stuck in your old Flaming Troll ways i see Mydatery... you dont have the 'resident A hole status' for nothing....you've earned it well.

Actually Mydatery, Kosmic has contributed significantly here - for one thing, she came up with a great method for changing installed directories during an upgrade, and several other things I found helpful.  I'm not sure why you would say something like that.

Rob

 And you Kosmic still have a problem comprehending multiple syllable words and complex sentences I see.  Perhaps we should see about getting you into a 12 step program for people addicted to their OCD medication and instead get you a copy of hooked on phonics also. 

Curious, did you accidentally slip your applicator into the wrong spot again?  I'm sure it's a real pain when that happens and then it rotates horizontal.

 Rob, Kosmic has been here twice as long as you and I, holds less than 15% of the post counts we hold, has very few blogs and actually she did not create that.  Rather, she paid another to create it and then passed it off as her own.  If Kosmic was actually anything more than a leech browsing the forums PM'ing people to pick up jobs then I might give her credit, but she showed her true colors long ago.  Beyond that, read the order of the posts, you'll note who started this with the false accusations of me flaming/berating/being rude or whatever to the OP. 

I'm going to make a suggestion to you:  Follow your own advice you have in regards to others in relations to this topic.

@Caltrade thanks dude

@Mydatery ....get a room with yourself, your a bore!

 Kosmic, get  a brain that has a clue of how to do more than change a background.  In the end we know your a fake and definitely not worthy of the pundit status you purchased.

Mydatery your a liar trying to flame me. Boring!

this is really entertaining it just keeps getting better and better

Hello guys!

Well, I'm locking this topic as I see some personal attacks here, which is strongly prohibited by Unity rules.
All of you are great helpers and BoonEx appreciates your efforts and contributions here on Unity.


Let's be friendlier to each other - there is no need to fight.

Thanks to all! Peace!