You are not logged in.
So I've been having a problem for a while. I kept thinking that someone was hacking into my FTP and deleting photos from one of my websites. Absolutely tearing my hair out. Why would someone only delete images? I changed my password, talked with bh support...nothing.
Today, it happened again. I was scouring the access logs, and came across a bot that accessed the extended file manager plugin folder. Curious, I copied the url over into my browser and imagine my surprise when I was looking at my images in thumbnail form (as it looks when using extended file manager). Just to see, I clicked on the trashcan button and the image was deleted from my images folder.
I like using extended file manager so i can upload documents. how do i make it so mr joe blow (or joe bot) can't open up the folder and delete my images?
Offline
Ok, so the only thing I could do was use my user authentication method to restrict that page to only those who are logged in. This mysterious disappearance of photos occurs every couple of days, so I'll post back on sunday.
Offline
oh, just in case anyone else wants to test this, type:
http://www.yoururl.com/xinha/plugins/Ex … =thumbview
Offline
so far so good. looks like the problem was the hole in the extended file manager plugin...
Offline
i used a session for user recoganizing in backend.php . now its ok ..with out user session it wont show anything ...
Offline