Defaced cleaner!

[tinyblob]

just knocked up a very quick php script which deletes our lovely new friends defacement comments.

it's simply:

PHP Code:

require("includes/pixelpost.php");
require("includes/functions.php");
start_mysql();
$query = sql_query("DELETE FROM ".$pixelpost_db_prefix."comments WHERE message LIKE '%defaced%'"); 


which deletes comments including the word defaced.

find it attached, download it, unzip it, upload it, and navigate to the file with your web browser. you'll just get a blank page, but it should have done the job.

i've knocked this out reallllly quick because i'm at work, and have better things to do. so if it screws up your comments, unlucky. it worked for me

[sentinel]

adding words like "javascript" or "META" might help too, cause this two words are imho the "main problem"

[tinyblob]

this is a file that should be run once, and deleted. adding more words doesn't actually matter, assuming the comment contains the word "defaced" it's going to delete it. if the comment doesn't contain "defaced" it's trivial to open this script in notepad and substitute another word

[sentinel]

ahm true
*moving back to the edge he came from*

[tinyblob]

you are right though, those are the more pertinent parts to check for.
it's just that this is intended to clean one specific issue, not check for potential ones

[raminia+]

To prevent further attacks try this provieded by blinking8s. I'm testing it on my photoblog now... works for me.
Replace the file includes/functions.php with this modified file function.php.

the patch is for pixelpost 1.5 Beta and 1.4.3. Please download the file according to your photoblog versiona and test it please.

[eon]

That's cool, thank's!

[blinking8s+]

the patch ramin provided isnt our final solution...so please stay tuned for an announcement

[raminia+]

maybe

PHP Code:

$query = sql_query("DELETE FROM ".$pixelpost_db_prefix."comments WHERE message LIKE '%<META%'"); 


would be better