Description
Sometimes if your shop was compromised once hacker can leave behind a 'back door' script in your admin panel that will allow a repeated attack. It's highly dangerous and hard to track down.
Extract 'common_functions.php' in 'includes' folder of your shop replacing existing file. Please do not forget to make a backup copy of the current file in case something goes wrong.
Webbia
28 Apr 2013 4:29 PM
If you, just like me, want to add this patch to a previous version, I can report that the only difference that I can find in this file compared to the default one is that the content of the function eval_php_code has been commented out, like this:
function eval_php_code(&$block_body)
{
/* NOTE: this code is a potential security threat as it allows to run any scripts from admin panel
if (preg_match_all("/(<\?php|<\?)(.*)\?>/Uis", $block_body, $matches)) {
for ($p = 0; $p < sizeof($matches[0]); $p++) {
ob_start();
eval($matches[2][$p]);
$output = ob_get_contents();
ob_end_clean();
$block_body = str_replace($matches[0][$p], $output, $block_body);
}
}//*/
}
