OpenCart Community

There is an issue with my PHP code. My hosting company as said to re-install the opencart plugin. how do i do that?

Sounds like they are trying to tell you to either re-install opencart or one of the modules you added.
What is the error you are getting?

Mike

this is part of the error log. it is actually too long to post but this is mosty of it because it keeps repeating.


[03-Feb-2014 17:29:29] PHP Notice: Undefined variable: registry in /home/baysixus/public_html/ecc/lib/D.opencart.php on line 76
[03-Feb-2014 17:29:30] PHP Notice: Undefined variable: SelectedOrders in /home/baysixus/public_html/ecc/lib/D.WgCommon.php on line 69
[03-Feb-2014 17:29:30] PHP Warning: Invalid argument supplied for foreach() in /home/baysixus/public_html/ecc/lib/D.opencart.php on line 1609
[03-Feb-2014 17:29:30] PHP Warning: Attempt to assign property of non-object in /home/baysixus/public_html/ecc/lib/D.opencart.php on line 2490
[03-Feb-2014 17:29:30] PHP Warning: Attempt to assign property of non-object in /home/baysixus/public_html/ecc/lib/D.opencart.php on line 2490
[03-Feb-2014 17:29:30] PHP Notice: Undefined index: currency in /home/baysixus/public_html/ecc/lib/D.opencart.php on line 1736
[03-Feb-2014 17:29:30] PHP Notice: Undefined index: Last4Digits in /home/baysixus/public_html/ecc/lib/D.opencart.php on line 1843
[03-Feb-2014 17:29:30] PHP Notice: Undefined index: name in /home/baysixus/public_html/ecc/lib/D.opencart.php on line 1944
[03-Feb-2014 17:29:30] PHP Notice: Undefined index: currency in /home/baysixus/public_html/ecc/lib/D.opencart.php on line 2058
[03-Feb-2014 17:29:30] PHP Notice: Undefined index: value in /home/baysixus/public_html/ecc/lib/D.opencart.php on line 2058
[03-Feb-2014 17:29:30] PHP Notice: Undefined index: currency in /home/baysixus/public_html/ecc/lib/D.opencart.php on line 2054
[03-Feb-2014 17:29:30] PHP Notice: Undefined index: value in /home/baysixus/public_html/ecc/lib/D.opencart.php on line 2054
[03-Feb-2014 17:29:30] PHP Notice: Undefined index: currency in /home/baysixus/public_html/ecc/lib/D.opencart.php on line 2108
[03-Feb-2014 17:29:30] PHP Notice: Undefined index: value in /home/baysixus/public_html/ecc/lib/D.opencart.php on line 2108

There is no such file named D.opencart.php in Opencart!

Are you sure it's a standard OpenCart you are talking about here?

i use Version 1.5.1.3

[UPSHOT.-- The file relates to a known source; the file may be an executable attack (infected); the file's name may be used for another kind of hacking file entirely. Post 1/3 (present), how it first appeared and may still be problematical; post 2/3 (next) how it appeared when source of file or at least its name was found; post 3/3 (then next) how to get rid of it.]

Version? [You put up 1.5.1.3 meanwhile.] Theme? Extensions? Even bizarre themes and extensions don't show a tree that is outside OC -- /ecc/lib/ itself is not part of OC, let alone D.opencart.php, whose combination indicates likelihood of hacking. Do not try to address or execute D.opencart.php in your browser.

[NOTE that while the file is at least 2,490 lines long the counterpart on github, next post, is only 2,424 lines long including the final ?> line. Code of known executable malicious files whose extensions were nameshifted would readily fit in 66 lines. See http://forum.opencart.com/viewtopic.php ... +php+shift at http://forum.opencart.com/viewtopic.php ... 60#p453513. The file might well be infected or its name used for another file entirely, even if the name or file originally came from somewhere known for innocence. DO NOT address and fire the file.]

If you did not put it there, and you seem not to have put it there, then get rid of it. If that tree is 777 on a typical Stateside server whose permissions should be 755/644 and whose ownerships are intended to thwart 777, you may be able to reset and remove it using FileZilla Client or similar, or using putty.exe if you are allowed and know how, but you may need to ask that support have the system administrator get rid of it. Look at your /download/ files for anything that you did not put there -- there should be a zero-byte index.html, hashed names of any files you did upload through admin, and nothing else. If you see any files with route, jpg, or php in their names (often with gibberish which seems hashed properly but is not), then get rid of them. Look through your trees for files you do not recognize, especially oddly named or somehow just too cozy that don't belong, such as grocery.php and default.php (instances of actual hacking consoles more powerful and vicious than phpMyAdmin).

Some of the errors seem to display what may be incompetently attempted invasions, such as "Undefined index: Last4Digits". At least those few do not show 64-bit decryption calls. The file is more than 2,490 lines long (the last would close, as ?>). That puts the file into the size range of some particularly malicious executable files.

[HOWEVER, it is spewing errors because some or most of it is MISSING, see next two posts.]

(1) Well, we now have another candidate for world's most useless web search:
Google asked for D.opencart.php web-wide gives web-wide "About 3,080,000 results (0.35 seconds)" at
https://www.google.com/search?q=D.openc ... =firefox-a

But we have a backup plan:
Google asked for "D.opencart.php" WITH the quotation marks gives web-wide "4 results (0.36 seconds)" at
https://www.google.com/search?q=D.openc ... S:official

This (present) thread is first.

https://github.com/censam/open_cart/blo ... encart.php
has open_cart / ecc / lib / D.opencart.php 2424 lines (1907 sloc) 75.273 kb
indicated as "add admin product image" two years ago
along with three other files of the same kind two years ago
authored by censam

https://github.com/censam/open_cart/blo ... encart.php
has / ecc / opencart.php 169 lines (146 sloc) 4.998 kb
authored by censam

https://github.com/censam/open_cart/tree/master/ecc/lib
has open_cart / ecc / lib / D.opencart.php
indicated as "add admin product image" two years ago
along with three other files of the same kind two years ago
authored by censam

(2) We might ask, what is an off-the-wall D.* file doing inside YOUR installation of OC? It is two years old according to github but is three years old according to its own innards, and never was actually part of OC. It seems from github to be intended as an "ecc" controller extension. It occurs in two distinctively different sizes.

File last updated: 06/22/2011
eCC Desktop Version : v3.0
eCC Mobile Versions : 1.3
Compitable Version : 1.4.3 to 1.5.1.3

(3) Burrowing brings up:
eCC Service Module Installation Guidelines
http://support.webgility.com/ecc/v3help ... n_cart.htm
is superseded by
https://help.webgility.com/hc/en-us
But http://www.webgility.com/ecc/pricing.php leads to
Shipping integration with FedEx, UPS, Endicia, Stamps.com and Express1
Product and inventory sync

(4) It apparently requires paying a monthly subscription before it does whatever it does. Nice to know that it is Compitable. It is, of course, perfectly serious stuff: http://www.webgility.com/company/about.php . . . although terms, http://www.webgility.com/terms_and_conditions.php, beg the mind to wonder: "The Terms of Service and the relationship between you and Webgility shall be governed by the laws of the State of California without regard to its conflict of law provisions. You and Webgility agree to submit to the personal and exclusive jurisdiction of the courts located within the state of Arizona." That would suffice to cause me to decide to get rid of it on the spot.

In order to stop the errors it must be fully disabled. See what the /vqmod/logs/ say, as well. Something is trying to summon it, it tries to fire, it spews errors. Simply deleting that ecc tree will probably not suffice.

You'll need to look through your /ecc/ tree to see what is in it, then through your /admin/ and /catalog/ trees for anything similarly named in order to "red-tag" all of them for summary expungement, whether by renaming or deleting all of them. You can archive all of that on your own machine, but you might as well get rid of it on the server.

You'll also need to prune the logs that accumulate the thrown errors, before the logs exceed 1 gigabyte each. Sooner or later they will either clog your disc space and alarm support, or escape the production box and cabinet, leave the room and building, and alarm the police.