Hi charter !

I've had two surprises with phpdig, today..
first, i wasn't gone in admin part since 2 or 3 weeks, and i found 4 others sites which was crawled by my phpdig.. but I never view those sites !! and i'm asking how could that happen ?

and some bugs in the spider.php, and i can't imagine where it comes from, because i didn't change anything neither php version, or mysql server ! ?

here are the output :

SITE : http://umvf.cochin.univ-paris5.fr/
Chemins exclus :
- @NONE@
- forum/
- e-formation/

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /usr/local/apache/htdocs/recherche/admin/spider.php on line 252

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /usr/local/apache/htdocs/recherche/admin/spider.php on line 541

Warning: mysql_free_result(): supplied argument is not a valid MySQL result resource in /usr/local/apache/htdocs/recherche/admin/spider.php on line 542
Pas de liens dans la table temporaire

liens trouvés : 0
...A été indexé récemment
Optimizing tables...
Indexation terminée !


But it has not been indexed recently.. ! not since 3 weeks at last !

I know you addressed your comments to Charter, but I hope you don't mind if I add my 2 cents to this. ;)

You can verify when your site was last spidered by going to your phpdig database, the table called spider, and look at both the upate and last_modified date fields. If you're certain that neither you nor any other authorized individual has re-spidered your site in the last 2 or 3 weeks, I would change the admin username and password [and surely you didn't leave those with the default values of admin - admin?]. While you're at it, make those "strong" - i.e., names that don't spell anything and are a combination of letters and numbers.

Your problem also brings to mind something that would be a nice-to-have with phpdig. I know that when I logon to my website's control panel, I get a message telling me the last IP address that accessed it. I'd like to see something like that in phpdig. That way, you'd have some assurance that an unauthorized person hadn't been in your admin pages.

you're very welcome, vynil-junkie.. i've adressed my post to charter because i usually speak with him here, when i've got a problem !

Hmm.. in fact, it's protected with a good password, only 8 characters but letters, numbers, no meanings...
So i really wondering how someone could get in to put some other sites in the admin..?
i've already asked the only one other who have the passwords.. but he doesn't do this !

Hi. Check to make sure this (http://www.phpdig.net/showthread.php?threadid=565) patch has been applied. Also, perhaps try emptying the tempspider table between runs. If using PhpDig version 1.8.0+ you can click the delete button without selecting a site to empty the tempspider table. As for the MySQL warnings, check all the PhpDig files for code like the following:

if (!get_magic_quotes_runtime()) {
$varname = addslashes($varname);
}

And replace with the following to make sure stuff gets slashed:

$varname = addslashes(stripslashes($varname));

hmm, ok my tempspider table was crashed ! after a repair, it quite cool !

I've applied the patch, but it's not exactly the same code u gave :

}
else {
//include "$relative_script_path/libs/auth.php";
$run_mode = 'http';
$br = "<br />\n";
$hr = "<hr />\n";
$s_yes = "<img src='yes.gif' width='10' height='10' border='0' align='middle' alt='' />";
$s_no = "<img src='no.gif' width='10' height='10' border='0' align='middle' alt='' />";
$s_link = " <a href='@url' target='_blank'>@url</a> ";
$relative_script_path = '..';
}
include "$relative_script_path/includes/config.php";
include "$relative_script_path/libs/auth.php";
include "$relative_script_path/admin/robot_functions.php";
include "$relative_script_path/admin/debug_functions.php";

// header of page



Other point, i have searched in all files in my folder phpdig, and did not found the following :
if (!get_magic_quotes_runtime()) {
$varname = addslashes($varname);
}


is it normal ?

anyway, thanks for help, again !

Hi. Search for get_magic_quotes_runtime in the files. If you don't have get_magic_quotes_runtime in any files, just download version 1.8.0 and search for get_magic_quotes_runtime to find where to add to your version.