Indexhibit Support

I have a strange issue that popped up today that Ive never seen. Every thing I try to do makes me login again. This is the order of my process:

Login to: domain.com/…
Click Create (get a window that asks me to login again, which I do)
Click Exhibit (get a window that asks me to login again, which I do)
name and add the exhibit,

This seems to just be the html for the login window again..... any thoughts?

Edited by Vaska

What is your site?

benmoren.com

Screen Shot of issue: i.imgur.com/…

The problem is one of two things...

1. your database or hosting account is out of space so it won't save to the db
2. you damaged a backend script that is causing an error so things won't save

Both of which would affect the cookie from being site.

Check on #1 first. If that's not the problem, what were you doing just before the problem started?

I wasn't doing anything... seems super strange, I have dreamhost so likely a space issue is not the cause, as I have 'unlimited'. What scripts should I investigate as a starting place?

is there a way that I could do a false upgrade to try to solve the broken script problem. IE, perform the update procedure but just use the same (most recent) version?

Did you reupload the /ndxzstudio/ folder?

I didnt yet, but I will if that seems like a good plan.....

Ok so clearly this is the problem.....

hacked! - imageshack.us/scaled/landing/818/…

Ok, let the digging begin......

that would be a backend script that is messed up.

check your .htaccess and all index.php files (throughout your site) for any odd code - usually javascript at the beginning or end of the files.

Got it sorted,
was a Pharma Hack on a Wordpress install and the root .htaccess file was redirecting to a hidden php file in the wp-includes>images>images.php

was a base64() file that added in the spams,

can someone double check benmoren.com/projects/monster-drawing-rally-2012/ to confirm the removal.

I added a new project, so it seems to be all working

here is a link to more info on the hack: blog.sucuri.net/2010/07/…

as far as I know this should not effect Indexhibit users unless they have Wordpress installs commingled with their indexhibit installs like I do.

yes, it could affect indexhibit. it could affect anything on your server. that's just how these things work...

i'm happy to hear you are working through this. it was a bit strange and i could have suggested that you were hacked earlier but i didn't see any evidence to suggest it at that point.

;)