XF 1.3 Server error

Maxxamillion

Active member
Logged in this evening and i got 'server error, please try again later'

I go to log in and it bring me to that message again

i typed in the admin page in the www bar and i get this

Code:
Server Error

Mysqli prepare error: Unknown column 'user.user_id' in 'where clause'

Zend_Db_Statement_Mysqli->_prepare() in Zend/Db/Statement.php at line 115
Zend_Db_Statement->__construct() in Zend/Db/Adapter/Mysqli.php at line 381
Zend_Db_Adapter_Mysqli->prepare() in Zend/Db/Adapter/Abstract.php at line 478
Zend_Db_Adapter_Abstract->query() in Zend/Db/Adapter/Abstract.php at line 753
Zend_Db_Adapter_Abstract->fetchRow() in XenForo/Model/User.php at line 427
XenForo_Model_User->getUserById() in XenForo/ControllerAdmin/Login.php at line 10
XenForo_ControllerAdmin_Login->actionForm() in XenForo/FrontController.php at line 347
XenForo_FrontController->dispatch() in XenForo/FrontController.php at line 134
XenForo_FrontController->run() in /home/thegamer/public_html/admin.php at line 13

any help please
 
It looks like the most fundamental column of the user table has been removed. You will almost certainly need to revert to a backup. The key would be attempting to identify what happened -- I basically couldn't guess as there's nothing in the system that would go near that.
 
just checked me xf_user table. this is the only user that shows

61794d4cbbb66816b50e2a471bf12cd0.png
 
You will need to contact your host, you appear to have been hacked.

You will need to restore from a backup and also identify how the hacker gained access and stop them from doing so again.
 
ok thank you and ive no idea how, i even installed the ACP firewall protection
Odds are you have a simple to guess password in use for either cPanel, your SSH login (if you are using a VPS/Dedi) or your normal forum account.
ACP firewall is OK, but I use 2 factor authentication for my administrative accounts on my forums, Keys and 2 factor authentication for my SSH logins and have NO panels in use, mySQL connections to the port are restricted to localhost and no FTP enabled.

In addition, if you are using any other scripts (WordPress, etc) one of the plugins may have a vulnerability.

Also, for future always perform a manual backup after you get your forum fully configured so that you have a base to go back to and then perform regular backups yourself. Not only of the DB but the forum structure itself.
 
Odds are you have a simple to guess password in use for either cPanel, your SSH login (if you are using a VPS/Dedi) or your normal forum account.
ACP firewall is OK, but I use 2 factor authentication for my administrative accounts on my forums, Keys and 2 factor authentication for my SSH logins and have NO panels in use, mySQL connections to the port are restricted to localhost and no FTP enabled.

In addition, if you are using any other scripts (WordPress, etc) one of the plugins may have a vulnerability.

Also, for future always perform a manual backup after you get your forum fully configured so that you have a base to go back to and then perform regular backups yourself. Not only of the DB but the forum structure itself.

Thanks yes i need to do all of the above to protect my site, my host is doing a full back up for me today so i shall get on it if it can all get sorted today that is
 
Make sure you change your passwords as soon as the restore is complete.
That applies to everything you have installed, including e.g. WordPress.
 
Thanks yes i need to do all of the above to protect my site, my host is doing a full back up for me today so i shall get on it if it can all get sorted today that is
I would not restore from a backup that is known to be hacked (so no real need for them to do a backup of your existing). Hopefully you had a backup from them already prior to the date this occurred?
 
Also, is this a VPS/dedi server or shared hosting? If VPS/dedi (and you are using Debian or Ubuntu) start a convo with me. I can probably help secure it down for you (using keys/2 factor for ssh login, etc).

EDIT: BTW, no fee required. Or you can contact me via my Skype contact in my profile.
 
Top Bottom