AutoDirector forum

Hi Craig,
Have been busy setting up client sites, adding users, everything hunky dory, last night at 01:24 I get a mail from myself? while I was tucked up in bed, to say "This is a test email from the AutoDirector setup. AutoDirector email facilities are functioning correctly"
Now I cannot access anything using any of the log ins created including my own. I get a "The user ID and/or password you entered is not authorised to use this system. Please try again."
This is a disaster for me as I put a lot of work into setting up these sites so far, is there any way to recover access and have you any idea what has ocurred?
Thanks

BTW, no one else has used the system, only me, the clients have no acess yet.

Hello Allan,

Sorry to hear about your problem.

It sounds to me as though someone has run the AutoDirector setup.php again. That will wipe your database and send you the email as you describe. We recommend setup.php is deleted following a successful installation (see step 5 of !install.html). If you can log in with "[email protected]" and "super" that's definitely what's occurred. However, it's also possible the person who ran setup.php has logged in and removed or changed the administrator account. In that case, you'll need to run setup.php again.

First, I'd suggest you check your server logs to find the time, IP address, and user agent of the person who accessed the page. It might help you prove who's run it. It would certainly be someone with AutoDirector knowledge.

Next - before you do anything else - make a copy of your AutoDirector data folder. Although the information has been removed from the database, all the content (vehicle.js) and photos (pics folder) should still be available. You could copy/paste it back into the system. However, I'd suggest making a .CSV file (Excel will help) and using the import wizard - you'll then have a backup should anything go wrong.

Finally, once you're setup again, I'd recommend backing up your MySQL database (cpanel and phpMyadmin offer that facility), copying your data folder, and securing AutoDirector using the installation instructions.

Sorry it's happened - I hope someone hacked you accidentally rather than maliciously. I can't stress the importance of backups more strongly - it's only when something like this occurs you realise how important they are.

I hope that helps. Let us know what you find out.

Is there any quick way (easy) of importing the content as I can still see the databases of the sites I created in the 'data' folder?

I can't find out who accessed the site at the time, the only access was googlebot at the same time.

also a file has appeared in one of the sites folders, maybe you will know what it is/means:

<?php
if ($_GET['randomId'] != "JCr56RI_18hwD9mDsbK2Vfbk8f3mLsydcPZ81H8s8qSD1VRb9OkVe3OVlmq8ILvD") {
echo "Access Denied";
exit();
}

// display the HTML code:
echo stripslashes($_POST['wproPreviewHTML']);

?>

I don't understand how the GoogleBot could have run setup.php - unless you were linking to it from somewhere?

The file you mention appears to have something to do with ZenCart. Do you have that and AutoDirector installed in the same place? I'd recommend they're separated - perhaps something in ZenCart caused AutoDirector files to be submitted to Google? That's quite bizarre though.

Finally, I'm afraid there's no quick way to import the data back into AutoDirector using the cached data files - they're not really intended for that purpose. All I can suggest is that you automate the process as much as possible using Excel or search/replace in a text editor.