Posts by veneanar



    • This file can be served from anywhere (from any origin, not just your site's) and any subfolder and the file can be named however you would like. Just be sure to include the file with the correct path and filename. This file only affects Chrome; Safari and Firefox do not use a manifest.json for push notifications.

    So your template code should look like this:

    Please note, that you have to include your APPID in this template.

    Maybe you should implement an AbstractAction. Here is an (untested, on-the-fly written) example to get the title and the teaser from an article:

    Please consider, that everyone have access to your information. If you are using more "private" data, set $loginRequired to true and adjust $neededPermissions. In my example $neededPermissions could be:

    $neededPermissions = ['user.article.canReadArticle']

    I hope this helps.

    Thanks, I wrote a small script. I call it via ajax:

    $cronjobAction = new \wcf\data\cronjob\CronjobAction(array(), 'executeCronjobs');

    or should I call "wcf\action\BackgroundQueuePerformAction" ?

    I use the wcf behind an existing webapplication. (own templates, jscript etc.) So no Woltlab javascript is ever touched. How can I execute the backgroud jobs? During testing emails were not send (debug) but I find them in the wcf1_background_job table.

    you should take a look in your current dump and backup dumps. Check the wcf users table. Are there some (new?) users with admin or mod privileges? Also check your mysql.users table. If you find nothing you can use this dump/backup

    Your server is compromised. Someone infected your website with a PHP backdoor.

    Your strategy:
    -Contact your ISP, maybe your server (if you have one) is part of a botnet or sends spam.
    -Close all ports except SSH. Change your root password.
    -Save a sql dump and the wcf upload folder
    -If you have backups or tools like VEEAM, find a none compromised version and restore it.
    -Check your SQL Database for suspicious entrys (user, privileges ...)
    -Import your SQL dump and the useruploads
    -Hope that you didn't overlook something.
    -Change all your server passwords and maybe your private passwords.
    -reopen all ports and inform your users. They should also change their passwords.

    If you have webspace, some steps are different, but in general: Change everything, delete everything. If you loose some data, that's the price for getting hacked.

    After you have cleaned everything you should investigate who had access to your website/computer. Did you know that FileZila stores your login in plaintext? Do you share logins? Are your passwords weak? Do you have any malware on your PC?

    In the contract between you and the "proxy-company", you are the owner of the domain. But technically (not legally!) the proxy-company is the owner. This means, they can do what they want with your domain (for example redirecting it to another website). If this happens you have to contact the registrar (ICANN) and send them a copy of the contract. If you're lucky they will change the domain owner and you can undo everything. But I bet it is not as simple. You'll need a lawyer and a lot of time.

    So yes, legally you're the owner, but technically they can do what they want, because they are "officially" the owner.