Saturday, Jul 31, 2010
Login

Posts Tagged ‘solution’

Nokia 5530 Malfunctions and Solutions

I was utterly worried when I found out the defects of my Nokia 5530. I thought the problems were due to the Malfunctions that could have occured in the OS during the course of time. The problem that i faced were :

  1. I couldn’t install any Apps neither from Nokia’s Ovi Store nor from the App Developer site.
  2. Every time I restart my phone (or the phone shuts down due to empty battery) the date and time is always changed to something in 2020s.
  3. I felt something inside my phone was moving. This isn’t related to the working of my phone, i know.
As I was a consistent user of my cellphone to watch videos on youtube, check my google mail, talk with friends etc, i was worried. I googled the solutions to my problems. But unfortunately, after trying all the methods that forums,Nokia Support Centre etc, suggested, I seeked my friend for advise. Mayur Mazumdar told me to shut down my phone by pressing the power key, and then remove the sim card. Luckily, this method worked. The apps installed correctly without any error message popping up and also my phone started to remember the time even when i removed the battery. The solution to my third problem was to stick the battery with masking tape and keep it in its place without moving.
Have some problems with your devices? Head over to our help Engine and ask our sophisticated bloggers about your problem.


WP Theme Editor error and its solution after upgrade from v2.8 to v2.9

We were down last night from about 11:30PM until today around 11AM. Somehow, some [censored] managed to add a link to my sidebar by inserting into the wp_links table for wordpress.

After thinking about it for a bit, I’m updating this post: The link was to www.snjpc.com. It’s an online casino site, and while I dislike giving them hits it seems worthwhile to say that they, or their hires, are doing this sort of blog cracking.

How they managed this, I am still trying to determine. The mysql logfiles

cd /var/log/mysql
mysqlbinlog *.0* | grep wp_links

show no inserts, the mysql instance is only available from localhost (firewalled to boot), and system logs look good. Checks for rootkits and similar are negative, firewall logs are clean, and I am puzzled. Props to this page for mysql tips.

One piece of evidence – they seem to have borked wordpress, probably on purpose – if you invoke the theme editor (or plugin editor) you get

Sorry, that file cannot be edited.

which is patently false. My working hypothesis is, for now, that someone managed to either inject an exploit into Debian’s wordpress package, or found a generic WordPress exploit. I am continuing to investigate and take various measures to prevent a reoccurence. This sucks.

Oh yeah, swapped themes for a while as part of the cleanup and diagnostics. Let me know what you think.

Update: Added paragraph naming snjpc.com

Update: A fresh download of WordPress 2.2.2 from Debian or wordpress.org produces the same result… interesting. So either the default WP is broken, or its a config file/database problem. Debugging continues…

Update: Looks like the problem is related to the list of files passed to thevalidate_file_to_edit function. It looks like the first file passed is the wp-config.php, which on Debian is a link to the system file in /etc/wordpress. Hmm, maybe that’s how they got the MySQL access information… You can hack around this by adding the following to theme-editor.php. Change this:

if (empty($file)) {
$file = $allowed_files[0];
}
$file = validate_file_to_edit($file, $allowed_files);

to the following. This overrides the file list that was passed in, so you have to change the index to match the file you want. Other than that, it totally fixes the problem. Hmm…

if (empty($file)) {
$file = $allowed_files[0];
}

$file = $allowed_files[3];

$file = validate_file_to_edit($file, $allowed_files);