Our site got hacked also. It seems for me, in our case, the best solution is to re-install the site. The database looks OK with the right number of posts and topic, etc. The area of concerns is the user password and login keys.
1) How can I tell from the members table who has access to the control panel. There should be only 2 of us. (note we only have ~700 users in total)
2) I would also like to forced every user coming back to re-enter their passwords. I would image I would need to wipe out the Member_Login_key field. Set to blanks, null??
3) Is there a way to force a password change by all members?
Also the conf_global.php has permissions of 666. Everything else is 744 or 644. Which is correct? I also imagine that the database userid and password have been exposed?
I have a few questions that I need some help with. I recently changed hosts and had IPB upgrade my forum to 3.3.3. I am running a custom skin, which has a 3.3.3 version; the developer updated that as well for me.
1) I noticed in 3.3.3 "add a note" in a member's profile has been removed:
You are still able to view past notes. We used adding notes a lot on our forum - can I re-add this functionality? If not, are there similar alternatives?
2) There is a rank that can access adminCP on my forums (these are the people using the notes). However, since the 3.3.3 upgrade every time they attempt to access the existing notes they are greeted with the following:
I thought there might have been something broken with their permissions for adminCP, and I went into the restriction for their account level and the permissions are still set for them to access the existing warnings:
Any ideas what might be causing this issue?
3) Several of my users complained after the 3.3.3 upgrade that even after they viewed a topic, the forum still viewed it as unread. I verified this myself, and it remains the same after clearing cache/history/cookies, etc.
I thought it may be a issue with the skin, but my base IPB 3.3.3 skin does the same.