phpBB3 font sizes

Author Comment
User avatar

Posts: 825

A pal's board has "suddenly" become "in yer face" with large fonts - index pages ok but posts are huge - apparently following <quote> some "DOS Attack" which I had to get my IT company to resolve <unquote>. Why he hasn't got this same company to fix the fonts I've no idea. I have an admin account that I used a while back to sort some stuff for them.

http://hps.healthtec.co.uk/phpBB3/index.php

He has subsilver2 as default - this has large fonts, and he has prosilver which, when previewed, has small fonts

How can this change, and how can it be changed?

User avatar

Admin

Posts: 11073

The subsilver2 that is on it at the moment looks just standard.

A DOS attack will not affect anything other than performance. Either it was hacked and modified somehow (usually to add malware) and it was mis-defined or this is entirely unrelated.

I'm not clear. Are you pointing me at a board that looks just fine and the issue is with another style or are people having an issue with that style?

Have you performed:
  1. Pressed Ctrl+0 (zero) to reset your zoom level
  2. Hard refresh (Ctrl+F5)
  3. Cleared your cache

If the issue is with another style, could you please either let me see it or give me the style's directory name (only)?

User avatar

Posts: 825

The board looks fine until you click on any topic, at which point the text becomes large.

Yes I've performed 1,2 & 3

Most users are seeing the same symptoms, and below are the relative sizes

Image

Image


Incidentally, this error displayed at the top when viewing topics, not sure this is relevant though.

[phpBB Debug] PHP Notice: in file /viewtopic.php on line 988: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Europe/London' for 'BST/1.0/DST' instead
[phpBB Debug] PHP Notice: in file /viewtopic.php on line 988: getdate(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Europe/London' for 'BST/1.0/DST' instead

User avatar

Admin

Posts: 11073

I don't know if you realize topics cannot be viewed while logged-out.

I've done a diff check on your style.css with the original style.css from phpBB 3.0.8 and it is line for line identical.

It is worrying that there is a version 2.0.17 present and the version in use is 3.0.8. As the install is standard, the safest thing to have done would be remove the 2.x version completely and upgrade the 3.0.8 version to 3.0.12 by means of applying a completely fresh set of files. This is about 5-10 mins work and guarantees there is nothing malicious lurking in the files.

3.0.8 line 988
$now = getdate(time() + $user->timezone + $user->dst - date('Z'));

3.0.12 line has been updated to
$now = phpbb_gmgetdate(time() + $user->timezone + $user->dst);

I am more in the dark than you.

Firstly, a DOS attack did not do this.
Secondly, the version is old.
Thirdly, style.css is as original.

Conclusion: there is an issue elsewhere.

Fourthly, an error line is being produced. This suggests the PHP version has been upgraded to >=5.3. When did this happen? Does this happen to coincide with the "attack"?

Fifthly, two old versions are active and both are a security risk. 2.x should go. 3.0.12 could replace it in the subdomain root and be hooked-up to the data. Problem solved there, just move any attachments and avatars over and remove the phpbb3 directory. (It will also require a database upgrade.)

Requirements: Files access minimum. Either Founder access or database access would be helpful.

This is the safest and best thing to do and especially under the circumstances (if they are to be believed). If that does not resolve all issues, your data has been compromised.

User avatar

Posts: 825

Yes, I do understand posts cannot be viewed if logged out, it's a private forum.

I'll advise my pal that he needs some help :)

thanks

User avatar

Admin

Posts: 11073

Done a little nosing around... I presume this guy's initials are CP. The story gets worse as I found yet another phpbb 2.0.18 forum as the company's official forum and it is standard subsilver. 9 years old and completely out of keeping for his site, not to mention, yet another security risk. The guy needs help OK and not from those that have been helping him over the last decade at least!

User avatar

Posts: 825

Yep, that's him :)

I have Bcc'd you an email.

User avatar

Admin

Posts: 11073

Probably best to get him to send me a quick email to arrange a call. I'm hopping around today, so would need a little notice. (Say 10 mins to an hour.)

Display posts from previous:  Sort by  



Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group