Here is what I fugure out:
1. I have installed a second copy of 4images on my server and tested the links and it seems that has NO effect.
2. Tested again my old site and I still got the same effect.
I thought that a template vatiable for some reason is not checked well so I downloaded the index.php from the new install and the index.php from my original site
then I used a program called K3DIFF to compare both files line by line thinking that the hacker may have exploited the site by modyfing the code for the index page. To my surprise the code of the index.php file is 1.7... and there were substantial differences with the newly installed index.php. this one is remakable:
on my origina site:
if (isset($HTTP_GET_VARS['template']) || isset($HTTP_POST_VARS['template'])) {
$template = (isset($HTTP_GET_VARS['template'])) ? stripslashes(trim($HTTP_GET_VARS['template'])) : stripslashes(trim($HTTP_POST_VARS['template']));
if (!file_exists(TEMPLATE_PATH."/".$template.".".$site_template->template_extension)) {
$template = "";
}
else {
$main_template = $template;
}
}
else {
$template = "";
}
and this is the index.php of the newly installed copy:
if (isset($HTTP_GET_VARS['template']) || isset($HTTP_POST_VARS['template'])) {
$template = (isset($HTTP_GET_VARS['template'])) ?get_basefile(stripslashes($HTTP_GET_VARS['template'])) : get_basefile(stripslashes($HTTP_POST_VARS['template']));
if (!file_exists(TEMPLATE_PATH."/".$template.".".$site_template->template_extension)) {
$template = "";
}
else {
$main_template = $template;
}
}
else {
$template = "";
}
note the : get_basefile
so im going to go ahead and reinstall the 4images hope that will solve the issue
ms