[Mokka]

Quote:

Originally Posted by arista

Next Time
Kirk
Make a thread.


I do with "fecking" in the Title

Followed by ... Hulk SMASH!!!

[kirklancaster]

Quote:

Originally Posted by arista

Next Time
Kirk
Make a thread.


I do with "fecking" in the Title

I will do - Thanks Arista.

[kirklancaster]

Quote:

Originally Posted by Mokka

Followed by ... Hulk SMASH!!!

How Nice.

[Maru]

Quote:

Originally Posted by Josy

I'll mention this to James.

But that specific script doesn't seem to be unsafe in fact it may be a script that stores data so possibly something to do with one of the ads servers.

Quote:

Originally Posted by arista

So Far, Josy

Its to do with ad servers on tibb
by the way

Josy is right, PHP files on their own cannot harm your machine. PHP is a general purpose language generally used with webservers. *.php files on their own are not binary (i.e. machine code) and cannot be executed on their own. They are just plaintext files that can be read as-is in a text editor. You can see this by opening the file in Notepad.

For .php files to be "executable" for the user, the user needs to have a server like Apache to be installed and running with a PHP preprocessor configured in order to "execute" the plain text aka output the code into HTML (a webpage). The code has to first be moved into the homepage's folder and then the browser pointed to that file through localhost. In other words, it's not straightforward. Even still, the code will probably error out because it's probably meant to be an "include" file and will only work as designed when served to the user with the other PHP files/libraries running on the server.

The user is never supposed to see PHP code on their end and all this is supposed to work invisibly. For it to be available to the user is actually damaging to their end because it could give hackers clues to other vulnerabilities in the code and give them a way in.

I know all this because I write PHP and do web-development for a living.

Likely, their server is misconfigured somehow (probably a missing handler) and will just mean a bad day for them. Could then be javascript they are using is somehow serving the file to the user as a download instead of being processed by the server as PHP code to the preprocessor. It's 100% harmless to you and at most, humorous to other developers.

[Maru]

Quote:

Originally Posted by kirklancaster

THANK YOU - It has happened to me 4 times this morning and I could not find anything about csmnx.php anywhere on Google.

I am no techno so I've been worried to hell.

I feel left out, I'm not getting this file on my computer ... I want into the download party. (I'm not using Adblock either.)

Are you guys using a different theme or something?