SitePoint Sponsor

User Tag List

Results 1 to 6 of 6
  1. #1
    Life is not a malfunction gold trophysilver trophybronze trophy
    TechnoBear's Avatar
    Join Date
    Jun 2011
    Location
    Argyll, Scotland
    Posts
    6,088
    Mentioned
    256 Post(s)
    Tagged
    5 Thread(s)

    Is this a recognised technique or what?

    My knowledge of Javascript is pretty limited. I know enough to tweak the occasional image gallery or slideshow script, and that's about it, so this may be a pretty stupid question, but I'm going to go ahead and ask anyway, because that's how I learn.

    I've just been asked to do a complete revamp of a site built by somebody else. I've been taking a look to see what's there, and found a (to me) very odd construction. There are a series of small images, which one clicks for the larger image - except that it doesn't work like that and I've never seen this technique anywhere. The HTML reads
    Code:
    <a href="javascript:openImage('Images/Garden.jpg')"><img alt="garden" src="ImagesGardenSml.html"></a>
    The .html file referenced in the <img> tag contains
    Code:
    <head>
    <meta http-equiv="refresh" content="0;url=http://**.***.***.**/" />
    </head>
    <script LANGUAGE="JavaScript">
    window.location="http://**.***.***.**/";
    </script>
    followed by a vast array of numbers, in groups of three, commented out in the HTML. There is a separate file for each image, but the content is identical, as far as I can see.

    Clicking the small image opens the URL in a new window. There are no images, just a series of links. I've checked the IP address of the URL in hpHosts Online, and it's associated with a long list of dodgy sites.

    My question is basically: was this ever a genuine method to display a large image, or has the site been hacked at some point, or what?

  2. #2
    Programming Since 1978 silver trophybronze trophy felgall's Avatar
    Join Date
    Sep 2005
    Location
    Sydney, NSW, Australia
    Posts
    16,789
    Mentioned
    25 Post(s)
    Tagged
    1 Thread(s)
    That technique has only ever been used by people who have never learnt any JavaScript at all. It was more common back when JavaScript used to be mixed with HTML rather than kept in a separate file.
    Stephen J Chapman

    javascriptexample.net, Book Reviews, follow me on Twitter
    HTML Help, CSS Help, JavaScript Help, PHP/mySQL Help, blog
    <input name="html5" type="text" required pattern="^$">

  3. #3
    Life is not a malfunction gold trophysilver trophybronze trophy
    TechnoBear's Avatar
    Join Date
    Jun 2011
    Location
    Argyll, Scotland
    Posts
    6,088
    Mentioned
    256 Post(s)
    Tagged
    5 Thread(s)
    Thank you for that reassurance. In that case, it fits nicely with the rest of the site, which has been written by somebody with only a hazy notion of HTML.

  4. #4
    Utopia, Inc. silver trophy
    ScallioXTX's Avatar
    Join Date
    Aug 2008
    Location
    The Netherlands
    Posts
    9,039
    Mentioned
    152 Post(s)
    Tagged
    2 Thread(s)
    Looking at that snippet you're probably better off ditching all existing code and start over from scratch. That will probably be less work than trying to fix what's already there (unless we're talking about a very, very large website of course).

    And yes, that weird URL stuff looks like the site was hacked / tampered with. Putting a .html as an img src filled with crap has the smell of black hat "SEO" all over it.
    Rémon - Hosting Advisor

    Minimal Bookmarks Tree
    My Google Chrome extension: browsing bookmarks made easy

  5. #5
    One website at a time mmj's Avatar
    Join Date
    Feb 2001
    Location
    Melbourne Australia
    Posts
    6,282
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by TechnoBear View Post
    My question is basically: was this ever a genuine method to display a large image, or has the site been hacked at some point, or what?
    Looks like the site was hacked at one point.

    Look at it this way:

    - The pages don't actually work
    - They all redirect using Javascript/meta tags (the wrong way to do a legitimate redirect) to some site identified only by a bare IP address
    - The pages containing the dodgy redirects otherwise contain large lists of dodgy sites.
    [mmj] My magic jigsaw
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    The Bit Depth Blog · Twitter · Contact me
    Neon Javascript Framework · Jokes · Android stuff

  6. #6
    Life is not a malfunction gold trophysilver trophybronze trophy
    TechnoBear's Avatar
    Join Date
    Jun 2011
    Location
    Argyll, Scotland
    Posts
    6,088
    Mentioned
    256 Post(s)
    Tagged
    5 Thread(s)
    Quote Originally Posted by ScallioXTX View Post
    Looking at that snippet you're probably better off ditching all existing code and start over from scratch. That will probably be less work than trying to fix what's already there (unless we're talking about a very, very large website of course).
    I'd already reached the same conclusion. For a start, it's using a table for layout, but the one part of the site that contains tabular data is not marked up as a table. It's marked up as a series of <ul>s, each containing a single <li>. All very odd.

    Quote Originally Posted by ScallioXTX View Post
    And yes, that weird URL stuff looks like the site was hacked / tampered with. Putting a .html as an img src filled with crap has the smell of black hat "SEO" all over it.
    Ah, now that was what I was afraid of. As yet, I don't have access to the server to see if there's any other evidence of foul play but that stuff set my alarm bells ringing.

    @mmj Thanks for confirming the suspicion.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •