Is your files_dir inside your web root? If so, that’s a security risk that can lead to your site being compromised.
I would suggest using a standard tool like diff to compare your source code to the stock source code, in order to see whether your OCS code has been modified. Cleaning up a compromised website is somewhat beyond the scope of this forum – you may also be able to find some helpful material e.g. on Stackoverflow.com. The process for cleaning up a potentially compromised OCS website is similar to other apps like Wordpress.
Regards,
Alec Smecher
Public Knowledge Project Team
Maybe you should firstly check is your site clean with some of online malware checkers.
I usually use this free on line malware checker http://scanner.pcrisk.com/
In addition, there are several threads on this forum regarding permissions, security etc. so you can find a lot of information related to that topic.
We do use standard techniques to prevent the injection of harmful Javascript. This makes the approach you linked unnecessary. However, if someone modifies the code on the site via another method of compromise, approaches like that are circumvented.
Regards,
Alec Smecher
Public Knowledge Project Team