How do I remove the advertising code from the site?

Hello.
Advertising was introduced into the site code.
A link to someone else’s site appeared at the bottom of the site.
I tried to search for this code through the settings menu of this section of the site, but it is not there.
I tried to search through the files themselves, but apparently I did not find in which file this code is embedded.
Please help me, tell me where to look.
Application Version - e.g., OJS 3.1.2:
Additional information, such as screenshots and error log messages if applicable:
image

Hi @Yuriy_Kadatski,

Looks like this might be hard-coded into the footer - what theme are you using for your journal?

-Roger
PKP Team

1 Like

Standard default theme
Can you tell me which files to look for?

Hi @Yuriy_Kadatski,

Two places you could look, in:

frontend/components/footer.tpl

Or if, there is a footer.tpl file in your theme directory for the default theme.

-Roger
PKP Team

Hi @Yuriy_Kadatski,

I would suggest seeing if it’s in one of the files in cache/t_compile.
You might try a tool like fgrep to search file contents – there are too many files to search by hand!

Regards,
Alec Smecher
Public Knowledge Project Team

1 Like

I didn’t find anything, but thanks for the hint)

And how to use this function? I am quite far from linux and php

If you view the code of the main page of the site, it will be like this -
image

I don’t quite understand how this block of code could be embedded in a segment of the site.
Is it possible to clear the site Cache folder without data loss and check if this is the problem?

Logged in as admin you can go to “Administration” and then “Clear Data Caches” and/or “Clear Template Cache”.

In my personal opinion you should first find out what lead to this footer being included. Have you implemented all security fixes listed on https://pkp.sfu.ca/ojs/ojs_download/ - e.g. for OJS 3.1.2 [Security issue #5302 #5871 #6632 #6718] would be relevant.

After that you can still worry about removing the code. One quick workaround for as long as it takes to debug this issue would be to upload CSS to at least not show the compromised footer. Maybe like so:

div.pkp_brand_footer {
    display: none;
}

As soon as you are sure about having removed the links you can also remove the CSS file.

(Gabriele)

Thank you for advice. editing styles helped, or rather disabling this:
.pkp_brand_footer a{float:right;display:none;

image

That’s not a solution. That’s a temporary workaround. You should really get to the bottom of this. Otherwise you will have to do a lot of CSS in the near future. If someone managed to change your footer, they will most definitely make further changes as long as you don’t find the loophole that lead to the first change.
(Gabriele)

Yes, that’s right.
Previously, virus threats were detected in several site files on the hosting where the site is located, they were deleted or replaced with the original ones, and after that the search for where this link advertisement was registered began.
I planned to transfer the site from 3.1.2 to 3.3. versions, but there are nuances on handwritten changes to the theme of sites and the correctness of actions during the transition (I read earlier that there are often errors and data loss, because there are big differences in versions and this stops from this step so far).

I see, that makes perfect sense.

Try to avoid skipping minor versions, so first upgrade 3.1 to 3.2 and after that 3.2 to 3.3 - at least I think this is recommended.

(Gabriele)