i was uploading some stuff today for site and suddenly the ftp connection was closed and i couldnt login.
Turns out the host ( webair ) has a security feature that scans uploaded files for a virus and if found it closes the connection and changes the ftp password for you. Kind of a neat feature i suppose , but i went to isolate the file it was finding and it was a variation of this
Code:
<?php
$out = "http://yahoo.com";
?>
<html>
<head>
<script>
function xtb(){
top.location.href="<?php echo $out; ?>";
}
</script>
</head>
<body>
hello<br>
<iframe id=xnsi onload="xtb();" src=http://google.com width=1 height=1></iframe>
</body>
</html>
although the code could be used to initiate a virus , it isn't malicious or a virus on its own.
interesting to note although they change your ftp password for you they dont delete the file that was found to be a virus.
try it out if you want , save code and upload to webair , it will log you off and change your pass.
curious , where does webair get its virii defs from