Duplicate entry in the session table of Joomla 2.5.19

StackOverflow https://stackoverflow.com/questions/22707215

  •  23-06-2023
  •  | 
  •  

Question

Our Joomla site was hacked. Somehow attackers were able to place an .htm file in the root of the website and overwrite the .htaccess to deface the website. I have restored a backup with the kickstart and akeeba and upgraded joomla from 2.5.18 to 2.5.19 the site already had the latest virtuemart. Since that moment we have encountered a lot of duplicate entry errors in the session table. Here is what I have tried so far:

  • I have deleted all rows in the session table but that did not work
  • I have purged sessions in the admin tool plugin

I also installed a plugin and blocked a lot of bad ip's and changed the url to the administration page. I have changed logins of admin and superusers and moved to an other host, other mysql db other ftp login and got hacked again. Have not been hacked since I blocked ips and changed the admin location. But I still have duplicate session errors and somehow a lot of  characters in my content pages and no visible euro signs in virtuemart. Even though the database collation is utf-8 and I use the default htaccess which comes with joomla 2.5.19

I seriously have no idea how to troubleshoot this joomla duplicate session errors. Some source online says you have to remove the session table and re-create. but isn't that the same as clear all rows or a truncate?

edit can this be caused due to a missing column?

enter image description here

edit2 the change of largetext to medium for the data column has not changed a thing, still this error:

Duplicate entry 'cb' for key 'PRIMARY' SQL=INSERT INTO jo_mydbprefix_session (session_id, client_id, guest, time, userid, username)

edit3 can someone confirm that my problem is related to this one http://issues.joomla.org/tracker/joomla-cms/153

Was it helpful?

Solution

Hmm, is 'cb' the session_id? The session ID should look more like '7b975e2584c684f199774326c77e953f', right?

However: are you sure your restored backup is from before the attack? I would recommend to:

  • backup the whole joomla-installation
  • remove all files
  • unzip a pristine, new joomla-download in the www-folder
  • remove the /installation-folder copy your old configuration.php to the www-folder (inspect it to see that it's OK)
  • copy your template-folder to /templates, inspect all template files for hacks.

Now check if the session problem is still there.

Continue by manually downloading and copying files for your components and addons (virtuemart etc) into the file-structure.

regards Jonas

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top