Why are all this endless new sections being generated? multilang site

  • Hi,

    when I create this multilang website some years ago, my client decided not to have any kind of maintenance, and she just ask me few days ago to make some improvements.


    When I get into Perch, there where endless sections created everywhere...! It may be some programatic issue, please let me know your opinion:


    Note: site is on 3 langs (spanish is default)



    New sections everywhere:
    Screenshot-2022-04-27-at-14-37-01.png




    And inside Page:


    Screenshot-2022-04-27-at-14-37-11.png





    Summary:

    Over doctype:


    Lang switcher on topbar:

    PHP
    1. <li class="<?php if($lang=='es') { ?>current-lang<? } ?>"><a href="?lang=es">es</a></li>
    2. <li class="<?php if($lang=='en') { ?>current-lang<? } ?>"><a href="?lang=en">en</a></li>
    3. <li class="<?php if($lang=='fr') { ?>current-lang<? } ?>"><a href="?lang=fr">fr</a></li>


    Navbar:



    Thanks

  • It looks like an SQL injection attempt through your lang query parameter.


    As you don't run a check on what the value of the lang parameter is, it looks like any value entered creates a new region.


    You'll want to add a list of acceptable lang values then do a check if the lang value entered is acceptable, then add a default for when it doesn't match.


    You could try something like the following

    Code
    1. $available_languages = array('en', 'fr', 'de', 'es');
    2. $lang = $_SESSION['lang'] ?? 'es';
    3. if (isset($_GET['lang'])) {
    4. $lang = in_array($_GET['lang'], $available_languages) ?
    5. $_GET['lang'] : 'es';
    6. $_SESSION['lang'] = $lang;
    7. }
  • You might be able to delete it through SQL queries as the regions look very similar.


    you could try get all the region ID's first, then get store them as a comma separated string. Delete all the index and items from their respective tables, then lastly delete from the regions table

    SQL
    1. SELECT regionID FROM `TABLE_NAME`.`perch3_content_regions` WHERE (`regionKey` LIKE '%11111111%');
    2. DELETE FROM `TABLE_NAME`.`perch3_content_index` WHERE (`regionKey` IN(244, 243, ...));
    3. DELETE FROM `TABLE_NAME`.`perch3_content_items` WHERE (`regionKey` IN(244, 243, ...));
    4. DELETE FROM `TABLE_NAME`.`perch3_content_regions` WHERE (`regionKey` LIKE '%11111111%');

    I would not do this on a production site, so take a back up and perform the operations on that and then reupload the DB if it works