I'm having the same problem.......
"Zenphoto needs to run setup but the setup scripts are not present. Please reinstall the setup scripts."
I uploaded some more pictures 5 days ago and there didn't appear to be any problems, but yesterday when I went to the site I got this message. I tried re-introducing the setup files into the zp-core folder (in the Zenphoto folder located in httpdocs), and other places, but nothing seems to work..... ( it was recommended to remove the setup files after setting up).
Where can I go from here please?

Well, reupload the setup scripts and let them run. As widely discussed we are not able to reproduce this odd behaviour so that so far there is no fix or explanation.

I am having the same problem since today. I have not changed anything since yesterday (both db and file wise). Running zenphoto 1.4.2.1.

This is the first time I get this error. I hope it is not a security related issue again. I will try to install the new version and I will check my logs for any suspicious activity and let you know if I find something.

I got the same thing this morning - at first I thought it was caused by my provider moving my files to a different server, but their support guy just sent me a copy of the .htaccess file, and it's the network-teaser.ru hack again (extract from .htaccess):

[...]
ErrorDocument 404 http://network-teaser.ru/getup/index.php
[...]

Nothing is left from the original .htaccess file content. I can confirm I have upgraded my installation after being hacked previously, and I am sure I don't use TinyMCE (I never did).

Currently I am not able to verify which version is installed - I am 99% sure it is 1.4.2.2 but I need to verify later this evening. Is there anything else I can do to help?

Thank you for this great product.

Kind regards,

Robert

First, it is the Ajax Filemanager which had the vulnerability, not TinyMCE, so not using TinyMCE would have nothing to do with the issue. Ajax Filemanager would be disabled by default in the 1.4.2 release. In addition, the security issue was closed. So it is not likely that it is involved either.

But, the original hack did leave lots of trojan files around. So if your site was not thoroughly cleaned up the hackers would have a back-door to re-infect it. By thoroughly, I mean all the files on the site need to be examined, not just the Zenphoto installation.

Finally, check the file permissions you have. If they are not reasonably strict other attacks from within your hosting provider are possible.

Reinstalling zenphoto solved the problem, but I have no idea what caused the error. I have analyzed my logs but did not find anything suspicious except the usual comment spam attacks. htaccess was not modified by the way.

Same problem today, again... Once a month, maybe, i must reinstal/upgrade my zenphoto instalation. No idea why, files rather unchanged, edited only my theme variation, but not in last week.

The same happened to me today aswell. On the server it looks like noting has been modified, so this is really strange... Version 1.4.2.3

Same thing here too (Version 1.4.2.2). I noticed the problem this morning. Going back through the Apache Server logs, I can see that the issue started about a week ago. I am deducing this by the size of the data returned for each request. The text stating that setup needs to run is small, so easy to spot in the logs.

Additionally, I have my browser at work looking at the RSS feed of my site, so I can see roughly when it happened, but not really how.

One minute the rss-comments.php returns normally, then 15 minutes later the server is returning the 102 bytes. There is no other access to the server in between the two log entries and from that point onwards, every request for something in the zenphoto area gets a 102 byte response.

The only thing that stands out (for me) is a POST entry, but this might be down to how zenphoto works - I don't know enough about the system to say either way. Basically there's a direct request for a photo's php file, this is then immediately followed by a request to zp-core/c.php with a parameter of "i". Ten seconds later there's a POST request to the same photo's php file. Nobody but me should be POSTing anything to my site.

Let me know if you need more info.

I recommend you install the development build. It should be quite stable as it will shortly go into beta. That release has improved handling of these tests, including description of why and dividing the handling between major and minor reasons. The latter only recommend re-running setup.

Lacking time to grab an svn client, I went with an upgrade to 1.4.2.3 which has fixed the site for now. Would love to know why it started going wrong though.

I think we have posted about everything we implemented why it does that.

You do not need an SVN client. There are nightly builds of the development release as well as the current release.

I had downloaded the current stable release and had the same problem with the admintoobject. Could create a backup but not restore it and could not view the database reference. So, I followed your advice and installed the development version. There is no problem now with the database commands.

Hope this helps shed a little more light on the issue. You have a great package. Thanks.

Argh.
I just got this warning on my site. I've done NOTHING to it.
I guess that means I got hacked?
is that right?

so what, i've gotta run setup again, or reupload everything but my Albums folder?
What's the scoop?
I'm worried now, I just launched two other zenphoto sites. this site is no big deal, but the others will kill me if this happens.

I'm sorry, I read this thread, but I dont' totally get it.
please advise.

that was http://sonofwitz.com/
Zenphoto needs to run setup but the setup scripts are not present. Please reinstall the setup scripts.

It does not necessarily mean you have been hacked. It is all explained in this topic so I won't repeat. There is also an entry in the troubleshooting guide on the user guide.

The message tells you to re-upload the setup files and not everything...

THank you Acrylian. What could cause this if not a hack? Nothing changed to my knowledge.

reuploaded setup files. seems fine now.

Also seen the same situation today.. but earlier I was rebuild some libraries at my webserver so I was think that may be zenPhoto store my old server configuration and when he detect new configuration he ask me to upload setup files and install gallery again (in our case it's enough to update setup and all work ok). I think this issue major because it would not funny when some time peoples would see gallery and then they seen that message

PS: I've use latest stable release.