I don't see a bugs section of this forum, so I put it here. There is also no contact section on the site, or I would have contacted the developer directly.
I have this great script running on 3 sites all on the same server. I recently found out that all three EasyPHPAlbum photo galleries have been infected with a virus that poses as a yahoo counter. If you google "yahoo counter virus" you will see that it was infected Word Press and others. I just wanted to make sire someone here was aware of this issue. It is a nasty virus and when google finds the script on your site, they will flag it as malware and people can't get in.
Great product, I just wanted you to know.
Webserver comprimised
Thanks for the tip. It looks like the virus can only attach itself to a PHP script when the webserver itself has been compromised. It spreads using .htaccess or database insertion. As EasyPhpAlbum is a single script and does not use databases or .htaccess files, it should not be the 'cause' or 'backdoor' for the virus.
However once your webserver has been attacked, all your scripts have been modified and the 'code' has been added to the script; also EasyPhpAlbum. As EasyPhpAlbum is a single script solution, it's quite easy to get rid of the virus, just copy a clean version of EasyPhpAlbum to your webserver and cleanup your old infected configuration.php file by removing the malicious code. Make sure however that your webserver is clean otherwise the PHP files will be infected with the virus again.
Clean up the config files
So, does that mean that I only have to edit the config files and that is where the code has been injected? I don't have to change each index.php file in each folder?
Cleanup
You first need to make sure your webserver is no longer infected.
Then you have to take a look at the index files, from version 1.3.7 you only have one main index.php file and the index.php files in the albums are only a few bytes in size. But it could be that these small files are also infected, the plus side is that these files are all the same, just drag and drop them to your webserver to replace them.