Several sites hacked - can I use newer version of PHP now?

I only use Design Extender for the CMS. I have CMS on several sites. Some with and some w/o were hacked yesterday. All in the same hosting account. I am running PHP 5.6 on server. I remember when I first installed CMS years ago I was not able to use latest PHP version. Can I upgrade now to eliminate vulnerabilities or is there something I need to do with my code to prevent this from happening again? The hacker only took down my home page so it was an easy fix but I have no idea if he put other files out there. I had this happen years ago and at that time there was something I needed to fix in my code.
Thank you very much.

Yes, you can download the update here:

https://www.webassist.com/PowerCMS.zip

Just unzip and overwrite your files. If you send me FTP information I can do a quick sweep and let you know if there is anything you need to delete to prevent any more hackers from getting in.

Thank you Ray. Do I delete all the CMS files from the server and then upload all the new ones? Will I have any problems because all the tables are already setup in the databases?

After I do all this updating, can I then upgrade PHP on my server? The guy at GoDaddy said the hack could have happened because I'm not using the latest version. All my sites are made with PHP pages, not just those with CMS.

I think I got everything deleted that shouldn't be on server for all 50+ websites yesterday but I didn't look in CMS folder. I just looked there now. Sure enough - file called haxor.php. I've only checked a few sites so far but I only found that file in one and that was the same site that was hacked 5 years ago. You helped me fix that at the time.

I'm not sure about the rest of your site, but after updating the cms files, the cms portion will be ready to update to php7.

You definitely want to delete the haxor.php file, hopefully you don't have any more somewhere that would keep your security breached. Realistically I doubt the security hole is directly related to your php version. That sounds like a cop out by your hosting company, but clearing it out and using the latest version won't hurt.

Probably an easy answer for the guys at GoDaddy. I think that haxor file was only in the one CMS folder. It was at the root. And yes, I deleted it right away. I'd guess they could have used that to do more mischief. I find it very interesting that it is in the website that got hacked 5 years ago. I only remember all this because I read our thread from 5 years ago when you helped me fix that problem. Because I use shared hosting, the hacker could have found the vulnerability in one site, got into that and then somehow accessed all my other sites in that same account?

I will delete current CMS folder for one site and then upload new folder tonight. It takes about an hour. If all goes well with the first, I can do the others.

Thank you very much.
Laura

Yes. If a hacker gets onto a machine, they could effect other sites on that machine. But usually the easiest one would be the actual site with the security hole to begin with.

Good luck and let me know if you need help. I'd just need FTP access and the url to view whatever problem you are dealing with.

This is the message I was afraid I'd get. How do I get past this?
ERROR: The Cutler database is not empty, it already contains tables named pcms2_contenthistory, pcms2_contents, pcms2_usergroups, pcms2_users. Please delete these tables or create an empty database for PowerCMS to use.

Thank you.

Upload your old connections folder and its contents. It is trying to run the installer because those files are missing. Once those files exist it will skip the installer, which is what you need.

Now the admin page won't load at all. 500 error. This page isn't working.
I should just have 2 files in Connections folder?
PowerCMSConnection.php
installed_cms.txt

Yes, but you will have to update your PowerCMSConnection.php to be a mySQLi connection. Delete that file and create a new MySQLi connection with the same name.