My main web site index page was hacked and site host advised as follows:

Below is a part of your web logs. There are numerous attempts for unauthorized access to the "/gallery/photo_comment.php" script in order to exploit it's vulnerabilities. Please, make sure that you update your gallery software in order to avoid such problems in the future.

I've been running 1.5 beta 5. Is this security leak fixed in more recent versions?

See http://photography-on-the.net/forum/showthread.php?t=177875

I uploaded the test.php file but got this error message trying to access it form browser:
Parse error: syntax error, unexpected T_STRING in /home/schophot/www/www/gallery/test.php on line 6

Make sure you paste the code in NOTEPAD or WORDPAD, not in Word or "real" document editor. Any embedded font/bold/paragraph formatting will ruin it.

Thanks Pekka. Test was "positive" for vulnerability. I have asked site host to change settings and I will meanwhile re-name my EE folder.

I was advised to add a php.ini file to all gallery folders containing php files. The php.ini file content is:
allow_url_fopen = off
register_globals = off
post_max_size = 20M
memory_limit = 80M
upload_max_filesize = 20M
max_execution_time = 120
expose_php=off

Did this but don't know yet if this will help.

it should fix the hole as that is what i had to do with my isp, lunar pages as their default is globals=on. just run the test again and it should show globals off.

i too have been hacked over and over in the last month

It will keep happening until you follow the instructions posted in various threads that will fix the problem