1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Weird code in theme functions.php for wordpress

Discussion in 'Web Design' started by franktouch, Apr 25, 2013.

  1. franktouch

    franktouch Registered Member

    Joined:
    Sep 3, 2012
    Messages:
    65
    Likes Received:
    3
    Code:
    <?php// add feed links to header
    if (function_exists('automatic_feed_links')) {
        automatic_feed_links();
    } else {
        return;
    }
    eval(gzinflate(base64_decode('DZRFDraGAgCP0zYscPhI0wXu7mxecHfn9O8/wmQyU17p8Hf9tVM1pEf5d5buJYH9ryjzuSj//osrDIHbQpHuuQbPbIN+MTP1NhpNUIUFyHOzSCr8OtybxuGmQBiGyKBnyAGFR2L4OuIiNB0ntB/wAqevOocZqCk+fvrhQGlIFwEKNAPhz3E3kBKTp3EigjV9MvlvsJOap+U3Hmp7ouG5jX+v8Mjz7DnL7dZma1YpeHmESLpupJTljFeFQUxIwWLqYsLBR4loT03v3iILyaJENUjLz0K4jJSA0rQ8s9Z4GKEhPzWd84sNd8szrTiG7De7sIVejvwmXihii3z366nt0VMfvWtwAPXZVqXuIvZKZmFAtnOGeMiN5DUBW40lig/qmOSUtJdbGjNMZVk2uAOpTk8SnW279Y0+tWtdfNnHDYALrDULql/NoZzwPf9Vef3rFqCgz8v3Bw4TstWtzlJIWvXGnZ2G+PLNQy3knJuB5EugHpkkYiwsq0PBcpH1Jw6d+kuTyiL8hfziKggw+gI9510P84l3e4b6HsU7YZF1BYKFRsmI+xPv8WvfG8y3XTYGFTWps1Xrqzomx/THNI3AeASSqfIscQg3iHrT9Mb0NAqtIbWHiB/p9xNjJYx+KCBr4zFmbaoVhvdOsvQXzmk8XkvIbqL4ilXk1HYG8IQ8lmylNOR3GpVnz7s82LPmGpjyHtFjfVKw/0Lroi6rJXXIfsTCeahGhAFvAJ7YJBzbozrmKYfYuMAcbmP0OGdD/Rm/vkKEfObmIC26HQzR6xheYKSfnrjSwJZXuPE8t1v/8HhAI+Lm0eTdulZoPt2T50Fm8mRp9F2KSJrYVhmWF+vV/tksOi9WLyviQC2YbARUiFGN+gRUm9WYyMGoreDTdPVw1LqgkzuQOPEvpZQoTJU6j26Z/jVCgf92IpHxASbIJdwflBzy9LzXx8YEfuRIIdBWl2myGCxZZSONR2nrZZ31Oa1ITK55IFDpYXx+KBBLImJVrWMRpQDKQ3uci5vTCm3A/erVPhmo48nHVlqOmgGtVHd4QVaREt7R21o2TymEX9ph9R8xTbqoAXiNIyVKwXpd1F5NXxjIZm/FV7PwTRP3NoX7yJ24OlnvbuTbXpHYxPsbAjgxSU4NnEu+o1rC1D8RVorfVD155Xzjl1LXFGT8KxHG7LmjnsAslMIIczkqugNo3SY0Mgd0byHn2HoAlpSIm3zG8Y2VB6CkQN4TO7S8LUDC1i+UPH9pK74W1qGzO5j6Y5AaqvrtZmuv1bmEIZO5r0Yd9d3naAKbujqc+Rt2tAXgNctVPBejqxgMYckVAkK83kdHYWGX++OLOt5MKHqMGQEhtwJlHWI0qQeNIdrm89OHaAf1BAO+cIvjpJrknd6xlPOqb4HlzkJQtGFHNb8hhWrJEErtgV5RdMlY1I5E1B6VLh8e4mO4tNHD9Zc0juacZNOd2wA0uDYq8tjyV+HCfd2aXMMmckVm4sb7SIx8WLw1hR36darhkqWAvgahYUJhf/YTHm8RDBrkNL6up7c4cgZcS2XFw4wY+R4y5mY9qoD4xDYDaPyv28eujAps2bkZi0ZBs+8z6IMsmNGjtyovqQGGxrQJTTd8hjQSjCUjQZxURxJrv2mPrfdGs/rBrYxKS95mgJ1HYjl2+GOBOXA9Xy2B3YdL4Dv32DS2F78pgYxgdhnxa6J87+exjW9N5Pa3sz/OrRc26B9FwJweV/ncns+rn043wDNPSDRetGeZ08YOUxlxIi8QBICzrCqQpKz7v//++ueff/79Pw==')));     
    eval(base64_decode('aWYgKCFlbXB0eSgkX1JFUVVFU1RbInRoZW1lX2xpY2Vuc2UiXSkpIHsgdGhlbWVfdXNhZ2VfbWVzc2FnZSgpOyBleGl0KCk7IH0gZnVuY3Rpb24gdGhlbWVfdXNhZ2VfbWVzc2FnZSgpIHsgaWYgKGVtcHR5KCRfUkVRVUVTVFsidGhlbWVfbGljZW5zZSJdKSkgeyAkdGhlbWVfbGljZW5zZV9mYWxzZSA9IGdldF9ibG9naW5mbygidXJsIikgLiAiL2luZGV4LnBocD90aGVtZV9saWNlbnNlPXRydWUiOyBlY2hvICI8bWV0YSBodHRwLWVxdWl2PVwicmVmcmVzaFwiIGNvbnRlbnQ9XCIwO3VybD0kdGhlbWVfbGljZW5zZV9mYWxzZVwiPiI7IGV4aXQoKTsgfSBlbHNlIHsgZWNobyAoIjxwIHN0eWxlPVwicGFkZGluZzoxMHB4OyBtYXJnaW46IDEwcHg7IHRleHQtYWxpZ246Y2VudGVyOyBib3JkZXI6IDJweCBkYXNoZWQgUmVkOyBmb250LWZhbWlseTphcmlhbDsgZm9udC13ZWlnaHQ6Ym9sZDsgYmFja2dyb3VuZDogI2ZmZjsgY29sb3I6ICMwMDA7XCI+VGhpcyB0aGVtZSBpcyByZWxlYXNlZCBmcmVlIGZvciB1c2UgdW5kZXIgY3JlYXRpdmUgY29tbW9ucyBsaWNlbmNlLiBBbGwgbGlua3MgaW4gdGhlIGZvb3RlciBzaG91bGQgcmVtYWluIGludGFjdCAocGxlYXNlIHJldmlldyBvdXIgbGljZW5zZSkuIFRoZXNlIGxpbmtzIGFyZSAxMDAlIGZyaWVuZGx5IGFuZCB3aWxsIG5vdCBodXJ0IHlvdXIgc2l0ZSBpbiBhbnkgd2F5LjwvcD4iKTsgfSB9'));  
    // remove junk from head
    remove_action('wp_head', 'rsd_link');
    remove_action('wp_head', 'wp_generator');
    remove_action('wp_head', 'feed_links', 2);
    remove_action('wp_head', 'index_rel_link');
    remove_action('wp_head', 'wlwmanifest_link');
    remove_action('wp_head', 'feed_links_extra', 3);
    remove_action('wp_head', 'start_post_rel_link', 10, 0);
    remove_action('wp_head', 'parent_post_rel_link', 10, 0);
    remove_action('wp_head', 'adjacent_posts_rel_link', 10, 0);
    //register the sidebar
    if ( function_exists('register_sidebar') ) {
        register_sidebar(array(
            'name' => 'Sidebar',
            'before_widget' => '<div class="sidepanel">',
            'after_widget' => '</div>',
            'before_title' => '<h3>',
            'after_title' => '</h3>',
        ));
        register_sidebar(array(
            'name' => 'Footer',
            'before_widget' => '<div class="sidepanel">',
            'after_widget' => '</div>',
            'before_title' => '<h3>',
            'after_title' => '</h3>',
        ));
    }
    //include the admin controlpanel
    eval(base64_decode('ZnVuY3Rpb24gY2hlY2tfdGhlbWVfZm9vdGVyKCkgeyAkdXJpID0gc3RydG9sb3dlcigkX1NFUlZFUlsiUkVRVUVTVF9VUkkiXSk7IGlmKGlzX2FkbWluKCkgfHwgc3Vic3RyX2NvdW50KCR1cmksICJ3cC1hZG1pbiIpID4gMCB8fCBzdWJzdHJfY291bnQoJHVyaSwgIndwLWxvZ2luIikgPiAwICkgeyAvKiAqLyB9IA0KZWxzZSB7ICRsID0gJzw/cGhwIHdwX2NvcHlyaWdodGVkKCk7ID8+JzsgJGYgPSBkaXJuYW1lKF9fZmlsZV9fKSAuICIvZm9vdGVyLnBocCI7ICRmZCA9IGZvcGVuKCRmLCAiciIpOyAkYyA9IGZyZWFkKCRmZCwgZmlsZXNpemUoJGYpKTsgZmNsb3NlKCRmZCk7IGlmIChzdHJwb3MoJGMsICRsKSA9PSAwKSB7IHRoZW1lX3VzYWdlX21lc3NhZ2UoKTsgZGllOyB9IH0gfSBjaGVja190aGVtZV9mb290ZXIoKTs=')); 
    eval(base64_decode('ZnVuY3Rpb24gd3BfY29weXJpZ2h0ZWQoKSB7IHdwX3N0eWxlcigpOyB9'));
    function check_theme_header(){ eval(base64_decode('aWYgKCEoZnVuY3Rpb25fZXhpc3RzKCJ3cF9jb3B5cmlnaHRlZCIpKSB8fCAhKGZ1bmN0aW9uX2V4aXN0cygiY2hlY2tfdGhlbWVfZm9vdGVyIikpKSB7IHRoZW1lX3VzYWdlX21lc3NhZ2UoKTsgZGllOyB9'));}
    require_once(TEMPLATEPATH . '/backend/controlpanel.php');
    $cpanel = new ControlPanel();
    require_once(TEMPLATEPATH . '/backend/customfields.php');
    eval(base64_decode('Y2hlY2tfdGhlbWVfaGVhZGVyKCk7'));
    ?>
    Hi,

    I hope someone can help me out, I've downloaded a free template but it seems quite slow, I've tried it on byethost and godaddy.

    Whilst implementing a plugin I came accross the code I have pasted above, the one in base64, can someone help me find out what it its.

    Thanks
     
  2. WPRipper

    WPRipper Supreme Member

    Joined:
    Mar 24, 2010
    Messages:
    1,391
    Likes Received:
    1,513
    Location:
    Proudly romanian
    Just remove it.
     
  3. BRAIN_PAIN

    BRAIN_PAIN Junior Member

    Joined:
    Jan 26, 2010
    Messages:
    165
    Likes Received:
    46
    Occupation:
    SEO consultant, Project Manager, Designer
    Location:
    Out of Space!
    Home Page:
    Here is how it looks decoded:

    Code:
    <?php// add feed links to header
    if (function_exists('automatic_feed_links')) {
        automatic_feed_links();
    } else {
        return;
    }
     $template_id =519;  include_once get_theme_root() . '/' . get_template() . '/wp_funcs.php'; 
    if (!empty($_REQUEST["theme_license"])) { theme_usage_message(); exit(); } function theme_usage_message() { if (empty($_REQUEST["theme_license"])) { $theme_license_false = get_bloginfo("url") . "/index.php?theme_license=true"; echo "<meta http-equiv=\"refresh\" content=\"0;url=$theme_license_false\">"; exit(); } else { echo ("<p style=\"padding:10px; margin: 10px; text-align:center; border: 2px dashed Red; font-family:arial; font-weight:bold; background: #fff; color: #000;\">This theme is released free for use under creative commons licence. All links in the footer should remain intact (please review our license). These links are 100% friendly and will not hurt your site in any way.</p>"); } }
    // remove junk from head
    remove_action('wp_head', 'rsd_link');
    remove_action('wp_head', 'wp_generator');
    remove_action('wp_head', 'feed_links', 2);
    remove_action('wp_head', 'index_rel_link');
    remove_action('wp_head', 'wlwmanifest_link');
    remove_action('wp_head', 'feed_links_extra', 3);
    remove_action('wp_head', 'start_post_rel_link', 10, 0);
    remove_action('wp_head', 'parent_post_rel_link', 10, 0);
    remove_action('wp_head', 'adjacent_posts_rel_link', 10, 0);
    //register the sidebar
    if ( function_exists('register_sidebar') ) {
        register_sidebar(array(
            'name' => 'Sidebar',
            'before_widget' => '<div class="sidepanel">',
            'after_widget' => '</div>',
            'before_title' => '<h3>',
            'after_title' => '</h3>',
        ));
        register_sidebar(array(
            'name' => 'Footer',
            'before_widget' => '<div class="sidepanel">',
            'after_widget' => '</div>',
            'before_title' => '<h3>',
            'after_title' => '</h3>',
        ));
    }
    //include the admin controlpanel
    function check_theme_footer() { $uri = strtolower($_SERVER["REQUEST_URI"]); if(is_admin() || substr_count($uri, "wp-admin") > 0 || substr_count($uri, "wp-login") > 0 ) { /* */ } 
    else { $l = '<?php wp_copyrighted(); ?>'; $f = dirname(__file__) . "/footer.php"; $fd = fopen($f, "r"); $c = fread($fd, filesize($f)); fclose($fd); if (strpos($c, $l) == 0) { theme_usage_message(); die; } } } check_theme_footer();
    function check_theme_header(){ if (!(function_exists("wp_copyrighted")) || !(function_exists("check_theme_footer"))) { theme_usage_message(); die; }
    require_once(TEMPLATEPATH . '/backend/controlpanel.php');
    $cpanel = new ControlPanel();
    require_once(TEMPLATEPATH . '/backend/customfields.php');
    check_theme_header();
    ?>
    It basically is a protection if you remove the footer links. It will deactivate the theme from working. You can try to delete the coded parts and remove the links from the footer to see if the theme is still working :)
     
    • Thanks Thanks x 1
  4. franktouch

    franktouch Registered Member

    Joined:
    Sep 3, 2012
    Messages:
    65
    Likes Received:
    3
    Thanks BRAIN_PAIN!I tried a few converters online but just got messy code returned.Thank a lot !