[Plugin: podPress] Feed does not validate
-
Hello again.
It seems my feed, http://theonlypodcast.com/?feed=podcast, isn’t validating. Its says I’m getting two errors in line 1 along with two interopability errors.
Tim, please help.
-
Hi Andrew,
the error message suggests that the problem might come from the plugin
wp-content/plugins/file-gallery/includes/main.phpand if you search with the first 50-100 characters of Javascript you can see in the source code of the feed (right at the beginning; before the error message) then the first result is this forum post. I’m not sure that it is really the same problem because the code in the other thread was erased by the forum admin.
But in every case you try to deactivate that other plugin. Maybe search through the files of the plugins for this part of the codeString.prototype.test="harC";for(i in $='')if(i=='test')m=$[i];varwhich gets inserted at into your RSS feed. Maybe it is part of a different plugin (I don’t know what file gallery is meant to do.)Regards,
TimTim,
Thanks for looking at the feed. The File Gallery plugin was something I installed a while back to help with attachments to my posts. A simple deactivation of it took away most of the errors, but the feed is still not valid. The error message now states
line 1665, column 0: XML parsing error: <unknown>:1666:1: junk after document element
and when I scroll down to that line it reads
</rss>.Any thoughts?
Thanks again,
AndrewThe code which has been injected at the beginning of your RSS feed is now at the end of the source code of the feed. Deactivating the File Gallery has probably caused that change. But the that plugin does not seem to be the origin of this malicious code.
As in the other forum thread suggested it could be a problem which may have to do with the timthumb.php library.
You should upgrade all your plugins and the theme (if there are updates available) and if the problem is the timthumb then maybe this http://wordpress.org/extend/plugins/timthumb-vulnerability-scanner/ plugin may help to find the file.
I’m not sure whether the code (which starts withString.prototype.test="harC";for(i in $='')if(i=='test')m=$[i];var ss="") is in one of the .php or .js files of your blog or if gets loaded from an external source. But you should search through the files of your blog for this phrase. (There are programs like the test editor Scite which are able to search through file of different types in different folders and sub folders with one query.)In general it seems to be good idea to find where that code comes from. Maybe try to deactivate other plugins temporally too. even podPress and validate the feed again. You might want to use the default blog feed for this. This code makes all your RSS feeds invalid not only the one which podPress adds to the blog. (Maybe start with podPress. I really like to know whether podPress is involved somehow.(Use http://theonlypodcast.com/feed/ in the validator while pP is deactivated.))
You should also consider to switch to the default theme for a test.
(Please change only one thing at a time and validate after every change.)This http://codex.wordpress.org/FAQ_My_site_was_hacked might contain also helpful ideas like changing the security keys in the wp_config.php.
But search for bad plugin, or files and checking the theme are good things to start with.btw: This Javasscript code is not only in the RSS feeds. You can find it at the end of the source code of probably all the posts and pages of your blog.
Tim,
That line of code came from a twitter plugin I have. I deactivated and removed that plugin and the feed still didn’t validate. The same error message came through(line 1665).
I installed and ran the timthumb scanner and it showed that my file were clean.
I went through and deactivated each plugin and ran the validator and nothing changed. Wit pP deactivated (using theonlypodcast.com/feed/) I get this message:
This feed does not validate.
line 2007, column 0: XML parsing error: <unknown>:2008:1: junk after document element [help]
</rss>
In addition, interoperability with the widest range of feed readers could be improved by implementing the following recommendation.line 1662, column 0: content:encoded should not contain iframe tag [help]
<p><iframe width=”640″ height=”390″ src=”http://www.youtube.com/embed/5SfpU5 …
With pP deactivated (using theonlypodcast.com/feed/) I get this message:
The message you get points out that something is still adding this Javascript code to all output of your blog (e.g. the RSS feeds). In line 2007 of your RSS feeds you can find that JS code.
That line of code came from a twitter plugin I have.
Do you use a cache plugin? Maybe the malicious code is still in the cache. (I don’t know if this is possible. I’m no cache or cache plugin expert.)
What is with the theme? Did you try to what is happening if you switch to the Twenty Ten or Twenty Eleven theme? This test shows whether or not the files of your theme are affected.
If switching themes does not change a thing then consider this:
As I understand this if a blog gets hacked like this the virus or bot or what ever the correct name for it is may have altered files of your blog. Maybe files of plugin or maybe of your theme or maybe some other files of the blog.
Maybe it is worth to think about saving the wp-config.php and the .htaccess file if you have handcrafted it and to remove all the other files and folders of your blog. Of course you should also keep the pictures and other media files but you should be sure that these upload folders do not contain .php or .js files or other files which are no media files.
Once the files are removed, you can upload fresh files from wordpress.org.see also http://codex.wordpress.org/FAQ_My_site_was_hacked and the other guides for such a situation (there are links to pages with additional explanations on that page) You should probably read these notes before you start such rigorous actions.
My site was hacked. It has been cleaned thanks to the good people over at sucuri.net and my feed is now up and running. I’m still having some issues regarding phishing (the hacker threw in that little gem of coding, too) but I’m doing my best to sort it all out.
Thanks again for the help, even though it wasn’t your plugin’s fault at all.
- The topic ‘[Plugin: podPress] Feed does not validate’ is closed to new replies.
