Support » Fixing WordPress » Curious Code Appeard In Function File

  • I have a clients site that recently stopped working correctly with the error “Cannot modify header information – headers already sent.” Their host, GoDaddy, decided it would be best to revert to the default theme, which in turn removed a lot of custom features. GoDaddy said that the theme I created was not compatible with the new version of WordPress 3.5. Interestingly enough the site worked fine a couple weeks ago after I upgraded. The only plugins I have running are Contact Form 7 and Really Simple CAPTCHA.

    Now, the odd thing is that I ran across a rogue line of code at the top of the functions.php file.
    <?php function callbackx($buffer) {$tx="";if (function_exists("is_user_logged_in"))if (!is_user_logged_in()) $tx=" <style>.fait{position:absolute;clip:rect(411px,auto,auto,475px);}</style><div class=fait><a href=http://advancedcashin10min.com >payday loans</a></div>"; if (stristr($buffer,"</a>"))$buffer=str_ireplace("</a>","</a>".$tx,$buffer); else $buffer=$tx.$buffer; return $buffer; } function buffer_startx(){ob_start("callbackx");} function buffer_endx(){ob_end_flush();} add_action('wp_head', 'buffer_startx'); add_action('wp_footer', 'buffer_endx'); ?>

    It looks to me like some sort of virus with that url, and of course the fact that my original file never included this. Before I go in and re-activate the theme, I’m wondering how I should go about this. The TwentyEleven theme work fine, but that’s because it’s not using the custom theme’s function file. Should I just delete that rogue line of code and active, assuming this is the root of the cause? Or can I assume this has affected other parts of the theme? Does this sound like a virus, and if so, is it something I could have avoided by programming the theme better?

    Thanks,
    Burt

Viewing 3 replies - 1 through 3 (of 3 total)
Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Curious Code Appeard In Function File’ is closed to new replies.