If you go to my blog and look at the source code, there's a string down at the bottom which looks like this:
span style="display:none">PHVsPjxsaT48c3Ryb .........
I've noted that if I comment out the wp_footer() call in my footer.php file, the string goes away.
1. Is this suppose to be there? What makes me curious is that it's a "display = none"
2. How do I find where that code is (i.e. where's the wp_footer() code?)
Thanks
Posted 1 year ago #
Nope, that's not supposed to be in there
wp_footer code runs a lot of plugins and stuff
Do you have any encoded stuff in your theme? Esp. in the footer.php
If not, that could be a hack symptom
Not that I know of. I'm not a coder myself.
How can I access the code in the wp_footer() call?
Posted 1 year ago #
you can't really..... it's generated by each plugin/script
I tried to trace the code in dev toolbar, but I'm not getting anywhere
Any suggestions?
Posted 1 year ago #
well, you could try killing your plugins and see if it's still there
then I guess try the twentyten theme and do the same
After that I would assume its some sort of hack with that being injected...here's my standard hack links if you need the info
http://codex.wordpress.org/FAQ_My_site_was_hacked
http://ocaoimh.ie/did-your-wordpress-site-get-hacked/
http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
http://www.snipe.net/2010/01/when-wordpress-gets-hacked/
My Experiences with being hacked:
http://www.rvoodoo.com/2010/02/the-dreaded-base64-wordpress-hack-and-other-hacks-too/
And when you're done:
http://codex.wordpress.org/Hardening_WordPress
Great suggestions, doing that now.
I haven't noticed any hack attempts, hopefully just a plugin. If I find it, I'll let you know.
Posted 1 year ago #
If it is a hack attempt, it doesn't look like it has done anything....
it may just be poorly constructed. Usually you get encoded stuff that looks like that injected into a template file, which converts into a bunch of links in your source code with a disply:none
Right. I haven't noticed anything yet.
It's definitely in my Theme (not plugins and switching themes made it go away).
In my theme's directory, there's a functions folder and in it there's a file called:
admin-setup.php
in that file, there's this code:
// Add Encrypted setting field to footer for debug purposes
function woo_option_output(){
$data = get_option('woo_settings_encode');
echo '<span style="display:none">' . $data . '</span>';When I remove the span display:none call, the long hack string appears at the footer of my blog.
Posted 1 year ago #
Ah, well, at least it's not a hack! Sounds like its supposed to be there then, for that theme! Good to know
Just as well I think I'll message Woo Themes and ask them.
Thanks for your help. I really appreciate it.
I'd like to send you a gift (an ebook), how do I get that over to you (as a thank you)?
Posted 1 year ago #
well, just a thank you is good enough....
But I'm always contactable through my site, rvoodoo.com
I was able to learn some through this, so that was cool for me!!
Just got a note back from Woo Themes.
"That is something we had in older versions of the framework to output the options for support purposes.
Upgrade your theme/framework to make it go away or simply remove the function load from admin-setup.php"
So all is good.
Thanks.
This topic has been closed to new replies.
