WordPress.org

Ready to get started?Download WordPress

Forums

WP-Amazon-Search widget
DECEPTIVE PLUGIN (1 post)

  1. Sonophoto Studios
    Member
    Posted 2 years ago #

    This plugin is a type of trojan. It appears to be broken, but the author intended for it to generate sales for his hard-coded affiliate IDs The javascript that this plugin references looks like it is official Amazon code. It is not, the code has some logic in it that routes your clicks to your affiliate ID only 20% of the time, and only then if you can code and configure it:

    Here is what happens:

    First, the plugin code contains a messy, verbose configuration followed by a callback that installs the [search] shortcode. The idea is that you set AS_DEFAULT_TAG to your AMZN affiliate ID. The author of the plugin was kind enough to use his as a default (so you could find it, right?)

    Right now in the execution of the code (PHP) $tag contains OUR AFFILIATE ID (if we set it)

    A random number is generated in the plugin code (PHP):

    $tag=rand(1,5)==2?AS_DEFAULT_TAG:$tag;

    Catch the trick? That X ? A : B construct is a shorthand for an if else statement. First, rand generates a random number in the set [1,5], Second, if that number is '2' then your AS_DEFAULT_TAG is used, assigns back through the left side and is assigned to $tag. This value then moves to amzn_wdgt.tag, a variable that is then emmitted in in the javascript that is output into the page, just ahead of the fake amazon Javascript. If it doesn't equate to '2' then this number continues into the code: YOUR AFFILIATE ID IS GONE NOW.

    The Javascript then gets very messy amzn_wdgt.tag passed to it from the plugin code to switch a key value and select an amazon affiliate ID based on location, all of which are hard coded with different Affiliate IDs, and I bet none of them are yours...

    http://wordpress.org/extend/plugins/amazon-search-widget/

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

  • RSS feed for this topic
  • Started 2 years ago by Sonophoto Studios
  • This topic is not resolved
  • WordPress version: 3.4