Have I Been Hacked?

That doesn’t sound good. Do you have another way to edit the templates outside WordPress? e.g. using Cpanel or a similar control panel?

I was hacked and there was no way I would have cleaned things up without backend admin access.

I think what I’d try is:

1. if you can, change your theme to the ‘default’ one provided by wordpress (it is likely your theme is infected).
2. back up your custom theme
3. upload fresh copies via ftp of all wordpress files.
4. login and see if you can do the export from within using the fresh install files.
5. Assuming you were successful, edit your them OFFline until you are satisfied the infected code has been removed.
6. upload the newly cleaned up theme.

Yes, that sounds very suspicious.

I would advise you:

1. attempt to export your database
2. delete all your wordpress installation files, backup your wp-content wp-config.php and .htaccess files.
3. upload fresh wordpress files
4. restore your database

Once you have done that, see if you can login and edit normally. This will not mean you are ‘clean’ but it will mean you have started the process.

I would advise you to change your admin password right after you have followed these steps as it sounds like this hacker has set things up so he is collecting your login and password.

not sure this will help, but I’ve also had a problem with the Google Analytics code related to its changing of link syntaxes in my theme; it makes certain elements of my page display weird that I am still trying to sort out; possibly that is causing some of the display weirdness?

Also, I too had a theme where there was base 64 code in the footer which displayed the owners ads. A quick google search on base 64 decoding changed it back to clear HTML and I could edit the code there. that also might help you at least figure out what that code is doing. if its making calls to something totally out there like a .cn extension or something, you know your problem.

good luck.