Support » Fixing WordPress » Fatal error: Uncaught Error: Call to undefined function mysql_escape_string()

  • Hello could yo please help me with this error message i got recently while trying to access my website.

    Fatal error: Uncaught Error: Call to undefined function mysql_escape_string() in /var/www/html/wordpress/wp-content/themes/twentyseventeen/functions.php:60 Stack trace: #0 /var/www/html/wordpress/wp-settings.php(425): include() #1 /var/www/html/wordpress/wp-config.php(93): require_once(‘/var/www/html/w…’) #2 /var/www/html/wordpress/wp-load.php(37): require_once(‘/var/www/html/w…’) #3 /var/www/html/wordpress/wp-blog-header.php(13): require_once(‘/var/www/html/w…’) #4 /var/www/html/wordpress/index.php(17): require(‘/var/www/html/w…’) #5 {main} thrown in /var/www/html/wordpress/wp-content/themes/twentyseventeen/functions.php on line 60

Viewing 8 replies - 16 through 23 (of 23 total)
  • @dimchik, You were right. It is an infection.

    I am unable to say whether its on first stage or not. I am on Amazon Linux (4.9.20) with nginx 1.9 + php 7.0 + mysql 5.5

    The infection didn’t proceed to infect other sites hosted in same host. about 10 wordpress sites.

    I do not see similar infection codes.

    @generalan, after I replaced things. Everything was fine and normal. I had a “grep” search.

    @gnanakeethan @generalan it also infects a couple of core files, wp-includes/post.php in my case. if you install WordFence plugin you should be able to revert those to back to original version by running a scan and then following the instructions at the end of the scan. If you can’t just download a fresh copy of WP and overwrite your core files with it.

    Oh sorry I forgot to reply, but I just replaced the whole theme folder and it worked.

    I had this malware yesterday on a fresh domain and webhosting. Just when I finished the template setup after 7 hours of work. 😀

    Basically I deleted the functions.php from the template I had installed. Then I deleted all other templates not used as well. It let me in the admin, so I installed Wordfence and performed a scan. Now it’s working fine (after 1 day testing). The scan also found there is a depreciated file class.wp.php in the wp-includes folder. It was 0 kb large, so I got rid of that as well but since my host supports WP instalation tools in the webhost, that file got back and this time it wasn’t 0 kB. So I guess it was infected as well…

    add this today when migrating from Apache to Nginx (supposed both to be @ PHP 7) and paste :
    function mysql_escape_string($string){return mysqli_escape_string($string);}

    or you can update your theme, basically all major there code…

    Cheers

    Big thx to @gnanakeethan

    washiwed

    (@washiwed)

    @dimchik I have this error from an old theme (no longer in used), does it mean my site is infected?

    dimchik

    (@dimchik)

    @washiwed not necessarily, but I’d recommend deleting the theme as a precaution if you’re not using it. It’s strange that you’re getting the error for a theme that is not enabled. I’d also recommend to install WordFence and do a scan.

    Download the whole WordPress folder open with sublime text or atom.io and search in folder for “$_REQUEST[‘action’]” then delete everything you find.

    Do not use cracked plugins!
    Research every plugin you use!!!

    Be careful with wp plugins that interact with the database!
    Always read what plugin does and carefully read techie reviews.

    Learn php and DYI or pay for pro support.

    Free plugins are more expensive than paid, but you pay in time, not money.

Viewing 8 replies - 16 through 23 (of 23 total)
  • The topic ‘Fatal error: Uncaught Error: Call to undefined function mysql_escape_string()’ is closed to new replies.