WordPress.org

Support

Support » How-To and Troubleshooting » Is this an exploit in Post Thumb Revisited?

Is this an exploit in Post Thumb Revisited?

  • /***********************************************************************************/
    
    /* get_posts hack
    
    /***********************************************************************************/
    
    function pt_get_posts($args) {
    
    	global $wpdb;
    
    	$defaults = array(
    
    		'showposts' => 5, 'offset' => 0,
    
    		'cat' => '', 'orderby' => 'post_date',
    
    		'order' => 'DESC', 'include' => '',
    
    		'exclude' => '', 'meta_key' => '',
    
    		'meta_value' =>'', 'post_type' => 'post',
    
    		'post_status' => 'publish', 'post_parent' => 0
    
    	);
    
    	$r = wp_parse_args( $args, $defaults );
    
    	extract( $r, EXTR_SKIP );
    
    	$showposts = (int) $showposts;
    
    	$ecat = explode(',', $cat);
    
    	$ducky = (int) $ecat[0];
    
    	if ($ducky < 0) $exclcat = 'NOT '; else $exclcat = '';
    
    	$cat = implode(',',$ecat);
    
    	$offset = (int) $offset;
    
    	$post_parent = (int) $post_parent;
    
    	$inclusions = '';
    
    	if ( !empty($include) ) {
    
    		$offset = 0;    //ignore offset, category, exclude, meta_key, and meta_value, post_parent if using include
    
    		$cat = 0;
    
    		$exclude = '';
    
    		$meta_key = '';
    
    		$meta_value = '';
    
    		$post_parent = 0;
    
    		$incposts = preg_split('/[\s,]+/',$include);
    
    		$showposts = count($incposts);  // only the number of posts included
    
    		if ( count($incposts) ) {
    
    			foreach ( $incposts as $incpost ) {
    
    				if (empty($inclusions))
    
    					$inclusions = ' AND ( ID = ' . intval($incpost) . ' ';
    
    				else
    
    					$inclusions .= ' OR ID = ' . intval($incpost) . ' ';
    
    			}
    
    		}
    
    	}
    
    	if (!empty($inclusions))
    
    		$inclusions .= ')';
    
    	$exclusions = '';
    
    	if ( !empty($exclude) ) {
    
    		$exposts = preg_split('/[\s,]+/',$exclude);
    
    		if ( count($exposts) ) {
    
    			foreach ( $exposts as $expost ) {
    
    				if (empty($exclusions))
    
    					$exclusions = ' AND ( ID <> ' . intval($expost) . ' ';
    
    				else
    
    					$exclusions .= ' AND ID <> ' . intval($expost) . ' ';
    
    			}
    
    		}
    
    	}
    
    	if (!empty($exclusions))
    
    		$exclusions .= ')';
    
    	$query  = "SELECT DISTINCT * FROM $wpdb->posts ";
    
    	$query .= empty( $cat ) ? '' : ", $wpdb->term_relationships, $wpdb->term_taxonomy  ";
    
    	$query .= empty( $meta_key ) ? '' : ", $wpdb->postmeta ";
    
    	$query .= " WHERE 1=1 ";
    
    	$query .= empty( $post_type ) ? '' : "AND post_type = '$post_type' ";
    
    	$query .= empty( $post_status ) ? '' : "AND post_status = '$post_status' ";
    
    	$query .= "$exclusions $inclusions " ;
    
    	$query .= empty( $cat ) ? '' : "AND ($wpdb->posts.ID = $wpdb->term_relationships.object_id AND $wpdb->term_relationships.term_taxonomy_id = $wpdb->term_taxonomy.term_taxonomy_id AND $wpdb->term_taxonomy.term_id ".$exclcat."IN (" . $cat. ") AND $wpdb->term_taxonomy.taxonomy = 'category') ";
    
    	$query .= empty( $post_parent ) ? '' : "AND $wpdb->posts.post_parent = '$post_parent' ";
    
    	$query .= !empty( $meta_key ) && !empty($meta_value)  ? " AND ($wpdb->posts.ID = $wpdb->postmeta.post_id AND $wpdb->postmeta.meta_key = '$meta_key' AND $wpdb->postmeta.meta_value = '$meta_value' )" : '';
    
    	$query .= !empty( $meta_key ) && empty($meta_value)  ? " AND ($wpdb->posts.ID = $wpdb->postmeta.post_id AND $wpdb->postmeta.meta_key LIKE '$meta_key%' )" : '';
    
    	$query .= " GROUP BY $wpdb->posts.ID ORDER BY " . $orderby . ' ' . $order;
    
    	if ( 0 < $showposts )
    
    		$query .= " LIMIT " . $offset . ',' . $showposts;
    
    	$posts = $wpdb->get_results($query);
    
    	update_post_caches($posts);
    
    	return $posts;
    
    }
Viewing 15 replies - 1 through 15 (of 18 total)
  • bump

    Moderator Jan Dembowski

    @jdembowski

    Brute Squad and Volunteer Moderator

    Bump what?

    Do you see something odd in that code…? Or are you just put off by the word “hack”…?

    theres been talk of post-thumb not being safe. I was looking through the code to see if I could find it.

    if you go to the authors site, it has malicious code on the page, and firefox and chrome tells you about it.

    its also mentioned in the post-thumb plugins page on the right sidebar.
    http://wordpress.org/extend/plugins/alakhnors-post-thumb/

    its very concerning… please help 🙂
    I cant find a good replacement for it.

    All I want to be able to do is to make thumbnails of images that are already in the post. So, I need a plugin that scans the post for the first image and make a thumbnail from it. and call it with the_thumb() or something similar in the loop.

    Boris

    @travel-junkie

    put this in your theme’s function.php. It will get the url of the first image in your post:

    // Get URL of first image in a post
    	function catch_that_image() {
    		$first_img = '';
    		ob_start();
    		the_content();
    		$html = ob_get_contents();
    		ob_end_clean();
    		$output = preg_match_all('/<img.+src=[\'"]([^\'"]+)[\'"].*>/i', $html, $matches, PREG_SET_ORDER);
    		$first_img = $matches [0] [1];
    		if(empty($first_img)){
    			$first_img = get_bloginfo('template_url').'/img/default.jpg';
    		}
    		return $first_img;
    	}

    Then output it with something like this:

    <img src="<?php echo bloginfo('template_url'); ?>/scripts/timthumb.php?src=<?php
                        echo catch_that_image() ?>&w=200&h=150&zc=1&q=100" alt="<?php the_title(); ?>" width="200" height="150"  />

    In the example above you can see that the url has timthumb.php in it. It’s a brilliant script for resizing images. Just google for it.

    Ive done it but it doesnt seem to be generating the images.

    i have followed the directions and I have php 5.0

    wanna help me out a bit?

    When I look at the source code of the image, it looks like its pointing to the script but its not working?

    This is the error code when I manually try to put the src=”” code in the url field in my browser

    Warning: touch() [function.touch]: Unable to create file ./cache/84b35545d46825812a4fb632e05c0492.gif because Permission denied in /home/content/e/w/i/ewiegand/html/inc/php/timthumb.php on line 150

    Warning: Cannot modify header information – headers already sent by (output started at /home/content/e/w/i/ewiegand/html/inc/php/timthumb.php:150) in /home/content/e/w/i/ewiegand/html/inc/php/timthumb.php on line 160

    i created the cache subdirectory in /php/ so its /php/cache/
    everything is 777’d

    not sure what else is wrong, help.

    its giving me all kinds of problems. Its skipping over some images causing it to try to use remotely hosted ones. why? please help.

    Boris

    @travel-junkie

    Put it in your theme folder, that’s where I have it. Then read through the instructions on the timthumb homepage. The folder containing timthumb.php has to be 777 as well.

    Yeah. its just not working. Ill try this again some other time… I cant afford for my site to be down for longer than an hour at most.

    Hi does this not work with 2.7.1?

    Because it isn’t returning any results, it is just showing the default image.

    Any Help?

    // Get URL of first image in a post
    function catch_that_image() {
    global $post, $posts;
    		$first_img = '';
    		ob_start();
    		ob_end_clean();
    		$output = preg_match_all('/<img.+src=[\'"]([^\'"]+)[\'"].*>/i', $post->post_content, $matches);
    		$first_img = $matches [1] [0];
    		if(empty($first_img)){
    			$first_img = "/images/default.jpg";
    		}
    		return $first_img;
    	}

    Works like a charm.

    Justin Tadlock

    @greenshady

    WordPress God

    Or, you can use the Get the Image plugin, which does all the work for you.

    why use a plugin when 10 lines of code can do it for me. Much easier, and uses much less computing to not use a plugin and use a direct function.

    Justin Tadlock

    @greenshady

    WordPress God

    It was just a suggestion. You can either choose to use it or not. It’s really up to you.

    While it may be easier for you to create a function in your theme’s functions.php file, others prefer the use of plugins.

    I would like, too, to avoid Post Thumb revisited in the future because it’s not more developed.

    I’m using it, not to generate the thumb (this, i don’t care, i prefer to do it by hand) but to display a list of thumbs instead of displaying a list of post, on my site. (i use wordpress as a portfolio site, not as a blog).

    Is there a way i can write a small function to do this ? Problem is i have never done any php and i know nothing about it… :/

Viewing 15 replies - 1 through 15 (of 18 total)
  • The topic ‘Is this an exploit in Post Thumb Revisited?’ is closed to new replies.
Skip to toolbar