Support » Plugin: Google Maps GPX Viewer » map_functions.php line 145 mysteriously being edited

  • Resolved brianstanfill

    (@brianstanfill)


    Since updating the plugin to v3, map_functions.php is being edited at 7:11am every morning and then causing a PHP error. When I restore the plugin, normal operation resumes. I compared the files and found this code absent from the file after something has edited it:

    eval(gzinflate(base64_decode(get_option(“gmap_v3_gpx_persist”))));

    This is the error message:

    Parse error: syntax error, unexpected ‘}’ in [redacted]/wp-content/plugins/google-maps-gpx-viewer/php/map_functions.php on line 146

    When I check line 146, I see that the original file has been edited to become this:

    142 // check if feature is visible
    143 function check_persistence(){
    144 if(strlen(get_option(“gmap_v3_gpx_proKey”)) == 32) {
    145 return
    146 }
    147 }
    148
    149?>

    When I restore the plugin, this code resolves the error:

    142 // check if feature is visible
    143 function check_persistence(){
    144 if(strlen(get_option(“gmap_v3_gpx_proKey”)) == 32) {
    145 return eval(gzinflate(base64_decode(get_option(“gmap_v3_gpx_persist”))));
    146 }
    147 }
    148
    149?>

    Any idea what is editing this file every morning?

    Brian

    http://wordpress.org/extend/plugins/google-maps-gpx-viewer/

Viewing 1 replies (of 1 total)
  • I host with ASmallOrange.com, and support told me that the file map_functions.php is being modified by their security scanner (Linux Malware Detect script), which is widely used in the hosting community:

    Since most hackers are using base64 encode when importing exploits in php scripts, our scanner is automatically cleaning that. I’ve blocked that file fomr (sic) being edited, and our scanner won’t “clean” it again.

Viewing 1 replies (of 1 total)
  • The topic ‘map_functions.php line 145 mysteriously being edited’ is closed to new replies.