Title: jaip's Replies | WordPress.org

---

# jaip

  [  ](https://wordpress.org/support/users/jaip/)

 *   [Profile](https://wordpress.org/support/users/jaip/)
 *   [Topics Started](https://wordpress.org/support/users/jaip/topics/)
 *   [Replies Created](https://wordpress.org/support/users/jaip/replies/)
 *   [Reviews Written](https://wordpress.org/support/users/jaip/reviews/)
 *   [Topics Replied To](https://wordpress.org/support/users/jaip/replied-to/)
 *   [Engagements](https://wordpress.org/support/users/jaip/engagements/)
 *   [Favorites](https://wordpress.org/support/users/jaip/favorites/)

 Search replies:

## Forum Replies Created

Viewing 9 replies - 1 through 9 (of 9 total)

 *   Forum: [Hacks](https://wordpress.org/support/forum/plugins-and-hacks/hacks/)
   
   In reply to: [Message You suck! Go hack someone else.](https://wordpress.org/support/topic/message-you-suck-go-hack-someone-else/)
 *  [jaip](https://wordpress.org/support/users/jaip/)
 * (@jaip)
 * [12 years, 9 months ago](https://wordpress.org/support/topic/message-you-suck-go-hack-someone-else/#post-3949112)
 * The regexp **https?\:\\\(www\.)?[^(wordpress)]** is not working properly. Someone
   else might be able to write a regexp which excludes requests to w3.org apache.
   org codex.wordpress and wordpress and mayby more in the search for external http
   requests in plugins or themes.
 *   Forum: [Hacks](https://wordpress.org/support/forum/plugins-and-hacks/hacks/)
   
   In reply to: [Message You suck! Go hack someone else.](https://wordpress.org/support/topic/message-you-suck-go-hack-someone-else/)
 *  [jaip](https://wordpress.org/support/users/jaip/)
 * (@jaip)
 * [12 years, 9 months ago](https://wordpress.org/support/topic/message-you-suck-go-hack-someone-else/#post-3949109)
 * You should also search all tables in the database for a match. In phpmyadmin 
   it is easily done with selecting database, click search, select all tables and
   enter the searchword(s).
 * A pure sql code doing the same can be seen here:
 * **[http://stackoverflow.com/questions/7523039/mysql-query-to-search-all-tables-within-a-database-for-a-string](http://stackoverflow.com/questions/7523039/mysql-query-to-search-all-tables-within-a-database-for-a-string)**
 * When still nothing is found it might be the result of a plugin doing an external
   http request. You can find http requests whis are not to wordpress by using this
   searchstring **https?\:\\\(www\.)?[^(wordpress)]** in the above php directory
   search.
 *   Forum: [Hacks](https://wordpress.org/support/forum/plugins-and-hacks/hacks/)
   
   In reply to: [Message You suck! Go hack someone else.](https://wordpress.org/support/topic/message-you-suck-go-hack-someone-else/)
 *  [jaip](https://wordpress.org/support/users/jaip/)
 * (@jaip)
 * [12 years, 9 months ago](https://wordpress.org/support/topic/message-you-suck-go-hack-someone-else/#post-3949107)
 * Try this code and let your clients who get the message try it also.
 *     ```
       <?php
       $dir=dirname(__FILE__).'/wordpress';
   
       dirToArray($dir);
       function dirToArray($dir) {
   
          $result = array();
   
          $cdir = scandir($dir);
          foreach ($cdir as $key => $value)
          {
             if (!in_array($value,array(".","..")))
             {
                if (is_dir($dir . DIRECTORY_SEPARATOR . $value))
                {
                   $result[$value] = dirToArray($dir . DIRECTORY_SEPARATOR . $value);
                }
                else
                {
       			 $file_content=file_get_contents($dir. DIRECTORY_SEPARATOR .$value);
       			 if(preg_match('/suck/i',$file_content))
                   echo $dir. DIRECTORY_SEPARATOR .$value.'</br>';
                }
             }
          }
   
       }
   
       ?>
       ```
   
 *   Forum: [Hacks](https://wordpress.org/support/forum/plugins-and-hacks/hacks/)
   
   In reply to: [Message You suck! Go hack someone else.](https://wordpress.org/support/topic/message-you-suck-go-hack-someone-else/)
 *  [jaip](https://wordpress.org/support/users/jaip/)
 * (@jaip)
 * [12 years, 9 months ago](https://wordpress.org/support/topic/message-you-suck-go-hack-someone-else/#post-3949105)
 * It should be possible to make a program which traverses all the files of your
   wordpress directory, gets the content of the file and looks for the unwanted 
   message. If you class yourself as an advanced developer this is an easy thing
   to do. Mayby you can also find a useable code by googling a little. It is prob
   ably not in the core code but this one from edit-comments.php surprised _me_ :
   wp_die(__(‘Cheatin’ uh?’));
 * Best regards
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [password protect images](https://wordpress.org/support/topic/password-protect-images/)
 *  Thread Starter [jaip](https://wordpress.org/support/users/jaip/)
 * (@jaip)
 * [13 years, 12 months ago](https://wordpress.org/support/topic/password-protect-images/#post-2762646)
 * The end is that checking for empty($post->password) does work for single pages
   but not for the childpages in for instance _ft protect children pages _ where
   the first topmost solution does work with childpages.
 * The plugin solution without checking for empty($post->password) does also work
   with childpages, but have a security breach if you do not disallow when window
   has loaded.
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [password protect images](https://wordpress.org/support/topic/password-protect-images/)
 *  Thread Starter [jaip](https://wordpress.org/support/users/jaip/)
 * (@jaip)
 * [13 years, 12 months ago](https://wordpress.org/support/topic/password-protect-images/#post-2762640)
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [password protect images](https://wordpress.org/support/topic/password-protect-images/)
 *  Thread Starter [jaip](https://wordpress.org/support/users/jaip/)
 * (@jaip)
 * [13 years, 12 months ago](https://wordpress.org/support/topic/password-protect-images/#post-2762615)
 * In a plugin the code below seems to work and so avoid changing core code. In 
   case the folder ‘secret’ not exists php does not create it, so there are a few
   microseconds of delay on unprotected pages and nothing else. So far as I can 
   see from this angle it is a must to disallow ip on $(window).load else any page
   call will allow the images to be seen (if you know or guess the url)
 * add_action(‘wp_head’,’jaip_protect_images’);
 * function jaip_protect_images(){
 *  if(post_password_required()==false)){
    $ok_ip=$_SERVER[‘REMOTE_ADDR’]; $allow_ip
   =file_get_contents(WP_CONTENT_DIR.’/uploads/secret/.htaccess’); $allow_ip.=”\
   n”.’allow from ‘.$ok_ip; file_put_contents(WP_CONTENT_DIR.’/uploads/secret/.htaccess’,
   $allow_ip); } }
 * using this clause will avoid setting the ok_ip on unprotected pages as far as
   I can see
    **$post = get_post();** if(post_password_required()==false&&**!empty(
   $post->post_password)**){ $ok_ip=$_SERVER[‘REMOTE_ADDR’]; $allow_ip=file_get_contents(
   WP_CONTENT_DIR.’/uploads/secret/.htaccess’); $allow_ip.=”\n”.’allow from ‘.$ok_ip;
   file_put_contents(WP_CONTENT_DIR.’/uploads/secret/.htaccess’,$allow_ip); } }
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [password protect images](https://wordpress.org/support/topic/password-protect-images/)
 *  Thread Starter [jaip](https://wordpress.org/support/users/jaip/)
 * (@jaip)
 * [13 years, 12 months ago](https://wordpress.org/support/topic/password-protect-images/#post-2762525)
 * If it is possible to redefine this function in a childtheme then this of course
   is the way. It is just not in the plugable functions so I have not tried it yet
   but only developed the code and praxis which has the flaws of editing core code
   where you of course have to consider where the function might be used apart from
   the actual situation. In the concrete example nothing unforeseen happens unless
   you mess it all up and delete something you not wanted or something like that.
   I would expect some acknowledgement apart from the worries because it works and
   is easy and several requests for a solution have been made. It could easily be
   made a part of the corecode where the path to protected folder should be provided
   along with a password when creating protected pages – why not?
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [file_put_contents() during ajax call](https://wordpress.org/support/topic/file_put_contents-during-ajax-call/)
 *  Thread Starter [jaip](https://wordpress.org/support/users/jaip/)
 * (@jaip)
 * [14 years, 1 month ago](https://wordpress.org/support/topic/file_put_contents-during-ajax-call/#post-2683986)
 * The variable WP_CONTENT_DIR seems not to be defined in the file which answers
   the ajax call. This is the reason. How can I define it?

Viewing 9 replies - 1 through 9 (of 9 total)