Odd entry in WordPress 'Admin_Panel.php' file?_问答_开发者

Odd entry in WordPress 'Admin_Panel.php' file?

开发者 https://www.devze.com 2023-01-31 20:08 出处：网络

I just migrated a Wordpress install from one of my servers to another for a client (client\'s website which I set up and manage) and as a precautionary measure, I was perusing the \'Theme > Edit\' lis

I just migrated a Wordpress install from one of my servers to another for a client (client's website which I set up and manage) and as a precautionary measure, I was perusing the 'Theme > Edit' listed files in the Wordpress Admin panel just to check for any links to the old server/domain and try to clean everything up.

When I got to the 'admin_panel.php' file, I found this entry at the very bottom of the file (it was the last entry):开发者_运维知识库

function ranking() { $pshow = " <span style='display:none;'><a href='http://www.ellelive.com/'>Live sex</a> , <a href='http://www.2.livejasmin.com/listpage.php?psid=elenaa'>webcam sex</a> , <a href='http://www.2.livejasmin.com/listpage.php?tags=mature&psid=elenaa'>Mature Female</a> , <a href='http://www.2.livejasmin.com/freechat.php?random&psid=elenaa'>Livejasmin</a> , <a href='http://www.2.livejasmin.com/listpage.php?tags=girl&psid=elenaa'>Girl</a></span>"; echo $pshow; }

Now, I'm not sure where the theme that I modified for the client came from, as he supplied it, but this is just... odd.

To note, the admin_panel.php file is for the backend theme settings section, so it isn't seen by the public. I also couldn't find anything in there that reflects this entry, but then again I'm not sure I would.

I'm not a coder, so I figured I would just see if anyone had any input on this. Is this likely something that was included by the theme coder? Or should I grill my client about where he sourced this theme and see if he got it from some shady website?

I'm just really unfamiliar with PHP, and while this looks harmless as far as site security is concerned, I figured I'd make sure.

I did remove the entry and everything seems fine, but better safe than sorry, right?

Thanks!

Whoever has made the template ( I presume "elenaa") chucked some hidden links in there to increase the google rankings of these websites. Replace the function with the following if your worried about it.

function ranking(){ return ''; }

If you just delete it you could get missing function errors.

Although the function is in the admin section is it possible the function could be called somewhere on the front end of the website?

Another possible issue: this is something that happens fairly frequently if you have the wrong permissions set on your files - this is especially true if it's at the very bottom of the file.

I've had spammers run scripts on my WP builds that will check to see if the page permissions are set incorrectly, and if they are, the script will write in some links off-site at the very end of the file. This is nice and effective because the spammer gets a Google rankings boost, and most people are never the wiser.

I'd keep an eye on your file permissions, and check back to see if these mysterious links have returned in a couple of months.