9 {{ upvoteCount | shortNum }}
9 {{ upvoteCount | shortNum }}

base64_decode in theme footer

by dwjones
8 replies
I found a WP theme I like and wanted to use but when I tried to insert my privacy policy pages into the footer I found that it was coded differently than the regular HTML. When I click the documentation below the footer editor page it comes up with base64_decode, gzinflate() and str_rot13. Looking at the code made my non-techie head swim. I couldn't figure out where to put my script: <?php static_footer_pages(); ?> into that gobbledygook.

It is a free theme and I am sure the designer wanted to protect his links.
Any suggestions??????
#base64decode #footer #theme
  • Profile picture of the author Tim Brownlaw
    And what would be the name of this theme?
    {{ DiscussionBoard.errors[3379093].message }}
  • Profile picture of the author nxtgencreative
    My suggestion is to get rid of the theme immediately. The base64_decode is a sign of a theme with malware. Chances are that the theme has malware all over the site. Just get rid of the theme and get a new one.
    {{ DiscussionBoard.errors[3379970].message }}
    • Profile picture of the author Tim Brownlaw
      Well here is a trick!

      Bring the theme up in your browser and view the HTML.

      To do that in Firefox, its Right Mouse Click on the page, and select "View Page Source". Same kind of deal in IE etc...

      This will let you see the other gobbedly gook, but of the nice HTML/CSS kind.
      Now, you could grab the resulting HTML and replace the other mumbo jumbo in your footer.php file with it and modify to suit.

      At least then it'll look a little more familiar, rip out any nasties, and let you do what you like with it.

      That should do the trick!

      Cheers
      Tim
      {{ DiscussionBoard.errors[3386491].message }}
  • Profile picture of the author nxtgencreative
    That does work just for the footer, however vary often is there is malware in the footer chance are that it is in other parts of the theme. If you want to keep the theme search through the whole theme looking for base64_decode and eval.
    {{ DiscussionBoard.errors[3388061].message }}
    • Profile picture of the author womki
      You could post the base64_decode(), gzinflate(), str_rot13() code here so we can decode it and then you will see if it contains malware or what.
      {{ DiscussionBoard.errors[3388102].message }}
      • Profile picture of the author Mark Ford
        The base64_decode is a sign of a theme with malware.
        Not necessarily at all. Some theme designers add links back to their own sites in the footer and encode them so the users of these free themes can't remove the copyright and link to the developer. A lot of them can't afford to use decent encryption such as ioncube so they opt to use the cheap encoders.

        Not sure how you would say that it is malware without looking at it. But yes, I would check out the rest of the theme before using it

        As Tim said, you could add a new footer.php quite easily if the rest of the theme checked out.
        {{ DiscussionBoard.errors[3389161].message }}
        • Profile picture of the author Tim Brownlaw
          Originally Posted by Mark Ford View Post

          Not necessarily at all. Some theme designers add links back to their own sites in the footer and encode them so the users of these free themes can't remove the copyright and link to the developer. A lot of them can't afford to use decent encryption such as ioncube so they opt to use the cheap encoders.

          Not sure how you would say that it is malware without looking at it. But yes, I would check out the rest of the theme before using it

          As Tim said, you could add a new footer.php quite easily if the rest of the theme checked out.
          I've been in touch with the OP and looked at the theme in question.
          As Mark stated, the themes author has just encrypted his footer to protect his links.

          I decoded the code in question and it's just straight HTML so no nasties are lurking there.

          So it's not Malware, it's more like Backlinkware! Give away a WP Theme ensuring your links have some chance of staying intact and the more people that use it, the more links back to your site appear.

          I've also checked out the rest of the theme and its also harmless.

          Cheers
          Tim
          {{ DiscussionBoard.errors[3389930].message }}
  • Profile picture of the author phpbbxpert
    This is a very common practice when Premium themes hit the end of their life cycle and the authors decide to release them for free.

    The encoded part is just a last ditch effort to get a little more out of their work, whether its back links for SEO or affiliate ads.
    {{ DiscussionBoard.errors[3391788].message }}

Trending Topics