SitePoint Sponsor

User Tag List

Results 1 to 11 of 11
  1. #1
    SitePoint Evangelist
    Join Date
    Dec 2004
    Posts
    419
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Un-encoding a php file?

    Hi,

    I downloaded and installed a WordPress theme:
    Free WP Template – Designme WordPress Theme

    Trouble is, the footer has links to dodgy websites, which I'd like to remove.

    When I look at the "footer.php" file, it looks like the code at the bottom of this post. Is there any way I can get at the actual HTML that the code represents?

    Any advice much appreciated.

    Thanks

    Code PHP:
    <?php $_F=__FILE__;$_X='Pz48L2Q0dj4gPCEtLSA1bmQgZDR2ICNwMWc1LTRubjVyIC0tPg0KPC9kNHY+IDwhLS0gNW5kIGQ0diAjcDFnNSAtLT4NCjwhLS0gRU5EIFBBR0UgLS0+DQoNCg0KCTw/cGhwIDRmIChnNXRfMnB0NDJuKCc1dDVkXzFjdDR2MXQ1X2IydHQybV9tNW4zJyApID09J3RyMzUnICkgezRuY2wzZDUoVEVNUExBVEVQQVRIIC4gJy80bmNsM2Q1cy9iMnR0Mm0tbTVuMy5waHAnKTsgfSA/PiANCgkNCg0KCTwhLS0gQkVHSU4gRk9PVEVSIC0tPg0KCTxkNHYgNGQ9ImYyMnQ1ciI+DQoJPGQ0diA0ZD0iZjIydDVyLTRubjVyIiBjbDFzcz0iY2w1MXJmNHgiPg0KCQkNCgkJPGQ0diA0ZD0iZjIydDVyLWw1ZnQiPg0KCQkJPHA+VGg1bTUgYnkgPDEgaHI1Zj0iaHR0cDovL3RyM2Nrcy5yNXY0NXc0dDJubDRuNS5uNXQvIiB0NHRsNT0iVHIzY2tzIj5UcjNja3M8LzE+PGJyIC8+DQoJCQk8MSBocjVmPSJodHRwOi8vd3d3LmI1c3RzM3ZyMXQ0bmdzLmMybS8iIHQ0dGw1PSJTVVYiPlNVVjwvMT4gfCA8MSBocjVmPSJodHRwOi8vd3d3Lmc1bjVyNGsxajV0enQuYzJtL3Y0MWdyMS1nNW41cjRrMS5odG1sIiB0NHRsNT0iVjQxZ3IxIEc1bjVyNGsxIj5WNDFncjEgRzVuNXI0azE8LzE+IHwgPDEgaHI1Zj0iaHR0cDovL3d3dy5nNW41cjRrMWo1dHp0LmMybS9jNDFsNHMtZzVuNXI0azEuaHRtbCIgdDR0bDU9IkM0MWw0cyBHNW41cjRrMSI+QzQxbDRzIEc1bjVyNGsxPC8xPjwvcD4JCQkNCgkJPC9kNHY+IDwhLS0gNW5kIGQ0diAjZjIydDVyLWw1ZnQgLS0+DQoNCgkJPGQ0diA0ZD0iZjIydDVyLXI0Z2h0Ij4NCgkJCTxwPiZjMnB5OyA8P3BocCA1Y2gyIGQxdDUoJ1knKTs/PiA8MSBocjVmPSI8P3BocCBibDJnNG5mMignczR0NTNybCcpOz8+LyIgdDR0bDU9Ijw/cGhwIGJsMmc0bmYyKCduMW01Jyk7Pz4iID48P3BocCBibDJnNG5mMignbjFtNScpOz8+PC8xPjxiciAvPg0KCQkJPD9waHAgNWNoMiBzdHI0cHNsMXNoNXMoZzV0XzJwdDQybignNXQ1ZF9mMjJ0NXJfdDV4dCcpKTsgPz48L3A+DQoJCTwvZDR2PiA8IS0tIDVuZCBkNHYgI2YyMnQ1ci1yNGdodCAtLT4NCg0KCTwvZDR2PiA8IS0tIDVuZCBkNHYgI2YyMnQ1ci00bm41ciAtLT4NCgk8L2Q0dj4gPCEtLSA1bmQgZDR2ICNmMjJ0NXIgLS0+DQoJPCEtLSBFTkQgRk9PVEVSIC0tPg0KCQkNCjwvZDR2PiA8IS0tIDVuZCB3cjFwcDVyIC0tPg0KDQo8P3BocCB3cF9mMjJ0NXIoKTsgPz4NCjw/cGhwIDRmICggZzV0XzJwdDQybignNXQ1ZF9nMV9jMmQ1JykgPD4gIiIgKSB7IDVjaDIgc3RyNHBzbDFzaDVzKGc1dF8ycHQ0Mm4oJzV0NWRfZzFfYzJkNScpKTsgfSA/Pg0KDQo8L2IyZHk+DQo8L2h0bWw+';eval(base64_decode('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCcxMjM0NTZhb3VpZScsJ2FvdWllMTIzNDU2Jyk7JF9SPWVyZWdfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw=='));?>

  2. #2
    From Italy with love silver trophybronze trophy
    guido2004's Avatar
    Join Date
    Sep 2004
    Posts
    9,508
    Mentioned
    163 Post(s)
    Tagged
    4 Thread(s)
    Quote Originally Posted by bumpyride View Post
    Is there any way I can get at the actual HTML that the code represents?
    The resulting HTML page of any script can be seen in your browser. Right click in the page and choose 'view source' or however it is called in your browser.

    the footer has links to dodgy websites, which I'd like to remove.
    What does the license say? Are you allowed to do that? If they went through the trouble of encoding that part, there might be a reason.

  3. #3
    SitePoint Evangelist smftre's Avatar
    Join Date
    Dec 2008
    Location
    London
    Posts
    436
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    <?php
    $_F=__FILE__;$_X='Pz48ZDR2IDRkPSJmMjJ0NXIiPjxwPjw/cGhwIGJsMmc0bmYyKCduMW01Jyk7ID8+IDRzIHByMjNkbHkgcD J3NXI1ZCBieSA8MSBocjVmPSJodHRwOi8vdzJyZHByNXNzLjJy Zy8iPlcycmRQcjVzczwvMT4uIEQ1czRnbjVkIGJ5OiA8MSBocj VmPSJodHRwOi8vd3d3Lm9laWsxcm0xLmMybSI+b2VpIEsxcm0x PC8xPjxicj4NClNwMm5zMnI1ZCBieTogPDEgaHI1Zj0iaHR0cD ovL3d3dy5teXI0bmd0Mm41c2gzYi5jMm0vIj5EMndubDIxZCBS NG5ndDJuNXM8LzE+IHwgPDEgaHI1Zj0iaHR0cDovLzRudjVzdD RuZy02MDYuMnJnLyI+SW52NXN0NG5nIDYwNjwvMT4gfCA8MSBo cjVmPSJodHRwOi8vc2s0bi1kNHM1MXM1Lm41dC8iPlNrNG4gRD RzNTFzNTwvMT4NCjwvc2NyNHB0PjwhLS0gfCA8P3BocCA1Y2gy IGc1dF9uM21fcTM1cjQ1cygpOyA/PiBxMzVyNDVzLiA8P3BocCB0NG01cl9zdDJwKDYpOyA/PiBzNWMybmRzLi0tPiA8P3BocCB3cF9mMjJ0NXIoKTsgPz48L3 A+PC9kNHY+';

    eval(base64_decode('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKT skX1g9c3RydHIoJF9YLCcxMjM0NTZhb3VpZScsJ2FvdWllMTIz NDU2Jyk7JF9SPWVyZWdfcmVwbGFjZSgnX19GSUxFX18nLCInIi 4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw== '));
    ?>



    then



    <?php

    $test = base64_decode('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g 9c3RydHIoJF9YLCcxMjM0NTZhb3VpZScsJ2FvdWllMTIzNDU2J yk7JF9SPWVyZWdfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0Y uIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw==');

    echo $test;
    ?>


    $_X=base64_decode($_X);$_X=strtr($_X,'123456aouie' ,'aouie123456');$_R=ereg_replace('__FILE__',"'".$_F."'",$_X);eval($_R);$_R=0;$_X=0;



    <?php
    $_F=__FILE__;$_X='Pz48ZDR2IDRkPSJmMjJ0NXIiPjxwPjw/cGhwIGJsMmc0bmYyKCduMW01Jyk7ID8+IDRzIHByMjNkbHkgcD J3NXI1ZCBieSA8MSBocjVmPSJodHRwOi8vdzJyZHByNXNzLjJy Zy8iPlcycmRQcjVzczwvMT4uIEQ1czRnbjVkIGJ5OiA8MSBocj VmPSJodHRwOi8vd3d3Lm9laWsxcm0xLmMybSI+b2VpIEsxcm0x PC8xPjxicj4NClNwMm5zMnI1ZCBieTogPDEgaHI1Zj0iaHR0cD ovL3d3dy5teXI0bmd0Mm41c2gzYi5jMm0vIj5EMndubDIxZCBS NG5ndDJuNXM8LzE+IHwgPDEgaHI1Zj0iaHR0cDovLzRudjVzdD RuZy02MDYuMnJnLyI+SW52NXN0NG5nIDYwNjwvMT4gfCA8MSBo cjVmPSJodHRwOi8vc2s0bi1kNHM1MXM1Lm41dC8iPlNrNG4gRD RzNTFzNTwvMT4NCjwvc2NyNHB0PjwhLS0gfCA8P3BocCA1Y2gy IGc1dF9uM21fcTM1cjQ1cygpOyA/PiBxMzVyNDVzLiA8P3BocCB0NG01cl9zdDJwKDYpOyA/PiBzNWMybmRzLi0tPiA8P3BocCB3cF9mMjJ0NXIoKTsgPz48L3 A+PC9kNHY+';

    $_X=base64_decode($_X);
    $_X=strtr($_X,'123456aouie','aouie123456');
    $_R=ereg_replace('__FILE__',"'".$_F."'",$_X);
    echo $_R;
    ?>


    =



    ?><div id="footer"><p><?php bloginfo('name'); ?> is proudly powered by <a href="http://wordpress.org/">WordPress</a>. Designed by: <a href="http://www.365karma.com">365 Karma</a><br>
    Sponsored by: <a href="http://www.myringtoneshub.com/">Download Ringtones</a> | <a href="http://investing-101.org/">Investing 101</a> | <a href="http://skin-disease.net/">Skin Disease</a>
    </script><!-- | <?php echo get_num_queries(); ?> queries. <?php timer_stop(1); ?> seconds.--> <?php wp_footer(); ?></p></div>


    Also take a look at this url: http://www.pmkoch.com/blog/webpages/...theme-footers/
    Statvoo.com The Website Traffic Monitor
    The best way to monitor traffic to your sites for free!


    Web Development London UK We make web 3.0 applications

  4. #4
    From Italy with love silver trophybronze trophy
    guido2004's Avatar
    Join Date
    Sep 2004
    Posts
    9,508
    Mentioned
    163 Post(s)
    Tagged
    4 Thread(s)
    You see that in your browser? :O

  5. #5
    Keeper of the SFL StarLion's Avatar
    Join Date
    Feb 2006
    Location
    Atlanta, GA, USA
    Posts
    3,748
    Mentioned
    73 Post(s)
    Tagged
    0 Thread(s)
    Except that I wouldnt use a deprecated command (ereg_replace)... yeah.

    As guido said, I would read the license a bit before you go poking at things like this.

  6. #6
    From Italy with love silver trophybronze trophy
    guido2004's Avatar
    Join Date
    Sep 2004
    Posts
    9,508
    Mentioned
    163 Post(s)
    Tagged
    4 Thread(s)
    Quote Originally Posted by guido2004 View Post
    You see that in your browser? :O
    Never mind this post of mine, I thought it was a post from the OP, and instead it was an answer to one of his questions

  7. #7
    SitePoint Member
    Join Date
    Aug 2012
    Posts
    1
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    The only way I found to eliminate it (at least visually) was by changing its size. It is the footer-left and you can access it in the stylesheet file (stye.css) in the editor.
    #footer-left, #footer-left a { font-size: 0% }

    I hope this works :-)

  8. #8
    . shoooo... silver trophy logic_earth's Avatar
    Join Date
    Oct 2005
    Location
    CA
    Posts
    9,013
    Mentioned
    8 Post(s)
    Tagged
    0 Thread(s)
    Decoding this is easy, swap eval for echo. Then copy the results of that echo back into the file then replace eval one more with echo. You now have it decoded.

    PHP Code:
    ?>
    </div><!-- end div #page-inner -->
    </div><!-- end div #page -->

    <!-- END PAGE -->

    <?php if ( get_option'eted_activate_bottom_menu' ) =='true' ) {
      include 
    TEMPLATEPATH '/includes/bottom-menu.php'; } ?>

    <!-- BEGIN FOOTER -->
    <div id="footer">
      <div id="footer-inner" class="clearfix">
        <div id="footer-left">
          <p>Theme by <a href="[DELETED]" title="Trucks">Trucks</a><br>
          <a href="[DELETED]" title="SUV">SUV</a> | <a href="[DELETED]" title="Viagra Generika">Viagra Generika</a> | <a href="[DELETED]" title="Cialis Generika">Cialis Generika</a></p>
        </div><!-- end div #footer-left -->
        <div id="footer-right">
          <p>&copy; <?php echo date'Y' ); ?> <a href="<?php bloginfo'siteurl' ); ?>/" title="<?php bloginfo'name' ); ?>" ><?php bloginfo'name' );?></a><br />
          <?php echo stripslashesget_option'eted_footer_text' ) ); ?></p>
        </div><!-- end div #footer-right -->
      </div><!-- end div #footer-inner -->
    </div><!-- end div #footer -->
    <!-- END FOOTER -->

    </div><!-- end wrapper -->

    <?php wp_footer();
      if ( 
    get_option'eted_ga_code' ) <> "" ) {
        echo 
    stripslashesget_option'eted_ga_code' ) ); } ?>

    </body>
    </html>
    And I see why you want to remove those links. nothing but garbage spam.
    Logic without the fatal effects.
    All code snippets are licensed under WTFPL.


  9. #9
    SitePoint Mentor silver trophy
    Rubble's Avatar
    Join Date
    Dec 2005
    Location
    Cambridge, England
    Posts
    2,435
    Mentioned
    82 Post(s)
    Tagged
    3 Thread(s)
    This thread is over a year old and the OP showed no interest after their initial post.

  10. #10
    . shoooo... silver trophy logic_earth's Avatar
    Join Date
    Oct 2005
    Location
    CA
    Posts
    9,013
    Mentioned
    8 Post(s)
    Tagged
    0 Thread(s)
    Doh...*face + hand* I didn't look at the original post date. Assumed it was new. D:
    Logic without the fatal effects.
    All code snippets are licensed under WTFPL.


  11. #11
    Foozle Reducer ServerStorm's Avatar
    Join Date
    Feb 2005
    Location
    Burlington, Canada
    Posts
    2,699
    Mentioned
    89 Post(s)
    Tagged
    6 Thread(s)
    Closing this post
    ictus==""


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •