want to remove this pesky WP footer spam link - javascript

i,
I purchased a WP theme recently.
Seems that this theme is injecting a footer link in a sophisticated way that I can't find how to remove.
usually it link to WP theme sites (wp2blog.com/ , themes.weboy.org/ ) , which aren't related to me at all.
I tried to see if this is a CSS or JS injection - but I just can't find where this code is hiding.
It is surely not on the footer.php file which I immediately monitored.
any ideas?
thanks for the quick comments.
The culprit was the itself
Apparently somehow it injected those spam links.
I removed it and now the links are gone.
Still it's interesting how it was done.
How can I see which scripts are being called by wp_footer() ?

By removing <?php wp_footer(); ?> you will probably break some of your plugins, as they hook into either the header or footer to load JS and CSS for functionality.
Edit footer.php to remove those links.
If you need to see what wp_footer puts into the source of your site, view source on the page to get the full html.
But if it's a paid theme, you get what you pay for.

Generally, they do it with something like this
<?php echo eval(base64_decode('aC453434...')); ?>
Basically, they just encode the PHP code in Base64, and then eval() the returned string.
Check in footer.php, and it may also call other functions in functions.php IIRC.
Also, check the license and/or docs supplied with the theme. It may be a problem or violation of terms to remove that. They probably went about obfuscating it for a reason.

Answer: They usually have to have another (php) file from which to call in the appropriate spammy links. Check your theme directory for suspicious subfolders or php files with only a couple of lines within them.
Could be that they are really sneaky and have put the calling of spammy links within the Theme Widgets php file. But that is the best advice I can give as WordPress developer myself (who obviously never would even dream of putting spammy links inside my themes - it is a nightmarish way of losing clients as well as oneĀ“s reputation) - however, You have done the wrong thing, never delete wp_footer(); that is an essential part of any working WordPress installation because it will be required by future plugins that You shall have to certainly install to get WordPress working properly - like minifying and caching plugins for example.

Run the theme through Exploit Scanner and the Theme Authenticity Checker. There's probably some type of base64. You could also just search the whole theme manually for base64 and/or eval and see if it returns anything suspicious.
It's possible you purchased a knockoff theme, or just a bad one.

Solution: Keep the spammy code then go the the html source of the RENDERED PAGE and copy what's missing (generally it's a footer in the bottom of the page and explicitly marked as such with a div).
Copy what's there in your template code instead of the spammy eval base64 code, and remove the extra links and you're done.
This is how I did it.

Related

Making a DuckDuckHack Instant Answer work on own site

I'm trying to see whether it's possible to use the code from DuckDuckHack Instant Answers outside of the context of the main DuckDuckGo website. After all, an Instant Answer is mostly a standalone component that consists of some HTML, CSS and Javascript and should be relatively self-contained and reusable.
Since the DuckDuckHack project is in maintenance mode, it seems to be a bit difficult to obtain information: the Slack and Forum mentioned on the Developer Guide have been disabled. I tried to find out whether other people tried to make Instant Answers work in other contexts, but I couldn't find anything. There are tutorials on writing Instant Answers, such as this using Perl and the DuckPAN tools. I tried to get an existing Instant Answer to work using those tools but I failed to get it to work properly (not sure whether they are still maintained).
Since those tools seem to be a bit heavyweight, I thought it could be possible to bypass them completely and try to just use the HTML, CSS and JS from the Instant Answer directly.
I've given the Calculator a first shot. I identified the relevant source code in the duckduckgo/zeroclickinfo-goodies repository's directory share/goodie/calculator. The HTML seems to be in the content.handlebars, and then there's calculator.css and calculator.js. I created a plain HTML file, put the HTML from content.handlebars in there and included references to the CSS file and the JS file. At first, the CSS wouldn't work because the CSS rules don't apply without adding some more wrapper divs that can be easily found when inspecting the DuckDuckGo site with the calculator Instant Answer visible. After adding those wrapper divs, the calculator UI appears more or less intact. However the buttons of the UI do not work at all yet.
Looking at the Javascript console I get this error:
Uncaught ReferenceError: DDH is not defined
at calculator.js:1
Apparently an object DDH is required by calculator.js, however I have no idea what that object should be and how I could create it.
Does anybody know how this DDH variable gets usually initialized or more generally how to make this work? Any reference to projects reusing the code from DuckDuckHack for their own sites would also be highly appreciated.
I think the details of how the DDH object is put together might not be exposed through the open-source portion of DDG.
I've also made some attempts to repurpose some of the built-in DDG IA functionality (e.g. get programmatic access to the many, useful instant answers unavailable through their API).
In the process, I cloned the goodie repo and poked around. The pattern seems to be that for most goodies the payload to be displayed is DDH.<goodie>.content. In my local copy of the goodie repo:
$ grep -rE 'DDH' ./lib/
./lib/DDG/Goodie/Conversions.pm: content => 'DDH.conversions.content'
./lib/DDG/Goodie/Conversions.pm: content => 'DDH.conversions.content'
./lib/DDG/Goodie/Game2048.pm: content => 'DDH.game2048.content'
./lib/DDG/Goodie/PublicDNS.pm: list_content => 'DDH.public_dns.content',
./lib/DDG/Goodie/JsBeautifier.pm: content => 'DDH.js_beautifier.content'
./lib/DDG/Goodie/SassToCss.pm: content => 'DDH.sass_to_css.content'
./lib/DDG/Goodie/Constants.pm: title_content => 'DDH.constants.title_content'
...
On the javascript side of things, you'd find the corresponding .js files in the share/goodie directory, as you did for the calculator goodie.
The <goodie>.js files seem to introduce DDH.<goodie> namespaces (typically right at the top of the file) and define DDH.<goodie>.build functions. This procedure is referenced in the goodie-display docs (see the section titled Setting Goodie Display Options on the Front end therein).
Nowhere in the docs, though, is it documented how the content property of DDH.<goodie> is put together. I cloned the docs repo and grepped for DDH, revealing nothing to that effect.
None of the .js files in the share/goodie folder of the goodie repo, though, seem to give a clue as to how DDH.<goodie>.content is assembled either. Indeed, some of those .js files do not even contain the string content. For a listing of all share*.js files that do contain the string content, I did (in the local copy of the goodie repo):
$ find ./share -name "*.js" |xargs grep -l 'content'
./share/goodie/countdown/countdown.js
./share/goodie/text_converter/text_converter.js
The other .js files do not contain that string at all..
Edit
On the other hand though, I see you did manage to get the calculator going with some modifications to the .js file (e.g. by inserting that missing DDH namespace).

Django module to shorten css classes in production

I have a css class:
.footer-react-btn{
color:#ddd;
}
But if I change .footer-react-btn to .a or .b, then I might save some bytes of text from being loaded.
I want it to happen in my production. I will be writing the code in an understandable manner during my development.
So, Is there any way I can do it in?
I am new here. I need an explanation step by step.
Typically, one simply maintains two files -- a-stylesheet.css and a-stylesheet.min.css. And it's usually limited to removing whitespace, not changing names. Imagine if you were using two different stylesheets and applied this same name-changing mechanism to both... You could suddenly have collisions that otherwise wouldn't exist. Plainly, just not a good idea.
At any rate, the closest thing to what you're looking for is django-compressor which combines and minifies your static JS/CSS, but it has many behaviors you may or may not want.
Frankly, it's my opinion that worrying about those few bytes is a waste of time. Simply minifying the CSS is a simpler and safer way to reduce the size of your CSS components. I wouldn't even consider more complex solutions until you really encounter scaling problems.
If you wants to see the fully expanded code in text editor and wants to send the minified css code to clients, use PHP comments.
First of all, make a file with extension php. Eg:- styles.php then add below code into it:
<?php header("Content-type: text/css"); ?>
Then add the minified code. For removing the read-hardness issue, you could add PHP comments like
You just add as many short codes as you wish but don't forget to enter the expanded information inside a PHP comment. The reason I suggested PHP comment instead css comments, is that PHP codes won't be executed by the web server. You can read both minified code and the expanded code(in comments) in the text editor but client browsers will only get the minified code loaded. So, you can decrease that data transferred....
I think that this will be helpful....

Adding javascript to head of Joomla website

I have gone through some Joomla tutorials and I am not understanding how Joomla works. I have never encountered something where every aspect of it evades me. I'm not asking for a free ride.. just where to go or a basic idea of how this works.
I simply need to add a Panoramio javascript into the <head></head> section of a joomla website. In Word Press I simply download the header.php template and code away.
It's so confusing understanding Joomla. I do know not to paste directly into an "Article" page so do I have to install some sort of extension or tool to even get this to work?
I read to edit the index.php in my templates but I can't even find that. Am I the only person that can't understand Joomla at all? Even the beginner documentation seems to assume I know their system. Thank you in advance.
Be careful about which files you add code to. Editing core files like the index.php in the templates folder might not be the best solution. What if there is a template update? The file will get overridden. So just bare that in mind.
Before you add the script, it is good idea to get the name of current template:
$app = JFactory::getApplication();
$template = $app->getTemplate();
You can use the following to import a .js file the <head> tags:
$doc = JFactory::getDocument(); //only include if not already included
$doc->addScript(JUri::root() . 'templates/' . $template . '/file.js');
or you can add the Javascript there and then like so:
$doc = JFactory::getDocument();
$js = "
//javascript goes here
";
$doc->addScriptDeclaration($js);
Hope this helps
you can edit index.php file and other template files as css etc.
go to : Extensions->template manager
chose template TAB
Second from the left you see: "template name" Details and Files
here you can edit any template file directly on your server.
Menu can change depending on Joomla version, but that's the general idea.
You definitely aren't the only one. Joomla is meant to be able to handle anything you need it to do, and this makes it rather complicated.
Your best bet is to add the script to the template index.php file that you mentioned if you want it to be available throughout the entire site. If you just needed it for a particular module or component, you would instead want to load it there. In your case, since you are fairly new to Joomla, let's just get it loading!
Navigate to your base Joomla directory (where you installed Joomla) and look for the templates folder. Within this you should have several folders. Hopefully you know which template you are currently using and open that folder and there should be an index.php file in it. The top of this file should look similar to the header.php file from Wordpress. Add your script tag to the header element and it should load.
If you have no idea what the name of your current template is, go to Extensions->Template Manager on the backend. There should be two with stars to the right of them. One should be marked "administrator" and the other "site". The folder that you are looking for in the templates folder should match the name of the "site" template.
Here is a quick tutorial on what you need to do:
Joomla! templates are at the /templates folder (locate your template)
inside you find the index.php file (there you need to change stuff)
inside you will find a html page with some PHP inside it
locate the <head> tag
How add this:
$doc->addScript($this->baseurl.'/templates/'.$this->template.'/javascript/YOURSCRIPT.js', 'text/javascript');
Make sure that this line of code already exists:
$doc = JFactory::getDocument();
Footnote: Because you did not specifiy what Joomla! version you are using, this example is from Joomla! 2.5, the current LTS.
P.S. You can also insert the script the 'normal' way, after the <head> tag.
I am no expert in JavaScript but I have an AJAX application that works perfectly without modifying any template files. The thing is that it adds the JavaScript at the bottom of the page, not in the head section. I don't know if this is an issue but it works for me.
1) Go to Extensions->Module Manager
2) Create a new module. Call it JavaScript Footer (for example)
3) Under the Details tab set Show Title to Hide, set Position to Debug, set Status to Published and set Access to Public
4) Under the Custom Output tab, type
<script type="text/javascript" src="http://yourdomain.com/yourscript.js"></script>
I never did understand why some scripts are in the header while others are at the bottom of the body (Google Analytics for example) but it works for me.
Joomla is quite different from Wordpress. Actually, index.php is rather useless when customizing joomla template. You will have to explore the blocks of the template in the folder blocks found in your template. For example, to add a scripts in the header section just edit header.php in the directory your_template/blocks.

Wordpress and javascript .load() function

I have problem to get .load() function working in Wordpress. Initially I was using 3.0.5 version of WP, wanted to get some content from external page (same domain), so I used this code
jQuery.noConflict();
jQuery(document).ready(function(){
jQuery(".someclass").load("http://www.mydomain.com #someid");
});
...and it worked. However, after update of Wordpress to latest version (and installation of plugins /some use jquery or mootools/, this piece of code isnt pulling any content anymore. I tried to write different code for noConflict mode but also without success (but JS is working if I change line to some alert func). I also deactivated all plugins, removed other js (like for menu), but still no content was displayed. If I use same code in a separate file (in the same directory where WP theme is) - it works.
I would be thankful if someone have advice what to try next or where to look for potential problem. Or maybe to suggest some other approach how to get content from external page (and specific div). If I put that separate file into iframe and call it within sidebar, it's working but then there's a problem of iframe links opening within iframe box.
Your problem is the same origin policy, which in lamens terms means you can't do ajax requests to different domains (even subdomains) as it is security risk, you browser simply won't let you do it. Specifically in your case you are attempting to load www.infostar.rs from inforstar.rs.
You will need to come up with another idea, personally I would just do it in PHP with:
echo file_get_contents('http://domain.com');
Alternatively would could look into forcing non-www in htaccess.

See what content is not sent over HTTPS

I created a page that is HTTPS only.
On my browsers, I always get a warning that the page includes resources that are not secured. I just can't find out why!
Looking at the source code seems fine. All img src and javascript tags are using relative path (/images/...).
It does not consider href links as resources does it?
Is there a way to know what actually is the source of that problem?
I guess you could use the Net tab of Firebug to see that.
(source: ibm.com)
Try capturing all your traffic using Fiddler - it will help you identify any extraneous HTTP calls easily.
It's unlikely to be a hyperlink, but could it be a stylesheet? They're linked using the href attribute as well:
<link rel="stylesheet" href="...">
Also, how about stylesheets/Javascript that import other resources (other stylesheets, Ajax libraries, etc.)?
Edit: the image at https://www.makemeheal.com/classifieds/images/1.0/dline_hmpmid1px.gif seems to be redirecting to a non-https version of its URL; the other images are under https://www.makemeheal.com/images/ which doesn't do that. Looks like a webserver config issue?
The easiest way is usually to look through the source (with the Find utility in your editor) for http:.
It is often part of some code that calls some Flash.
I guess you include some content that links to http. Try a search in the source on http://, ftp:// or anything alike.
Also take a look at forms. Forms can also post to http by accident.
Is it possible to put the website online somewhere so we can take a look?
Perhaps you include a style sheet that refers to some image which is without ssl, or you reference some js which in turn references some other content over http?
Do you have any background images in your CSS that are referenced absolutely? Also, what about any iframe tags on the page with the src attribute set to an unsecure page?
+1 for using Fiddler.
One very quick check you can make is to only get the HTTPS content when prompted, and then see what is missing from your page once it is loaded. If is is a resource file, or a css file, or some javascript, or an image, then you will spot that virtually straight away.

Categories