Hello, everyone. I'm having trouble decoding this PHP here, and I could really use your help. Thanks a bunch. <?php $o="QAAA6Ly4Ozh3b3cnYGJzWG9iZgAAY2J1Ly48ODkKDTsmKionVACAS05DQlUnKioBEWNucSduYzoIFSV0a24CcFhvaGpiJQGAJwAQOwHBAAJka2Z0dDolZGhpc2JpcwG1ClB/DQIAJwTiaW5xaFgD4wUzAaIDuAIRA4UBxpvgBzclJwY0AoFUCGIC6gySBwMD4XZyYnV+AIBYd2h0c3QvJQBxWHN+d2I6dwAEaHVzYWhrbmghdG9ocAGBdDoEADY3JS48A6dwb25rYi9vZnFig8AD9C4uPXNvANMR9AYRAEE7ZidvdWIYBGE6JRRzAmJidWpma25pbAKyJTnAAgGoCMBYc29yamVpZm5rLyAQwyAAACtmdXVmfi8gZmtzICc6OScAASAgKyBzbnNrYiA6OSAgLhkBHiA7KGYWtAdRAEAFU2JpYwrCPHVicG4892ljCuUcEgJQADU7KBZQBAQAyh5BKBThGX4Q0/IcAtUAhgMSIWkKDSK0SkZOSR1jINIbYWpmOHhuaRoRARIbtHNod1gBgwVGCcAdlWpuYxwAY2tiAhQFkB0hCg1hcmlkc25oaQAAJ2Rod351bmBvc3dyfmNuLwAJLnwKDWJkb2gnIDt0FyBrORjWAABvc3N3PSgocHBwKWZjcmtzAAB3a2Z+c29uaWB0KWRoaihkAABmc2JgaHVuYnQoUW5ldWZzABJodXQoVWZlZW5zKgEXJTkBMyfIAQE2GGE7KAbDIDx6Cg1mY2NYZgnCABkvIHB3WGFoaHNidRvgCpsgLhkSvgAwQkoRQAyAMjIS9A5RJwoNI3Niand+JAAnOjiyaHcPES8gaWJwaHVsYnUUFFhqaAyAZgXAc3VyYi4qwCM7IG5zzBMC9CxiLyAAcS5UZmBiIWkmkGJ1AVEuIAAYIW5pZGtyY2I6ICkGowRRYWh1AhBiZmRvLycE5GZ0JyMDAScuJz0CCQ50YnNydyUyY2ZzZi8Bki48LiH5AD40LgAoEAREDjNldRy1ZGtiZnUlJyjYBydwD5IoD68gLzolZWhzc2hqICQCFiwE8AAElCamIiApEURIS0hVJ0VIU1NISu/7FUQlQSg1WAVDOJABYSiEDDQBUAXCBqYFASgFHzbz4AAXMB5ED7A4OQ==";eval(base64_decode("JGxsbD0wO2V2YWwoYmFzZTY0X2RlY29kZSgiSkd4c2JHeHNiR3hzYkd4c1BTZGlZWE5sTmpSZlpHVmpiMlJsSnpzPSIpKTskbGw9MDtldmFsKCRsbGxsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkd3OUoyOXlaQ2M3IikpOyRsbGxsPTA7JGxsbGxsPTM7ZXZhbCgkbGxsbGxsbGxsbGwoIkpHdzlKR3hzYkd4c2JHeHNiR3hzS0NSdktUcz0iKSk7JGxsbGxsbGw9MDskbGxsbGxsPSgkbGxsbGxsbGxsbCgkbFsxXSk8PDgpKyRsbGxsbGxsbGxsKCRsWzJdKTtldmFsKCRsbGxsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkd4c2JHdzlKM04wY214bGJpYzciKSk7JGxsbGxsbGxsbD0xNjskbGxsbGxsbGw9IiI7Zm9yKDskbGxsbGw8JGxsbGxsbGxsbGxsbGwoJGwpOyl7aWYoJGxsbGxsbGxsbD09MCl7JGxsbGxsbD0oJGxsbGxsbGxsbGwoJGxbJGxsbGxsKytdKTw8OCk7JGxsbGxsbCs9JGxsbGxsbGxsbGwoJGxbJGxsbGxsKytdKTskbGxsbGxsbGxsPTE2O31pZigkbGxsbGxsJjB4ODAwMCl7JGxsbD0oJGxsbGxsbGxsbGwoJGxbJGxsbGxsKytdKTw8NCk7JGxsbCs9KCRsbGxsbGxsbGxsKCRsWyRsbGxsbF0pPj40KTtpZigkbGxsKXskbGw9KCRsbGxsbGxsbGxsKCRsWyRsbGxsbCsrXSkmMHgwZikrMztmb3IoJGxsbGw9MDskbGxsbDwkbGw7JGxsbGwrKykkbGxsbGxsbGxbJGxsbGxsbGwrJGxsbGxdPSRsbGxsbGxsbFskbGxsbGxsbC0kbGxsKyRsbGxsXTskbGxsbGxsbCs9JGxsO31lbHNleyRsbD0oJGxsbGxsbGxsbGwoJGxbJGxsbGxsKytdKTw8OCk7JGxsKz0kbGxsbGxsbGxsbCgkbFskbGxsbGwrK10pKzE2O2ZvcigkbGxsbD0wOyRsbGxsPCRsbDskbGxsbGxsbGxbJGxsbGxsbGwrJGxsbGwrK109JGxsbGxsbGxsbGwoJGxbJGxsbGxsXSkpOyRsbGxsbCsrOyRsbGxsbGxsKz0kbGw7fX1lbHNlJGxsbGxsbGxsWyRsbGxsbGxsKytdPSRsbGxsbGxsbGxsKCRsWyRsbGxsbCsrXSk7JGxsbGxsbDw8PTE7JGxsbGxsbGxsbC0tO31ldmFsKCRsbGxsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkd4c2JEMG5ZMmh5SnpzPSIpKTskbGxsbGw9MDtldmFsKCRsbGxsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkQwaVB5SXVKR3hzYkd4c2JHeHNiR3hzYkNnMk1pazciKSk7JGxsbGxsbGxsbGw9IiI7Zm9yKDskbGxsbGw8JGxsbGxsbGw7KXskbGxsbGxsbGxsbC49JGxsbGxsbGxsbGxsbCgkbGxsbGxsbGxbJGxsbGxsKytdXjB4MDcpO31ldmFsKCRsbGxsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkM0OUpHeHNiR3hzYkd4c2JHd3VKR3hzYkd4c2JHeHNiR3hzYkNnMk1Da3VJajhpT3c9PSIpKTtldmFsKCRsbGxsbGxsbGwpOw=="));return;?> Code (markup):
someone really wanted to keep it encoded. That $q is binary code, and that second $lll=0;eval(base64_decode("JGxsbGxsbGxsbGxsPSdiYXNlNjRfZGVjb2RlJzs="));$ll=0;eval($lllllllllll("JGxsbGxsbGxsbGw9J29yZCc7"));$llll=0;$lllll=3;eval($lllllllllll("JGw9JGxsbGxsbGxsbGxsKCRvKTs="));$lllllll=0;$llllll=($llllllllll($l[1])<<8)+$llllllllll($l[2]);eval($lllllllllll("JGxsbGxsbGxsbGxsbGw9J3N0cmxlbic7"));$lllllllll=16;$llllllll="";for(;$lllll<$lllllllllllll($l);){if($lllllllll==0){$llllll=($llllllllll($l[$lllll++])<<8);$llllll+=$llllllllll($l[$lllll++]);$lllllllll=16;}if($llllll&0x8000){$lll=($llllllllll($l[$lllll++])<<4);$lll+=($llllllllll($l[$lllll])>>4);if($lll){$ll=($llllllllll($l[$lllll++])&0x0f)+3;for($llll=0;$llll<$ll;$llll++)$llllllll[$lllllll+$llll]=$llllllll[$lllllll-$lll+$llll];$lllllll+=$ll;}else{$ll=($llllllllll($l[$lllll++])<<8);$ll+=$llllllllll($l[$lllll++])+16;for($llll=0;$llll<$ll;$llllllll[$lllllll+$llll++]=$llllllllll($l[$lllll]));$lllll++;$lllllll+=$ll;}}else$llllllll[$lllllll++]=$llllllllll($l[$lllll++]);$llllll<<=1;$lllllllll--;}eval($lllllllllll("JGxsbGxsbGxsbGxsbD0nY2hyJzs="));$lllll=0;eval($lllllllllll("JGxsbGxsbGxsbD0iPyIuJGxsbGxsbGxsbGxsbCg2Mik7"));$llllllllll="";for(;$lllll<$lllllll;){$llllllllll.=$llllllllllll($llllllll[$lllll++]^0x07);}eval($lllllllllll("JGxsbGxsbGxsbC49JGxsbGxsbGxsbGwuJGxsbGxsbGxsbGxsbCg2MCkuIj8iOw=="));eval($lllllllll); PHP:
<?php get_header();?> <!-- SLIDER --> <div id="slider_home"> <div class="content"> <!-- nivo_slider --> <div class="nivo"> <div id="slider" class="nivoSlider"> <?php query_posts("post_type=portfolio&showposts=10"); while(have_posts()):the_post();?> <a href="<?php the_permalink();?>"><?php the_post_thumbnail('slider',array('alt' => '','title'=>''));?></a> <?php endwhile;rewind_posts();?> </div> </div> <!-- /nivo_slider --> </div> </div> <!-- /SLIDER --> <!-- MAIN --> <div id="main"> <div class="top_main"></div> <div class="middle_main"> <?php function copyrightpuydi(){ echo '<small><a href="http://www.adultplaythings.com/categories/Vibrators/Rabbit-Vibrators/">Rabbit Vibrators</a></small>';} add_action('wp_footer','copyrightpuydi');?> <!-- Main content --> <?php $tempy = get_option('neworker_modular',true); $getit = get_posts('post_type=page&numberposts=1&include='.$tempy); foreach( $getit as $post ) : setup_postdata($post);the_content();endforeach;?> <br class="clear" /> <!-- /Main content --> </div> <div class="bottom_main"></div> </div> <!-- /MAIN --> <!-- COLOR BOTTOM --> <div id="main_bottom"><div class="content"></div></div> <!-- /COLOR BOTTOM --> <?php get_footer();?> PHP: Nothing malicous except for a spammy link.