Hi All I have a nice theme im using that was free.However the footer is encoded. I hope its just pulling links (that what it seems) But would like to check as ive just had a site hacked by someone calls himself bin laden(left a page for everyone to see) Would somone mind decoding this please...would be interested to see the php and i cant seem to get it to decode(i only know the basics). Your time appreciated....thanks Heres the footer. <!--code below--> <?php /* please do not edit this part thank you */ eval(gzinflate(base64_decode('DZQ3soRaEkSXM/8HBtCNjLHQotEanAm0umjN6uc55ZSTUedklWcK/qnfdqxAupf/ZOlWEtj/ijKfivKf//BFIq6br9S95+CBO1g857mdf+nv81rhkAzFsJIkxA/iU/x+NAL9Kuiz9CmyWJSKnN9+46H16d7D7WDIpqrZ4j7mA94xGoFPHfSxVcXuI9YZ+XGDAdZli58MjSXb3eHip3x9HKxCnO0UzOIy85A3IGKT97JTtXI9KUuuGMkh1thmt8/CnjUaAhNng07MkBDR4PHNpyPgTm8xJ6rYqcZV40THIySLC3xfplZuN7/lRYb3p6R5eNaWAj/TO9kcM3ohK6Cct7tBAnsroMpP91TQe+KThW2zrNICIjTXjcQQk4++UezAfKEDBNJMKYuxsH7yZdxGXW3zztfWzW1rxj+ik35uQX+N5ZiDT5PO+su1g/uDO07QPnKvpbzLn2Phaph3UFHCkAdmBfOo8U3jxVFfsurKldNBdSNTIyjFcaIOFpdkxPpT1B6yII2bRQblH3J/5lL6LFR8VecNIVFDo2kvN6HqxihsWlQYYWf3zHixnbsvkvYRAqjmzKb1qeyDKSrNj8dyXF/pZjJGDhzoJwCXcz5RZpgkjRWVT2gGPG9jSucFatKv4DpCdZEWbuIXruC3NctFQdpyfgc3ZUq1+lOJ7pfxTASK4l3deEwmCwAiWaR0jZqfFFY9bZt8EgYQ6olEDnC/Ju6LCy0g1rskuxIkqpduw5poPymyyil4OLsZH9J1HCSRBaeuZXI8XEXtpzGbosZfhKu8eAFqJELsSOAb3i+ylHOcoazD1clNZetGgFZxcw5pYWJlhBPoaoc0nRpkLmVFpgHW7/XEn8bFHU0EojmMujYPgso+s8B6Lf2YFoLnrfdgXNJ843uAHgaMsox1hHYT1p8kjDV4fFzPfzT6uzt5MaVj30qNTM2wIZjAyRViJ3NhKEa9ng64ZmvRGYHatks+51oZ93+zdvb2x6tP5PJthbNZjtwmFjrovCkcm2D6Pb5F/Uap36AulbofHzugo0axKSIK5DjT3elvw/GCUVz9KNRSHwsZ2xlNTCUh1GXuFCZkwASvkEgHQ6ftA4qGnQh5ICbhcKFP4hi1i9MdId5L1l/rOkYcvnwR9treRKLYlZFMMEfV/AN9Q52wkD/l+qhGvruQdcHzIpuYBzNVio8cp7N/RiRa6pdGgsExUniLkJSG4dlLqZhaON84+xcw0UGY35bQO1Kz6ZijKvNz5ZUNuPdUJTQH/vWq7hfx3znTK6XzOz2DCLub1sezWroVCO6uiOUUizSB79hNVDs0oLnk8MFa/eX7wdo+aIRFNQ7Gw3aTRZbHbGfW8X266z+k13Nc6EAo7Zp6fn/XDKrRBm9ZepU5ZyhuOQdSrBUOWZn451rFXjefavhFAzQMJgq1rTlTTrjPXEWJ22ImAff+YXMjXyEaBab6qToxUqphb9T5Vmtq9HaHLOvGRW9Vn+8cdgoW/ktsme67rHAu2spRJum7Hvb5MIVpfZC08EOgvogrv22NUvag6AC6daNes5puyl9AHLtmxqZGDw0kaPURLS9P9v08Knwaehfjxj8h2XWLVK99JW/lwK/5K4F5nEj26ubCHFQgfhTb9qtvJlzf03k60qEQyibwL5f8HLzFjRsvAyJObFyQJ11qKTPK596rQDaAdaT8bKWzSkfM0rjUkRSUEYlPUDG3gt13IpHmt1KKfjEalt0mGJBrObfGGgyED2EPVNV4mlJv1FLuvMluoCUaCFK/ceadKixyP0auL1QDmxgFZB9TOUDGJM+ffOReum+V6/2nm7EpRwQAnQxxCJ4/mHUuEwEPeLkFvPm2oK0jTtWgDHJ23ixv/P0U6pYlEvZbAcuYNusLBy73eB11hPPdPk52267hVumyECZFWcthYC2GCVe+zgFHjiyFmGc26QjjPFyNldxE1ndUy+AxoS6K8pdjPWPwAgoaOvws5G+5d+LD5L7aF3godJeiTcMEdQLVOqcVfXXr9uVzXGIFQ61pduLC4Ojjwqyb70N+WqJjDPgZHzxh4TXixB7BygXbjewiQ62fuN7drUiWhmsPNCmF6d7SbPND0irBlWiOWldw1hA2t6SPV9rlY1sPQiooXOkD1WcZevf1aPKb2oXz3wm8wzq+bWJFhwSd8ekQ+DV65bc9H2WoAc5b6NN1CNmVOXKT2l9bUTtAQGyUaEd6ZWZnkPrJ//rEIdWbssQTRrwwQEHRQsxXEwpmlBlj4/9Ensk+ZuSpRul3kTz5B3/niP1SU4DV3I/zpRAD4QPLlFwQ5zRClm0wam6Wz/E8i4ghPPQLg86oJUqgLeDvnHywi91eDvZExXBnJWBFvMexlt34h3i7J4Pt1kmCBiF6dx+GDX9ieckiKZUI6qyD5nV8dhDkPmmxb9UZM46z0z47aEiPcqmekkn1mDY5ZPrBfgoqc6eRR+1oBjuEHTGqT4XosIjU0YoksooEHpLl2vvUHdy0ulrykzcjjZpD3EkJ5UkcMU/qxjoPBFN14Ka7VbKpjr/ck54mLN76jVo+OYLAlUob3QlR074RlArG1US5/UNrJsQxuM16AW5lVkV6/nqPswpj5KkU8kIOz9ZF1rvjUcSOw2zTHXr7UFK6F63FB6fCY6f6Svz31lB0eW4xqnuwS8PIpXwwtt5Oi0Hw+6MK58qarsplmfR4mVud3Ge3vHqRYeIeKELnqUz70DAM0fjfhL/fE6as//z777///T8='))); ?>
its encoded text..may be they have used this to show a link in the footer or something like this.. You can try just simply removing this code.. Add you own custom footer..
lol the guy encoded this at least 20 times.. This is easy to decode. Just take off the eval command and keep echoing it until you see the decoded version. Here, I did it for you: include("footer_content.php"); echo ' <div class="copyright"> <div class="onethousand_wrap"> <span class="left" style="margin-left:9px;">© '; $zenverse_global_blogsince = get_option("zenverse_global_blogsince"); if ($zenverse_global_blogsince == date("Y")) { echo date("Y"); } else { echo $zenverse_global_blogsince.' - '.date("Y"); } echo ' '.get_bloginfo('name').'</span> <span class="right" style="margin-right:9px;">Powered by <a href="http://wordpress.org/">Wordpress</a></span> <div class="clear"></div> </div><!--/onethousand_wrap--> </div><!--/copyright-->'; echo '<div style="background-image:url('.get_bloginfo("template_directory").'/images/floral.gif);height:52px;"></div> <div id="footcopy" style="background-image:url('.get_bloginfo('template_directory').'/images/footer_copy.gif);height:23px;display:block;color:#dddddd;text-align:center;padding-top:10px;"> <div class="onethousand_wrap"> <a style="color:#dddddd;" id="thethemepageurl" href="http://zenverse.net/crossblock-wordpress-theme/">CrossBlock</a> designed by <a href="http://deltamanual.com" title="manual download">DeltaManual.Com</a> <span style="font-family:tahoma;color:#cccccc">|</span> In conjunction with <a href="http://webhosting.reviewitonline.net">Web Hosting</a> <span style="font-family:tahoma;color:#cccccc">|</span> <a href="http://www.omnis.com/webhosting.php">Web Hosting</a> <span style="font-family:tahoma;color:#cccccc">|</span> <a href="http://www.phone-number-trace.com">Reverse phone</a> </div> </div>'; $zenverse_global_google_analytics = get_option("zenverse_global_google_analytics"); if ($zenverse_global_google_analytics != "") { echo stripslashes($zenverse_global_google_analytics); } wp_footer(); echo '</body> </html>'; PHP: Now you can take off his copyright and put your own.
thank you Rainulf. Much appreciated.Rep added. Just out of interest... Can you encode multiple times then?
Yeah, of course you can, but if you keep encoding an encoded string, it's gonna be longer. And the more times you encode it, the more times you'll need decode it in order to run - meaning it will have longer time to load.
i tried to change the code of the footer, but any change i realize, always block the page what can i do? thank you very much!