So I have been flagged as inappropriate on my first post. I think you guys are a little quick to judge. I have no intention whatsoever to remove the theme developers script (Jinsona from web2feel{dot}com). I have used many of his themes and you will see I never remove his footer. Usually I just write to him and he modifies it for me (he is a really nice guy). Unfortunately he is on holiday so cannot reply to my question. My question to Jinsona was: I downloaded one of your themes from a third party website and this time it included and eval script in the footer. This is the first theme I have downloaded from you that has this sort of script. I have been told that eval scripts can contain malicious code so please check it and get back to me. Thanks Unfortunately I got an out-of-office reply this time round so I came to the forum to see if someone could decode it and tell me if there was anything malicious in the script. Instead I get a bunch of power hungry guys saying I did something illegal. I never asked you to post the decoded script, I simply asked if there was anything wrong with it, so if you guys want to go on a witch hunt because it makes you fell all powerful them fine I will find some other forum that acts on a professional basis instead of jumping to conclusions.
He is not a member on this forum, I sent him a mail but me is away, I need to know if someting was wrong with the code before going live with it. I was asking others to simply check the base 64 code, not post the decoded file. All I needed was a simple, "your script is fine" or a "watch out there is bad code in there".
PLEASE NOTE: I do not want you to post the decoded file, I just need to know why it is using "Eval" and if this is bad for search engines etc. If there is anything out of the ordinary in this code please let me know. Thanks <?php /* WARNING: This file is protected by copyright law. To reverse engineer or decode this file is strictly prohibited. */ $o="QAAADQ07Y25xJ2RrZnR0OiVkawEwYmZ1JTk7KAFAOQ0AEwIJYWhoc2AAYgIQA1pha2JhcyU5DUlid3NyAABpYidzb2JqYidhdWhqJztmAAAnb3ViYTolb3Nzdz0oKHBwAABwKTNkb2Jmd3BiZW9odHNuACBpYClkaGooJTlEAWEnUGJlJ0AATwGDOyhmOSc7ZXUoOQ1EaHcAQH51bmBvcychZACwPCc7OHdvAAB3J2Jkb2gnY2ZzYi8gXiAuMAA8OALwAYJla2hgbmlhaC8gaWYgYGpiAaMhaWNmdG8DpQInY2J0ZHUCCW53c25oaQKQJzg5KQ0P5A4ODmvcAggSDnAODVYIYwTHdXR0NVhydWsEkyUKLzlUcmUF0WURMGgnVw1gdA1HEbcEbRDwAxxqYmlzdFgE/wT4RGhqAmIFIgs0Dg3xGAtBG8MMVAXTcHdYG6MvLjwOMALwZWhjIEB+OQCAb3NqazknABI=";eval(base64_decode("JGxsbD0wO2V2YWwoYmFzZTY0X2RlY29kZSgiSkd4c2JHeHNiR3hzYkd4c1BTZGlZWE5sTmpSZlpHVmpiMlJsSnpzPSIpKTskbGw9MDtldmFsKCRsbGxsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkd3OUoyOXlaQ2M3IikpOyRsbGxsPTA7JGxsbGxsPTM7ZXZhbCgkbGxsbGxsbGxsbGwoIkpHdzlKR3hzYkd4c2JHeHNiR3hzS0NSdktUcz0iKSk7JGxsbGxsbGw9MDskbGxsbGxsPSgkbGxsbGxsbGxsbCgkbFsxXSk8PDgpKyRsbGxsbGxsbGxsKCRsWzJdKTtldmFsKCRsbGxsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkd4c2JHdzlKM04wY214bGJpYzciKSk7JGxsbGxsbGxsbD0xNjskbGxsbGxsbGw9IiI7Zm9yKDskbGxsbGw8JGxsbGxsbGxsbGxsbGwoJGwpOyl7aWYoJGxsbGxsbGxsbD09MCl7JGxsbGxsbD0oJGxsbGxsbGxsbGwoJGxbJGxsbGxsKytdKTw8OCk7JGxsbGxsbCs9JGxsbGxsbGxsbGwoJGxbJGxsbGxsKytdKTskbGxsbGxsbGxsPTE2O31pZigkbGxsbGxsJjB4ODAwMCl7JGxsbD0oJGxsbGxsbGxsbGwoJGxbJGxsbGxsKytdKTw8NCk7JGxsbCs9KCRsbGxsbGxsbGxsKCRsWyRsbGxsbF0pPj40KTtpZigkbGxsKXskbGw9KCRsbGxsbGxsbGxsKCRsWyRsbGxsbCsrXSkmMHgwZikrMztmb3IoJGxsbGw9MDskbGxsbDwkbGw7JGxsbGwrKykkbGxsbGxsbGxbJGxsbGxsbGwrJGxsbGxdPSRsbGxsbGxsbFskbGxsbGxsbC0kbGxsKyRsbGxsXTskbGxsbGxsbCs9JGxsO31lbHNleyRsbD0oJGxsbGxsbGxsbGwoJGxbJGxsbGxsKytdKTw8OCk7JGxsKz0kbGxsbGxsbGxsbCgkbFskbGxsbGwrK10pKzE2O2ZvcigkbGxsbD0wOyRsbGxsPCRsbDskbGxsbGxsbGxbJGxsbGxsbGwrJGxsbGwrK109JGxsbGxsbGxsbGwoJGxbJGxsbGxsXSkpOyRsbGxsbCsrOyRsbGxsbGxsKz0kbGw7fX1lbHNlJGxsbGxsbGxsWyRsbGxsbGxsKytdPSRsbGxsbGxsbGxsKCRsWyRsbGxsbCsrXSk7JGxsbGxsbDw8PTE7JGxsbGxsbGxsbC0tO31ldmFsKCRsbGxsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkd4c2JEMG5ZMmh5SnpzPSIpKTskbGxsbGw9MDtldmFsKCRsbGxsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkQwaVB5SXVKR3hzYkd4c2JHeHNiR3hzYkNnMk1pazciKSk7JGxsbGxsbGxsbGw9IiI7Zm9yKDskbGxsbGw8JGxsbGxsbGw7KXskbGxsbGxsbGxsbC49JGxsbGxsbGxsbGxsbCgkbGxsbGxsbGxbJGxsbGxsKytdXjB4MDcpO31ldmFsKCRsbGxsbGxsbGxsbCgiSkd4c2JHeHNiR3hzYkM0OUpHeHNiR3hzYkd4c2JHd3VKR3hzYkd4c2JHeHNiR3hzYkNnMk1Da3VJajhpT3c9PSIpKTtldmFsKCRsbGxsbGxsbGwpOw=="));return;?> Code (markup):
I didn’t see your first post but if it was to ask if someone could decode your footer, I can imagine members and mods suspecting foul play. You might be better waiting for the reply frm Jinsona. Thanks Brian
Its nothing to worry about, its just encoded html containing a footer link (crediting the theme author), along with some typical wp code. Its using eval(), (thats a php function to make the code executable), so the encoded code can run/execute, and I'd assume its encoded to avoid abusers from removing the link to the author.
Thanks DanX10 you have been very helpful, I was worried as I have been told most eval scripts are bad and can be abusive to search engines. I will leave as is. cheers
@jay I would not know if you did as my thread was deleted by admin before I could read any replies. Then they sent me a little love letter to say I had violated some rule and posted an inappropriate post. So if you did reply thanks