eval(base64_decode Code Problem!

You just need to run the code through an online decoder to see what it is doing. For instance, the first line in your header:

function theme_footer_t() { if (!(function_exists("check_theme_footer") && function_exists("check_theme_header"))) { theme_usage_message(); die; } } theme_footer_t();

and the footer:

function functions_file_exists() { if (!file_exists(dirname(__file__) . "/functions.php") || !function_exists("theme_usage_message") ) { echo ("<p style=\"padding:10px; margin: 10px; text-align:center; border: 2px dashed Red; font-family:arial; font-weight:bold; background: #fff; color: #000;\">This theme is released free for use under creative commons licence. All links in the footer should remain intact. These links are all family friendly and will not hurt your site in any way. This great theme is brought to you for free by these supporters.</p>"); die; } } functions_file_exists();

So in this case, it’s just code included to require that you use their footer. Personally, this kinda thing ticks me off like no other, and I refuse to use a theme that does it. </rant>

If you need to decode more base64 yourself, the decoder I used is here: https://www.opinionatedgeek.com/dotnet/tools/base64decode/

<?php // This file is protected by copyright law and provided under license. Reverse engineering of this file is strictly prohibited.
$OOO0O0O00=__FILE__;$O00O00O00=__LINE__;$OO00O0000=2176;eval((base64_decode(‘JE8wMDBPME8wMD1mb3BlbigkT09PME8wTzAwLCdyYicpO3doaWxlKC0tJE8wME8wME8wMClmZ2V0cygkTzAwME8wTzAwLDEwMjQpO2ZnZXRzKCRPMDAwTzBPMDAsNDA5Nik7JE9PMDBPMDBPMD0oYmFzZTY0X2RlY29kZShzdHJ0cihmcmVhZCgkTzAwME8wTzAwLDM3MiksJ0VudGVyeW91d2toUkhZS05XT1VUQWFCYkNjRGRGZkdnSWlKakxsTW1QcFFxU3NWdlh4WnowMTIzNDU2Nzg5Ky89JywnQUJDREVGR0hJSktMTU5PUFFSU1RVVldYWVphYmNkZWZnaGlqa2xtbm9wcXJzdHV2d3h5ejAxMjM0NTY3ODkrLycpKSk7ZXZhbCgkT08wME8wME8wKTs=’)));return;?>
kr9NHenNHenNHe1lFMamb3klFoxiC2APk19gOLlHOa9gkZXJkZwVkr9NTznNHr8XHt4JkZwShokiF2A2Yy9LcBYvcoAPF3OZfuwPcmklCBWPkr8XHenNHr8XHtXLT08XHr8XHeEXhUXmOB50cbk5d3a3D2iUUylRTlfNaaOnCAkJW2YrcrcMO2fkDApQToxYdanXAbyTF1c2BuiDGjExHjH0YTC3KeLqRz0mRtfnWLYrOAcuUrlhU0xYTL9WAakTayaBa1icBMyJC2OlcMfPDBpqdo1Vd3nxFmY0fbc3Gul6HerZHzW1YjF4KUSvkZLphUL7cMYSd3YlhtONHeEXTznNHeEpK2a2CBXPkr9NHenNHenNHtL7wtOvFuOpd24INUnmcbOgd3n0DB9VhtficMcpdMl0GU1vFuOpd25zkZL7weslC2ivwtFktWLYtILktTXvcol2NI0htWLkeWPktWL8wU0swraVctnbFMyXFoaZwt0sNI0htWLkeWPktWL8wU0sWMamDB4IWM90fo9swyYlC3Opd24sRT4YtILktW0htWLkNoOpfJnpce0JCM90fo9sRBkmwj4YtILktWL8col2woYSCbYzNUk3FMyXFoaZwj4YtILktWLYtILktWLkkzSIDBCPko9XfolvdlSmCBcMDB5pfulgcM9vfoaZb2kSd2fZd2xSk10INT0Ik3OZfBAmhUn7weslC2ivwtFktWLkeWPktWLktTxLDbCIDBW9wMkvfuOvdU1scB51wj4YtILktWLktTxLDbCIDBW9wMkvfuOvdU1scB51HJw+eWPktWLktWLkNoOpfJnpce0JCM90fo9sRB1ldmAzwj4YtILktWLktWLkNoOpfJnpce0JCM90fo9sRB1ldmAsd3clFMxiGUw+eWPktWLktWLktWL8col2woYSCbYzNUksd2O1doa0CBkScUw+eWPktWLktWLktWLkNuaSwoYSCbYzNUkscB51RB5ifJw+eWPktWLktWLktWLktW0htWLktWLktWLktWLmKZn3Fy9SDbY0b2kvd2ssCbkqFZImfol0doagdoL9kM9ZcoaZCmL9kZ4Ld3n0DB9VBZficMcpdMl0Ga9Md290cbkgCMxvc3kvdoxgd3kLcbwmbU4mkMxpdBl0NUFVko9XfolvdlSmCBcMDB5pfulgcM9vfoaZb2kSd2fZd2xSb2xpdBl0k10VkZc0DbOSca9JcBcvFMA9NoI0NJc0DbOSca9icmOlFj08R2I0NJcjCbOlc29ZDbplNTEMC2y0cBfvFmL9kZ4Ld3n0DB9VBZficMcpdMl0Ga9Md290cbkgCMxvc3kvdoxgC2y0cBfvFmLmbUL7weslC2ivwtFktWLktWLktWLktW0htWLktWLktWLktTXvfBX+eWPktWLktWLktWL8R2Opfj4YtILktWLktWLkNt9LDbC+eWPktWLktWLkNt9LDbC+eWPktWLktWL8R2Opfj4YtILktWLkNt9LDbC+eWPktWLktW0htWLktWLmKZn9weslC2ivwtFktWLktW0htWLktTXvcol2NI0htWLkNt9LDbC+eWPktWL8col2wolLNUkJd3O0d20JNI0htWLktTxLDbCIC2xiF3H9wmfZCbnXcbwJNI0htWLktWL8col2woYSCbYzNUkjd3n5FMlmDuWsCMxvC2SJNI0htWLktWLkeWPktWLktWLmKZnpcJILd3n0DB9VBZficMcpdMl0Ga9jd3n5FMlmDuWmbUE9NUEmfuk1cUFpwuSIK2ajDo8IkXLktWLkeWPktWLktWL8col2wolLNUkjd3n5FMlmDuWJNI0htWLktWLkeWPktWLktWLkAo93cbklctnJGUE8CUnPFMaMNUkPfuOXKJ8vf3f3RMcZcBAsFukldBl1dU13d3kLFuklF3HsfoildBazRMYvdUw+OmklcUnWFMasDbaswyfvFMOXFMazFZnADoascbH8R2r+eWPktWLktWLYtILktWLktTXvcol2NI0htWLktWLkeWPktWLktWLmKZn9weslC2ivwtFktWLktWLYtILktWLktUF7wolMhtOvFuOpd25dk2yMcMlVDbO5b3kvC2slfoxvc28mbUE9NUEmfuk1cUFpwuSIK2ajDo8IkXLktWLktW0htWLktWLkNorIDuklcj0JDuO0FePvR3f3fZ5MFMalRbnZcB1pfB0sf29ZcunZcbYzRbOPcB1lFZ5jd20JwuOpfoxlNUkMFMalwunZcB1pfB0If29ZcunZcbYzwuOPcB1lFZwIDBW9wmkvC2slftw+Nt9iNI0htWLktWLkeWPktWLktWLmKZn9weslC2ivwtFktWLktWLYtILktWLkNt9LDbC+eWPktWLkNt9LDbC+eWPktWL8R2Opfj4YtILktW0htWLkNtrsRAaVctntd3O0d20IA2ajfolvdJ0sNI0htWLkeWPktTXvcol2NI0htTXvcol2NI0htW0htUF7wufXb2cvd3OlFJIpKZE7cBYPdZEmtW0hNt9Jd2O5NI0hNt9Pfo1SNJF7

I see this kind of code in footer.php !

Can someone tell me what is this and help me?

Thank you!
All The Best!

adihamo

$option = get_option('affinity-options'); ;echo '
			</div>

			<!-- End Wrapper -->

			<!--Begin Bottom Section-->

			<div id="bottom-bg">
				<div class="wrapper">

					'; if($option['affinity_footer_blogroll'] == 'true') { ;echo '
					<div id="bottom-menu">
						<div id="bottom-menu2">
							<div id="bottom-menu3">
								<div id="bottom-menu-overlay">
									<div class="moduletable">
										<ul class="menu-nav">

											'; wp_list_bookmarks('title_li=&orderby='.$option['affinity_footer_blogroll_order'].'&limit='.$option['affinity_footer_blogroll_limit'].'&title_before=<h4>&title_after=</h4>&categorize=0&category='.$option['affinity_footer_blogroll_category']); ;echo '
										</ul>
									</div>
								</div>
							</div>
						</div>
					</div>

					'; } ;echo '
				</div>
			</div>
			<div id="bottom">
				<div class="wrapper">
					<div class="copyright-block">

						'; if($option['affinity_copyright'] == 'true') { ;echo '
						<div id="copyright">

							Powered by <a href="https://www.free-premium-wordpress-themes.com">Free Premium WordPress Themes</a>

						</div>

						'; } ;echo '
						'; if($option['affinity_rocketlogo'] == 'true') { ;echo '
						<a href="https://www.free-premium-wordpress-themes.com" title="free premium wordpress themes" id="rocket"></a>

						'; } ;echo '
					</div>
				</div>
			</div>

			<!--End Bottom Section-->

		</div>
	</div>

	'; wp_footer(); ;echo '
</body>
</html>';

closing this as it’s not the correct place