halferdev

I think people don’t know what you want here. Can you explain what patch needs to be applied? What’s in the Dropbox?

Sounds like a malicious plugin. Have you disabled and removed it entirely?

Is this plugin available in the WordPress plugins repo? If so, this behaviour would violate the guidelines (imo) and should be notified to WP so they can remove it.

Several things you can do:

– Restore the site files from backup
– Restore the site database from backup

If that’s not possible then:

– Log onto your server and see what files have changed recently. Then, download those and remove the hack – which is easy to spot, but hard to describe how to spot. In general, hackers modify files rather than the db, but you can’t rely on that.

You need to examine all your security, including FTP/SSH passwords, admin/user passwords, and possible security vulnerabilities. Do you have any custom work in your WP site?

(Off-topic: the plural word “FAQ’s” should be “FAQs” i.e. without an apostrophe. Apostrophes are only for contractions and ownership).

It seems it’s only affecting your home page. I would take a look at the index.php file in your theme to see if there’s anything at the end of that. You can see this in Appearance -> Editor -> Main Index Template (the last one may be called something different, this might vary per theme).

Looks like it is outside of your theme footer. Have you (or your designer/developer) made any site changes recently?

If you have access to your web host (either by FTP or SSH) then take a look at the timestamps on the files (using ls -l) to see what has been most recently modified. Whilst unlikely, it could be someone who has cracked the security on your site; sadly it does happen a fair bit with WP, since it is a popular target!

Is this in the admin or one of the themes? Can you explain why you need this tag ordering? – normally the order doesn’t make any difference. Is it a JS thing? There may be another way to achieve what you are doing.

Heh, yeah; you need to send your cookie(s), not a random one called ‘foo’. That’s just an example.

I would be inclined to send all cookies in $_COOKIE for the site, so you’ll need to loop through (foreach ($_COOKIE as $key => $value)) and send them all in one go. I think they are semicolon delimited, but the link should give you more info.

Drop the Accept-Language header, you probably don’t need it.

Couple of things you can try:

* Use the reinstall feature on your Update Admin page to install 3.4.2 completely
* Check your .htaccess file, this is a common entry point for hacks
* See if there is any JS on your home page relating to the hack, this might indicate that the theme has been modified

I agree with Tomontoast. Grab an event plugin that (a) does the closest to what you want, and (b) is well-written internally, and then start hacking! Make sure you use version control (Subversion, Git etc) so you can easily undo edits that don’t work.

There seems to be a view in this forum – though I am new here – that the flexibility of WP plugins is so infinite that programming is never needed. Unfortunately I don’t think that’s true – there’s a point where one needs to start understanding the code and jump in to trying to modify it. It can be a big job to learn, but it is worth it, I promise ??

IMO, it’s not worth doing so. Certainly one would expect it not to fail, but then what happens if a plugin adds two keys having the same values? It might seem redundant to us when discussing it in the abstract, but it is possible there’s a use case for it.

Your plugin should be called only after that file is included, so you should be able to use WP functions without including anything else. What function specifically do you want to use?

This should get you started:

https://stackoverflow.com/questions/3431160/php-send-cookie-with-file-get-contents

sepp88, what is the character set of the page, as defined by the HTTP header, and by any meta tags in the HTML <head>? Make sure this is UTF-8 for both.

I’m not an expert on character sets, but I would imagine that your files should be edited and saved in UTF-8 too.

If you’re of the opinion that you’re seeing an intermittent behaviour, then save the before and after of your replacements to a file, perhaps with a timestamp in the filename, so you can review what input your code is struggling with. You can do this with file_put_contents().

Can you provide some more detail as to what you are trying to do?

It might be a good idea to offer some code so people can see what you have tried already, and where you might be getting stuck.