The ReviewWire Posted July 3, 2012 Share Posted July 3, 2012 I downloaded AntiVirus on my Wordpress theme and found something fishy in timthum.php. I don't know what needs to be deleted or what to do next: Any advise? $this->myHost = preg_replace('/^www\./i', '', $_SERVER['HTTP_HOST']); $this->src = $this->param('src'); $this->url = parse_url($this->src); if(strlen($this->src) <= 3){ $this->error("No image specified"); return false; } if(BLOCK_EXTERNAL_LEECHERS && array_key_exists('HTTP_REFERER', $_SERVER) && (! preg_match('/^https?:\/\/(?:www\.)?' . $this->myHost . '(?:$|\/)/i', $_SERVER['HTTP_REFERER']))){ // base64 encoded red image that says 'no hotlinkers' // nothing to worry about! :) $imgData = base64_decode("R0lGODlhUAAMAIAAAP8AAP///yH5BAAHAP8ALAAAAABQAAwAAAJpjI+py+0Po5y0OgAMjjv01YUZ\nOGplhWXfNa6JCLnWkXplrcBmW+spbwvaVr/cDyg7IoFC2KbYVC2NQ5MQ4ZNao9Ynzjl9ScNYpneb\nDULB3RP6JuPuaGfuuV4fumf8PuvqFyhYtjdoeFgAADs="); header('Content-Type: image/gif'); header('Content-Length: ' . sizeof($imgData)); header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0'); header("Pragma: no-cache"); header('Expires: ' . gmdate ('D, d M Y H:i:s', time())); echo $imgData; return false; exit(0); } if(preg_match('/https?:\/\/(?:www\.)?' . $this->myHost . '(?:$|\/)/i', $this->src)){ $this->src = preg_replace('/https?:\/\/(?:www\.)?' . $this->myHost . '/i', '', $this->src); } if(preg_match('/^https?:\/\/[^\/]+/i', $this->src)){ $this->debug(2, "Is a request for an external URL: " . $this->src); $this->isURL = true; } else { $this->debug(2, "Is a request for an internal file: " . $this->src); } if($this->isURL && (! ALLOW_EXTERNAL)){ $this->error("You are not allowed to fetch images from an external website."); return false; } if($this->isURL){ if(ALLOW_ALL_EXTERNAL_SITES){ $this->debug(2, "Fetching from all external sites is enabled."); } else { $this->debug(2, "Fetching only from selected external sites is enabled."); $allowed = false; foreach($ALLOWED_SITES as $site){ if (preg_match ('/(?:^|\.)' . $site . '$/i', $this->url['host'])) { $this->debug(3, "URL hostname {$this->url['host']} matches $site so allowing."); $allowed = true; } } if(! $allowed){ return $this->error("You may not fetch images from that site. To enable this site in timthumb, you can either add it to \$ALLOWED_SITES and set ALLOW_EXTERNAL=true. Or you can set ALLOW_ALL_EXTERNAL_SITES=true, depending on your security needs."); } } } Link to comment Share on other sites More sharing options...
Guest Posted July 3, 2012 Share Posted July 3, 2012 @The ReviewWire I suggest you seek support from Wordpress. Chris Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.