besso

Yes, I thought so.

The script is location agnostic (blind) – it doesn’t use the underlying filesystem in any way, but identifies WordPress databases by searching for pfx_options db table (wp_options by default) inside informationSchema to build the initial list.

You can also use it to fix issues on any MySql server that allows you to connect remotely with sufficient privileges.

Updated version can be found at https://github.com/besso/fancybox-wordpress-js-exploit-removal, it allows you to manually define any WP databases that are using non-standard table prefixes.

Thanks for the feedback. Are you using non-standard naming (prefix) for WordPress database tables, e.g. anything other than wp_options?

If you’re a webmaster running hundreds of WP websites, this might come in handy: https://github.com/besso/fancybox-wordpress-js-exploit-removal

I likely discovered a bug that might prevent votes to be saved, because the db table “wp_nggv_votes” wasn’t created at plugin activation. If you’re having the same issue, do check if the table exists.

In my case the table was not created because the field “criteria_id” was defined twice in “CREATE TABLE …” syntax.

plugin version: 2.3
file: ngg-voting.php
function: dbUpgrade
rows: #144 and #150

After manually running the CREATE TABLE below, the table was successfully created and voting started to work.

CREATE TABLE wp_nggv_votes (
  id BIGINT(19) NOT NULL AUTO_INCREMENT,
  gid BIGINT NOT NULL,
  pid BIGINT NOT NULL,
  criteria_id BIGINT NOT NULL DEFAULT 0,
  vote INT NOT NULL DEFAULT 0,
  user_id BIGINT NOT NULL DEFAULT 0,
  ip VARCHAR(32) NULL,
  proxy VARCHAR(32) NULL,
  dateadded DATETIME NOT NULL DEFAULT "0000-00-00 00:00:00",
  UNIQUE KEY id (id)
);