sebbi

To clarify, I noticed the hack today, but the date on the malicious php-files was january 29th. This date is also consistent with the massive drop in visitors coming from google since then.

Bump! Exact same thing happend to my blog on january 29th … WordPress version 2.7.

Had a strange plugin (renamed plugin file filled with encrypted (?) php code) in the wp_options table (row with option_name active_plugins) and two new users with admin rights which were not visible in the profile section.

Suggested fix:
– wordpress should check for strange new users it doesn’t or can’t display
– wordpress should check if activated plugins really are plugins
– find the leak and finally fix it ??

I know this thread is old like in really old, but my 2.7. install of WordPress got hacked in a simliar way (active_plugins option referencing a encrypted php-file in my plugin-folder). I then checked if other blogs on my server got hacked and well, they all had the same problem.

Interesting idea. On the other hand you could simply include a link for deinstallation in your plugin-description and if the plugin requires something done the first time it is run, then simply do it ?? It is not that hard to detect missing tables/files/etc from within the plugin ??

So BLOG:CMS has 50x more functionality than WP … ok, where? Maybe out of the box, but in the end?
As a sidenote: this literarymoose wrote something for blog:cms? And Radek is referencing him in his “r-i-p wordpress”-posting, right? And i thought literarymoose is against open source in every way … whatever … from the comments on your blog it looks like the author is also not very community-friendly … but again, these are only my first impressions of him …

I am currently sort of rewriting bbclone (bbclone.de) to better work with WP … works great as a plugin and is so much more usefull then the original ??
However, phpoopentracker sounds interesting enough to take a look at it and maybe copy some of its features, too…

German: https://www.sebbi.de

Hmm, wordpress can’t be our Linux. Unix/Linux follow a very modular concept, while wordpress still offers everything in one big package, just like Windows XP does … sorry to disappoint you ??
But yes, it OWNS ??

I wrote an article about that new blogthingy ??
https://www.sebbi.de/archives/2004/08/12/blogcms-vs-wordpress/
As it is in German, i’ll give you a quick summary:
Without having it tried out and only looking at their feature list including the rest of their website, i conclude, that it is not worth to migrate from wordpress to blog:cms. They do not offer a single (important) thing that is not yet possible with wordpress, except for WYSIWYG-editing (would be simple to add via htmlarea or via the live preview plugin) and multi-blog-support (which is not an issue if you can afford copying your wordpress-folder over and over and use different database-prefixes).
The only thing that bugs me is, that blog:cms seems to have a better plugin-support (not with plugins but support for plugins i mean). I base all my hope on the upcoming wordpress 1.3 release to deliver a better “api” ??
If I am missing an important point why blog:cms should be better than wordpress, please correct me…

And very not configurable ?? … damnit had i known that someone has already a working statistics-plugin i wouldn’t have programmed my own bbclone … and now i even have to add _these_ features …

$wpdb ist a global variable which is not known inside functions … you need to insert “global $wpdb;” after the line “function ensure_card($str) {” …

Well, the hack that is the diff file that is posted here makes use of this option, but you are right, it is no longer present in the current version of wordpress (meaning: you cannot change it in the admin interface) …
I agree that the diff is in a strange format … i guess it wont work with the “patch” program…
Greetings,
Sebbi
P.S.: The original thread about this hack is located here: https://www.ads-software.com/support/10/6513

Erku,
wouldnt that result in negative paddings if date returns 0 and start_of_week is 1?

Hmm … this forum could warn its users that it will cut off the part of the thread-title that is most essential to it ??
It should have said:Patch: calendar makes use of the setting ‘start_of_week’