Comments on: WordPress Theme Authenticity Checker

By: Obfuscated code in themes: Your opinion? - Page 3 - WordPress Tavern Forum

Obfuscated code in themes: Your opinion? - Page 3 - WordPress Tavern Forum — Tue, 21 Jul 2009 22:06:02 +0000

[...] vulnerable to spam attacks. I wrote about the WordPress Theme Authenticity Checker a while back here and is a great tool to check if the theme you downloaded contains any encrypted code without having [...]

By: Peter

Peter — Fri, 22 Aug 2008 22:22:23 +0000

Where’s the logic in that? That’s the same as saying if you trust an operating system you should trust any program available for it.

By: Lagerhall stålkonstruktion

Lagerhall stålkonstruktion — Thu, 21 Aug 2008 10:29:48 +0000

if you trust the corecode u should trust the theme to…
Lagerhall

By: Pangeran

Pangeran — Thu, 21 Aug 2008 00:56:14 +0000

A user like me.

Glad that I never encounter any malicious code etc.

By: Leland

Leland — Wed, 20 Aug 2008 19:22:48 +0000

Like Peter said, there are a few theme sites which bundle malicious code in “encrypted” form. Although some encrypted code is harmless (just protecting links), the truth is a lot of users don’t know what this is or how it can potentially harm (if malicious) their blogs.

By: Pangeran

Pangeran — Wed, 20 Aug 2008 06:03:26 +0000

AH…
So far, I never find such theme that using any encrypted code.

Beside, most of theme is from trusted designer like themelab, and Justin Tadlock.

By: Peter

Peter — Wed, 20 Aug 2008 06:00:31 +0000

Well, people don’t just use it for “protecting” links in templates. It’s ethical to encrypt code for good intentions such as encypting designer links in the footer, but, it’s unethical when people encypt harmful material into themes.

By: Pangeran

Pangeran — Wed, 20 Aug 2008 05:46:13 +0000

Ah, I see.

So using an encrypted code such as

VGhlbWUgYnkgPGEgaHJlZj1cIiNcIj5DZW5lYjwvYT4gYW5kIDxhIGhyZWY9XCIjXCI+VGhlbWUgTGFiPC9hPg==

is unethical to put our credit in the theme that we make?

But I though that this will help people not to modify it.

Still in confusing.
So if the plugin found the encrypted code, so what?
That’s what I’m trying to ask.

What’s the benefits.

By: Peter

Peter — Wed, 20 Aug 2008 05:41:41 +0000

Ah, from what I know, base64 encoding changes normal readable text into a string of characters which are not readable without using a decoder.

Template creators occasionally use base64 to try and limit the amount of links being removed from templates.

E.G. in the footer, instead of the footer being something like

“Theme by Ceneb and Theme Lab”

it would say:

VGhlbWUgYnkgPGEgaHJlZj1cIiNcIj5DZW5lYjwvYT4gYW5kIDxhIGhyZWY9XCIjXCI+VGhlbWUgTGFiPC9hPg==

Until you use a decoder:

http://makcoder.sourceforge.net/demo/base64.php

By: Pangeran

Pangeran — Wed, 20 Aug 2008 05:27:23 +0000

Yeah, I’ve read it twice to make myself clear.
Don’t know what is base64 emcoding, etc…