Je viens de découvrir cet excellent plugin WordPress, et j’ai pensé le partager avec vous tous. Il s’agit du Theme Authenticity Checker, ou TAC en abrégé. Ce plugin recherche les codes cryptés et autres éléments suspects dans un thème. Si vous avez un thème avec un encodage base64, par exemple, il vous indiquera quel fichier du thème contient le code. Il listera également tous les liens externes dans un thème et les séparera par fichier.
Une fois le plugin téléchargé et installé, une nouvelle page intitulée “TAC” apparaîtra dans votre menu Design. J’ai testé ce plugin sur le serveur de démonstration, et laissez-moi vous dire que ce plugin se charge étonnamment vite, même avec tous les thèmes hébergés sur ce serveur. Au cas où vous vous poseriez la question, tous les thèmes WordPress hébergés sur ce serveur ont un gros message vert Theme Ok !
[…] vulnerable to spam attacks. I wrote about the WordPress Theme Authenticity Checker a while back here and is a great tool to check if the theme you downloaded contains any encrypted code without having […]
if you trust the corecode u should trust the theme to…
Lagerhall
Where’s the logic in that? That’s the same as saying if you trust an operating system you should trust any program available for it.
A user like me.
😀
Glad that I never encounter any malicious code etc.
Like Peter said, there are a few theme sites which bundle malicious code in “encrypted” form. Although some encrypted code is harmless (just protecting links), the truth is a lot of users don’t know what this is or how it can potentially harm (if malicious) their blogs.
Well, people don’t just use it for “protecting” links in templates. It’s ethical to encrypt code for good intentions such as encypting designer links in the footer, but, it’s unethical when people encypt harmful material into themes.
AH…
So far, I never find such theme that using any encrypted code.
Beside, most of theme is from trusted designer like themelab, and Justin Tadlock.
Ah, I see.
So using an encrypted code such as
VGhlbWUgYnkgPGEgaHJlZj1cIiNcIj5DZW5lYjwvYT4gYW5kIDxhIGhyZWY9XCIjXCI+VGhlbWUgTGFiPC9hPg==
is unethical to put our credit in the theme that we make?
But I though that this will help people not to modify it.
Still in confusing.
So if the plugin found the encrypted code, so what?
That’s what I’m trying to ask.
What’s the benefits.
Ah, from what I know, base64 encoding changes normal readable text into a string of characters which are not readable without using a decoder.
Template creators occasionally use base64 to try and limit the amount of links being removed from templates.
E.G. in the footer, instead of the footer being something like
“Theme by Ceneb and Theme Lab”
it would say:
VGhlbWUgYnkgPGEgaHJlZj1cIiNcIj5DZW5lYjwvYT4gYW5kIDxhIGhyZWY9XCIjXCI+VGhlbWUgTGFiPC9hPg==
Until you use a decoder:
http://makcoder.sourceforge.net/demo/base64.php
Yeah, I’ve read it twice to make myself clear.
Don’t know what is base64 emcoding, etc…
I wonder what’s the benefits of having that plug in for user or developer?
What’s the “Theme OK!” means?
Valid XHTML?
Pangeran, I’m not too sure if you read the post Leland wrote, fully, but I seemed to get a good idea from:
“What this plugin does is scan for encrypted code and other suspicious looking material within a theme. If you have a theme with base64 encoding, for example, it will let you know which file in the theme contains the code. It will also list any external links within a theme and separate them by file.”