[Architect]

thank you @mercime !

I found that the problem come from the theme ‘photum’… I checked it out and found its author doesn’t look like a bad guy to me so it should be mostly the compatibility problem I think… but I’ll take your advice especially the backup one!

[Architect]

Thank you @mercime! I’ll be more careful with the themes in the future.

I’m really worried when you said it might be hacked…I downloaded those three themes(iphoto/photum/graphictheme) from this website http://devstand.com/design/pinterest-wordpress-themes/ Is that a suspicious website?

I personally feel it’s more like a incompatible issue rather than a malicious attack because pinterest style theme seem to have some special feature for example showing more images when you drag down to the bottom of the page etc. but you are right…it shouldn’t touch the functions.php file of other themes…Anyway I don’t have any experience in dealing with hackers at all so maybe I’m just trying to comfort myself I’m not hacked…

[Architect]

Does anyone know how I can search and delete that same virus code in all my themes conveniently? I have hundreds of themes in my site so it will take me a long time to delete that code one by one….

“virus code”:

`<?php
include_once (‘includes/custompost.php’);
?>`

[Architect]

The other warning which doesn’t have to do with themes :

Warning: Cannot modify header information – headers already sent by (output started at /home/swotong/public_html/bluewhalefamily.com/wp-content/themes/frisco-for-buddypress/functions.php:270) in /home/swotong/public_html/bluewhalefamily.com/wp-includes/pluggable.php on line 866

This seems to be solved after I go to the line that cause error

header(“Location: $location”, true, $status);

I just change the above ‘true’ into ‘false’ and this warning haven’t appeared so far…I don’t really what I’m doing though…Really appreciate it if some one can tell me what this line mean and if that’s the right way to solve the problem..

Thank you!

[Architect]

Hi Paul,
I just deleted Frisco and download, install it again. Now my main site is working fine. However the users on my site, because they each use different themes, their own page are still showing those warnings… These themes are somehow ‘polluted’ with this code:
`<?php
include_once (‘includes/custompost.php’);
?>`
which is inserted at the end of the functions.php file. Meanwhile, there are some themes that aren’t polluted and I find they have a function folder in their theme folder which I assume is the reason they are not polluted..

Does anyone know what the above code mean and do I have to clean every one of my theme?