can't find scripts that appear on inspect element in my header.php or footer.php

  • You MUST read the Babiato Rules before making your first post otherwise you may get permanent warning points or a permanent Ban.

  • You MUST read the Babiato Rules before making your first post otherwise you may get permanent warning points or a permanent Ban.

    Our resources on Babiato Forum are CLEAN and SAFE. So you can use them for development and testing purposes. If your are on Windows and have an antivirus that alerts you about a possible infection: Know it's a false positive because all scripts are double checked by our experts. We advise you to add Babiato to trusted sites/sources or disable your antivirus momentarily while downloading a resource. "Enjoy your presence on Babiato"

chintu

New member
Dec 10, 2020
17
2
3
  • can't find scripts that appear on inspect element in my header.php or footer.php
  • Fault Description: well i just tried to monetize my webssite and installed propeller ads plugin ugh and i didn't do anything about popup ad or whatsoever and some malicious code spotted when i inspect my webs xD
  • What have you done to try to fix the issue: well i just can't find that script in the header.php or footer.php of my theme. So im wondering that how can i find that ssnippet of code that i found in inspect element that is all
 

chintu

New member
Dec 10, 2020
17
2
3
1609854899711.png
like i want to delete this script buttt i can't find where this script is located so could you pls tell me where can i find it thank you :3
 

ChintanBhat

Well-known member
Moderator
Null Master
Trusted Uploader
Nov 18, 2020
1,150
1,089
120
36
Universe
babiato.org
1609854899711.png
like i want to delete this script buttt i can't find where this script is located so could you pls tell me where can i find it thank you :3

Sorry but it's long time i have not used wordpress and forgot approx. 7 years, so i can't help you out with wordpress. You can ask someone else, they will surely help you. 😇
 
  • Sad
Reactions: chintu

Rockyp

Well-known member
Trusted Uploader
Sep 19, 2020
5,448
3,458
120
which theme are you using. name & link pls
let me see if i am able to help
 

chintu

New member
Dec 10, 2020
17
2
3
my domain is tuulaihan.com
and the theme is madara theme
the sscript have "emoji" in it xD
 

Rockyp

Well-known member
Trusted Uploader
Sep 19, 2020
5,448
3,458
120
add this to function.php
before that backup function.php
You don't have permission to view the spoiler content. Log in or register now.
there few ways to disable using plugins or code bro.

You don't have permission to view the spoiler content. Log in or register now.
 
  • Love
Reactions: chintu

chintu

New member
Dec 10, 2020
17
2
3
@Rockyp thank you very much it worked

but unfortunately whenever i add ad(banner) to my weebssite and just clicks anywhere sometimes popup ad happens ugh err can ssomeone tell me how can i fix it
the cause was propeller ads plugin(deleted) i think ugh
or is it revenuehits(where im testing ads)? i don't know anymore T.T
 
  • Like
Reactions: Rocky

phineas

Active member
Trusted Uploader
Jul 5, 2018
132
172
43
Can you paste here the functions.php of your theme?

It appears to me that this is because of malicious code. Or are you trying to "install" soma popup ads ?
 
  • Like
Reactions: chintu

chintu

New member
Dec 10, 2020
17
2
3
madara child theme function.php

<?php
add_action( 'wp_enqueue_scripts', 'madara_scripts_styles_child_theme' );
function madara_scripts_styles_child_theme() {
wp_enqueue_style( 'madara-css-child', get_parent_theme_file_uri() . '/style.css', array(
'fontawesome',
'bootstrap',
'slick',
'slick-theme'
) );
}

/* Disable VC auto-update */
add_action( 'admin_init', 'madara_vc_disable_update', 9 );
function madara_vc_disable_update() {
if ( function_exists( 'vc_license' ) && function_exists( 'vc_updater' ) && ! vc_license()->isActivated() ) {

remove_filter( 'upgrader_pre_download', array( vc_updater(), 'preUpgradeFilter' ), 10 );
remove_filter( 'pre_set_site_transient_update_plugins', array(
vc_updater()->updateManager(),
'check_update'
) );

}
}
/**
* Disable the emoji's
*/
function disable_emojis() {
remove_action( 'wp_head', 'print_emoji_detection_script', 7 );
remove_action( 'admin_print_scripts', 'print_emoji_detection_script' );
remove_action( 'wp_print_styles', 'print_emoji_styles' );
remove_action( 'admin_print_styles', 'print_emoji_styles' );
remove_filter( 'the_content_feed', 'wp_staticize_emoji' );
remove_filter( 'comment_text_rss', 'wp_staticize_emoji' );
remove_filter( 'wp_mail', 'wp_staticize_emoji_for_email' );
add_filter( 'tiny_mce_plugins', 'disable_emojis_tinymce' );
add_filter( 'wp_resource_hints', 'disable_emojis_remove_dns_prefetch', 10, 2 );
}
add_action( 'init', 'disable_emojis' );

/**
* Filter function used to remove the tinymce emoji plugin.
*
* @param array $plugins
* @return array Difference betwen the two arrays
*/
function disable_emojis_tinymce( $plugins ) {
if ( is_array( $plugins ) ) {
return array_diff( $plugins, array( 'wpemoji' ) );
} else {
return array();
}
}

/**
* Remove emoji CDN hostname from DNS prefetching hints.
*
* @param array $urls URLs to print for resource hints.
* @param string $relation_type The relation type the URLs are printed for.
* @return array Difference betwen the two arrays.
*/
function disable_emojis_remove_dns_prefetch( $urls, $relation_type ) {
if ( 'dns-prefetch' == $relation_type ) {
/** This filter is documented in wp-includes/formatting.php */
$emoji_svg_url = apply_filters( 'emoji_svg_url', 'https://s.w.org/images/core/emoji/2/svg/' );

$urls = array_diff( $urls, array( $emoji_svg_url ) );
}

return $urls;
}
// Function to Disable Emojis in TinyMCE Editor
function kill_emojis_on_tinymce( $plugins ) {
if ( is_array( $plugins ) ) {
return array_diff( $plugins, array( 'wpemoji' ) );
} else {
return array();
}
}

// Function to Disable Emoji-Specific Functions
function kill_wp_emojis() {

// Remove Emoji
remove_action( 'admin_print_styles', 'print_emoji_styles' );
remove_action( 'wp_head', 'print_emoji_detection_script', 7 );
remove_action( 'admin_print_scripts', 'print_emoji_detection_script' );
remove_action( 'wp_print_styles', 'print_emoji_styles' );
remove_filter( 'wp_mail', 'wp_staticize_emoji_for_email' );
remove_filter( 'the_content_feed', 'wp_staticize_emoji' );
remove_filter( 'comment_text_rss', 'wp_staticize_emoji' );

// Remove TinyMCE emojis via Filter
add_filter( 'tiny_mce_plugins', 'kill_emojis_on_tinymce' );

// Remove DNS Prefetch for Emojis via Filter
add_filter( 'emoji_svg_url', '__return_false' );

}

add_action( 'init', 'kill_wp_emojis' );
 

phineas

Active member
Trusted Uploader
Jul 5, 2018
132
172
43
And the functions.php of the main theme? Apart from the child one, can you post it? :)
 
  • Like
Reactions: chintu

raymondreddington

Member
Trusted Uploader
Mar 28, 2020
76
44
18
Hello Chintu,

If you have been hacked and need to find specific code you can download the files and run a search with Sublime Text.

Also, the code could be in the database so you should run a search over there as well. There are some find and replace plugins for that.

Hope it helps!

Sincerely,
Ray
 
  • Like
Reactions: chintu and phineas

phineas

Active member
Trusted Uploader
Jul 5, 2018
132
172
43
Hello Chintu,

If you have been hacked and need to find specific code you can download the files and run a search with Sublime Text.

Also, the code could be in the database so you should run a search over there as well. There are some find and replace plugins for that.

Hope it helps!

Sincerely,
Ray

The search in folder function of Sublime Text is perfect for this - good advice here, I totally forgot to say this.

Ferb
 

chintu

New member
Dec 10, 2020
17
2
3
umm thankss for advice guys im gonna give up xD

p.s: uhh don't ever try propeller ads plugin guys ugh T.T
 
Last edited:

chintu

New member
Dec 10, 2020
17
2
3
ah it was revenue hits ad lol if i just click on revhits ad once then my webssite becomes like that until i clear my cache ugh
sorry for wasting y'alls time T.T like i just deleted my sssite to know that im ssuch a loser ugh
 

raymondreddington

Member
Trusted Uploader
Mar 28, 2020
76
44
18
ah it was revenue hits ad lol if i just click on revhits ad once then my webssite becomes like that until i clear my cache ugh
sorry for wasting y'alls time T.T like i just deleted my sssite to know that im ssuch a loser ugh
Don't be hard on yourself. sh** happens a lot in this activity.

Have a nice day bro!
 
  • Like
Reactions: chintu

Similar threads

Forum statistics

Threads
52,049
Messages
665,725
Members
134,879
Latest member
shishir