{"id":1788,"date":"2014-05-03T05:07:47","date_gmt":"2014-05-03T05:07:47","guid":{"rendered":"http:\/\/musilda.cz\/?p=1788"},"modified":"2014-05-03T05:07:47","modified_gmt":"2014-05-03T05:07:47","slug":"vyhledani-skodliveho-kodu-v-sablonach","status":"publish","type":"post","link":"https:\/\/affinite.io\/cs\/vyhledani-skodliveho-kodu-v-sablonach\/","title":{"rendered":"Vyhled\u00e1n\u00ed \u0161kodliv\u00e9ho k\u00f3du v \u0161ablon\u00e1ch"},"content":{"rendered":"\n<p>Jednou z nep\u0159\u00edjemn\u00fdch vlastnost\u00ed free \u0161ablon, je, \u017ee s jejich k\u00f3dem m\u016f\u017ee pracovat kdokoliv. Tak\u017ee pokud v\u00e1m n\u011bkdo nab\u00eddne \u0161ablony zdarma, nemus\u00ed to b\u00fdt jen v\u00fdhra. Typick\u00fd p\u0159\u00edklad jsou premium \u0161ablony na pir\u00e1tsk\u00fdch serverech. Osobn\u011b bych takovou \u0161ablonu neinstaloval.&nbsp;<\/p>\n\n\n\n<!--more-->\n\n\n\n<p>Pokud chcete m\u00edt jistotu, \u017ee jsou \u0161ablony v po\u0159\u00e1dku, stahujte je jen z ov\u011b\u0159en\u00fdch zdroj\u016f. A pokud chcete m\u00edt v\u011bt\u0161\u00ed pocit jistoty, proskenujte si \u0161ablony pomoc\u00ed pluginu Theme Authenticity Checker.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Theme Authenticity Checker<\/h2>\n\n\n\n<p>Zn\u00e1m\u00fdm zp\u016fsobem, jak zamaskovat \u0161kodliv\u00fd k\u00f3d, je pou\u017e\u00edt base_64_decode a eval. T\u00edm za\u0161ifrujete k\u00f3d, kter\u00fd se pak spou\u0161t\u00ed. \u010casto na n\u011bj m\u016f\u017eete narazit, kdy\u017e autor \u0161ablony podmi\u0148uje u\u017e\u00edv\u00e1n\u00ed t\u00edm, \u017ee mus\u00edte nechat v pati\u010dce jeho odkazy. K\u00f3d m\u016f\u017ee vypadat n\u011bjak takto:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"240\" height=\"168\" src=\"https:\/\/affinite.io\/cs\/wp-content\/uploads\/sites\/2\/2014\/05\/base.jpg\" alt=\"\" class=\"wp-image-1789\" \/><\/figure>\n\n\n\n<p>Ch\u00e1pu ochranu takov\u00e9ho odkazu, proto\u017ee n\u011bco za n\u011bco, ale v\u00e1\u017en\u011b chcete m\u00edt na webu k\u00f3d, u kter\u00e9ho si nem\u016f\u017eete b\u00fdt jist\u00ed, co v n\u011bm je? Theme Authenticity Checker \u0161ablonu proskenuje, na za\u0161ifrovan\u00fd obsah upozorn\u00ed a pokus\u00ed se jej dek\u00f3dovat. U ne\u0161kodn\u00e9ho zak\u00f3dovan\u00e9ho odkazu zobraz\u00ed jeho html k\u00f3d.<\/p>\n\n\n\n<p>Po instalaci a aktivaci, nen\u00ed pot\u0159eba plugin d\u00e1le nastavovat, v nab\u00eddce vzhled najdete polo\u017eku TAC a plugin v\u00e1m zobraz\u00ed v\u00fdsledky scanu:<\/p>\n\n\n\n<figure class=\"wp-block-image\"><a href=\"http:\/\/musilda.cz\/wp-content\/uploads\/2014\/05\/Theme-Authenticity-Checker-TAC-\u2039-Security-\u2014-WordPress.png\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" width=\"763\" height=\"588\" src=\"http:\/\/musilda.cz\/wp-content\/uploads\/2014\/05\/Theme-Authenticity-Checker-TAC-\u2039-Security-\u2014-WordPress.png\" alt=\"Theme Authenticity Checker  TAC  \u2039 Security \u2014 WordPress\" class=\"wp-image-1790\" srcset=\"https:\/\/affinite.io\/cs\/wp-content\/uploads\/sites\/2\/2014\/05\/Theme-Authenticity-Checker-TAC-\u2039-Security-\u2014-WordPress.png 763w, https:\/\/affinite.io\/cs\/wp-content\/uploads\/sites\/2\/2014\/05\/Theme-Authenticity-Checker-TAC-\u2039-Security-\u2014-WordPress-300x231.png 300w\" sizes=\"(max-width: 763px) 100vw, 763px\" \/><\/a><\/figure>\n\n\n\n<p>Co \u0159\u00edci z\u00e1v\u011brem? Cht\u011blo by se napsat &#8211; Nestahujte ty pir\u00e1tsk\u00e9 \u0161ablony! Ale i kdy\u017e instalujete jen z ov\u011b\u0159en\u00fdch zdroj\u016f, m\u016f\u017ee se st\u00e1t, \u017ee se v\u00e1m do WordPressu dostane n\u011bjak\u00fd bot a zapln\u00ed v\u00e1m soubory \u0161kodliv\u00fdm k\u00f3dem. Ji\u017e jsem se setkal s p\u0159\u00edpadem, \u017ee se tak stalo p\u0159es nepou\u017e\u00edvanou a neaktualizovanou \u0161ablonu. Plugin v\u00e1m pak urychl\u00ed zji\u0161t\u011bn\u00ed probl\u00e9mu.<\/p>\n\n\n\n<p>Plugin st\u00e1hnete na <a href=\"http:\/\/wordpress.org\/plugins\/tac\/\" target=\"_blank\" rel=\"noopener\">WordPress.org<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Jednou z nep\u0159\u00edjemn\u00fdch vlastnost\u00ed free \u0161ablon, je, \u017ee s jejich k\u00f3dem m\u016f\u017ee pracovat kdokoliv. Tak\u017ee pokud v\u00e1m n\u011bkdo nab\u00eddne \u0161ablony zdarma, nemus\u00ed to b\u00fdt jen v\u00fdhra. Typick\u00fd p\u0159\u00edklad jsou premium \u0161ablony na pir\u00e1tsk\u00fdch serverech. Osobn\u011b bych takovou \u0161ablonu neinstaloval.&nbsp;<\/p>\n","protected":false},"author":1,"featured_media":1775,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6,31],"tags":[222,350,376],"class_list":["post-1788","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-bezpecnost-wordpressu","category-wordpress-pluginy","tag-kontrola-sablony","tag-skodlivy-kod","tag-theme-scan"],"_links":{"self":[{"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/posts\/1788"}],"collection":[{"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/comments?post=1788"}],"version-history":[{"count":0,"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/posts\/1788\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/media\/1775"}],"wp:attachment":[{"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/media?parent=1788"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/categories?post=1788"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/tags?post=1788"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}