Jump to content


Photo
- - - - -

Fatal error: Cannot redeclare get_url_999()


  • Please log in to reply
10 replies to this topic

#1 mgwaters

mgwaters

    Advanced Member

  • Members
  • 35 posts

Posted 28 February 2014 - 10:16 AM

Hello,

 

I'm suddenly getting an error on a website that was working fine:

 

Fatal error: Cannot redeclare get_url_999() (previously declared in /home/content/r/e/l/reliablecare/html/wp-content/themes/pagelines/functions.php(2) : runtime-created function(1) : eval()'d code(1) : eval()'d code:1) in /home/content/r/e/l/reliablecare/html/wp-content/themes/pagelines/functions.php(2) : runtime-created function(1) : eval()'d code(1) : eval()'d code on line 1

 

Here is the current site:

Please Login or Register to see this Hidden Content

 

Wordpress Version: 3.8.1

Pagelines Framework Version: 2.4.4  (currently activated)

Base Theme: version 1.0.2 (deactivated after above error message)

Host: GoDaddy.com

 

It seems the Child Theme (Base Theme) is causing the problem, although it was working fine previously.

 

I have tried the following:

1) Disabled all plugins

2) Re-uploaded zip files of both the main Pagelines Framework and the Child Theme

3) I did edit the functions.php file some time ago but again everything was working fine. As a test I deleted all my edits and re-uploaded file but still receive the error message.

 

I currently have the main Pagelines Framework theme activated just so the site will function, but obviously I'd like to be able to activate the Child Theme as before.

 

I read on another post with a similar error that this may be a hosting issue which makes sense to me since the site was previously working fine. I just wanted to see if perhaps I'm missing anything before contacting GoDaddy.

 

Thank you.

 

 

 

 



#2 Danny

Danny

    Is Awesome!

  • Moderators
  • 17666 posts
  • LocationManchester, UK
  • Country: Country Flag

Posted 28 February 2014 - 11:18 AM

Hi,

 

I think the best thing to do is contact your host, as this could be malicious code. I remember another user having a similar problem and that was the cause, they to were using GoDaddy, so contacting them would be the best course of action.



#3 mgwaters

mgwaters

    Advanced Member

  • Members
  • 35 posts

Posted 28 February 2014 - 04:21 PM

So the malicious code could be else where in the WP install? Seems weird though that when I activate other themes the site behaves fine (other than the look) whihc leads me to believe it's the Child theme files that are messed up somehow.

 

And I did re-upload the same Base Theme .zip file that I use on other sites, including those hosted by GoDaddy.

 

I'll give GoDaddy a call and report back.



#4 greenfly

greenfly

    Advocate

  • Members

  • 3268 posts
  • LocationManchester, England
  • Framework Version:latest
  • Country: Country Flag

Posted 28 February 2014 - 09:06 PM

Let us know how you get on with your host. 



#5 Simon_P

Simon_P

    Messer

  • Administrators



  • 8388607 posts
  • LocationDevon
  • Framework Version:2.1.1
  • Country: Country Flag

Posted 28 February 2014 - 09:17 PM

email me the theme zips, i'll soon tell you if they are infected.

Please Login or Register to see this Hidden Content



#6 mgwaters

mgwaters

    Advanced Member

  • Members
  • 35 posts

Posted 28 February 2014 - 09:50 PM

Looks like the functions.php file of the main Pagelines Framework theme was infected:

 

This file appears to be malicious

 

Filename: wp-content/themes/pagelines/functions.php File type: Not a core, theme or plugin file. Issue first detected: 42 secs ago. Severity: Critical Status New

This file appears to be installed by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The text we found in this file that matches a known malicious file is: "wp_function_initialize = create_function".

 

 

I'm going to see if I can install a previous version of the site via GoDaddy backup.



#7 Simon_P

Simon_P

    Messer

  • Administrators



  • 8388607 posts
  • LocationDevon
  • Framework Version:2.1.1
  • Country: Country Flag

Posted 28 February 2014 - 10:08 PM

Those zips you sent me were clean. Either a plugin on your account is compromised or indeed the whole server is :/

 

If you could, could you send me one of the infected files? 



#8 mgwaters

mgwaters

    Advanced Member

  • Members
  • 35 posts

Posted 28 February 2014 - 10:26 PM

It was just the one functions.php file that was infected (according to Wordfence secutiry plugin) I downloaded, removed the malicious code and re-uploaded. Still having some issues with activating the Child Theme so am really hoping to get access to GoDaddy (client can find accurate login credentials!)



#9 mgwaters

mgwaters

    Advanced Member

  • Members
  • 35 posts

Posted 28 February 2014 - 11:50 PM

So I restored the Worpress files from a month ago (including the themes) and that solved the issue in terms of resurrecting the site. Sorry I didn't save the malicious code for you to look at. I'll keep me my eyes open. Thanks!



#10 Simon_P

Simon_P

    Messer

  • Administrators



  • 8388607 posts
  • LocationDevon
  • Framework Version:2.1.1
  • Country: Country Flag

Posted 01 March 2014 - 12:42 AM

did you update all plugins and themes? Maybe you just reverted the files and whatever was compromised is still there?



#11 mgwaters

mgwaters

    Advanced Member

  • Members
  • 35 posts

Posted 01 March 2014 - 01:15 AM

I ran another scan and Wordfence didn't find anything. But yes I updated Wordpress and the Framework Theme. I'll update the plugins also, but want to do those one at a time and test the site. Thanks for all your help.