Author URI: http://torrez.us/ */ register_activation_hook(__FILE__, 'template_hack_activation'); register_deactivation_hook(__FILE__, 'template_hack_deactivation'); add_action('verify_template_hashes', 'check_template_hashes'); add_action('admin_notices', 'notify_potentially_compromised'); function notify_potentially_compromised() { if(get_option('days_compromised', 0) > 0) { print('

'); print('

Your site is potentially compromised.'); print('Check your template source files or deactivate/activate plugin to reset this notice.

'); } } function check_template_hashes() { $rolling_md5 = ""; $theme = get_theme(get_current_theme()); foreach($theme['Template Files'] as $template_file) { $rolling_md5 = md5($rolling_md5 . @file_get_contents(WP_CONTENT_DIR . $template_file)); } if(!get_option('original_template_md5')) { update_option('original_template_md5', $rolling_md5); } if(get_option('original_template_md5') != $rolling_md5) { $to = get_option('admin_email'); $subject = 'Potentially compromised website'; $message = 'Please go to your Wordpress administration panel and check your template files to make sure you are not compromised.'; wp_mail($to, $subject, $message); update_option('days_compromised', get_option('days_compromised', 0) + 1); } else { update_option('days_compromised', 0); } } function template_hack_activation() { wp_schedule_event(time(), 'daily', 'verify_template_hashes'); } function template_hack_deactivation() { delete_option('original_template_md5'); delete_option('days_compromised'); wp_clear_scheduled_hook('verify_template_hashes'); } ?>