CODEWITHSUNDEEP
phpmysqldatabase
MrTechie
MrTechie

Reputation: 1847

Need to clean database of spam

So a couple things. First, being sick, I can't seem to focus right to get this figured out like I should, and secondly, it's flat out got me stumped on how to deal with this.

So I have a client who has an old site built on old code. There were some extreme vulnerabilities in the code that allowed for injections and attacks - which happened. Since I've come onto the project, I have tightened things up considerably and haven't really had issues. But I just found something that appears to be a lingering issue from previous hacks.

So in the database they have a field called 'copy' which is intended to store content of an article in. Ok fine, not the best of names, but it's there. So here's the issue. Since the hack, there are some 52k rows that have the word "viagra" in them. So when I look closer at the copy field and the code in a view source, this is what I find:

for the little kids in the neighborhood.<div style="display: none;">

Basically the opened and closed div tags that have a style set as seen above. So it doesn't visually render on the page but when you view the source or... "search engine spiders" come by, they see it. I couldn't figure out for the life of me why the .php files that got uploaded into the article_image directory were being indexed in Webmaster Tools - til tonight. Now I know why.

So here's what I need. Because each row in the database (52k of them) have what's given as an example (the <div style...>) part, and they all appear after the content that was there originally, I need something that I can add to a loop that will clean the crap out of the copy field so it cleans up the mess. I could take the str_replace method way - but that's too long and no guarantee that i would get all the stuff.

So - any suggestions?

Upvotes: 0

Views: 81

Answers (1)

Niet the Dark Absol
Niet the Dark Absol

Reputation: 324810

Try this: (assuming "content" is the name of the column with the article content)

UPDATE `copy` SET `content`=
     SUBSTR(`content` FROM 1 FOR LOCATE('<div style="display: none;">',`content`))
     WHERE `content` LIKE '%<div style="display: none;">%';

Since you have indicated that these injections are always the last thing in an article, this will wipe them out pretty well. I strongly suggest taking a backup copy first, though!

Upvotes: 5

Related Questions