[cc lang=”php” escaped=”true” width=”600″]
master-slider tries to hide a user’s slider settings in database by B64 encoding it?

there are two tables in the database:

wp_masterslider_options
wp_masterslider_sliders

while rhere is a column named

params

that reads like this:

eyJtZXRhIjp7IlNldHRpbmdzIWlkcyI6IjEiLCJTZXR0aW5ncyFuZXh0SWQiOjIsIlNsaWRlIWlkcyI6IjcsOCwxMSwxMiIsIlNsaWRlIW5leHRJZCI6MTMsIkNvbnRyb2whaWRzIjoiMSw1IiwiQ29udHJvbCFuZXh0SWQiOjZ9LCJNUDb250cm9sIFBhbmVsXFxcIiBocmVmPVxcXCJodHRwOi8vZGV2Lm1rdS5wdC9wcm9kdWt0L3Jlc2lkaXVtLWNvbnRyb2wtcGFuZWwvXFxcIj5NZWhyIGVyZmFocmVuPC9hPjwvcD5cIixcImJndl9maWxsbW9kZVwiOlwiZmlsbFwiLFwiYmd2X2xvb3BcIj...

this looks pretty ugly…

but if send through this function:

[cc lang=”js” escaped=”true” width=”600″]
wp-content/plugins/master-slider/admin/views/slider-panel/js/masterslider.wp.js?ver=2.5.1 ->

var decodeFix = function(str) {
var decoded = B64.decode(str);
return decoded.slice(0, decoded.lastIndexOf(“}”) + 1)
};

[/cc]

actually generates some sense:


"{"meta":{"Settings!ids":"1","Settings!nextId":2,"Slide!ids":"7,8,11,12","Slide!nextId":13,"Control!ids":"1,5","Control!nextId":6},"MSPanel.Settings":{"1":"{\"id\":\"1\",\"snapping\":true,\"disableControls\":false,\"name\":\"Home\",\"width\":\"1000\",\"height\":700,\"wrapperWidthUnit\":\"px\",\"autoCrop\":false,\"type\":\"custom\",\"sliderId\":\"1\",\"layout\":\"fullwidth\",\"autoHeight\":false,\"trView\":\"basic\",\"speed\":\"20\",\"space\":\"0\",\"start\":\"1\",\"grabCursor\":true,\"swipe\":\"1\",\"mouse\":true,\"wheel\":\"\",\"autoplay\":true,\"loop\":true,\"shuffle\":\"\",\"preload\":2,\"overPause\":\"1\",\"endPause\":\"\",\"hideLayers\":\"\",\"dir\":\"h\",\"parallaxMode\":\"swipe\",\"useDeepLink\":false,\"deepLinkType\":\"path\",\"scrollParallaxMove\":30,\"scrollParallaxBGMove\":50,\"scrollParallaxFade\":true,\"centerControls\":false,\"instantShowLayers\":\"\",\"className\":\"hell\",\"skin\":\"ms-skin-default\",\"msTemplate\":\"custom\",\"msTemplateClass\":\"\",\"usedFonts\":\"\"}"},"MSPanel.Slide":{"7":"{\"id\":7,\"timeline_h\":200,\"bgThumb\":\"/2015/03/res_Control_Panel__1-150x150.jpg\",\"order\":0,\"bg\":\"/2015/03/res_Control_Panel__1.jpg\",\"duration\":\"3\",\"fillMode\":\"fill\",\"info\":\" ....

you can also read and decode it backend-php wise like that:

create new file:

/wp-content/themes/yourtheme-child/master-slider.read.php

[cc lang=”php” escaped=”true” width=”600″]

get_results($sql) or die(mysql_error());

$decoded_params = base64_decode ( $results[0]->params );
$decoded_params_array = json_decode( $decoded_params, true );

print_r($decoded_params_array);
}

if(isset($_REQUEST[“slider_id”]))
{
master_slider_getSliders($_REQUEST[“slider_id”]);
}
?>

[/cc]

if you fire something like that in your browser:

http://localhost/callom.com/wp-content/themes/yourtheme-child/master-slider.read.php?slider_id=1

you should the slider-settings of the first master-slider with ID=1


Array
(
    [meta] => Array
        (
            [Settings!ids] => 1
            [Settings!nextId] => 2
            [Slide!ids] => 7,8,11,12
            [Slide!nextId] => 13
            [Control!ids] => 1,5
            [Control!nextId] => 6
        )

    [MSPanel.Settings] => Array
        (
            [1] => {"id":"1","snapping":true,"disableControls":false,"name":"Home","width":"1000","height":700,"wrapperWidthUnit":"px","autoCrop":false,"type":"custom","sliderId":"1","layout":"fullwidth","autoHeight":false,"trView":"basic","speed":"20","space":"0","start":"1","grabCursor":true,"swipe":"1","mouse":true,"wheel":"","autoplay":true,"loop":true,"shuffle":"","preload":2,"overPause":"1","endPause":"","hideLayers":"","dir":"h","parallaxMode":"swipe","useDeepLink":false,"deepLinkType":"path","scrollParallaxMove":30,"scrollParallaxBGMove":50,"scrollParallaxFade":true,"centerControls":false,"instantShowLayers":"","className":"hell","skin":"ms-skin-default","msTemplate":"custom","msTemplateClass":"","usedFonts":""}
        )

    [MSPanel.Slide] => Array
        (
            [7] => {"id":7,"timeline_h":200,"bgThumb":"/2015/03/Panel_-150x150.jpg","order":0,"bg":"/2015/03/_1.jpg","duration":"3","fillMode":"fill","info":"

liked this article?

  • only together we can create a truly free world
  • plz support dwaves to keep it up & running!
  • (yes the info on the internet is (mostly) free but beer is still not free (still have to work on that))
  • really really hate advertisement
  • contribute: whenever a solution was found, blog about it for others to find!
  • talk about, recommend & link to this blog and articles
  • thanks to all who contribute!
admin