The theme I have been using for a couple of years on this blog (Maple) didn’t work very well with WordPress 2.5 and I can’t find an updated copy anywhere. Since I’ve hacked the shit out of it over the years, I decided it was time to make a fresh start with a theme that’s actually supported. So the first thing I did was copy the default theme, and try to make it look more like Maple. That wasn’t fun, and I’m not 100% satisfied with the results. So I decided to look at other themes.
I couldn’t find what I wanted at the official themes site, mostly because their search engine doesn’t categorize themes by category, and also because their “preview” function doesn’t work. But I found this other site, whose name I won’t mention but it had the word “free” in the URL. I found a bunch of nifty themes there, and downloaded them. I was just customizing one theme to add gravatar support and give the comments an alternating colour scheme, when I noticed something weird down at the bottom. It looked like spam. I grepped the theme code for the spammy urls, and couldn’t find them. But I figured the offending code must be in footer.php. Sure enough, all the themes I’d downloaded from this site had encrypted code in footer.php. I couldn’t read it or decrypt it, but it obviously was there to insert spam code in your blog. I tried replacing the footer.php with one from the default theme, and that broke other stuff. Crafty buggers.
Anyway, I’ve removed all traces of this crap, and I guess we’re all stuck with the psuedo-Maple theme until the official site starts working again.
Some variant of what I wrote about a while ago and is becoming a big enough problem that things like Technorati are responding. Gotta watch those “free” themes.