Unicorns in Your WordPress Dashboard
Do you have Mystique Unicorn Pictures in WordPress Dashboard
Unicorn images are showing up in WordPress Dashboards. If you are using the Mystique WordPress Theme for a self hosted WordPress blog this is not a sign of a hacked site, just an April Fools joke and it will go away on April 2. Apart from being totally annoying it is harmless and probably not worth the effort needed to edit the code and prevent the function.
The image URL shows up as coming from cornify.com – http://www.cornify.com/getacorn.php with a variable string attached at the end.
If you want to stop the unicorns from cornify.com disrupting your WordPress Dashboard, the place to look is in the functions.php file in the Mystique Theme folder. Look for this code; if you are using the current version of the theme it is on line 500 – near the bottom of the file code. (Or do a text search for ‘ some fun ‘ if you can’t find it).
// some fun : )
if(date(‘m-d’, current_time(‘timestamp’, true)) == ’04-01′) add_action(‘admin_footer’, ‘mystique_a1’);
// show ponies on 1st click of a link
if($(this).data(‘pwned’)) return true;
There are a few other functions listed under the “fun” section of the script. To remove them all delete everything from // some fun : ) to near the end of the file where it says YOU MUST LEAVE THIS PART IN THE FILE!
Unicorns in Earlier Versions of Mystique Theme
First thing, if you’re seeing this the version of Mystique is out of date and should be up-dated.
If you haven’t updated to the latest version, or for some reason don’t want to, the function is in core.php (line 3531 but this may depend on your php editor). Look for a text line called (function mystique_get_avatar) or the date string if (date(‘m-d’) == ’04-01′)?. If you want to fix this older theme version see How to remove the Unicorn avatar in Mystique WordPress theme
A Waste of Time but Smiling
These Unicorns in the WordPress Dashboard wasted 3 hours of my time today while I trawled the guilty website for malware, successful hacking attempts and all the usual suspects causing unexplained site behaviour. Eventually an old post in the WordPress.org support forums led me to the article mentioned above – which dealt with last years April Fools Day script in Mystique.
I decided to leave the code in place – annoyed as I was at first, after finding the cause and how to fix it, this April Mystique Fool had a good chuckle. This reminded me that we can take ourselves and our occupation too seriously, and after two solid days of some heavy Drupalling, the light humour was welcome.
Get your own back by saving the images from cornify for the kids – they’ll enjoy them – and seeing as they were placed on your site without your permission, copyright law cannot apply.