How to fix? Error message "Use of undefined constant REQUEST_URI - assumed 'REQUEST_URI' (this will throw an Error in a future version of PHP)" in functions.php

WillWashington · March 4, 2020, 3:30pm

Warning : Use of undefined constant REQUEST_URI - assumed ‘REQUEST_URI’ (this will throw an Error in a future version of PHP) in /home/easystar/public_html/wp-content/themes/pro-child/functions.php on line 73

This message (text warning) appears at the top of my live website and my dashboard on every page,

How can I access the functions.php file to fix this or what do I need to do? I would appreciate your help. I logged in to develop my website today after about 4 months break and was met with this error.

website URL is in the secure note.

ruenel · March 5, 2020, 2:39am

Hello William,

Thanks for posting in! It seems that you added a custom PHP code in the Pro Child theme’s functions.php particularly in line 73 and this generates the PHP Warning message. You will have to edit and correct your PHP code. You can fix it by going to Appearance > Themes > Theme Editor and select functions.php file.

NJvyBLxnRy6bfHMMzitVFg1244×850 115 KB

If you cannot access it in the WP file editor, you will have to log in to your FTP and browse to the themes folder wp-content/themes/pro-child/ to be able to edit the functions.php file.

Hope this helps. Please let us know how it goes.

ruenel · March 6, 2020, 8:02pm

Hello William,

Did you added those PHP codes? We do not have any idea what or how the code works. If you do not know anything about it, please remove it immediately.

Kindly let us know how it goes.

WillWashington · March 8, 2020, 12:09pm

Hi, I just wanted to let you guys know the outcome - as soon as you told me you did not recognize the code I knew it was not integral to my theme.co files and I started to investigate further on my own which I probably should of just done from the beginning.

It turns out this is from a back door virus installed on my WP somehow, the back door is called wp-vcd and it is well documented online, a simple google search revealed to me the directories and files that had been modified/created/tampered with and I was able to remove the back door within about an hour after a few quick scares and nail biting moments.

I wanted to share with the community this back door is called wp-vcd and if anyone sees an error similar to this they probably are infected as well. I have not installed any ‘cracked’ software or plugins or themes etc so I think I was targeted because I hadn’t updated my website in about 5 months and maybe the lack of updates to WP and the plugins I was using created a vulnerability. I’m still not exactly sure.

I also don’t think the backdoor was successfully executed fully on my server, because in the guides I read to remove the back-door it said it will create a WP user named like “1000001111111” something to that effect and I had no un-known user accounts created in my WP dashboard or FTP.

ruenel · March 8, 2020, 10:24pm

Hello William,

Thanks for sharing this information.
Good to know that you have figured out where the code is coming from.

If you need anything else we can help you with, don’t hesitate to open another thread.

system · March 18, 2020, 10:24pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.