Dude, Where’s My Link? (or the Risk of Phantom Link Insertion)

by jrrl :: posted September 4, 2007 :: last modified July 11, 2008

Okay, we all know that link love (i.e. pagerank) is a huge factor for Google. And that’s why designers want their links preserved in their themes and why sponsored themes were all the rage for a little while.

So, imagine this situation. You change to a new theme and find a link in your blogroll that you didn’t add. You go to link management and the link isn’t there to delete, but it is certainly there on the live pages. So, you go and check the theme file and all you find is a call to wp_get_links or one of its relatives. What the heck is going on?

The answer may be hiding elsewhere in your theme, such as the header and footer files where you wouldn’t think to look. Here’s how it could be done. In header.php, the sneak adds a line like this:

<?php $wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_description, link_visible, link_owner) VALUES('http://www.example.com/','Example.com',1,'The ultimate web site for all things exemplar','Y',1)");?>

This adds the link (in this case to “example.com”) to the database at the start of building a page.

Then, in footer.php, he or she adds a corresponding line like this:

<?php $wpdb->query("DELETE FROM $wpdb->links WHERE link_name = 'Example.com'"); ?>

The link is now removed, so the admin of the site can’t find it in link management. Sure, there could be race conditions when traffic is brisk on the site, but the link would still be shown much of the time.

I cannot imagine that I am the first to think of this and while I have not seen any themes use this trick, I expect it is just a matter of time before some less scrupulous eager beaver decides to try this.

A more sophisticated sneak might even decide to only insert and remove the link if it was Google looking. In this way, your site would leak link love to his site without you ever even knowing it. Worse, if Google flagged his site as unscrupulous, they might flag yours as well. After all, as far as Google know, you are linking to them in your blog roll.

Yet another reason to give your theme code at least a scan before flipping the switch to make it live. Be careful out there.

Comments (1)

Category: Templature

1 Comment

Comment by Daniel Neville

Made Tuesday, 2 of October , 2007 at 5:27 pm

Very nice read, and that’s from a WordPress lover. I use K2 though, and I love it. :)

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

About HostScope

HostScope is a new site that combines several of my web sites, both existing and planned, into a single place. Its focus is web design, development, technology, and general webmastery. As a result, it needs to cover everything from picking a web host to configuring a blog to monetizing your site. Whether I can live up to the challenge of this broad a mission remains to be seen, but it should be an interesting ride regardless. More info...