Posts Tagged ‘code’

How to test for any TextLinkAds first

Sunday, April 15th, 2012
Posted in Web Development · Tags: , ,

If you run Text Link Ads with the WordPress plugin, you might run into a situation where you want to check to see if there are any ads before you output them on your site. The reason, maybe that you have some heading or decoration near them that depends on them showing up. Well, I made a little hack to do just that.


<?php
/*homepage only*/
if(is_front_page() && function_exists("tla_ads"))
{
//hack to see if we have any ads available
global $textlinkads_object;
if (count($textlinkads_object->ads) > 0)
{
//output whatever heading or decoration you want here
tla_ads();//show ads
}
}
?>

Calculating the Moon Phase Part 2

Monday, January 4th, 2010
Posted in Web Development · Tags: ,

In an older post about Calculating the Moon Phase, I converted the some code I found to PHP. However the Lunar Phase Calculator has some more information (ecliptic latitude and longitude in degrees, the moon’s distance in Earth radii, etc.), the other one doesn’t, so I went ahead and converted it from JavaScript to PHP.
(more…)

RSS Cron Job

Monday, December 14th, 2009
Posted in Web Development · Tags: ,

If you are on shared web host, you might not have the ability to run lots of cron jobs or be limited to a certain number per hour or day. You might know about the “Poor Man’s Cron Job”, which is basically not to run a task (usually caching some data or fetching a feed, api, etc.) in the background until someone visits a page. Which isn’t ideal, because often the page will be slow or sometimes it won’t be up to date until the second visit (if you run that task after outputting the cached data).

Well one way to get around this is to setup an RSS feed for the data you are caching or outputting and access it with a query string such as “?rss=2.0″ or http://example.com/index.php?rss=2.0. Then you can check to see if the RSS variable was passed and output a RSS feed with just enough data for a feed, no need to put sensitive data in there or anything. I would suggest putting in a ttl node in the RSS feed and set it to something the aggregators like Google Reader, should obey (that way they hit your page more or less frequently, depending on your needs). The item portion of an RSS feed only needs a title or a description, although its probably a good idea to put some kind of guid in there (check the RSS 2.0 spec for more info on creating RSS feeds).

Anyway here is some sample code. It isn’t complete but gives you an idea what I mean.

if ($_GET['rss'] == 2.0)
{
//create RSS 2.0 feed
header('Content-Type: text/xml');
$output = '<' . '?xml version="1.0"?' . '>' . "\n";
$output .= '<rss version="2.0">' . "\n";
$output .= '<channel>' . "\n";
//...
//process your data and output it into RSS 2.0 format
//...
$output .= '</channel>' . "\n";
$output .= '</rss>';
}
else
{
//process your data as normal
}

Then to make sure the page is hit often, place your RSS feed into Google Reader or Bloglines or some other RSS aggregator. Then your site will be visited often and forced to update. No one else really needs to know about your RSS feeds, unless you want them to be public as well.

WordPress Email Exposure

Tuesday, November 3rd, 2009
Posted in Web Apps · Tags: ,

I’ve noticed WordPress’s blog by email feature has the possibility of allowing anyone to see other email addresses. This feature can be turned on in the Admin in Settings->Writings and then Post via e-mail. Let’s say you set that email address as wordpressposts@example.com, that address will stay hidden. However anyone that emails that address will can have their address exposed on your blog by going to http://example.com/wp-mail.php (assuming that’s where you have WordPress installed at http://example.com). Chances are most people will have this set to a cron job and have it check it every so often, but it might be possible for others to request the page beforehand. And when you do go to that page, it shows something like this:

Author is myworkaddress@example.net

Author: 1

Posted title: Some Blog Post Title

Mission complete. Message 1 deleted.

Thus, if you are using your a email address you’d like to keep private and you are emailing wordpressposts@example.com, that email address has the possibility of showing up to people. Which is not good if you email from the same email address that checks the posts. And even worse if you email from a email address for a user in WordPress and has the rights to post contents because the email will get “publish” status rather than “pending” and will go live on the site. And if someone has the email address that is a user and has posting rights, they can easily send fake emails from that address, because all WordPress checks is the From or Reply-To line (whichever it finds first).

It’s easy to prevent it from showing email addresses by opening up wp-mail.php and looking for this line of code

echo '<p>' . sprintf(__('Author is %s'), $author) . '</p>';

And this line of code

echo "\n<p>" . sprintf(__('<strong>Author:</strong> %s'), esc_html($post_author)) . '</p>';

And then you could comment those lines out by putting // in front of both of them.

I understand WordPress outputs this information so you can see logged from any cron jobs you have setup or if you visit the page manually, as a way of just knowing whats going on. However, it could be done better to prevent the addresses from being shown to everyone. A simple solution is to setup a query string and have a secretkey (don’t make this your blog’s password however). For example, lets say your blog is installed at http://example.com/, we are going to know require the following URL to check Posts via e-mail http://example.com/wp-mail.php?secretkey=abc123. And if someone doesn’t send the right secretkey, it won’t check the email address or echo anything out.

So before this line of code

/** Make sure that the WordPress bootstrap has run before continuing. */

Let’s add

if ($_GET['secretkey'] != 'abc123')
exit();

Feel free to change the secretkey to whatever you wish. You can also change it to be called something other than secretkey. If you have a cron job, you’ll have to point to that new URL as well http://example.com/wp-mail.php?secretkey=abc123. If you use the secretkey method you can leave the lines where it echoes out the email address if you like (the 2 lines I showed you could comment out).

phpBB 3.x RSS Hack

Monday, February 2nd, 2009
Posted in Web Apps · Tags: , ,

Where I work we use phpBB and I was surprised to see version 3 didn’t have built in RSS support. I found a mod, but it contained several files and required modifying several more files. I put together a hack that will pull the latest posts that are approved and non-reported; However, it will keep them unique to a topic. So if the last 5 posts are for a topic called “That is awesome”, it will only show a link to the last post on that topic and will look for the other latest posts from other topics.

It’s configurable with a item_limit (number of posts to pull) and word_limit (how long the description is). However the description is just the title for the last post, so it will most often be “RE: original post title” unless the user changes it when posting. I could of done another query in a loop to the table phpbb_posts and pulled out the corresponding post_text, but didn’t want to have the overhead. Although you could easily modify that in and cache the file for say 5 or 15 minutes. Think of this as a head start to get the feeds from your forum for whatever you plan to do with them. ;)

(more…)