Posts Tagged ‘wordpress’

How to test for any TextLinkAds first

Sunday, April 15th, 2012
Posted in Web Development · Tags: , ,

If you run Text Link Ads with the WordPress plugin, you might run into a situation where you want to check to see if there are any ads before you output them on your site. The reason, maybe that you have some heading or decoration near them that depends on them showing up. Well, I made a little hack to do just that.


<?php
/*homepage only*/
if(is_front_page() && function_exists("tla_ads"))
{
//hack to see if we have any ads available
global $textlinkads_object;
if (count($textlinkads_object->ads) > 0)
{
//output whatever heading or decoration you want here
tla_ads();//show ads
}
}
?>

Top 5 Open Source PHP Content Management Systems

Friday, August 13th, 2010
Posted in Web Apps · Tags:

I wouldn’t consider this list to be the best, just the ones that have become the most popular. Some of these CMSes became popular because they were good, but many overtime have become pretty bloated. However, since people know them, they are highly customizable, and very powerful they have huge communities behind them. But as you know, what’s popular today on the internet will soon change. Afterall, back in the early 00’s PHP-Nuke was the most popular open source PHP CMS.

  1. Drupal – Even though it’s very popular, Drupal has a slightly steep learning curve and it’s usability isn’t what it could be. However, you don’t need to know how to code to get things done. There are a lot of plugins to do almost everything you want, however since they aren’t official plugins, you are at the mercy of the developer (if they break or if you need a feature added to them, unless you know how to modify the code). It’s possible to make your own plugins if you like as well.
  2. Joomla! – Like Drupal you won’t need to know how to code to use Joomla, but you can make your own plugins if you want to get in and code. There are a lot of plugins, however many of them cost money. The interface is a little more intuitive than Drupal, but not exactly elegant.
  3. WordPress – Although it’s primarily used as a blogging platform the custom fields, custom posts types and custom taxonomies features allow you to use it like a CMS. Plenty of great free plugins and themes exist out there. Plus if you want to get into the code you can build your own plugins as well or just modify your templates. WordPress is a personal favorite of mine. 😉
  4. XOOPS – Another popular CMS, however the themes aren’t as customizable as I would like. Still it’s got a lot of features and the admin is easy to use.
  5. MediaWiki – Even though it’s really a wiki, many sites have used it like a CMS. When Webmonkey relaunched their site, it was built in MediaWiki.

Most of these CMSes I believe are popular because they are very flexible. With a little training a non-technical user can create content like blogs, site news, an online book, FAQ, RSS feeds and more. Along with that some feature standard community based features such as forums and comments. With a little coding, the developers that set them up can extend the functionality beyond what they was intended. The ones on the list above have been the most popular since 2006 and have maintained their popularity since then. But I don’t believe all of them will remain in the top 5 in another 5 years.

Honorable Mentions

WordPress Email Exposure

Tuesday, November 3rd, 2009
Posted in Web Apps · Tags: ,

I’ve noticed WordPress’s blog by email feature has the possibility of allowing anyone to see other email addresses. This feature can be turned on in the Admin in Settings->Writings and then Post via e-mail. Let’s say you set that email address as wordpressposts@example.com, that address will stay hidden. However anyone that emails that address will can have their address exposed on your blog by going to http://example.com/wp-mail.php (assuming that’s where you have WordPress installed at http://example.com). Chances are most people will have this set to a cron job and have it check it every so often, but it might be possible for others to request the page beforehand. And when you do go to that page, it shows something like this:

Author is myworkaddress@example.net

Author: 1

Posted title: Some Blog Post Title

Mission complete. Message 1 deleted.

Thus, if you are using your a email address you’d like to keep private and you are emailing wordpressposts@example.com, that email address has the possibility of showing up to people. Which is not good if you email from the same email address that checks the posts. And even worse if you email from a email address for a user in WordPress and has the rights to post contents because the email will get “publish” status rather than “pending” and will go live on the site. And if someone has the email address that is a user and has posting rights, they can easily send fake emails from that address, because all WordPress checks is the From or Reply-To line (whichever it finds first).

It’s easy to prevent it from showing email addresses by opening up wp-mail.php and looking for this line of code

echo '<p>' . sprintf(__('Author is %s'), $author) . '</p>';

And this line of code

echo "\n<p>" . sprintf(__('<strong>Author:</strong> %s'), esc_html($post_author)) . '</p>';

And then you could comment those lines out by putting // in front of both of them.

I understand WordPress outputs this information so you can see logged from any cron jobs you have setup or if you visit the page manually, as a way of just knowing whats going on. However, it could be done better to prevent the addresses from being shown to everyone. A simple solution is to setup a query string and have a secretkey (don’t make this your blog’s password however). For example, lets say your blog is installed at http://example.com/, we are going to know require the following URL to check Posts via e-mail http://example.com/wp-mail.php?secretkey=abc123. And if someone doesn’t send the right secretkey, it won’t check the email address or echo anything out.

So before this line of code

/** Make sure that the WordPress bootstrap has run before continuing. */

Let’s add

if ($_GET['secretkey'] != 'abc123')
exit();

Feel free to change the secretkey to whatever you wish. You can also change it to be called something other than secretkey. If you have a cron job, you’ll have to point to that new URL as well http://example.com/wp-mail.php?secretkey=abc123. If you use the secretkey method you can leave the lines where it echoes out the email address if you like (the 2 lines I showed you could comment out).

A More Useful WordPress 404

Sunday, November 23rd, 2008
Posted in Web Apps · Tags:

Recently A List Apart had an article by Dean Frickey titled A More Useful 404. It was a good article about making a more useful 404 page that attempts to figure out what went wrong and it will email you some information. I modified the code from Perl to PHP for WordPress and figured I’d save people time from building it themselves by posting it here. Feel free to edit what you need to. The code goes inside your 404.php template.


<?php
//based on http://www.alistapart.com/articles/amoreuseful404
//just to break any email addresses or spam that might get spoofed in falsed headers, might just use a regex later
$disallowed_strings = array('@', '\t', '\r', '\n', '\v', '\f', '<', '>');
$clean_server_name = preg_replace('/[^a-zA-Z0-9\-\.]/', '', $_SERVER['SERVER_NAME']);
$clean_http_referer = str_ireplace($disallowed_strings, '', $_SERVER['HTTP_REFERER']);
$clean_request_uri = str_ireplace($disallowed_strings, '', $_SERVER['REQUEST_URI']);
$search_engine_domains = array('google.com', 'images.google.com', 'translate.google.com', 'yahoo.com', 'ask.com', 'live.com', 'aol.com', 'search.msn.com');//add more if you want
$search_message = '<p>You may want to try searching this site or using our <a href="' . get_bloginfo('url') . '/sitemap/">sitemap</a> to find what you were looking for.</p>';//if you have a sitemap
?>
<p>Sorry, but the page you were trying to get to <!--http:// ,--> does not exist.</p>
<?php
if ($_SERVER['HTTP_REFERER'] == '')
{
?>
<p>It looks like this was the result of either</p>
<ul>
<li>a mistyped address</li>
<li>or an out-of-date bookmark in your web browser.</li>
</ul>
<?php
echo $search_message;
}
else
{
//make it easier to search referer
$disallowed_url_strings = array('http://', 'https://', 'www.');//filter out https:// anyway
$referer = str_ireplace($disallowed_url_strings, '', $_SERVER['HTTP_REFERER']);
$referer_array = explode('/', $referer);
$referer = $referer_array[0];
$myblog_url = get_bloginfo('url');
$myblog_url = str_ireplace($disallowed_url_strings, '', $myblog_url);
$myblog_url_array = explode('/', $myblog_url);
$myblog_url = $myblog_url_array[0];
if ($referer == $myblog_url)
{
?>
<p>Apparently, we have a broken link on our page. An e-mail has just been sent to the person who can fix this and it should be corrected shortly. No further action is required on your part.</p>
<?php
$email_subject = 'Broken link on my site, ' . $clean_server_name;
$email_message = 'BROKEN LINK ON MY SITE' . "\r\n\r\n" . 'There appears to be a broken link on my page, ' . $clean_http_referer . " \r\n\r\n" . ' Someone was trying to get to ' . $clean_request_uri . ' from that page.';
$email_message .= "\r\n\r\n" . 'Why don\'t you take a look at it and see what\'s wrong?';
mail(get_bloginfo('admin_email'), $email_subject, $email_message, 'FROM: 404@example.com');
}
else
{
//see if it was a search engine
$domains_matched = 0;
$total_domains = count($search_engine_domains);
for ($x = 0; $x < $total_domains; $x++)
{
if ($referer == $search_engine_domains[$x])
$domains_matched++;
}
if ($domains_matched != 0)
{
?>
<p>It looks like the search engine has returned a link to an old page. These old links should eventually be removed from their indexes but since these are automatically generated there is no one to contact to try to correct the problem.</p>
<?php
echo $search_message;
}
else
{
?>
<p>Apparently, there is a broken link on the page you just came from. We have been notified and will attempt to contact the owner of that page and let them know about it.</p>
<?php
echo $search_message;
$email_subject = 'Broken link on somebody else\'s site.';
$email_message = 'BROKEN LINK ON SOMEBODY ELSE\'S SITE' . "\r\n\r\n" . 'There appears to be a broken link on the page, ' . $clean_http_referer . " \r\n\r\n" . ' Someone was trying to get to ' . $clean_request_uri . ' from that page.';
$email_message .= "\r\n\r\n" . 'Why don\'t you take a look at it and see if you can contact the page owner and let them know about it?';
mail(get_bloginfo('admin_email'), $email_subject, $email_message, 'FROM: 404@example.com');
}
}
}
?>

WordPress Recent Comments Hack

Wednesday, August 27th, 2008
Posted in Web Apps · Tags: ,

I wanted to get the most recent comments in WordPress without having to use the widgets or any plugins. When you use any of the widgets it will override the sidebar.php (although you could put what you needed in a else bracket inside sidebar.php, but I figured I’d put this hack together anyway).

This hack would go in your sidebar.php

$comment_array = $wpdb->get_results("SELECT comment_date_gmt, comment_author, comment_ID, comment_post_ID FROM $wpdb->comments WHERE comment_approved = '1' ORDER BY comment_date_gmt DESC LIMIT 10");
$comment_total = count($comment_array);
echo '<ul>';
for ($x = 0; $x < $comment_total; $x++)
{
echo '<li>';
echo $comment_array[$x]->comment_author . ' on ';
echo '<a href="'. get_permalink($comment_array[$x]->comment_post_ID) . '#comment-' . $comment_array[$x]->comment_ID . '">';
echo get_the_title($comment_array[$x]->comment_post_ID);
echo '</a>';
echo '</li>';
}
echo '</ul>'

A Customizable Tag Cloud For WordPress

Tuesday, August 26th, 2008
Posted in Web Apps · Tags: ,

If you’ve tried using wp_tag_cloud() as an array, you’ve noticed that all it really does is give you a string, which isn’t useful. The only way I could figure out how to get the tags to where I can format them how I want was to call get_tags() in wp-includes/category.php. You can also pass arguments to it to sort it differently. Take a look at get_terms() in wp-includes/taxonomy.php to get an idea of what you can do.

Here is a hack I put together that will output your tags as a unordered list (UL) with the total number of times the tag is used in parenthesis. You can place this code in sidebar.php

$tag_array = get_tags('orderby=count&order=DESC&number=15');
$tag_total = count($tag_array);
echo '<ul>';
for ($x = 0; $x < $tag_total; $x++)
{
echo '<li>';
echo '<a href="' . get_option('home') . '/tag/' . $tag_array[$x]->slug . '/" rel="tag">';
echo $tag_array[$x]->name;
echo '</a>';
echo ' (' . $tag_array[$x]->count . ') ';
echo '</li>';
}
echo '</ul>';

Last Modified Posts in WordPress

Saturday, March 8th, 2008
Posted in Web Apps · Tags: ,

Want to show the last posts you updated in WordPress? This shows the posts you went back and updated or modified, which is different than your recent posts.


<?php
query_posts('showposts=10&orderby=modified&order=DESC');
if (have_posts())
{
echo '<h3>Last Modified Posts</h3>';
echo '<ul>' . "\n";
while (have_posts()) : the_post();
echo '<li>';
echo '<a href="' . get_permalink() . '">' . the_title('','', false) . '</a>';
echo '</li>' . "\n";
endwhile;
echo '</ul>';
}
?>

WordPress Spam Prevention Hack

Sunday, February 10th, 2008
Posted in Web Apps · Tags: , ,

Akismet catches a lot of spam, but there is a lot it won’t catch. Therefore I decided to put together a hack to catch some more. The hack has 2 options:

  • One for you to put in spam words that if they are in the comment, the whole comment will be considered spam. Just be careful, if you add cialis you will block the word specialist also.
  • The other option lets you set the maximum number of links you will allow in a comment.

It will catch links that start with http://, https://, http://www., https://www. and www.. WordPress doesn’t convert text like example.com into a link.

The hack also checks to see if there is more content in the comment than just A tag(s), if there isn’t it’s considered spam. I recommend to use this with the Akismet plugin because it won’t prevent all spam. Keep in mind this hack may not work with other spam prevention plugins.

Open up wp-comments-post.php and after these lines

if ( '' == $comment_content )
wp_die( __('Error: please type a comment.') );

Add the following:

else /*MODIFIED - added this else to filter strings and count links*/
{
//OPTIONS
$link_limit = 3;//set the maximum number of links we allow
$disallowed_strings = array('[url', '[/url]', 'zithromax', 'levaquin');//add any strings you wont allow, make them lowercase, we test for case insensitivity later
//END OPTIONS
$temp_comment = strtolower($comment_content);//lowercase text so we can be case insensitive, php4 doesnt have stripos
$total_disallowed_strings = count($disallowed_strings);
//look for disallowed strings
for ($temp_counter = 0; $temp_counter < $total_disallowed_strings; $temp_counter++)
{
if (strpos($temp_comment, $disallowed_strings[$temp_counter]) !== false)
{
wp_die( __('Sorry, that looks like spam.') );
}
}
$comment_links = 0;
//regex would be better
$link_strings = array('http://www.', 'https://www.', 'http://', 'https://', 'www.');//order is important here
$temp_comment = str_replace($link_strings, '[LINK]', $temp_comment);
$comment_links = substr_count($temp_comment, '[LINK]');
//test for number of links
if ($comment_links > $link_limit)
{
wp_die( __('Sorry, that looks like spam.') );
}
//weed out all A tags and see if anything is left
$temp_comment = preg_replace('/<a[^\<]{1,}\<\/a\>/', '', $temp_comment);
$temp_comment = trim($temp_comment);
//see if the comment is nothing but links
if (empty($temp_comment))
{
wp_die( __('Sorry, that looks like spam.') );
}
}

Flat File Based WordPress

Friday, January 4th, 2008
Posted in Web Apps · Tags: ,

I ran into this the other day while browsing Scripts.com, which is much better than Hotscripts, because they have filters for the scripts so you can view only free ones or high ranking ones. The only problem is that it does that using POST (no bookmarkable filters) and resets your filter on each page load.

Anyway, back to the flat file based WordPress, it’s called Flatpress. This should be lighter weight and faster than regular WP, but its still in beta.

In case your not sure what flat file based means, it means they use text files to hold the data, rather than a real database like MySQL.

reCAPTCHA Plugin for WordPress

Monday, August 27th, 2007
Posted in Web Apps · Tags:

The reCAPTCHA plugin for WordPress is very easy to install. All you have to do is register on their site, get your keys and download the plugin. Then you just upload it, put activate it and put in your keys in WordPress. The code seems to be maintained by Carnegie Mellon University. reCAPTCHA works with JavaScript enabled or disabled, has a audio reading option and is free.
reCAPTCHA for WordPress
If you already use Akismet, this will help reduce the amount of spam you will have to moderate.

You can also change the theme that it uses, in case the default red and yellow clashes with your site.

Inside recaptcha.php look for these lines

<script type='text/javascript'>
var RecaptchaOptions = { theme : 'red', tabindex : 5 };
</script>

The only theme I know that works for sure is ‘red’ and ‘white’, they don’t seem to have a black theme yet.