WordPress: Metaboxes are (re-)movable

This might sound like an article for pure beginners but even users with years of WordPress experience are regularly scrolling their dashboard and editing pages up and down to reach the desired metaboxes. Meta what?

Metaboxes. Those are the boxes used in the dashboard, the new page, or the new post pages to group the display. Such a box can contain almost anything therefore the name. What many people not realize is that they can collapse/expand, move, and remove them.
Continue reading WordPress: Metaboxes are (re-)movable

WordPress Plugin Spam, part 2

In the post Interesting new kind of WordPress Plugin Spam I reported about a site which offers WordPress plugins to attract the careless user to a scam site.

Since then Rahul (the man behind the scam) wasn’t inactive. A German user reported problems with his website which could easily be tracked down to a problem with an installed plugin. After a bit of research a plugin named “Visitor Stats” could be accused.

A quick peek at the known site confirmed my suspicion: the plugin is offered by “111 ways to make money”. Interestingly the site itself does not off the plugin (anymore). OK, maybe Rahul’s forgot to upload it. But where did the user got the plugin?

Continue reading WordPress Plugin Spam, part 2

Interesting new kind of WordPress Plugin Spam

There’s seems to be a new way of luring users of WordPress to spam sites: WordPress Plugin Spam.

Like most other plugin authors I regularly check what others are saying about them; actually I have a Google Alert set on the names). The other day I received an an e-mail from this service telling me that there is a new fork of my pagebar plugin called Advanced pagebar. Hey cool, some one build a new plugin based on my code.

The plugin was called  “Advance Pagebar – New way to navigate Pages …”. Surprisingly the link “http://wordpress.org/extend/plugins/advance-pagebar/” did not work. What the heck?

Continue reading Interesting new kind of WordPress Plugin Spam

Stop supporting commercial themes and plugins for free!

For the last days there has been much excitement about Thesis. Fo those who don’t know: Thesis is one of the more popular commercial themes for WordPress. Despite the special problems with this theme and its author it’s a more general question if customers of commercial should be supported for free by the community or not. So the question is:

Shall we stop supporting commercial
themes and plugins for free?


  • The creator of commercial themes and plugins is making money from it and why should I give support? I will not get any money from my support but the creator will earn even more with subsequent products because of “the great support”.
  • People asking for support often are consultants, coders or designers making money from WordPress. They will not give me a single dollar if I give them support and help them to satisfy their customers.
  • There are special forums and mailinglist of commercial themes/plugins by the companies. Customers should use those.
  • I don’t support anything not GPL. Viva la revolución!
  • I could support the users but I would charge them for it.
  • There are better alternatives which are GPL. People should start using those and I’ll happily give them support.


  • It’s all about the community! I don’t give a damn if others make money from it.
  • For me it doesn’t matter if I give support for free or commercial themes/plugins. The only reward I want is reputation.
  • Many of the commercial authors are active members of the WordPress community and give free support for other problems themselves.
  • Not all users (if not the majority) of commercial themes/plugins are professionals.
  • Often the commercial support is poor and the WordPress community should help those poor lost souls with their problems.
  • There are many support forums for other commercial software where people help each other in their spare time why should WordPress themes and plugins be an exception?
  • All this commercial stuff is making WordPress even more popular and so there will be more people helping WordPress getting better and better
  • Even Matt Mullenweg is profiting from all the free support from the community. Automattic would never be able to do it themselves and to present and enhance the best blogging system since sliced bread.

BTW: This is the third best article about this topic! (Couldn’t resist.)

Some links:

So your WordPress plugin kills the Theme Editor?

You’ve created a plugin that worked happily since version 2.5 of WordPress. Then came version 2.9 and the users of your plugin complain that the theme editor does not work anymore! What the theme editor? What have I to do with the theme editor?

That were my thoughts when I received bug reports for the pagebar plugin. I had absolutely no idea why and first checked the usual suspects; with no success. So I tried a different approach and disabled all initialisation code. The theme editor worked. I enabled the first disabled line and Eureka! The theme editor failed. This has to be the
erroneous line:

$dir = trailingslashit(WP_CONTENT [...]

The $dir variable is global and that seemed to be the problem. A short look at theme-editor.php shows that’s there a global variable called $dir. So I changed the variable name in my plugin to a more unique name and voilà, everything works as expected.

There are some lessons I learned from this incident:

  • Use a unique name for your global variables.
  • Better: Never use global variables at all.
  • Even better: encapsulate everythin inside a class.

I hope his short story helped you to debug your plugin and leave some happy users behind.

noteaser – The unknown WordPress tag

noteaserMost WordPress users will know the <!--more--> tag which allows you to create a teaser for your blog post. The text in front of the tag will be displayed on the main blog page and after clicking the “more” link the single post page containing the teaser and remaining part of the blog post will be displayed.

More often than not this is adequate but there may be situation where you want to create a separate teaser which isn’t displayed on the single post page. So it may be a good idea to create a collage as the teaser for a post containing various images. On the post page itself the collage would not be appropriate. Another situation could be a very striking teaser which does not fit into the main post but still is a good teaser to attract readers.

To hide these parts of the post you can use the lesser known <!--noteaser--> tag:

Teaser text
<! --more-><! --noteaser-->Post text.

The <!--noteaser--> necessarily has to follow directly after the <!--more--> tag otherwise it will not be evaluated.

However there are some issues using the tag:

  • After clicking the more tag the content of the post will be moved to the top of the browser window. This may be appropriate for a standard posting where the teaser text shall be hidden from the reader’s eyes. Using the noteaser tag there is no such text any more and the reader is wondering if there is anything above.
  • The text in front of the <!--more--><!--noteaser--> tags will not be shown on the preview page. So you have to write your post in two steps: first creating the text as usual and inserting the <!--noteaser--&gt in the final state.
  • All line breaks are preserved. To avoid an additional empty line at the top of the post you should insert the tags on a single line.

These issues may be solved by creating a plugin… maybe later. Nevertheless the tag is a nice tool to add a different view to your blog.

Accessing WordPress data from outside WordPress

(img by shindohd)

There are times when you want to access the data from your WordPress database from a webpage outside of your WordPress installation. This can be done by using the mysql_connect of PHP and selecting the data with some genuine SQL statements. This will work but it has the substantive disadvantage that the WordPress database is changed now and then and that the SQL statement will fail sooner or later.

There has to be a better solution and there is one! Simply use the function provided by WordPress itself to access the data. It’s as simple as this code:

include '../blog/wp-blog-header.php';

In this example WordPress is installed in the directory “../blog” relative to the directory of the current script. You have to adapt it to your installation, of course. Now you can access the database using the $wpdb-instance, i.e.

$post_id = 666;
$sql = "select post_title from $wpdb->posts where ID=$post_id";
$title = $wpdb->get_var($sql);

Ok, if Automattic decides to change the row names you’ve lost again. So you should completely avoid direct database calls and use the functions build into WordPress which are also available after including the above file:

$post_id = 666;
$title =  get_the_title($post_id);

This should be a safe call for a very long time!