elektroelch.net – blog

WordPress plugins: Don’t hard code path names …almost never!

The other day I found a plugin claiming the following in its instructions:

1) Upload the entire my-cool-plugin folder to the /wp-content/plugins/ directory
2) DO NOT change the name of the my-cool-plugin folder
[...]

What the heck? Why shouldn’t I change the name of the folder? The author didn’t actually hard code the plugin path of the plugin, did he? Continue reading WordPress plugins: Don’t hard code path names …almost never!

WordPress: Unified Login Error Messages

If you log-in to your WordPress blog and use an unregistered username the system will answer “ERROR: Invalid username. Lost your password?” and if you got your username right but not your password: “ERROR: The password you entered for the username admin is incorrect. Lost your password?”
So you know independently if you used a registered username or if the password isn’t right. That’s nice of WordPress, isn’t it? From the user point of view sure it is … and from the view of a possible attacker, too! Continue reading WordPress: Unified Login Error Messages

How-to remove the author from your Twenty-Ten posts

There are more than 1300 themes available in the official Theme Directory but many WordPress blogs are using the default theme Twenty Ten. The default header of a post looks like this:

Besides the date of publications the author of the article is displayed but since most blogs are operated by single persons this information is totally unnecessary. Additionally many bloggers write their posting while they’re logged in as Administrator so that the author is displayed has “admin”. This is not only unnecessary but also looks like you can’t handle your blog correctly.
Continue reading How-to remove the author from your Twenty-Ten posts

HTML/PHP: Single and double quotes

If PHP programmers are creating a link from variables often you can see the following code:

echo '<a href="' . $link . '" id="' . $id .'" class="' . $class . '">' . 
       $linktext . '</a>';

or

?>
<a href="<?php echo $link; ?>" id="<?php echo $id; ?>" 
   class="<?php echo $class; ?>"><?php echo $linktext; ?></a>
<?php

or

echo "<a href=\"$link\" id=\"$id\" class=\"$class\">$linktext</a>";

Apart from the personal preferences of the programmer all these snippets have one thing in common: they are hard to read. “Sure!”, you will say, “attributes in HTML have to be enclosed in double quotes and in PHP I have to use one of the above methods.” Are you sure? Do attributes really have to be enclosed in double quotes? The simple answer is: No!
Let’s take a look at the specification:

[…] By default, SGML requires that all attribute values be delimited using either double quotation marks (ASCII decimal 34) or single quotation marks (ASCII decimal 39). Single quote marks can be included within the attribute value when the value is delimited by double quote marks, and vice versa. […]

Double or single quotation marks. That will make things much easier:

echo "<a href='$link' id='$id' class='$class'>$linktext</a>";

As you see the code is much easier to read and that simply happened because you read the specs!

WordPress: Disable plugin table paging

Since WordPress 3.0 the plugin table is paginated by default, 20 entries at a time. In my mind this is totally useless since it means that I have to click through my plugins instead of simply scrolling through them with the mouse wheel. But there’s a more or less “hidden” option to display all plugins at once.
Continue reading WordPress: Disable plugin table paging

WordPress: Metaboxes are (re-)movable

This might sound like an article for pure beginners but even users with years of WordPress experience are regularly scrolling their dashboard and editing pages up and down to reach the desired metaboxes. Meta what?

Metaboxes. Those are the boxes used in the dashboard, the new page, or the new post pages to group the display. Such a box can contain almost anything therefore the name. What many people not realize is that they can collapse/expand, move, and remove them.
Continue reading WordPress: Metaboxes are (re-)movable

WordPress Plugin Spam, part 2

In the post Interesting new kind of WordPress Plugin Spam I reported about a site which offers WordPress plugins to attract the careless user to a scam site.

Since then Rahul (the man behind the scam) wasn’t inactive. A German user reported problems with his website which could easily be tracked down to a problem with an installed plugin. After a bit of research a plugin named “Visitor Stats” could be accused.

A quick peek at the known site confirmed my suspicion: the plugin is offered by “111 ways to make money”. Interestingly the site itself does not off the plugin (anymore). OK, maybe Rahul’s forgot to upload it. But where did the user got the plugin?

Continue reading WordPress Plugin Spam, part 2

Interesting new kind of WordPress Plugin Spam

There’s seems to be a new way of luring users of WordPress to spam sites: WordPress Plugin Spam.

Like most other plugin authors I regularly check what others are saying about them; actually I have a Google Alert set on the names). The other day I received an an e-mail from this service telling me that there is a new fork of my pagebar plugin called Advanced pagebar. Hey cool, some one build a new plugin based on my code.

The plugin was called  “Advance Pagebar – New way to navigate Pages …”. Surprisingly the link “http://wordpress.org/extend/plugins/advance-pagebar/” did not work. What the heck?

Continue reading Interesting new kind of WordPress Plugin Spam

Stop supporting commercial themes and plugins for free!

For the last days there has been much excitement about Thesis. Fo those who don’t know: Thesis is one of the more popular commercial themes for WordPress. Despite the special problems with this theme and its author it’s a more general question if customers of commercial should be supported for free by the community or not. So the question is:

Shall we stop supporting commercial
themes and plugins for free?

Pro:

  • The creator of commercial themes and plugins is making money from it and why should I give support? I will not get any money from my support but the creator will earn even more with subsequent products because of “the great support”.
  • People asking for support often are consultants, coders or designers making money from WordPress. They will not give me a single dollar if I give them support and help them to satisfy their customers.
  • There are special forums and mailinglist of commercial themes/plugins by the companies. Customers should use those.
  • I don’t support anything not GPL. Viva la revolución!
  • I could support the users but I would charge them for it.
  • There are better alternatives which are GPL. People should start using those and I’ll happily give them support.

Contra:

  • It’s all about the community! I don’t give a damn if others make money from it.
  • For me it doesn’t matter if I give support for free or commercial themes/plugins. The only reward I want is reputation.
  • Many of the commercial authors are active members of the WordPress community and give free support for other problems themselves.
  • Not all users (if not the majority) of commercial themes/plugins are professionals.
  • Often the commercial support is poor and the WordPress community should help those poor lost souls with their problems.
  • There are many support forums for other commercial software where people help each other in their spare time why should WordPress themes and plugins be an exception?
  • All this commercial stuff is making WordPress even more popular and so there will be more people helping WordPress getting better and better
  • Even Matt Mullenweg is profiting from all the free support from the community. Automattic would never be able to do it themselves and to present and enhance the best blogging system since sliced bread.

BTW: This is the third best article about this topic! (Couldn’t resist.)

Some links:

Updated pagebar v2.58

Some days I was happy that pagebar v2.57 does seem to work with the new WordPress v3.0 flawlessly but I laughed too soon. Mark (no link given) pointed out that custom taxonomies are disrupted when using pagebar v2.57.

The reason was some code I borrows from the “Multi Page Toolkit“:

add_action('init', 'pb_allpage_permalink', -1);
function pb_allpage_permalink() {
	global $wp_rewrite;
	$wp_rewrite->add_endpoint("all", EP_ALL);
	$wp_rewrite->flush_rules();
}

This code enables pagebar to display all parts of a page which is splitted into multiple parts. As you might see the code adds a new rule to the permalink structure. Unfortunately it corrupted the permalinks in a way that custom taxonomies stopped to worked.

The solution to this problem was to fire the action much, much later and to to update the rules transient (soft flush):

add_action('init', 'pb_allpage_permalink', 99);
function pb_allpage_permalink() {
	global $wp_rewrite;
	$wp_rewrite->add_endpoint("all", EP_ALL);
	$wp_rewrite->flush_rules(false);
}

Hopefully this will solve the problems with custom taxonomies completely.

Download: