Category Archives: WordPress Plugins

Comments Reopened On All Posts

I’ve reopened comments on all posts, regardless of post date.

Two years ago, I closed comments on posts older than 60 days because generally speaking, they only attract spam.

That’s still true, for the most part. But between WordPress Hashcash (an anti-spam plugin I can’t flog hard enough; seriously, get it) and Akismet, there’s no real additional work load; it’s not half the hassle of dealing with the script kiddies trying to log in to the admin section.

(BTW, I deal with hack attempts via Bluetrait Event Viewer, which lets me know about (among many other things) failed logins; and WordPress SEO by Yoast, which lets me easily edit my .htaccess file and put the banhammer down on offending IP addresses.)

My most popular posts are well over 60 days old, and the majority of questions I get are about those posts. Also, I have a number of very old (3+ years) that need cleaning up; so it would be helpful to enable comments on them, for people to tell me when things are broken / don’t look right on the screen. Thus, it makes sense to open comments back up on all posts.
Continue reading

Designers And Developers: Donate Your Time, Talent At New England GiveCamp, June 11-13, 2010

One of the things I found out about at Tuesday’s MSDN Northeast Roadshow stop in Augusta is the first New England GiveCamp, June 11-13 at Microsoft’s Northeast Research and Development center in Cambridge, MA.

New England GiveCampI’m attending, and I’d urge you to do so.

A GiveCamp is basically a gathering of developers, DBAs, project managers, designers and other IT folks in a given place, to donate their time and skills to charitable projects.

In the case of the New England GiveCamp, typical projects include upgrading Access databases, or converting Excel spreadsheets to Access; integrating open-source tools, such as Joomla, Drupal and Django, into existing Web sites; adding various gizmos to and tuning up existing Web sites; and several requests to spruce up the look of various types of collateral.

I believe the biggest mistake you could make in deciding whether to participate is thinking that you don’t have the kind of skills needed. From what’s been said at the GiveCamp’s Web site, there’s going to be plenty to do, whether you’re Linus Torvalds or Linus Van Pelt.

I think this goes doubly for graphic designers. Trust me, if you are an artistic person, no matter how little you think of your work, your worst effort is 10 times better than the best design ever produced by a programmer. I am speaking from extensive personal experience here. We’re the people who gave the Internet Comic Sans, animated GIFs and the <marquee> tag, remember. Please, save us from ourselves.

As the Northeast GiveCamp put it, “If you have the passion, we’ll find a place for you.”

In addition to the technical work on site, there are a myriad other volunteer opportunities both before and during the event, including registration, sponsor solicitation, organizing the development teams and matching them to non-profit organizations, handling logistics for food and snacks, and others we’ll discover along this journey!

Continue reading

Blog Changes: New Themes, New Syntax Plugin, Several Plugins Deactivated

Since I’m reviving the blog, I decided to give it a good going-over, in terms of theme, plugins and other aesthetics / tools I’m using.

The most notable change: I’ve switched from Fluid Blue to F2, both by SriniG. I really like the straightforward, clean appearance of Srini’s templates; when it comes to Web design, I am decidedly minimalist.

I’m inclined to agree with Chris Brogan and Julien Smith, authors of Trust Agents, when they strongly suggest having a personalized blog template. Experience certainly tells me that packaging and logo is vital to building any brand.

Truth be told, I can’t make anything anywhere near as nice as F2, and I’m too cheap to hire someone who could. Maybe, someday, I’ll trade a Web designer, programming for design. If you’re interested, let me know. Anyway, I like the new look, which I’ve hacked a bit, mostly by keeping all the fonts sans-serif.

I’ve also turned off several plugins. As previously noted, WP-PostRatings was not very popular. AskApache Google 404 did not deliver the SEO optimization I expected, and is a bit too ugly out of the box for my taste; I didn’t want to invest the time it would take to make it look pretty.

Global Translator is really just some buttons to use various online translation services. It does provide a local caching mechanism, which is why I installed it in the first place: I wanted to have the search engines index my posts in multiple languages.

But I couldn’t get the cache to work properly, which caused all kinds of 404 errors (which, again, AskApache Google 404 didn’t really help to fix). To top it off, the translation services were translating my code blocks, rendering them useless. Again, I could hack these problems myself, but since visitors can use the same services Global Translator uses, I decided to simply scrap it.

Continue reading

Hacking WP-PluginsUsed To Remove Plugin Version Numbers

One of the greatest contributors to the WordPress plugins repository is Lester “GaMerZ” Chan.

It’s testament to the value of his contributions that his work has not only been duplicated, borrowed and built upon by hundreds of other plugin developers — just search “gamerz” in the WordPress plugins repository to see how many times his name is cited — but many of his ideas and hacks have made their way into the core functionality of WordPress.

I use two of Gamerz’s plugins: WP-PostViews and WP-PluginsUsed. (Until recently, I also used WP-PostRatings, but that was not a popular feature, so I turned it off.) I like them both, but I had concerns about the security of using WP-PluginsUsed.

My concern was not WP-PluginsUsed itself, but the fact that it reported the version numbers of other plugins. Just telling the world that I am using a plugin is bad enough; reporting the specific version number, making it even easier on crackers, seems pointless.

But I believe in giving credit where credit is due, even at the risk of someone trying to exploit this site. I can always deactivate any plugin that has a major security hole. Besides, what plugins one is using generally isn’t difficult to figure out; there tends to be a handful available for any given task, and the ones that work well are often few and far between. You can pretty much just look at a WordPress blog and get a good feel for what plugins it is running.

That said, to keep my peace of mind, I simply commented out the part of WP-PluginsUsed that reveals version numbers.

You can do that either in the plugin editor that’s built into WordPress, or your favorite text editor. Look for the get_plugingsused_data() function, around Line 46:

### Function: WordPress Get Plugin Data
function get_pluginsused_data($plugin_file) {
	$plugin_data = implode('', file($plugin_file));
	preg_match("|Plugin Name:(.*)|i", $plugin_data, $plugin_name);
	preg_match("|Plugin URI:(.*)|i", $plugin_data, $plugin_uri);
	preg_match("|Description:(.*)|i", $plugin_data, $description);
	preg_match("|Author:(.*)|i", $plugin_data, $author_name);
	preg_match("|Author URI:(.*)|i", $plugin_data, $author_uri);
	if (preg_match("|Version:(.*)|i", $plugin_data, $version)) {
		$version = trim($version[1]);
	} else {
		$version = '';
	}
	$plugin_name = trim($plugin_name[1]);
	$plugin_uri = trim($plugin_uri[1]);
	$description = wptexturize(trim($description[1]));
	$author = trim($author_name[1]);
	$author_uri = trim($author_uri[1]);
	return array('Plugin_Name' => $plugin_name, 'Plugin_URI' => $plugin_uri, 'Description' => $description, 'Author' => $author, 'Author_URI' => $author_uri, 'Version' => $version);
}

We’re going to edit the last line of that function, the one that says “return array( … ).” Here’s the replacement line:

	return array('Plugin_Name' => $plugin_name, 'Plugin_URI' => $plugin_uri, 'Description' => $description, 'Author' => $author, 'Author_URI' => $author_uri, 'Version' => ''); //$version);

What this does is replace the version number for each plugin with an empty string; it has the same practical effect, through the rest of the plugin’s code, as never having reported the version of the plug-in.

Note that I also could have commented out lines 54, 55, 56 and 58, and left Line 64 intact. That, too, would have set the value of the version for each plugin to an empty string. I opted for the solution above because it is most elegant.

I distribute all code under the GNU GPL.