Mar 03

In the past, the majority of WordPress themes would enclose the title of sidebar widgets within an HTML h3 heading tag. The Thesis Theme V1 is one such theme.

WordPress theme designers have moved away from this practice because of an increased awareness of SEO. Nowadays, people who write search engine optimised content generally use HTML heading tags exclusively for hierarchical text elements with relevant contextual keywords designed to appeal to search engines, e.g. a post title with the main target keyword would be enclosed within h1, then the subheadings with additional keywords would be enclosed within h2, and so on.

In contrast, WordPress widgets often have generic titles like ‘categories’, ‘tags’, ‘meta’ and ‘links’ which have offer no usefulness as search keywords. Having h3 on these is wasteful as it has the potential to take value away other relevant keywords on the page.

The Thesis theme does not have a hook to change the styling of widget/sidebar titles. The solution is to unregister the two default sidebars, then re-register them with a different html markup for the title. In this example, h3 has been replaced by a div with the class “widgettitle”.

Furthermore, we have to ensure that this only happens AFTER the Thesis Theme has finished its default sidebar registration. This is achieved by hooking the action ‘widgets_init’ with a priority of 11 – lower than the WordPress default priority of 10.

The following code snippet should be added to custom_functions.php in the Thesis Theme’s custom file editor:
Continue reading »

Tags: ,

Mar 03

Sample 404 Error Image

This article describes how to get the Thesis Theme Version 1 to display a 404 error image as a substitute for any missing images on your site.
Continue reading »

Tags: ,

Mar 03

Sample 404 Error Image

If you attempt to access the URL of a non-existent image file on a website – say a jpg, png or gif file – you will usually be redirected to the 404 error page. If the image is embedded via an HTML img tag, this will normally result in your browser displaying a missing image icon.

Instead, we can handle this in a more elegant way by creating a special 404 Error image which will be returned when someone attempts to request a non-existent image file on your website.

All we have to do is:
Continue reading »

Tags:

Mar 03

This snippet of PHP code takes any shortened URL, like those from Bitly, Google or Twitter, and expands it into the full and final destination URL.

function expandShortUrl($url)
{
	$headers = get_headers($url, 1);

	$loc = $headers['Location'];
	if(is_array($loc))
	{
		// get the highest numeric index
		$key = max(array_keys( $loc));
		return $loc[$key];
	}
	else
	{
		return $loc;
	}
}

Hat Tip: Deluxe Blog Tips and Karl Groves – Easily Expand Short URL Using PHP

Tags: ,

Mar 03

This piece of code will allow any user with the capability of ‘moderate_comments’, to include a shortcode within a post comment. If the user does not have this permission, any shortcodes will be displayed as normal text. The code should be placed inside your theme’s functions.php file.

This is useful when combined with affiliate marketing plugins that allow you to display a clickable ad using a shortcode. A visitor to your site might post a comment on an article, requesting a recommendation for a product. You can then reply to their comment, and include a affiliate link or banner ad that advertises the product in question.

For example, you may post an article about Tennis, and a user may request a recommendation for a suitable tennis racket. You can then reply with a recommendation for a racket, with an advertisement for that racket that any user who reads that ad may decide to click.

function filterComments($comments)
{
	$filtered_comments = array();
	foreach ($comments as $comment)
	{
		// if not registered
		if ($comment->user_id == 0)
		{
			$filtered_comments[] = $comment;
		}
		else
		{
			$comment_author = new WP_User($comment->user_id);
			// if has capability 'moderate_comments'
			if ($comment_author->has_cap('moderate_comments'))
			{
				$comment->comment_content = do_shortcode($comment->comment_content);
				$filtered_comments[] = $comment;
			}
			else
			{
				$filtered_comments[] = $comment;
			}
		}
	}
	return $filtered_comments;
}

add_filter( 'comments_array', 'filterComments' );
Mar 01
  • AussieWPExpert: WordPress plugin Color Scheme every Theme lets you change the colours of any theme via the theme customizer: http://t.co/ct0ob19JUj
  • AussieWPExpert: How to test which of the WordPress Jetpack plugin's modules are enabled using PHP code: http://t.co/BCxyryHAmM
  • AussieWPExpert: How to set up numbered page navigation in the WordPress Thesis theme version 1.x: http://t.co/4jyzA3C3re
  • AussieWPExpert: WordPress plugin Conversation Starter increases user participation by prompting them to answer questions in the post: http://t.co/IldevW9LCc
  • AussieWPExpert: WordPress plugin "Where did they go from here" show what else readers who viewed a page also viewed on the site – http://t.co/zU8KXfytGA
  • AussieWPExpert: WP Author Slug plugin improves WordPress security by preventing login names from appearing in the author archive URL: http://t.co/nX6TbgacSP
  • AussieWPExpert: WordPress plugin Simple Pagination lets you set up advanced pagination for posts and comments, with 6 stylesheets: http://t.co/my5QIfrUPA
  • AussieWPExpert: WP-AutoSharePost plugin automatically shares WordPress posts on facebook/twitter and scrapes the facebook comments: http://t.co/bBlAMBtgEf
  • AussieWPExpert: plugin Really Static creates static html files from your WordPress blog whenever a post/comment is published/edited: http://t.co/whpatQXa24
  • AussieWPExpert: WordPress plugin Real IP 4 Comments corrects post commenters' IP addresses when they are accessing behind a proxy – http://t.co/Zlgu1d427U
  • AussieWPExpert: Plugin lets you publish/embed your Tweets to your WordPress blog automatically or manually with a single click – http://t.co/4qR36sfmFx
  • AussieWPExpert: WPExplorer: My Useful WordPress Snippets List By Remi Corson – http://t.co/pVTW78urvA
  • AussieWPExpert: WP Page Widget lets you customise the widgets displayed for each WordPress page, post and custom post type – http://t.co/ujGAouGBCZ
  • AussieWPExpert: Brief Blogs for Week Ending February 22, 2013 http://t.co/6dep2uABxA

Feb 22

In recent news, a number of Linux web hosting servers have been infected with a rootkit that has comprised the Secure Shell Daemon (SSHD). User login details are being captured and sent to servers controlled by cyber criminals. It has been reported that the cyber criminals are then logging into the comprised servers using the captured account details and using the servers to send spam or turn them into botnet nodes.

Based on what I have read at this point in time, the exploit mechanism used to install the rootkit has not been clearly identified. Some web hosts are temporarily disabling remote SSH access as a preventive measure.

If you are using Linux-based Web Hosting, you hosting server is likely to be infected if any of the following files exist:

/lib64/libkeyutils.so.1.9

/lib/libkeyutils.so.1.9

Most infected servers have been running cPanel and CentOS, but there are also reports of infections on servers running DirectAdmin, Plesk and non-RHEL based Linux distributions.

If your hosting server is infected, you should:

  1. Immediately log out of any SSH sessions
  2. Change your password using cPanel or any alternative online mechanism offered by your service provider
  3. Notify your web host’s support staff

Do not log into your hosting server via SSH until support staff tell you it is safe to do so.

For more information, check out the following:

CloudLinux – SSHD Rootkit
Web Hosting Talk – SSHD Rootkit Rolling around

Feb 22

Details about this incident are incomplete, but it appears that Yahoo!Xtra in New Zealand experienced a security incident resulting from using an old version of WordPress that had not been updated in a long time.

According to reports, the exploit was performed using a Cross-Site Scripting (XSS) vulnerability in swfupload.swf – a JavaScript & Flash Upload Library – which was fixed in WordPress 3.3.2, released in April 2012.

This is another lesson to everyone on why you should ensure that you regularly update your WordPress installation and all your plugins.

For more information, here are some links:

SmartCompany – Yahoo! hacked in New Zealand through WordPress vulnerability

Seclists – Re: XSS vulnerability in swfupload in WordPress

ThreatPost – Yahoo Mail Breach Linked to Old WordPress Vulnerability

Feb 22
  • AussieWPExpert: The Categories Images Plugin allow you to associate images with any WordPress category or taxonomy – http://t.co/GFpxnDbuKA
  • AussieWPExpert: WordPress plugin that creates landing pages for your site. Checks conversion rates and runs A/B split tests – http://t.co/9lzEzAGGBp
  • AussieWPExpert: WordPress plugin resizes all uploaded images to specific max width & height. Useful for saving disk space – http://t.co/lBEd9QOBEt
  • AussieWPExpert: Yahoo!Xtra NZ Email Accounts Compromised Through Exploit in Old WordPress Installation – http://t.co/ZcOhUBW3AY
  • AussieWPExpert: SSHD Exploit Targeting Servers Running CloudLinux, CentOS & cPanel http://t.co/YPlYicFQR9
  • AussieWPExpert: This WordPress plugin sets a minimum length for user comments. Helps prevent comment spam and useless post comments: http://t.co/T76i23VM
  • AussieWPExpert: This plugin extends WordPress's oEmbed functionality to enable embedding videos & external content into comments: http://t.co/oL6KQisD
  • AussieWPExpert: Smart Company: "Sign-up form stuff up" – avoid 3 simple mistakes when designing sign-up forms for newsletters/events: http://t.co/H3bmbOCz
  • AussieWPExpert: WP plugin Simple Trackback Validation w/Topsy Blocker reduces trackback spam by validating the IP address & permalink http://t.co/gBwNHF80
  • AussieWPExpert: Google's guide to making AJAX applications crawlable by search engines, so they can be properly indexed: http://t.co/XrKdzEQI
  • AussieWPExpert: Tutorial: Creating a Plugin to Add Votes to Your WordPress Comments Using AJAX – http://t.co/ZKplpUsC

Feb 15
  • AussieWPExpert: How to enable support for the plugin Jetpack Comments in the Thesis Theme for WordPress – http://t.co/6xTIyTHK
  • AussieWPExpert: The HotSpots WP plugin draws a heat map of mouse clicks overlaid on your site, helping to analyse user behaviour – http://t.co/n2ffTLf3
  • AussieWPExpert: Lifehacker: A Non-Designer’s Guide to Typefaces and Layout – http://t.co/BahYctSx
  • AussieWPExpert: WordPress PHP code snippet for themes – transform h2 tags to h3 tags on the index page – potentially useful for SEO – http://t.co/aRyh7uOs
  • AussieWPExpert: 1stWebDesigner: The Ultimate Guide to WordPress 3.0 Comment Form Customization – http://t.co/ivcIHo0e
  • AussieWPExpert: WP development tip: Use wp_enqueue_scripts(), not wp_print_styles(), to enqueue scripts and styles for the frontend – http://t.co/VrvTPuH4
  • AussieWPExpert: ManageWP: 8 WordPress plugins to help beautify your blog content – http://t.co/VJ2ZEpFF
  • AussieWPExpert: How an Australian Internet marketer used twitter to predict the Triple J Hottest 100 songs for 2012 – http://t.co/baqs4YHY
  • AussieWPExpert: WordPress PHP code snippet that implements a shortcode to display RSS Feeds, e.g. within a post or page – http://t.co/K3ri8ZlV
  • AussieWPExpert: APN settings for mobile networks around the world, to set up your smartphone to access the Internet when traveling: http://t.co/TprAjpyu

css.php