30th December 2008
I’m currently building a WordPress site where I want people to be able to sign up as Subscribers. They won’t have the option to write anything to the site, so they won’t be Authors or Editors—Subscribers seems appropriate.
I’ve ended up having to tweak WordPress in several ways to make the system work as I want. At the moment I’m erring on the side of coding minor adjustments into my custom themes. Plugins are more flexible, but if you just need to change a small thing, coding it into the theme leaves your site with less overhead from another plugin being loaded.
So, here are a few little plugin-free techniques for tweaking you WP Subscriber system.
Read more »
Permalink |
Posted in WordPress, XHTML/CSS |
Comments closed |
14th December 2008
I’ve deleted the previous post that I just did about running multiple WordPress installations from the same set of core files. Seems it’s a little trickier to get what I wanted than I first thought.
If you’re still wanting to plug away at solving this, multipleblogsonasinglewordpressinstallation.com is still very useful. But also check out Ryan McDonnell’s post on the same subject, and read the comments.
In my now abandoned post, I did neglect the fact that WordPress was including files based on the ABSPATH constant in my wp-config.php, which I thought I could keep in one place with a switch/case for database settings. Big mistake!
But, there were other issues too for me. So, given that 2.7 has auto-upgrade built-in, I’m making the decision to go and fry bigger fish. I might revisit this; if you’re trying, good luck!
Permalink |
Posted in WordPress |
Comments closed |
19th April 2008
My server was recently subject to a hack attack. In some senses it was pretty serious—many new files containing malicious code, many altered files, new bogus admin accounts in WordPress. But in the end it seems I lost no data, and none of my sites got injected with spam links (which I gather was the intent of the hack).
Needless to say, I’ve been forced to quickly learn a lot about web security, and I’ve been grateful to be forced to do so without major losses. I’ll try and document some useful things I’ve learned here.
NOTE: This post contains some good WordPress security tips, but in response to a specific hacks. For a more general, comprehensive run-down of solid WordPress security measures, see this post.
Read more »
Permalink |
Posted in WordPress, security, spam |
Comments closed |
28th June 2007
Even these days, WordPress will often mess with HTML code entered into posts or pages. The most persistent problem I’ve found has been its penchant for inserting <br /> tags inside forms.
No, I’ve not found a way to stop it. Just a slightly lateral workaround: create the following generic class in your stylesheet and apply it to any form (or other containing element) where unwanted <br />s are being slipped in:
.nobr br {display: none;}
If you’re using <br /> tags yourself in that bit… well, you can always use a bit of a margin, eh?
Permalink |
Posted in WordPress |
Comments closed |
26th June 2007
Being a die-hard hand-coder, WYSIWYG editors irk me. It’s partly an irrational “Get your mits off my code!” thing, but it’s often very practical.
Working with WordPress, many of the sites I deploy for clients need specific layout code within the editable content of WP-managed pages. The code is necessary, and the clients are savvy enough to work around my HTML when they edit their copy.
WP’s visual editor, however, isn’t. It switches any <div> for a <p>, and otherwise messes stuff up. Maybe there’s a way to coax it into being less interfering. But for now I just need to get the visual editor out the way.
In theory that’s fine – each user just has to uncheck the visual editor box on their WordPress profile. It’s set to be checked by default when a new user is created. It already happened several times that a client has forgotten to do this, gone to edit a tiny bit of copy on the delicately coded home page, only for the editor to mess it all up.
Can’t I just set visual editing to be “off” by default?
Here’s how. In the file wp-admin/admin-functions.php, change line 522 from this:
$user->rich_editing = 'true';
To (unsurprisingly) this:
$user->rich_editing = 'false';
Permalink |
Posted in WordPress |
Comments closed |
4th April 2007
NOTE: I’ll leave the information here for reference as it’ll probably still be useful to some. But for anyone using WordPress who wants a convenient way of putting up a holding page without confusing search bots and without blocking yourself from using the site while it’s “down”, I’ve just found the very neat Maintenance Mode plugin. Seems to work like a treat. 14/2/08
Ever wanted to have a system in place that allows you to easily “switch on” a holding page for the whole of your site for when you need to do some maintenance? Well, that’s relatively easy to do; but what about bots? Even if you’re only down for 10 minutes, what if your luck is such that Googlebot makes its random rounds at precisely that time? Depending on how you’re holding page works, it might register a load of “404 – Not Found” errors, or replace your indexed content with your holding page… Who knows? Not I.
Read more »
Permalink |
Posted in Apache, WordPress |
Comments closed |
7th February 2007
I’m building this site with WordPress 2.1, which has some great new features (such as post auto-saving and draft pages). I’ve heard there are significant teething problems with upgrading from a previous version – for instance, the new draft pages system means that pages are now flagged with the database field post_type being used instead of the post_status field being set to static. Much more logical, but it may break some of your page-related plugins.
Anyway, for new installs it seems like the way to go, with a few caveats. One involves the potent but potentially tricksy .htaccess file for Apache server configuration settings. If, like me, you prefer to maintain control over the file yourself instead of having WordPress automatically generate it, you might run into problems when 2.1 tries to “fix” it.
If you suddenly get a HTTP 500 error (Internal Server Error), it’s often due to slip-ups in .htaccess. If you’re using WordPress 2.1 and get this, download .htaccess and see if WP hasn’t slipped its mod_rewrite rules in at the end. If you’ve adapted the default mod_rewrite code, WP 2.1 thinks it’s not there at all, and slips the default in at the end again.
I’ve not found a way to stop WP doing this – there was a suggestion to change the write permissions on the file to stop WP accessing it, but you’d have to switch them back every time you re-uploaded the file. Pain in the arse. I’ve just reverted to keeping the default WP mod_rewrite at the end of the file, exactly as WP intends.
Permalink |
Posted in Apache, WordPress |
Comments closed |
Welcome! I build websites - mostly based on the brilliant, free & open 
