PHP Security: Default Vulnerabilities, Security Omissions and Framing Programmers?
Pádraic Brady has written a must-read article on some of the silly defaults in PHP that put the lie to the old adage, “what you don’t…
Yet another programmer blogging about code
Pádraic Brady has written a must-read article on some of the silly defaults in PHP that put the lie to the old adage, “what you don’t…
Here's a quick-and-dirty XSLT script for transforming a Microsoft Access XML schema file into an SQL table create statement. Being quick and dirty, you need to edit the resulting statement, but it will get you most of the way there.
The best thing about WordPress, besides the fact that nearly anyone can edit a website built with it, is hooks. Filter and action hooks allow developers like me to customise a WordPress website in myriad ways. Many good plugins provide hooks too. But inevitably, you'll run up against a problem where you'd like a plugin to have a hook that it just doesn't have. You can ask the plugin author nicely to add that hook, and maybe they'll add it sometime soon, maybe even on time for your deadline. But what if your deadline comes before they add it?
Ok, so we're allowed to have one (1) size option for thumbnails in all galleries, and they can be either cropped square, or not. This is my only option? But what if I want to have a gallery page of all of the lovely staff for my clients website, and their photos have been sensibly taken in portrait format, I do NOT want the thumbnails for this gallery to be cropped, that would be just wrong. And then there is to be a page with a photo gallery of the staff picnic where people have enjoyed taking happy snaps in both landscape AND portrait formats because that is what suits, so I need these thumbnails cropped.
I just ran into a problem reading XML data exported from a Microsoft Access database. For whatever reason, Access has written VT (vertical tab) characters in the XML, which PHP's XMLReader baulks at. To be able to handle that on each data load without requiring the user to edit their XML, I wrote a simple PHP stream filter that replaces each VT character with a LF (line feed).
I've built a few websites now in WordPress with some custom data that had to be integrated into Classic ASP websites. Here's how I did this using AJAX from VBScript.
I just went searching for a nice, simple example of populating a form from a database, using AJAX and JSON. I hope it's just that my Google juice is depleted after a hard week, but I couldn't easily find one. So I wrote one.
The wp-e-commerce shopping cart plugin lets you sort your products by a few different things: name (product title), price, date/time created... but it doesn't let you sort by category name and then product title. Here's what I just came up with for one client; it isn't generic, but other developers should be able to adapt it for their circumstances.
Like many developers these days, I use a bunch of different virtual machine images to give me access to multiple development and test environments without having a room full of computers. My VM of choice is QEMU KVM, the kernel-based virtual machine bundled with Fedora. I've always used simple shell scripts to start my VMs, which has allowed me great flexibility, but yesterday I set one up using the nice Virtual Machine Manager (VMM) GUI application. And remembered why I wasn't using it: there's no way to tell it how to do TCP port redirection! But now, there is a way...
Role Scoper is a very handy WordPress plugin for websites that need to manage access to pages for a range of different user classes. But it has a nasty habit of getting in the way sometimes, and it can mess up the pagination of a custom WP_Query by changing the number of found posts (found_posts). Here's how to tell it to leave you alone!
It's quite common to use WordPress as the host for an online shop, and that often means having an order page that needs to be encrypted via SSL. You don't want your customers providing credit card details or other sensitive information over an unencrypted connection! But many WordPress plugins don't take SSL into account, and merrily load scripts and stylesheets without encryption. Here's a couple of ways to fix this problem.
The Events Manager plugin for WordPress is pretty flexible, allowing you to easily add custom attributes to your event posts. It also has conditional placeholders that allow you to display or hide information conditionally. There is a nice tutorial on the plugin website showing you how to add your own conditional placeholders. Lets bring this all together with a conditional placeholder for a custom attribute.