WordPress News, Hacks, Tips, Tutorials, Plugins and Themes
WordPress is known for, that several constants lie dormant in the core and often provide quick solutions. In this context I have recently come across two little strings in the core of the backend editor of WordPress and in the core for updating the system as well. As far as I know, all constants mentioned here are in the system since version 3.0.
Continue reading …
So you’ve created a user and added a strong password because you care for your blog’s security? Unfortunately you can’t be sure that the user will keep this strong password since he/she can change it to a much weaker one on his profile page.
This problem can be solved by adding a filter:
Continue reading …
You don’t always want to login in WordPress – so I’ve turned off the login for my local development environment, since I don’t need it. So far I know two ways how to do this, which I want to introduce you briefly.
Decide for yourself which is the right way for you if you don’t need a login at all or just want to change the time frame before you logged out again.
Continue reading …
WordPress enjoys great popularity and draw more attention of people who want to gain unauthorized access. As with any open-source software developers and attackers alike can view the code. The risk of spam links, the destruction of the blog and other attacks is therefore very high. But this article shows the possibilities to secure WordPress in many ways.
The WordPress database class is quite extensive and provides a range of methods to work effectively with the database and thereby use the WordPress standard.
You can find the class in /wp-includes/wp-db.php where the individual methods are documented.
I show the most important ones and give some small examples. It is important to work with these opportunities to ensure the safety of Plugins.
In WordPress 2.8.5 the whitelist of allowed MIME types for downloads will be valid for administrators the first time. This is a step towards security and you can, with the help of a constant, upload all data types.
define ( 'ALLOW_UNFILTERED_UPLOADS', true);
Who has implemented several projects already with WordPress probably had experienced that a user doesn’t have the rights to upload a specific format.
The Plugin Role Manager allows the uploading of all MIME types. But in my opinion this is not the perfect way, and therefore here is a small code snippet that takes adjusting according to the particular requirement.
Continue reading …