Yearly Archives: 2007

Shared servers

Web Design, , ,

There is a problem having your website hosted on a shared server, which is that you really need to trust your webhost. So I was rather shocked today when installing phpMyAdmin that without configuring the config.inc.php file I was able to login to the mySQL database.
Not only that but I could see the names of every table on my server. Now this has happened before, but any attempts to view these tables resulted in errors, but this time I was able to view any table, read all the content and even edit a random persons blog post (don’t worry, I undid the changes).
Of any security issue this was a big one, I could have gained access to a large number of wordpress blogs, and if I looked I’m sure I could have found a forum with usernames, emails and md5 hashes of passwords.
However I’m not out for “hacking”, so I contacted my webhost and shortly after as password was added to the mysql root.

New Gmail Problems

Web Design, ,

Gmail LogoIt’s seems that Gmail has gone through some small changes, extra divs showing background ajax commands, my email address inside the <title> tags, whilst writing emails the Firefox status/loading bar flashes like a disco and some other stuff.
I know it’s changed as I’ve got an Older Version link, however on the What’s New page I can’t see anything and the same goes for the blog.
The problem, I’ve now had Firefox crash on my three times (over two machines) when I’ve clicked on the Spam link (not everytime), and for some reason it doesn’t want to remember that I don’t want this new version. I can’t see anything great about it, and whilst they don’t want to tell me whats new why would I.
Maybe it’s time to downgrade to a UK version?

Hide from all except admin

Plugins

I wanted to put a WP-Admin link on my blog, but one which only showed to me whilst I was logged in.
So hunting through the WordPress Codex I tried to find something like is_admin(), but couldn’t find it. Then going through all the PHP files I found this function current_user_can(capability) which returns true or false if the logged in user can do that capability. Next I had to work out a capability which only admin could do, but a quick look at the source code showed that it should be possible to enter an integer which related to a level.
So finally I have this on my blog:
<?php if(current_user_can(10)) { ?><a href="/wp-admin/">WP-Admin</a><?php } ?>

Tidy Slugs

Plugins

I’ve been playing about with WordPress plugins all day, and have created (more like stolen and modified a small amount) Tidy Slugs.
This plugin tries to catch a few of the random stuff that WordPress misses when I make the post slug.

For example if my post title was:
Ryan's Tidy Slugs, WordPress would make a URL of blog.artesea.co.uk/2007/11/ryans-tidy-slugs.html

however if it was:
Ryan’s Tidy Slugs (notice how the apostrophe is slightly more curvy) it would be blog.artesea.co.uk/2007/11/ryan%e2%80%99s-tidy-slugs.html

Very, very ugly!

(OK, you might not be able to spot the difference as WordPress loves to curve the apostrophes, however try creating a post title using the second one).