WordPress 3.x

Bij het vernieuwen van mijn hosting en domeinnaam, heb ik mijn WordPress even aangepast naar versie 3. Ook de website van de dochter is bij deze weer up to date. Voor beveiligde fotopagina’s waren er problemen met sommige browsers. Hopelijk zijn deze nu verholpen.

Vanaf WordPress 3.0 is er ook de mogelijkheid om netwerken op te stellen voor multi-user blog. Helaas staat dit nog niet volledig op punt, dus wacht ik nog even af om beide blogs te integreren in dezelfde WordPress-installatie.

Ere wie ere toekomt: WordPress met theme Atahualpa. De header-image is van eigen makelij.

CSS shorthand

Margin & padding

/* top, right, bottom, left */
.ex1 { margin: 0 0 0 0; }
/* top, right & left, bottom */
.ex2 { margin: 0 10px 0; }
/* top bottom, left right */
.ex3 { margin: 0px 10px }
/* top left right bottom */
.ex4 { margin: 0; }

Font

Opgelet: als je shorthand gerbuikt, worden alle ‘niet gebruikte’ paramters op ‘normal’ gezet

/* font-style, font-variant, font-weight, font-size, line-height, font-family [sans serif, serif] */
/* font-family uses "" when font-name is more than one word */
body{ font: italic, small-caps, normal, 12px/14px "Times New Roman", serif; }
/* in onderstaand voorbeeld verliest h1, ... 'bold' font-weight */
body{ font: 1.4em Verdana;}

Border

Minimum style & color definiëren. Bij shorthand is 3px de ‘normal’ value

/* volledige shorthand */
.border{ border: 1px solid red;}
/* ok */
.border { border: solid red;}
/* fout */
.border { border: red;}

Lists

/* list-style-image, list-style-position, list-style-type */
.list { lists: disc outside none; }

Background

/*
  background-color: color || #hex || (rgb / % || 0-255);
  background-image:url(URI);
  background-repeat: repeat || repeat-x || repeat-y || no-repeat;
  background-position: X Y || (top||bottom||center) (left||right||center);
  background-attachment: scroll || fixed;
*/
background: #fff url(image.jpg) no-repeat 10px 100px fixed;

Logitech Quickcam 4000 on Windows 7 64bit?

Having troubles installing your Logitech Quickcam on Windows 7?

When you went looking for the driver on the logitech support webpage, you’ve probably noticed only Vista 64 bit support. You can choose this file and try to install it from there. Sometimes it will work, if not … Continue reading “Logitech Quickcam 4000 on Windows 7 64bit?”

WordPress: installatie, beveiliging, upgrades

(update augustus 2013)

WordPress installeren en beveiligen

WordPress gehacked?

WordPress plugins manueel upgraden?

  • Plugin deactiveren in beheer
  • Plugin map verwijderen van de server
  • Nieuwe Plugin uploaden
  • Plugin terug activeren: plugin detecteert zelf of database-aanpassingen nodig zijn

Nuttige plugins

WordPress hacked…

The past three weeks my WordPress blog got hacked two times. As a regular visitor nothing seemed out of the ordinary, but if you searched Google my blog seemed as a the best drugstore in town (Generic cialis – We Always Have The Cheapest Offers In Our Online-Drugstore). Each and everyone of my blog-pages had corrupted html-title tags or title-id’s (only when viewed through search engines!). Thanks to Google Alerts I found out there was something strange going on.

After a lot of searching (nothing mentioned on the web), finally found the problem. Seemed like my WordPress plugins got edited without my knowledge into base64_encoded hidden code which was then parsed with the php eval() function.

This is what it looks like…

@eval(base64_decode("JGFjdD0iaW1nIjsgZ2xvYmFsICRhcnJfdG...")); ?>

I found different entries in the following plugins: wp-spamfree / rss-import / syntaxhighlighter and so on. I changed all passwords to my site (webspace and databases) and deleted the infected files. Many of those files had changed permissions! I found unknown references to *.bak.php files inside the wp_options database table autoloading various scripts.

Fingers crossed that this won’t happen again. I will keep my eyes on Google / Bing and other search engines to see if my site keeps attracting unwanted visitors.

Google Labs was the only place giving me on the fly information of my cleanup-progress. Unfortunately Google Labs has a request limit on a week to week basis. I haven’t found a similar functionality in BING. So if you reach the request limit, you’re out for the next 7 days…

To give your wordpress some additional security you can password protect the wp-admin directory with .htaccess and .passwd.

If your WordPress gets hacked too, leave me a message if you encounter similar problems. I still don’t know how these files got changed in the first place.

Enter Songbird, Exit iTunes of eerder WinAmp of MediaMonkey?

Songbird
Songbird logo

Het ging niet lang meer duren, zo bleek al uit een van mijn vorige berichten. Ik heb iTunes nu definitief naar de prullenbak verwezen en Songbird geïnstalleerd. Wat een verademing, of toch niet helemaal?? Continue reading “Enter Songbird, Exit iTunes of eerder WinAmp of MediaMonkey?”

Posting HTML forms with special characters, while keeping your database clean.

The best practice when storing data in a database is to store it in its most purest form.
When allowing users to edit data through HTML webpages you need to encode some characters so your HTML-forms won’t break. You can do this by using htmlspecialchars (or htmlentities). Below is an example with htmlspecialchars where only the double quotes are escaped (ENT_COMPAT flag).

Mind the accept-charset in the form value: I try to work with UTF-8 and UTF-8 only. (see your collation in mySQL is also set to UTF-8!)

You can run this on code on localhost (e.g. XAMPP)

<?php
header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); // Date in the past
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>htmlspecialchars (utf-8 encoding)</title>
</head>
<body>
<h1>htmlspecialchars (utf-8 encoding)</h1>
<h2>Before form post</h2>
<?php
$dbvalue = "String: ? < > ' - \" `´& % ‰ € ® 2011";
$formvalue = htmlspecialchars($dbvalue, ENT_COMPAT,"UTF-8");
?>
<p><strong>String</strong> is a value coming from a database record in its cleanest form: <span style="color:green;"><?php echo htmlspecialchars($dbvalue); ?></span> </p>
<p>For use in a text form, especially the double quotes, must be encoded so the <em>value=&quot;&quot;</em> doesn't break. We use <strong>htmlspecialchars</strong> (ENT_COMPAT) function. ENT COMPAT only forces double quotes to be changed into &amp;quot; (besides < > ? &)</p>
<form action="<?php $_SERVER['PHP_SELF']; ?>" method="post" accept-charset="UTF-8">
	<label>String:
	<input name="string" type="text" value="<?php echo $formvalue; ?>" size="50" /></label>
	<br />
	The value of title inside this form looks like <span style="color:red;"><?php echo htmlspecialchars($formvalue); ?></span><br />
	<input name="submit" type="submit" value="submit this form" />
</form>
<?php if($_POST){ ?>
<h2>Yes, the form was posted</h2>
<p>When the form is <strong>submitted</strong>, the <strong>string</strong> field will again have a value in its purest form (no &amp;quot; values but &quot;) (not the htmlspecialchars formatting)</p>
<p><strong>String</strong> has submitted value: <span style="color:green;">
	<?php echo $_POST['string']; ?>
	</span></p>
<?php } ?>
</body>
</html>