Hackers Highlight 8 March 2009

Doug started the discussion on including TimThumb, the small php script used to resize, zoom and crop image files originally developed for the popular Mimbo Pro theme. Nathan Rice pointed out that WordPress already has an image resizing function. Mike Little then listed some of the available filters, located within wp-includes/media.php:

  • image_downsize
  • image_make_intermediate_size
  • editor_max_image_size
  • jpeg_quality

Lastly, Chris Jean linked to the WordPress File and Image Utility. This is a file and image utility library than can be used when building a theme to help dealing with things like file uploads, image resizing, and plenty of other things (there’s a complete feature list there). I think it’s quite awesome.

John Blackbourn introduced his WordPress User Switching plugin. Could be a great tool for development where you might need to change user accounts quickly to test various different cases.

Dan Fellars is building a medical code lookup site and found out the fact that numeric-only Post title is not allowed within WordPress. Otto explained why.

Alex Polite asked about good deployment tools to automate multiple WordPress installations. Stephen Rider offered up Virtual Multiblog. Ozh linked to his WordPress Upgrade Script. Eric Marden listed some of the more general build process tools: Phing, Capistrano, Ant, Maven, A-A-P for Python, and some others listed on Wikipedia.

Joost de Valk started the discussion on adding advertising spot inside his plugin setting page. It sparked quite a lot of thoughts and ideas, and I’ll let you go ahead and read the thread from the start if you’re interested.

    Hackers Highlight: 01 March 2009

    I think that the hackers at wp-hackers mailing list are the real unsung heroes of WordPress. Out of spotlight, day by day they band together to squash bugs, enhance performances, add great features, and many more. Take a look at your favorite part of WordPress. Do you know who coded that thing, who brought that feature from ideas to implementation, who debated it night and day whether it would be a good addition for WordPress? Probably not.

    So to respect their labor of love, every Sunday on WPLover will highlight their latest stories, efforts and teamworks. So, without further ado, here’s the first edition of Hackers Highlight.

    Will Anderson did a nice explanation (and example) on how having multiple values for one Custom Field key can be a good idea:

    One way I’ve used multiple values for one key before was for a portfolio. I used a key called “featured” to indicate which clients I wanted in my featured clients list. The value of that meta field indicated what service they were featured for. Having duplicate key/value pairs allowed me to indicate that a client was to be featured in multiple service categories.

    and this, I think, is particularly clever:

    Another way to use multiple values for a key is to support pseudo categories for pages (which can then be used in page lists).

    Johan Eenfeldt found out that translated WordPress takes about 86% longer to start, and offered three solutions to thins. Also of interest is Heiko Rabe’s reply:

    If you think a plus of 90 msec is huge, please look at the timings of database requests of some so called premium or magazin themes, that run upto 400 queries to produce a page. They are the time killer, also all of the plugins filtering the whole content again and again. Queries and cascaded content filter (using expensive regexp) will consume much more time.

    400 queries from a theme, not counting plugins? That’s quite a lot.

    Demetris starts a discussion on whether the name Excerpt is semantically accurate. He also included a link to his lenghty, detailed post on what, why, how, tips and plugins revolving around WordPress plugins (have to use the Google cache there, the actual site was down when I tried to access it).

    New Tweaks

    Just added small tweaks to this site’s design. From now on, non-news posts (like this very post) will occupy a single, wider column. Same thing with Pages as well. These tweaks are made to give original articles more prominence within this design, and hopefully these can push me to write more of them in the future.

    Come take a look if you’re reading from your trusty feed reader. Comments are open, your thoughts and feedbacks are greatly appreciated. Thanks!


    Hey guys (and gals)!

    I’ve been away for too long doing various other responsibilities and bam, what do I know, it’s been two months since I last updated this place. No good. So to bring everything back to our regular post activities again, I’ve redesigned this blog as a start. If you’re reading this from your favorite news reader, be sure to visit the blog and let me know what you think about this new look.

    Design-wise, I’m using a minimalistic approach here after a much more image-heavy redesign of my other blog. I’m using the inline-block display on the CSS for the neat two columns look on the content area. This also means that it won’t look as intended on Internet Explorer 6 and 7, but I’ve long abandoned support for 6 on this blog and you deserve a better browser than IE7 anyway, so that’s that.

    Content-wise, everything should stay the same. By default most of the posts will have the comments closed, with some exceptions (like this post). Also, if you still want to let me know about something, the contact form is the way to go.

    Anyways, it’s nice to be back again. I hope you can all enjoy some more bite-sized WordPress news, like always, made just for you. Cheers.


    If you’ve been playing with the Sandbox theme‘s code, you will notice that within the theme’s sidebar files you get to see lists classed as “xoxo”. Even more curious, WordPress’s Template Tag wp_list_bookmarks also adds this class by default to its output.

    So what is XOXO?

    XOXO is a simple, open outline format written in standard XHTML and suitable for embedding in (X)HTML, Atom, RSS, and arbitrary XML. XOXO is one of several microformat open standards. (Source)

    So basically it’s one of the microformats specifically used to display lists and outlines. The purpose of it, as is the purpose of microformats in general, is to be

    a set of simple open data format standards that many are actively developing and implementing for more/better structured blogging and web microcontent publishing in general (About Microformats).

    Now there you have it.

    Did You Know? Manage and Write Area Relationship on WP's Dashboard

    It’s a little feature, but I believe it to be a great usability practice: If you go to Manage > Post, and you click the “Write” navigation tab, it will open the Write Post area (obviously). However, if you are on the Manage > Page at the moment, the “Write” tab will take you to the Write Page area. Last one, if you are on Manage > Links, guess what the “Write” tab will take you to? Right, the Add Link area. This effect also happens when you go from Write to Manage area.

    It’s small and barely noticeable, but I love the attention to details.

    0-day WordPress Exploit?

    Basically, a script is added so that if a visitor comes from Google, she will then be redirected to another search engine. Here’s the exploit explained further. WordPress.org Support Forum moderator Moshu mentioned that:

    If you read the posts above – it is always older versions and not 2.5.1. That’s the point. People don’t upgrade = get hacked.

    Nevertheless, some users also insist that this also hits 2.5.1 blogs as well. An explanation could be that the exploit has been done prior to upgrade, so that even after upgrading to 2.5.1, the damage has been done. But then, forum user tijja reports that:

    Nope…I can see from my traffic when I was hacked. It is pretty easy to see when I had a drop of over 1000 people a day and it was last week….long after my upgrade to 2.5.1.

    This is getting pretty convoluted, and I expect an official blog post will surface in the next few days to clear this stuff.

    Update: this blog post also gives an explanation and remedy.

    Last Update: Donncha, explaining the whole thing.

    Update 2: There is no zero day exploit.

    Page 4 of 512345

    Latest Links More →

    The Week in WordPress: 2nd Week of November, 2012

    Ghost, Rethinking WordPress. Also don’t miss the discussion over at Hacker News.

    For The Aspiring Professional WordPress Developer is a collection of good advices for those wanting to be a WordPress pro.

    Recently I had the task of cloning a WordPress site both to my local server and to another development server that I host. The Duplicator plugin has been a massive help for me, makes cloning really simple and fast. Highly recommended.

    Classy Plugins

    Eric Mann uses classes in his non object-oriented WordPress code. Here’s why.

    Playing Nice with the “the_content” Filter

    This great article could be useful if for some reason you have a need to filter the_content in your theme.

    Google Goes After Links In WordPress Themes

    New post from the Search Engine Roundtable: Someone “…received a response from Google to a reconsideration request that the only way his site will be reincluded in Google is if he removes all or most of the links in those WordPress themes.” The problem is that those links are in the form of sponsored links on footer (a practice I saw a lot in the past, not so much in the present).

    I don’t think it will be easy, or even possible, to do what Google requested. If a theme contains an upgrade notification feature it might be possible to do, but even then the users might choose not to upgrade.

    Secondly, if this is true, I wonder whether Google differentiates between credit links (“Designed by…”) and sponsored links. I would say they should, but then again I’m not a SEO guy.

    Theme Options Gallery

    New favorite blog: Theme Options Gallery by Konstantin Kovshenin, discussing “the best (and the worst) theme options screens around”. Loving the in-depth article and discussions already available there.

    Dive into Responsive Prototyping with Foundation

    Pretty safe to say that if it shows up on A List Apart, it’s going to be the de facto standard. Time to learn some Foundation.

    Google HTML/CSS Style Guide

    Couple of days ago we got Starbucks’ style guide, and now here’s another by Google. I think the interesting thing is the rule to “\[o\]mit the protocol from embedded resources“. So instead of typing <script src="http://www.google.com/js/gweb/analytics/autotrack.js"></script>, they recommend to type <script src="//www.google.com/js/gweb/analytics/autotrack.js"></script> instead (without the http part). Never heard of that before.

    “I Woke Up but My Server Wasn’t There”

    Robb Shecter’s WordPress site got popular overnight thanks to Reddit and went down immediately. The interesting aspect is that the site was new and it’s on a relatively high-powered server. The author then found that the theme he used in particular was doing too many (47!) server requests at a time, and the site ran along very well after switching back to Twenty Eleven.

    I think it’s an important read for any theme developers out there.

    Read the story here

    Modern Web Development – Part I: The Webkit Inspector

    A superbly detailed article, part one of a series about web development toolchain.

    Crayon Syntax Highlighter plugin

    I’ve always been on the hunt for that perfect syntax highlighter plugin. Currently I’m using WP-Syntax, which does its job very well. However I’ve just found this plugin called Crayon Syntax Highlighter, which could be a good contender for the best WordPress syntax highlighter plugin out there.

    It looks good, and I like the little toolbar on top of the code box, with the small icons. Additionally, it also offers a lot of customization options. Lastly, it seems to support the same pre tags to wrap the code, similar WP-Syntax, so if I do make the switch, my old codes will still be highlighted correctly.

    Starbucks Style Guide

    The Starbuck website has its own style guide, accessible for public. I think its a neat idea, wouldn’t it be cool if themes have their own style guide? Pretty sure it will be helpful both to users or developers alike, if time consuming to write.

    Also, I wonder what they use for the various toggles panel on the top right corner like on this page. It shows background, baseline, boxes, can be used to change windows size as well. Looks like it’s custom coded, imagine how super useful it can be if it’s a jQuery plugin.

    NHP Theme Options Framework

    I love theme options frameworks. And I want you guys to check this new framework called NHP. It passes my “does its UI look like the rest of WordPress enough?” test (screenshots here), it has tons of field types, and even offer validations, too.

    Can’t wait to test and probably use it too in my to-be-released theme hint hint

    What Dev4Press thinks WordPress needs…

    This post at Dev4Press outlines what MillaN, its author, thinks would be a necessary addition to WordPress.

    Based on the comments, it appears that a lot of people agree with this list. Some of the items mentioned can be achieved with plugins (e.g Tax Meta Class to add meta data to taxonomy items, Custom Post Types Relationships for, well, creating custom post type relationships), so expect there to be a bunch of debates about what should and shouldn’t go to the core.

    I like his list, but I disagree with his assessment that we don’t need new core themes. We do, especially to bring about the standard for how a theme options should be designed. This is the aspect that desperately needs to be standardized. Different theme companies and individual theme designers have their own idea of how the theme option UI should look, and it’s hurting the users.

    Upgrading from WordPress 1.5

    I recently spotted this interesting Ask Metafilter thread where user gd779 tries to find a way to upgrade his old, WordPress 1.5 install. One of the answer is pretty detailed:

    I think the right approach is going to be:

    1. Do a full backup of your WordPress files
    2. Do a full database backup (mysql dump using phpMyAdmin or similar)

    Then, from your 1.5.2 install:

    1. Upgrade to 2.0
    2. Upgrade to 2.5.1
    3. Upgrade to 3.0
    4. Upgrade to 3.3.1

    It is quite fascinating thinking about the solution to this. There’s an official Codex page called Updating WordPress, but it doesn’t seem to go that far back in time.

    Smashing Special: What’s Going On In The WordPress Economy?

    Siobhan McKeown wrote this awesome, birds-eye view of the whole WordPress economy. Make sure to read this two-part article so you know what’s up with WordPress and identify what opportunity lies ahead.

    I agree with Matt’s prediction on that article:

    I think the next big opportunity is around agencies and consulting—there will be five to six companies as large as Automattic, just providing high-end consulting and services to the large customers who are adopting WordPress en masse.

    Start with Part I of the article.

    Automatic responsive images for WordPress

    The one issue with creating responsive web design is in displaying images, especially getting the most appropriate size in a particular screen size. One solution for it is the Responsive-Enhance jQuery plugin. It works by loading small-sized images by default, then checks the screen size and loads the bigger version if necessary.

    According to its creator, Josh Emerson:

    This results in a faster perceived page load speed, but a slower actual speed. I’m happy with this solution as I care more about perceived speed than actual speed.

    This tutorial by Keir Whitaker takes the whole thing further by teaching us how to apply Responsive-Enhance in WordPress.