Archive for the ‘Wordpress’ Category

Appointy Plugin (Appointment Scheduler)

We have quite a few clients that use booking tools for their business.  There are a lot of differnt options out there these days, and of course, we swing the WordPress way and look for excellent plugins that will fill our client’s needs.  Check out the description of Appointy below, we’ve played around with it a bit and we really like its flexibility and ease of use.

Accept appointments from your clients 24x7x365 on your blog. Unlike other calendar tools, this plugin allows your customers to book appointments with you directly from your blog. This service is brought to you by Appointy.com and it’s free! It has a very powerful and simple Ajax interface which allows one click booking. With just one click your clients can see your availability in the entire month. Try and find yourself.

Features:

  1. Sends SMS alert to client prior to appointment.
  2. 2 Way Sync with Google calendar.
  3. Supports multiple service booking.
  4. Works at service level i.e. your staff can perform any service at any time on any weekday.
  5. Powerful marketing tool to promote your services socially.
  6. ICal support to sync outlook or any other iCal supporting application.
  7. Allows you to accept pre-payments from your clients.
  8. Can be customized easily to fit any business needs.
  9. Can be used for service booking, resource booking, group booking and event booking.

Check out their Facebook Fan page and see what others are syaing about them.

TDO Mini Forms Plugin

This Worpdress plugin is awesome!  Essentially, you can now give your visitors the ability to post and edit posts right from the front end of the site. After the submission, the posts can be held for moderation, then published when approved by the site admin.   This comes in handy if you want someone to submit their own company to a business directory, but it can be used for so much more. 

Additional info below…

This plugin allows you to add highly customisable forms that work with your WordPress Theme to your website that allows non-registered users and/or subscribers (also configurable) to submit and edit posts and pages. New posts are kept in “draft” until an admin can publish them (also configurable). Likewise edits can be kept be automatically kept as revisions until an admin approves them. It can optionally use Akismet to check if submissions and contributions are spam. TDO Mini Forms can be used to create “outside-the-box” uses for WordPress, from Contact Managers, Ad Managers, Collaborate Image Sites, Submit Links, etc.

The plugin provides an extensive moderation view so administrators and editors can see posts and edits awaiting approval and publish or delete them. Administrators can also ban specific users and IPs from using the form. Administrators can also “Trust” specific users. This means that when they use the form, their posts are automatically published. This does not give them any other rights or permissions using the WordPress software, it only affects usage of the form. This applies to user and IP bans as well. There is even an option to automatically trust users after so many approved submissions and edits.

Administrators can configure the forms using drag and drop “widgets”. They are based on the same model as WordPress’ built-in Theme widgets and it is possible to write your own.

Registered users have access to a “Your Submissions” page which lists their current submissions and edits awaiting approval and links to their approved submissions.

Features:

  • Submission and Editing of Posts and Pages
  • Integration with the GeoMashup plugin
  • Integration with Subcribe-to-Comments 2.1 plugin
  • Integration with Akismet and reCaptcha to prevent Spam
  • Highly customisable: Create your forms using a Widget interface and then hack it to make it work how you like!
  • Create as many forms as you like.
  • Import and Export form configurations
  • Put a form in your sidebar using a widget for your Theme or put the form in a page or post.
  • Submit posts with alternative permalinks (great for link sites)
  • Simple Question and/or Image Captcha.
  • Add Custom Fields to your Forms.
  • QuickTags support for Forms.
  • Upload Files and can be attached to posts. Uses WordPress’ core to create thumbnails if applicable.
  • Submitters can be notified if post approved or rejected.
  • Allow users to select category and tags.
  • Ban users and IPs.
  • Control what roles can access the form.
  • Can automatically create a page with form for you.
  • Can automatically modified author template tag with info about submitter.
  • Can, optionally, automatically allow submissions to be published.
  • Throttle number of submissions by user and/or IP
  • Optionally queue publishing of posts
  • Numerous widgets for your theme, including a list of the top submitters
  • And many more…

How to Find and Replace Text in MySQL Database using SQL

MySQL database has a handy and simple string function REPLACE() that allows table data with the matching string (from_string) to be replaced by new string (to_string). This is useful if there is need to search and replace a text string which affects many records or rows, such as change of company name, postcode, URL or spelling mistake.

The syntax of REPLACE is REPLACE(text_string, from_string, to_string)

MySQL reference describes REPLACE as function that returns the string text_string with all occurrences of the string from_string replaced by the string to_string, where matching is case-sensitive when searching for from_string. text_string can be retrieved from the a field in the database table too. Most SQL command can be REPLACE() function, especially SELECT and UPDATE manipulation statement.

For example:

update TABLE_NAME set FIELD_NAME = replace(FIELD_NAME, 'find this string', 'replace found string with this string');
update client_table set company_name = replace(company_name, 'Old Company', 'New Company')

The above statement will replace all instances of ‘Old Company’ to ‘New Company’ in the field of company_name of client_table table.

Another example:

SELECT REPLACE('www.mysql.com', 'w', 'Ww');

Above statement will return ‘WwWwWw.mysql.com’ as result.

How to Hide Other Users' Posts in the Admin Panel of WordPress

The following post is a little outdated, the latest versions of WordPress do this for you.  We’re gonna keep this around just in case some folks are using older versions of WordPress, but we recommend upgrading for security purposes and, of course, all the cool new features!!

I am working on another WordPress-based system currently, and have faced a problem when I have many users who can log into WordPress admin panel to post their blog entries. But doing so, they all can see each others posts, even though not being able to edit any post but their own’s.

From users point of view, it is not the best thing in the world to look for your own posts in the list, especially if there are lots of users in the system.

So, here’s a simple solution for the problem – after logging into the system, non-admin users will be able to only see their own posts in the Admin -> Manage panel. The only thing is that I seems no plugin solultion is possible so you have to add 3 lines to one file.

The file you have to add these lines is located in /wp-admin/edit.php file in your WordPress installation. You have to go to line 150 (or near it, where it says:

if ($posts) {
$bgcolor = '';
foreach ($posts as $post)…..

..etc

Now, just add the following code ABOVE the one mentioned above:

if ($userdata->user_level<10) {
    $posts = query_posts("author=".$userdata->ID);
}

So, in the end you will get something like that:

<?php

if ($userdata->user_level<10) {
    $posts = query_posts("author=".$userdata->ID);
}

if ($posts) {
$bgcolor = '';
foreach ($posts as $post) { start_wp();
$class = ('alternate' == $class) ? '' : 'alternate';

You’re done! Now all non-admin users will see only their own posts :) Simple and easy. Have fun.

Change Your Table Prefix in WordPress the Simple Way

If your table prefix is “wp_” or “wp1_” or even “wordpress_”, then changing it will bring your WordPress site security to a higher level.

By default Fantastico installation sets “wp_” as a prefix for each WordPress table name. Since this is a known vulnerability, malicious users can exploit your data easily.
They specifically look for the wp_options table, because it will alter your WordPress site look. Through wp_options they can set the url to redirect to their sites, leaving you the impression that your site was defaced.

If you already have a WordPress site, take a look at either your config.php file or go to phpMyAdmin in cPanel to check your tables names.

// Entry in config.php showing wordpress table prefix used in the installation
$table_prefix  = ‘wp_’;
// Only numbers, letters, and underscores please!

Attackers can easily send malicious code using JavaScript injecting SQL targeting your wp_ based tables. To make your wordpress site really secure, change the prefix to something that is difficult to guess. I would pick something almost like a password, except you are limited here to only numbers, letters, and/or underscores.

You might want to check a plugin “wp prefix changer” written by Philipp Heinze for BlogSecurity.net. It should do the job for you. However, I had problems using it, and prefer the manual way which I already done for 2 blogs.

I strongly recommend you to do change the prefix, if it is plain wp_. Just follow the next 6 steps and you should be in good shape. I have tested these steps already with a WordPress 2.8 installation:

1- Take a backup

Since this is a change in your WordPress table structure, you will have to take a backup first.
In cPanel click on the “Backups” icon and click on “Generate/Download a full Backup” and proceed with a “Home Directory Backup”.

2- Edit your wp-config.php file and change

$table_prefix  = ‘wp_’;

to something like

$table_prefix  = ‘op2mro445_’;

3- Change all your your WordPress table names

Go to phpMyAdmin and choose your WordPress database. Click on sql menu item and enter the command to rename all your tables. Do it one table at a time.

Note: You might have more tables that start with “wp_” prefix, change all the tables.
Every time you paste one line into the SQL window, click on GO and see the table name change on your left. Keep changing the table names until all your wordpress tables have the new prefix.

Rename table wp_comments to op2mro445_comments;
Rename table wp_links to op2mro445_links;
Rename table wp_options to op2mro445_options;
Rename table wp_postmeta to op2mro445_postmeta;
Rename table wp_posts to op2mro445_posts;
Rename table wp_terms to op2mro445_terms;
Rename table wp_term_relationships to op2mro445_term_relationships;
Rename table wp_term_taxonomy to op2mro445_term_taxonomy;
Rename table wp_usermeta to op2mro445_usermeta;
Rename table wp_users to op2mro445_users;

4- Edit wp_options

Then you need to edit in the op2mro445_options table ( formaly wp_options ) table

Click on the table name link and then click on “Browse” menu item.
You will see all the data stored in that table. Look under the option_name column header and change wp_user_roles to op2mro445_user_roles.
You will be able to change it by clicking on the edit button for that record.

5- Edit wp_usermeta

And finally apply changes to op2mro445_usermeta formally ( wp_usermeta)

In phpMyAdmin highlight op2mro445_usermeta link and click browse menu.

Change every value under meta_key column header, that starts with the old prefix wp_ to the new prefix op2mro445_ the number or records might be different for your web site.

I had values wp_capabilities, wp_autosave_draft_ids, wp_user_level, wp_usersettings, and wp_usersettingstime for the field meta_key need, and changed each one to the new prefix: op2mro445_capabilities, op2mro445_autosave_draft_ids, op2mro445_user_level….

6- Done! Test your WordPress site now

It should be a lot more secure giving you the peace of mind to focus on blogging.

Oh, one more thing. Do another backup.