Beautiful post snippets and auto resized images in WordPress

Beautiful post displays

I’m going to show you how to create a really nice post display page that automatically brings in your posts AND takes the first image, resizes it and pops it at the side of a ‘teaser’ of your article. This is a very neat approach and builds on the work you have already done in creating the post, then automates a slick output of your work. More importantly, you don’t have to create a thumbnail image as resizing is done ‘on the fly’.

First off, we need to add a small function to functions.php. Open it up and at the very end add this:
[crayon-5c122ab67cead818900506/]
Make sure this is within a php call, ie

Now we need to create a category, eg “Articles”

Now go into the WP admin area and open the categories from the WP sidebar menu (under ‘Posts’). Hover your mouse over the new category and you’ll see the category number at the end of the link shown in Firefox/IE etc (at the bottom left of the browser window). This is what we need for our special new php page that we’ll create now.

Create a new page and call it category-15.php (where 15 is the number of your category above – modify accordingly!). Into this copy and paste the following:
[crayon-5c122ab67ceb5438063463/]

Now open up your archive.php file and see where the differences lie. Your header may be different, your div ids will be too, but make this new category file look like archive.php in terms of header, footer, content divs etc. I have added a class of pcrmbcategory. Ensure this is a div class and not a div id as it is repeated for each post.

Go to your template’s stylesheet, normally style.css, and insert our new div class:
[crayon-5c122ab67ceb7175207689/]
Note, I have fixed just the height of the image to keep the aspect ratios proportionate. You can set a width but this won’t maintain the aspect ratio and some images may appear stretched. Fixing height and limiting the content maintains a nice even spacing on article posts. I have added a dotted line to separate posts but be creative, sky’s the limit here!

The 590px width is ideal for many single sidebar themes but experiment with this and validate your code. Test it in several browsers too. Don’t forget to create a default image to display when you don’t have one in your post. Drop this into the yourdomain.com/images folder. You can make this any size but ideally make it to the same height that is referenced in the code for quicker page loads. Good luck and give me some feedback if it works for you!


Website waits for lite.piclens.com

The problem is caused by the NextGen Gallery and its default settings with PicLens

The usually fantastic NextGEN Gallery plug-in can cause this issue.  It shows in the status bar of the browser as waiting for lite.piclens.com

The simplest solution!

Disable PicLens by logging into the back end of the site then choosing “Gallery”, “Options” and unticking “Activate PicLens/CoolIris support”

You will now notice that website load speeds are faster as there is no external request to PicLens.


Tim Thumb exploit – vulnerability found in popular script

The popular image resizing library TimThumb, used in many a good WordPress theme has had a major exploit carried out against versions of its code. The TimThumb code vulnerability allows third parties to execute PHP code in the TimThumb cache directory after uploading it themselves. As many people are aware, running malicious PHP code can easily compromise a website or an entire server.

We recommended deleting timthumb.php or thumb.php or indeed the complete theme or plugin when this zero day exploit was announced. There is a later version of TimThumb available that now patches this vulnerability.

If the file exists in a theme or plugin that you’re no longer using you may want to remove the entire theme or just the relevant plugin directory. After you remove the TimThumb library, check your site is still working as it should.

If using the later version, please check that you  set ALLOW_EXTERNAL to false like this:
[crayon-5c122ab67dcf9971565367/]
then find the $allowedSites array inside the file and completely remove the associated domain names to prevent remote file downloading like this:
[crayon-5c122ab67dcff529445917/]


Fatal error cannot redeclare class TextStatistics Easy WP Seo

Problem: You try to save a draft, publish or update a post in WordPress and you get:

Fatal error: Cannot redeclare class TextStatistics in /home/nasalcon/public_html/wp-content/plugins/easywpseo/onpageseo-readability.php on line 35

This is caused by a conflict between Yoast’s excellent WP SEO plugin and the (equally excellent) Easy WP SEO plugin. It was triggered on the v1.2 update of the Yoast plugin that happened on 12th June 2012. Now I’ll make it clear that the problem does not appear to be with Yoast’s plugin, it seems to be the fact that both are using the php Text Statistics code released here:

https://code.google.com/p/php-text-statistics/

I have contacted the developer of EasyWP SEO but, to date, have had no reply. Since it renders a website unable to create posts, I thought I’d better write a fix for my clients and for those of you who use both plugins. I have added a small text link to this article in case the developer updates the plugin, I’ll let you know here if he does.

Many people use Yoast’s plugin for its useful sitemap and meta description functionality and have no need for the SEO scoring tools that were introduced in the last update as they use alternative plugins.

The TextStatistics fix

What I have done is modified the code to temporarily disable the calls to the readability class within Easy WP SEO.  Most, if not all of my clients do not use the Flesch-Kincaid Reading Ease tests in the ‘Readability’ section so this has no adverse effect.

To apply my fix, you’ll need to update just 2 files on your server. I presume that you are familiar with FTP and unzipping, let me know if not. I’ll also presume you are running the latest version of Easy WP SEO (v1.6 or 1.6.2), I am unable to check any backwards compatibility. My method does create backups of both files though so should be very safe.

Download the zip file here (UPDATE – THIS IS NO LONGER NECESSARY, THE AUTHOR HAS NOW FIXED THE PROGRAM) and follow this method:

  • Extract the files onto your desktop, they’ll be in a folder called PCRMB-EWPSEO-fix-v1.
  • Using an FTP client, navigate to wp-content/plugins/easywpseo/ and rename the file “onpageseo-admin.php” to “onpageseo-adminBAK.php
  • Copy the extracted file “onpageseo-admin.php” from your new desktop folder to wp-content/plugins/easywpseo/
  • Now navigate to wp-content/plugins/easywpseo/templates/ and rename the file “admin-score-metabox.php” to “admin-score-metaboxBAK.php
  • Copy the extracted file “admin-score-metabox.php” to wp-content/plugins/easywpseo/templates/

Create a test post and fill in some keywords in the Easy WP SEO box. You should now have no conflict between Yoast’s WP SEO and Easy WP SEO.

Please note that you should not fill in the WP SEO ‘Focus Keyword’ as you are choosing to keep the more graphical Easy WP SEO tool as the primary SEO scoring indicator.

Please drop me a comment below or click one of the social buttons if this helped you. Also please let me know if you get any other errors.

 


Yoast WordPress SEO double title fix

If you are getting a double title appear in the tab of your browser as you hover over it, there is a good chance that it’s because you have WordPress SEO by Yoast installed. Often just ticking the box ‘Force overwrite titles’ (from the Titles and Metas section on the General tab) will suffice, but I have seen this on many customer themes where it doesn’t work and usually gives the address as a simple URL. Not great for SEO!

Here’s the fix. Look in your WordPress theme files for header.php and then open it in Notepad or ideally Notepad++. Now look for this line or similar (it differs from theme to theme):
[crayon-5c122ab67df2f651405182/]
Now replace it with:
[crayon-5c122ab67df35753498660/]
Upload this file to your WordPress theme, overwriting the existing header.php.

Make sure the ‘force overwite titles’ is still unticked. Save your changes and empty any caches you have, eg W3 Total Cache. Check your category titles and post/page titles and they should be fixed!

 


Manage multiple WordPress sites with WPRemote

Looking for an easy way to manage updates on multiple WordPress websites? Well there’s a new tool in town and it’s called WP Remote. Here’s a brief review.

This nifty tool installs on WP sites via a small plugin and gives you a single console from which to monitor your sites for plugin updates, theme updates and WordPress updates. You can apply the updates from the console so no need to login to any site after the initial plugin install. Not only that but it allows manual backups of files and MySQL databases in one click. Fiddly and incomplete WordPress backups are a thing of the past, you can expect to add the site to the console, update all plugins and themes and do a complete backup within a few minutes. Stunning.

It’s free, easy to setup, minimalist, stable and incredibly useful. And no, I don’t own the company, just thought you might like it as much as I do. Look out for this company over the next few months as I think this is going to be very popular!

https://wpremote.com


How to force a line break in WordPress

Wordpress force line break fixMany bloggers are complaining that they can’t see how to force a line break in WordPress.  It has been a problem right from its inception to the current iteration (3.4.1 as I write). The problem stems from the way that WordPress’s inbuilt editor – TinyMCE – handles spaces and returns. Adding break and paragraph tags ( for example <br> and <p> ) within the HTML editor doesn’t work as they are stripped out upon publishing. And as for combining this with images, they float in some pretty bizarre places making the formatting of some pages look simply dreadful.

So we could try to update TinyMCE.  There is a fix we can do, but for the sake of brevity I won’t post it because every time WordPress gets updated this will be overwritten. This makes the TinyMCE fix not suitable for most people who want a permanent solution.

So here is the best solution I have found, simple and effective. It involves going into the HTML tab of the visual editor (at the top of where you type your post content). Select this and position your cursor where you want the line break to occur.

Add <br class=”blank”> anywhere you want your line break to appear, this is usually after some plain text.

Update your post and view it, you should see the elusive WordPress line break has appeared. If you have the time, please drop me a comment below if it works for you.

 


Bot blocking tool Spyder Spanker review

Websites are plagued with bad bots and often come grinding to a halt without the aid of a bot blocking tool. Here, I’ll review the latest kid on the block, Spyder Spanker.

Bot blocking plugin wordpress

First off, Spyder Spanker is a WordPress plugin, so if you don’t have a WordPress powered site then you’re out of luck. If you do however, then read on, it’s pretty impressive. Here’s a video that shows its merits:

 

Seen enough? Get Spyder Spanker Pro now at the best price or continue reading the review.

 

Spyder Spanker full review

Initially installing the tool is as simple as uploading your provided zip file to your server via the WordPress plugin page. Once uploaded and activated, Spyder Spanker installs itself as an admin menu item. There, you can add your licence details and you are straight in to the interface, a very neatly styled area where each component is separately presented to you.

Allow trusted bots

Setting up the plugin is very easy because all of the major trusted bots are whitelisted. By trusted, I mean the ones you actually WANT to come to your site such as GoogleBot, BingBot etc. Without these, the search engines wouldn’t know your site content and you would never get listed in the search engine results pages. This is something that is a welcome addition to the software, other packages leave it up to you to select your own trusted bots.

Disallow bad bots

You don’t even need to add any bad bots either because these are also setup when the plugin installs. Bots such as Baidu (Chinese search bot) and Yandex (Russian search bot) are unneccesary on many English language sites as they steal bandwidth to add you to their results pages, regularly returning to your pages to re-crawl them and taking valuable bandwidth.

Allowing individual bots

OK, so we have a good setup straight out of the box, but let’s dig a bit deeper and see what we can modify. Let’s take the scenario where an English language website sells products to China. If this is the case then it would make sense to allow the Baidu bot to index the website.  To do this is a simple 2-click operation, tick the Baidu bot and then click on ‘Remove selected’. Very slick and no messing about with CSF firewall rules or .htaccess country-blocking or IP address blocking rules.

The differences between Spyder Spanker and other tools

I wanted to point out that Spyder Spanker is predominantly a bot blocker and doesn’t do a lot of what tools like WP Better Security does such as secure admin areas, make files ineditable etc. What it does excel at is blocking the bots that use your resources on a daily basis and it can throttle back the good bots when they spider your site aggresively too.

WP Better Security comes with a basic list of bad bots for .htaccess (which I use) but they’re a bit more devious these days and use new names. Here is an example of a logfile entry in Spyder Spanker:
[crayon-5c122ab67e320375010642/]
This is a bot you won’t generally find on many htaccess blacklists but it’s a ‘rule-breaker’ for sure. SS responded by blocking it and will pass the rule to my other sites and the community network.

Let’s be honest, a bot with a gmail address probably shouldn’t be trusted that much anyway!

Spyder spanker review – the verdict

I’d thoroughly recommend you buy this tool, you’ll recoup any outlay back in a short time with reduced bandwidth fees, time saved and more sales if you run any type of ecommerce or affiliate site. One thing though, go with the Pro upgrade that is presented as a “One Time Offer” when you have paid for the basic version because Spyder Spanker Pro integrates beutifully with Project Honeypot. This means that it can be run ‘hands-off’ and will be updated against the raft of ever-increasing spammers and bad bots out there. Add this to the community update facility and you’ll be protected for years to come across ALL of your domains.

Purchase Spyder Spanker at the current best price online


Woo Themes security risk

Heads up to anyone using Woo Themes, there’s a vulnerability in the “shortcode preview generator” within the Woo Framework. This needs patching asap.

https://www.woothemes.com/2012/04/framework-shortcode-exploit-has-been-fixed/

Credit to Woo, they have handled the release of their security update well, despite being in the throes of a DDOS attack themselves.

Expect to see the bots coming looking for that exploit very soon!