builder2

Remove extra header tags

WordPress generates a handful of <meta> tags that are not always used by a theme, so here’s a trick to remove some or all of them:

/**
* code #5 - removes excess WordPress header tags from default themes. 
* feel free to customize the options to suit your own needs.
*/
function clean_wp_header() {
	remove_action('wp_head', 'wp_generator');
	remove_action('wp_head', 'rel_canonical');
	remove_action('wp_head', 'rsd_link');
	remove_action('wp_head', 'feed_links',2);
	remove_action('wp_head', 'feed_links_extra',3);
	remove_action('wp_head', 'wlwmanifest_link');
	remove_action('wp_head', 'wp_shortlink_wp_head', 10, 0);
	remove_action('wp_head', 'adjacent_posts_rel_link_wp_head', 10, 0);
}
add_action('init', 'clean_wp_header');

There’s more of it in this collection.

Webpage Screenshots using PHP

I’ve always wondered about how to grab screenshots of web pages through PHP and other languages, but without utilizing a real browser. I believe that previously, running multiple machines on a network was the easiest though logistically difficult solution.

But thanks to a project named wkhtmltopdf, it can now be done with minimal configuration and programming. Using the Linux shell and some PHP scripting via the snappy library, taking screenshots of web pages aren’t so hard at all.

PHP & Perl Growing In The Enterprise

Graph showing PHP & Perl growth in the enterprise.

Java and .NET has always dominated the enterprise but you’d be surprised at this CNET story that suggests PHP and Perl growing at such an impressive rate:

Overall, we see use of dynamic languages as growing significantly. This is due to several large trends. First, there’s definitely a widespread growth of skills around open source programming languages. There’s also a widespread acceptance of open source in the enterprise that didn’t exist even five to six years ago. And there are various respective inherent advantages of using dynamic languages–speed, flexibility, ease of use for developers, low-cost, and community support, just to name a few–that continue to push usage trends upward.

Now this is perfectly good news for the open source community!

builder2 links for 2009/04/18

builder2 links for 2009/04/02

builder2 links for 2009/02/25

Secure WordPress upgrades

I’m sure that like a lot of bloggers out there, you’re using WordPress to power your blogs. And because WordPress is now the de facto choice for self–hosted blogging apps, it is now a favorite target for various security attacks. It’s like every ill–willed hacker is busy trying to find vulnerabilities in it.

The recent news of a fake WordPress site distributing a backdoored and fake WP 2.6.4 version is a significant concern for all users of the application. However, it seems that someway, somehow, someone will find a way to maliciously exploit WordPress. Here are some tips to avoid exposing yourself to problems like this:

  • Upgrade the application as often as there are new versions. This includes even point releases that may seem unnecessary, updates are there for a reason.
  • Download only from wordpress.org. This becomes even more important if you can hardly understand code. Get your updates from legitimate sources only.
  • Only use trustworthy themes and plugins. Now this is not exactly easy, but knowing where to get them is half the battle. Always start your search from WordPress Extend and reliable third–party sources like WTC.
  • Update your plugins. And themes too. As everyone tries to make WordPress useful to others, some tend to release not–too–ready code. Some of these introduce vulnerabilities, but are typically updated prompty. Don’t forget to upgrade.
  • Deactivate unused plugins and delete them. Unused plugins do nothing, and they just increase the load WordPress puts on your server processes. The less plugins, the better. And make sure you delete them, even deactivated plugins can be executed without you knowing it!

Now those are just some tips to keep in mind. If you have other reminders for fellow WordPress users, share them by leaving a comment.

Image charts using PHP

chart

pChart is a PHP library that will help put nice graphical charts in your applications. And the best thing about pChart is that it’s free unlike other similar solutions. Another advantage is the quality of the generated graphs that puts non–free solutions to shame.

I’m sure this will come in handy for future PHP projects.

Inspekt: Sanitize PHP Superglobals

Working with PHP’s $_GET, $_POST, and $_COOKIE can be daunting especially when dealing with various magic quotes configuration, etc. More importantly, these superglobals are also subject to SQL injections and other hack attacks. Good thing there’s Inspekt — a PHP class that puts these variables in a “cage” and sanitizes them. Accessing the specific variables that you need is done through specified methods, returning safer values, containing only what you need.

Regular Expressions for Beginners

I must admit that as a PHP programmer for several years now, I can get away with most PHP functions and libraries, but I’m rather weak with regular expressions. I’d rather code it in some other way not utilizing ereg() or preg_match(). But don’t fret, I tried brushing up on them and these links might be just as useful to you:

If you’ve got more to share, leave a comment to us know.

Structure of a WordPress Plugin

Are you writing your first WordPress plugin? One way of the best ways to learn how is to read other plugins’ code; most of which you need to do has probably been written by someone else before. You can also use this code generator that produces a template for your WordPress plugin, which you can fill with your code and distribute to the community.

But why would you want to write a WordPress plugin? There are enough reasons to get you started, not to mention that it’s fun and quite easy to do with all the resources available.

Zend Framework 1.0 now available!

Earlier this month, Zend has released version 1.0 of their Zend Framework, their first production release. Some of the notable features of this robust development framework:

  • Powerful MVC framework
  • Database access solution that balances ORM with efficiency and simplicity
  • Lucene-compatible search engine
  • Advanced I18N support
  • Robust authentication/authorization classes and input filtering
  • Rich web services client interfaces, including Google Data APIs and StrikeIron
  • Many other useful classes to make you as productive as possible
  • Thorough and high-quality test suites and documentation
  • Open-source development process with an active community provides continuous review and testing

Claiming to be the best suited PHP5 framework for meeting business needs, ZF should make significant headway into widespread use considering it can leverage its direct link to PHP itself, similarly a product attributed to Zend itself. The question though is will ZF be able to eat into the Ruby on Rails crowd?

A PHP Scaffold Class

If you’re a fan of Ruby on Rails’ scaffolding feature, you’ll be surprised that the same thing can be achieved in PHP. In their 15 minute weblog instuctional movie, this feature is used and shows how development time is greatly reduced by dynamic generation of a pseudo–CMS for managing your applications database tables.

Now here’s a PHP class that enables us to do the same, where we can list, add, edit, and delete table rows for all our database tables. Of course we can do it with PHPMyAdmin, but here’s another option for rapid prototyping in our web applications.

Now if only someone would extend this to accommodate foreign keys and other table–to–table restrictions. For now, here’s our little PHP Scaffolding class.

Feedback through AJAX

I’m sure you’ve seen little [+] icons at the bottom of popular webpages. These things are feedback mechanisms powered by OpinionLab, a service that aims to rate a page’s usefulness. Now it would be nice if we had something like it for our little sites, right?

Enter the aptly named AJAX Feedback Mechanism which mimics the same functionality through AJAX. The good thing about it is you can download it now and implement it on your site with minimal tweaking. The provided demo will likely convince you that you need this for your next big web 2.0 thing. 🙂

WordPress Monkey

WordPress is really the “in thing” nowadays that even old school favorite webmonkey has a site building article using the popular blogging software. Theme installation and customization is pretty much covered along with a brief intro on WordPress plugins, nifty little extensions that could make or break (literally!) your site.

This new article almost coincides with the recent release of WordPress 2.0.3 which addresses several bugs and important security concerns. If you’re running the WP2 codebase on your site, be sure to get this maintenance release.

Fighting comment spam with Akismet

Every web 2.0 builder is most likely exposed to comment spam because of the social nature of this generation’s web applications. This requires considerable effort in building a system that is not easily gamed by spammers, to avoid it being rendered useless by nonsense content.

Aside from email, comment spam is the next most prevalent form of spamming. This is largely because of the nature how google ranks pages through its PageRank algorithm.

Automattic’s Akismet has been one good weapon against comment spam since its inception as WordPress’s spam blocking mechanism. Thanks to its useful API, you can now use Akismet to check your comments against their spam–fighting magic from any PHP4–based system, using this PHP class from Pablotron.org.