Don't include wp-load, please.

Edit: This post has moved to here: http://ottopress.com/2010/dont-include-wp-load-please/. Take your comments there.

Time for Otto’s general griping: WordPress plugin programming edition.

Here’s a practice I see in plugins far too often:

  1. Plugin.php file adds something like this to the wp_head:
    <script src='http://example.com/wp-content/plugins/my-plugin/script.js.php'>
  2. Script.js.php has code like the following:
    <?php
    include "../../../wp-load.php";
    ?>
    ... javascript code ...
    

The reason for this sort of thing is that there’s some option or code or something that the javascript needs from the database or from WordPress or whatever. This PHP file is, basically, generating the javascript on the fly.

Usually, the case for this turns out to be something minor. The code needs the value from an option, or some flag to turn it on or off. Or whatever.

Problem is that finding wp-load.php can be a bit of a chore. I’ve seen extreme efforts to find and load that file in plugins before, including searching for it, examining the directory structure to make decent guesses, etc. This sort of thing has existed even before wp-load.php came around, with people trying to load wp-config.php themselves and such.

But the real problem is simpler: This is always the wrong way to do it.
Continue reading “Don't include wp-load, please.”

WordPress Settings API Tutorial

Edit: This post has moved to here: http://ottopress.com/2009/wordpress-settings-api-tutorial/. Take your comments there.

When writing the Simple Facebook Connect plugin, I investigated how the Settings API worked. It’s relatively new to WordPress (introduced in version 2.7), and many things I read said that it was much easier to use.

It is much easier to use in that it makes things nice and secure almost automatically for you. No confusion about nonces or anything along those lines. However, it’s slightly more difficult to use in that there’s very little good documentation for it. Especially for the most common case: Making your own settings page.

So, here is my little documentation attempt.

Continue reading “WordPress Settings API Tutorial”

WordPress 2.7 Comments Enhancements

This post has been moved here: http://ottopress.com/2008/wordpress-2-7-comments-enhancements/

WordPress 2.7 includes a lot of new enhancements, but one of the big ones is the new comment functionality. Comments can be threaded, paged, etc. This is all built in, but unfortunately, your theme must support it. So, for theme authors, I’d suggest getting to work on making your themes compatible right away.

Read on if you’re a theme author…

Continue reading “WordPress 2.7 Comments Enhancements”

New WordPress 2.7 Feature – Plugin Installation

(This post is geared more towards PHP authors and fans of WordPress, so if you’re not into that sort of thing, why not go look at some pictures of cats instead?)

So, I upgraded to the latest 2.7-bleeding edge version of WordPress on my blog today, and discovered a new feature that I had missed in my earlier readings. There was a new menu item on the Plugins menu:

New Menu Item
New Menu Item - Install Plugins!

Yes, it appears that WordPress now has plugin installation built into it. Similar to the Plugin Upgrade feature introduced in 2.5, 2.7 will be able to download and install plugins directly from WordPress.org’s plugin directory.

Naturally, I had to try this out, so read on if you want to see what it looks like…

Continue reading “New WordPress 2.7 Feature – Plugin Installation”

HOW-TO: Make WordPress Blogroll's smarter

Warning: Heavy geek content ahead. If you’re not interested in PHP code, you can safely skip this post.

One thing that not a lot of people know about is that WordPress is capable of checking your bookmarks/blogroll links for you and organizing them according to the time they were last updated.

The reasons people don’t know this are:
a) It’s not automatically setup and working, and
b) It rarely works in the first place.
Continue reading “HOW-TO: Make WordPress Blogroll's smarter”

Fun with PHP and WordPress

Guy over here asked how to display hockey scores on his blog. Here?s my solution?

Edit: Fixed a minor problem with the regular expression. Some of the soccer team names caused problems on that feed.

A quick googling tells me that exactscores.com seems to have feeds for scores for lots of stuff, however they also put horrible amounts of advertising into the RSS feed. Nevertheless, that can be worked around, if you want. )

The actual score information in the feeds comes in the titles, and it looks like this:

(No)001/1 (BST+2h,Start at)03:00 (Home Team)EDM OILERS (Final)3-6 (Away Team)ANA MIGHTY DUCKS (Status)Finished (First Period)0-3 (Second Period)3-2 (Third Period)0-1 (Full Time)3-6 (Over Time)- (Penalties)- (Scorers)LUPUL(19)

Now, that is pretty ugly. But, at least it?s in a semi normalized format: (Key)Value? The Scorers at the end isn?t pretty, but we can deal with that later. Also, thankfully, the actual scores in all the ones I checked always start with (No), so we can use that to determine which bits of the feed are actual scores and which are not.

So here?s a simple script to retrieve a feed and then display only those bits that start with (No):

< ?php
require_once(ABSPATH . WPINC . '/rss-functions.php');
$rss = fetch_rss('http://www.exactscores.com/HockeyLivescoreRss.xml');
echo '
    '; foreach ($rss->items as $item ) { if (preg_match('/^(No).*/i',$item['title'])) echo '
  • '.$item['title'].'
  • '; } echo ''; ?>

Obviously, the output of this is ugly, but it proves that we?re only getting scores out of the feed.

So, now we need to parse that string and get more useful data out of it. Here?s where preg_split and some rather disturbing regular expression syntax is your friend?

$uglyscores = preg_split('/^(([^)]*))[^s]|s(([^)]*))[^s]/',
	$item['title'], -1, PREG_SPLIT_DELIM_CAPTURE);

I called it $uglyscores for a reason. This returns an array with the bits of the scores nicely parsed out, but because of the regular expression I used, there?s a blank string between each pair of data, so let?s reformat this mess into something nicer:

$i=1; // skip the first element
$scores = array();
while ($i<count ) {
	$scores[$uglyscores[$i]]=$uglyscores[$i+1];
	$i+=3; // skip the blank separator
}

This gives us a nice array of elements that we can then reference by the key names. So we can use stuff like $scores[?Final?] and such.

So now that we don?t have to display everything, let?s put it all together. Here?s a combination of all of the above that outputs the two teams and the final score only:

< ?php
require_once(ABSPATH . WPINC . '/rss-functions.php');
$rss = fetch_rss('http://www.exactscores.com/HockeyLivescoreRss.xml');
echo '
    '; foreach ($rss->items as $item ) { if (preg_match('/^(No).*/i',$item['title'])) { echo '
  • '; $uglyscores = preg_split('/^(([^)]*))[^s]|s(([^)]*))[^s]/', $item['title'],-1,PREG_SPLIT_DELIM_CAPTURE); $i=1; // skip the first element $scores = array(); while ($i<count ) { $scores[$uglyscores[$i]]=$uglyscores[$i+1]; $i+=3; // skip the blank separator } echo "Home Team: ".$scores["Home Team"].""; echo "Away Team: ".$scores["Away Team"].""; echo "Final Score: ".$scores["Final"]; echo '
  • '; } } echo ''; ?>

And there you have it. If you want to display different information, just modify the stuff in those echo lines towards the end.

The key is finding the RSS feed with the data you?re interested in. Once you have that, it?s usually fairly straightforward to parse it and redisplay it nicely. )

30boxes Widget

Narendra Rocherolle asked me to convert the Google Calendar widget into a 30boxes capable widget. No problem, it only took like 10 minutes.

So if you use 30boxes and want a nice and simple WordPress Widget for displaying events on your calendar, well, here you go: 30boxes Widget

This is, of course, a first stab at it only. I can and probably will add more functionality to it (like start and end dates). But that can wait until later. Right now I need BBQ! D

Fun with Widgets

Note: The ExecPHP widget does not work in the upcoming WordPress 2.5. Therefore, if you upgrade to 2.5, you will need to install the updated version of this widget. It can be found here, now and forever more: http://wordpress.org/extend/plugins/php-code-widget/

A new plugin for WordPress came out that’s kinda cool. It’s called Widgets, and the general idea of it is to make the sidebars on your blog a bit more configurable, a bit more easily.

So, I decided to spend an hour or so converting my sidebars to Widgets so I could manage them a bit simpler. Editing PHP code is easy but time consuming, while dragging stuff and dropping it to rearrange the blog, well, that’s quick and easy.

Few things I learned:

  1. The Widgets Plugin does not like Windows. Since I run this site on a Windows box (edit: I did then, I don’t anymore, and anyway, they have fixed this problem since then), it needed some tweaking to make it work. For those who want to know, the problem is in the sidebar_admin_setup() function in widgets.php. More info on this problem is in the comments of this post.
  2. Text boxes are extremely useful when converting from your existing customized webpage to a widgets based one, as you can simply cut and paste chunks of HTML into them and voila, you’ve got a sidebar widget. However, there’s not a lot of text widgets available. If you need more text widgets, you will need to edit these functions: widget_text_setup(), widget_text_page(), and widget_text_register(). As it turned out, I didn’t need but 4 text widgets because:
  3. Despite how useful text boxes were for a quick migration, they were not enough.

So, I ended up writing two plugins of my own.

The first one is a Google AdSense plugin. You can download it here: gadsense.zip. It’s exactly the same as the Text widgets, but with (very) minor tweaks specifically for inserting Google Ads in the sidebars. Also, it shows a name of “Google AdSense” in the widgets panel, which is nice. Like the Text widget, you can have more than 1 of them, but unlike the Text widget, you can only have 4 of them, since Google’s TOS only allows 3 ads and 1 link block on a page.

The next one is also like the Text plugin, however it will also let you put PHP code into the text and have it actually work. Here’s the download: execphp.zip. Like the Text plugin, you can have up to 9 of them (more if you want to tweak the code). Note that any PHP code you put into the widget MUST be surrounded by <?php and ?> tags, just like writing PHP normally. Also note that this is isn’t exactly safe, as it’s just doing an eval() on whatever you put in there, so you have complete and full access, as does anybody else who can get to your admin screen. Still, it’s very useful.

Both of those are plugins. Just drop them in the widgets folder under the plugins folder, and activate them on the plugins screen. Then the widgets will be available for you to use on the widgets screen.

Hope these help somebody. They sure helped me. )

css.php