Archive for the ‘WordPress’ Category

Wordpress archives

Tuesday, March 3rd, 2009

I’ve been running my blog since late 2005 as such my archives had been getting a little bit unwieldy in the sidebar and stretching the page to extraordinary heights. I’ve reduced this clutter with some very small changes. First I dug around only to find out that Wordpress doesn’t support fetching the monthly archives for one year, so I had to apply some filter foomongery. I discovered somebody else has done something similar, not quite as nice personally but it works.
(more…)

Tags: , , ,
Posted in Site, Web, WordPress | 4 Comments »

Wordpress Upgrade

Sunday, March 30th, 2008

I am currently enjoying the visual refresh Wordpress has been given in version 2.5. Its quite cool.

Tags: ,
Posted in Site, WordPress | No Comments »

Upgraded

Saturday, October 20th, 2007

I just upgraded this blog using a Subversion patch, seems to be working ok, will keep and eye out for any 404s see if I missed any new files and the like. I also started to burn my feed.

Posted in Site, Web, WordPress | No Comments »

Akismet Sanitised

Sunday, September 30th, 2007

I made the Akismet plugin a little more sane after discovering it sent the entire $_SERVER array to akismets servers. I changed:

        $ignore = array( 'HTTP_COOKIE' );

        foreach ( $_SERVER as $key => $value )
                if ( !in_array( $key, $ignore ) )
                        $comment["$key"] = $value;

To:

        foreach ($_SERVER as $k => $v)
        {
                if (strpos($k, 'HTTP_') === 0 && $k != 'HTTP_COOKIE')
                {
                        $comment[$k] = $v;
                }
        }

Posted in Web, WordPress | No Comments »

Disabled Akismet, comments held for moderation.

Tuesday, September 25th, 2007

I have made the decision to disable Akismet, after reading some hype about the new Wordpress 2.3’s plugin version check API, which turned out to be negative but reveals something interesting with regards to Akismet. The following code is taken from the official Akismet plugin for Wordpres.

        $ignore = array( 'HTTP_COOKIE' );

        foreach ( $_SERVER as $key => $value )
                if ( !in_array( $key, $ignore ) )
                        $comment["$key"] = $value;

        $query_string = '';
        foreach ( $comment as $key => $data )
                $query_string .= $key . '=' . urlencode( stripslashes($data) ) . '&';

        $response = akismet_http_post($query_string, $akismet_api_host, '/1.1/comment-check', $akismet_api_port);

The bit that worries me is the use of $_SERVER, the only item from this array not sent is HTTP_COOKIE, fair enough. But why do you need to know the full paths to the files on my server and other server environment variables Akismet? I do not have a problem with sending data to Akismet, just not this data!

Source

Posted in Security, Site, Web, WordPress | 1 Comment »