Code Poet just released a free eBook called Getting Pricing Right that interviews Mark Jaquith, Remkus de Vries and Shane Pearlman on setting consulting rates and miscellaneous related topics. It’s short and contains a lot of good advice, as well as links to a lot of resources.
Author Archives: Ian Dunn
Cross Site Scripting Vulnerability in Subscribe2 Plugin
News of the XSS bug in Subscribe2 didn’t show up in any of my RSS feeds or mailing lists, even though it’s a fairly popular plugin, so I wanted to make a note of it in case anyone else missed it. Version 8.2 has a fix for it. Update: It also sounds like an official […]
Creating Admin Notices From a WordPress Plugin
I just threw a couple small PHP classes up on GitHub that I use in almost every WordPress plugin I write. The first is IDAdminNotices, which is a clean and easy way for plugins and themes to send messages/errors to the user within the Administration Panels. The second is IDDescribeVar, which will outputs the type, length and contents of […]
Virtual Workspaces for Windows
I’ve been using Linux since high school — which is longer ago than I care to admit ;) — and one of my favorite features of *nix window managers has always been the concept of workspaces, but for some reason it never occurred to me until today to search for a Windows tool that would create them. […]
Why Short URLs are Evil and You Should Never Use Them
Ok, so maybe that title was a bit of a hyperbole, but this is one of my biggest pet peeves on the Web right now. Joshua Schachter has a comprehensive analysis of the concept of Short URLs and the myriad problems associated with it, but the biggest one for me is the fact that the […]
Preventing Callback Functions From Executing Multiple Times
Many actions in WordPress will fire multiple times, which can lead to performance drags and undesired/intuitiveness results. Pippin Williamson points out that you can check how many times an action has already run, and modify your code to respond accordingly.
Connecting to a PPTP VPN from an OpenVZ CentOS VPS
When setting up the PPTP and PPP packages on an OpenVZ VPS in order to connect to a VPN, there are a few extra steps you need to take that you don’t have to do with a non-virtualized box. First, you have to load the following kernel modules on the hardware node and/or set them […]
Discouraging Trolls
Jeff Atwood wrote a fascinating article on different methods to use to discourage trolling on social websites, including some discussion of their ethical merits. I wasn’t aware of slowbanning and hellbanning before, but I think they’re very clever ideas.
Principles to Apply When Preventing Brute Force Attacks
I just read a good article by Bryan Rite about the security principles involved in preventing dictionary attacks. He makes a good point about offloading the work to a service like OpenID if possible, and has some other tips to use if you have to implement it yourself. Some of it challenges the conventional wisdom, but I think […]
$( this ).attr( … ) Is Often Unnecessary
It’s often much more efficient to access DOM properties directly, rather than using jQuery. The downside to that approach is that there are differences between the various browsers, so in some cases it introduces bigger problems than the extra performance overhead.
Registering jQuery Event Handlers Before the Elements Exist
Update: I removed the link to the article because the site now contains malware. Dave Ward wrote an article Don’t let jQuery’s $(document).ready() slow you down that shows a few situations where execute the contents of a JavaScript file immediately, rather than wrapping it all inside jQuery( document ).ready(). The .live() method has been deprecated since he wrote the […]
New WordPress Security Plugin
In the past I’ve used Login Lockdown and Login Lock to block brute force attempts against WordPress installations, but Login Lockdown isn’t actively maintained and Login Lock has some serious bugs/security vulnerabilities. Recently Daniel Convissor released a new plugin called Login Security Solution that has the same basic features of Login Lockdown and Login Lock, […]
Cronie Depends on Sendmail in CentOS 6
I ran into a problem the other day when building a new CentOS 6 VPS template. After doing some of the initial work I ran yum update, and it worked fine. Later on, after installing the AtomiCorp repo, I tried to run it again and it failed with errors about Qmail obsoleting Sendmail, not being […]
Introduction to Shared GitHub Repositories
Michael Botsko has a good writeup on cloning and pushing updates to shared GitHub repositories, as opposed to the traditional method of forking a repository.
Using Constants for a Text Domain in WordPress
Normally any kind of global values that don’t change within a program’s execution should be defined as constants, but text domains within internationalized WordPress plugins are an exception to that rule. Mark Jaquith explains why it’s important to use a string instead.
WordPress Developer’s Meetup Presentation on Child Themes
I’ll be giving a presentation on building Child Themes at the Seattle WordPress Developer’s Meetup tomorrow. You can follow along with the presentation if you plan on attending.
BackPress PHP Library
BackPress is a useful project that packages the re-usable code from WordPress into an independent library you can use in non-WordPress projects.
Composite Primary Keys
Here’s a good introduction to composite primary keys by Jeff Smith. When you’re defining a database table that’s being used to relate two other tables (e.g., products_discounts to map discounts to particular products), you should always create it with a composite primary key (i.e., both the product_id and discount_id columns) rather than a single identity column […]
Success in Business
Here’s a great quote from Jeff Atwood’s post on why he decided to step back from Stack Exchange:
I finally realized that success at the cost of my children is not success. It is failure.
Including External View Files in WordPress Widgets
I ran into a problem today while cleaning up and modifying some widgets. I moved all of the markup inside widget() to an external view file, and then included it via require_once(), which worked fine. I then tried to do the same thing inside form(), but didn’t get any output. It turns out that you […]