OMNINOGGIN

1. Comments quality will increase as users will be forced to preview his/her comment before submitting it. Previewed comments are sent through WordPress’ various filters so that the user can see exactly how his/her comment will appear after it is submitted.
2. Spambots will not be able post comments unless it actually tries to “preview” the comment. When a preview is requested, a nonce key is generated and returned along with the preview. This nonce key is then required to be sent back to the server during comment submission. So in order to submit a comment, the spambot would have to use javascript to request a comment preview prior to submitting the comment. Most spambots do not care to preview so this offers some level of spam protection.

You may find the download link below. As always, please feel free to share any comments, questions, and suggestions!
Read on…

Lester Chan (GaMerZ) has released the his ‘Wave 2‘ of plugin updates. One of the plugins updated was WP-PostViews. I’m happy for this release since he was able to incorporate the mods I did to WP-PostViews and made it elegant and public for everybody to use. Although I probably won’t be getting as much traffic for my WP-PostViews mod anymore, I learned a lot from making this and a couple other plugins cacheable. Hopefully I will continue to make contributions of this magnitude to the WordPress community in the future. Kudos Lester!

You may not know it, but your site is probably being regularly harvested for email addresses. In this post I will show you how to easily help fight email spam using a Lojack technique called List Poisoning (see previous post for more Lojack anti-spam philosophy). Though this is not a new technique, it is definitely worth spreading the word and implementing.
The goal here is to pollute the harvester’s email list with fake email addresses and fake recursive links. In doing so, the harvester will waste time and resources harvesting and spamming fake addresses. (see this in action)
In the demo below, you will notice that the first three links are recursive links that will just redirect to the same index.php. The next set of links will be fake email addresses generated for harvesters.
Read on…

For those who have tried to comment on my posts but were not able to, I would like to sincerely apologize. If you are a returning reader/commenter, thank you for your patience and your continued reading loyalty. I would also like to thank Agam Rosyidi for notifying me that my comments were broken on this blog. In the future, if you notice anything wrong with my site, I would greatly appreciate it if you let me know via my about page.
On the actual problem itself, it turned out that WP-SpamFree was not working with WP-Super-Cache when the cached page is being dynamically delivered. I did not look too much into why this was the case, but comments now work after disabling WP-SpamFree. I have removed this plugin and I don’t plan on re-enabling WP-SpamFree in the future or making it work with WP-Super-Cache because of the philosophies in this great paper by Mark Pilgrim. I highly recommend reading this timeless article before you think about combatting spam. Read on…

Alex King’s ‘Articles’ is a great plugin that lets you easily mark posts as featured articles. You can also display a list of featured posts on a selected page/post by placing a “###articles###″ tag in it. That said, there are TWO big problems with it:

1. It doesn’t work with WordPress 2.3.x or 2.5.x
2. It displays the same article in each category that the post is listed under. So that means if your featured post is filed under 5 categories, your post will show up 5 times on your featured articles list.

Andy Cowl has already resolved issue #1 on this WordPress support thread (THANK YOU!). Here are the changes Andy Cowl did.

+++ articles.php        (working copy)
@@ -96,13 +96,11 @@
        $cats = $wpdb->get_results("
                SELECT $wpdb->term_relationships.object_id, $wpdb->terms.term_id, $wpdb->terms.name, $wpdb->terms.slug
-               FROM $wpdb->term_relationships
-               LEFT JOIN $wpdb->terms
-               ON $wpdb->term_relationships.term_taxonomy_id = $wpdb->terms.term_id
-               LEFT JOIN $wpdb->term_taxonomy
-               ON $wpdb->term_taxonomy.term_id = $wpdb->terms.term_id
-               WHERE $wpdb->term_relationships.object_id IN (".implode(',', $post_ids).")
-               AND $wpdb->term_taxonomy.taxonomy = 'category'
+               FROM $wpdb->term_relationships, $wpdb->term_taxonomy, $wpdb->terms
+               WHERE $wpdb->term_relationships.term_taxonomy_id = $wpdb->term_taxonomy.term_taxonomy_id
+               AND $wpdb->term_taxonomy.term_id = $wpdb->terms.term_id
+               AND $wpdb->term_taxonomy.taxonomy = 'category'
+               AND $wpdb->term_relationships.object_id IN (".implode(',', $post_ids).")
                ORDER BY $wpdb->terms.slug, $wpdb->term_relationships.object_id DESC
        ");

On issue #2, I’m thinking about modifying this plugin to accept another custom field called “article_category” to accept a string value of your category slug. Let’s say you feature a post that has 5 categories and set “article_category” custom field to “blogging” then the post will only show up once under the “blogging” category on your featured articles page. What do you guys think of this mod? If there is some demand for this, I will definitely move this to the top of my stack of projects and crank this out in a few hours. Please let me know via comments.

Every time I search the web for information on how to block spam bots, scrapers, and harvesters, I always see an Apache .htaccess file or some code to dump into httpd.conf to achieve this. I’m a bit against using this method for blocking evil bots. I do respect Apache for being a flexible & modular web server (that’s why I still use it), but I do not have much to boast about Apache’s speed and efficiency.
To achieve the same purpose on my server with greater efficiency, I made use of my Varnish reverse proxy configurations (located under /usr/local/etc/varnish/default.vcl).
In this post, I will only be discussing about vcl_recv subroutine, which gets called when a client request is received.
Read on…

Q: What is SezWho?
A: ‘SezWho enables contributors to build portable reputation. Without SezWho user reputations are confined to a single site. With SezWho participants carry their reputation with them across the web.’

If you haven’t noticed, I’ve taken the initiative to integrate SezWho 2.0 into this blog. The screenshot above is what you will see if you hover over the “Check me out!” link next to every comment and post author on this blog. In this post I will tell you why I decided to integrate SezWho into this blog.
Read on…

This might be useful for WordPress widget developers out there. I wasn’t going to post this before, but I just found that another developer ran into the exact same issue. So hopefully the 10 minutes I spend writing this post can help save somebody hours of debug.

After WordPress 2.5 released I found that my NowThen Photo Display widget broke the sidebar management page in WordPress adminitration. I took the longest time to figure out why, but the root of the problem was that the new WordPress 2.5 actually executes widget code in the wp-admin area. I have no idea why this is the case. Is this a bug or a feature of the new 2.5 code? I can see it as a feature in a sense that, if the code is not able to executed properly in the wp-admin area, then it should not be added to the front-end. If that’s the case, I would expect an error message rather than a broken sidebar management page.

Anyhow, here are a couple of tips that I have if your plugin breaks after the upgrade: Read on…

In response to JTPratt’s comment on my post, ‘Make Popularity Contest Work with WP-Super-Cache,’ I am releasing a modification of Lester Chan’s WP-PostViews plugin to support counting using Javascript. Please try it out to see if this works for you.

A side note to Lester Chan and Richer Yang (WP-PostViews and WP-PostViews Plus authors repectively). Please feel free to contact me about incorporating these changes into WP-PostViews and/or WP-PostViews Plus so that it can be officially committed to the wp-plugins.org repository. I would create my own version of WP-PostViews in the repository, but do not want to steal your thunder .

Read on…

Over the past few months, I’ve been meaning to create a staging WordPress blog that is an exact replica of my production OMNINOGGIN blog so I can test major feature changes before releasing them to my production site.  I have to admit that there are many other interesting things to spend time on (see also: Make Popularity Contest Work with WP-Super-Cache and NowThen Photo Display WordPress Plugin) so I have been lagging at getting this task done.  Fortunately the WordPress 2.5 released was enough to motivate me to get this done.  My goal in this post is to provide a step-by-step set of instructions (or checklist) for getting this task done.  I run Apache 2.2.8, MySQL 5.0.51a, and PHP 5.2.5 on a FreeBSD 7.0 machine that I have complete control over.  Keep in mind that these steps will vary depending on how your blog is configured.  It is a good checklist nonetheless so without further ado:

Read on…