Category Archives: WordPress

Why edit-tags.php and Why not edit-terms.php

Leave a reply

Today at work, I was writing about categories and tags in WordPress. I noticed something that looks strange to me and I decided to share it here.

Apparently when a user edits a category, tag or any term. It is handled by edit-tags.php file which takes parameters like tag_ID, taxonomy, action, post type.

Shouldn’t it be called edit-terms.php and have term_id instead of tag_ID? This will improve user’s understanding of how taxonomies work. They will start to understand that category and tag are taxonomies and all their categories and tags are terms inside those taxonomies. I am sure this might have come to core developers mind but they probably decided not to do that, I am just curious why?

I think renaming edit-tags.php to edit-terms.php makes sense. Any thoughts?

What is the best Facebook-like plugin for WordPress?

Leave a reply

Answer by Noumaan Yaqoob:

There is an official Facebook plugin (WordPress › Facebook " WordPress Plugins) in the WordPress repository. There are a few reasons which make it a much better choice:

1. Facebook itself is one of the contributors of the plugins in coordination with Automattic the company behind WordPress.com. Other contributors to the plugin is an impressive list of developers, including Samuel Wood.

2. It is regularly maintained, tested, and used by thousands of websites. So if there is a bug or something it quickly gets fixed.

3. It is easy to use and integrate into any WordPress powered website.

My second choice would be Simple Facebook Connect (Simple Facebook Connect).

1. Simple Facebook Connect is very easy to use and is written by Samuel Wood who is one of the core contributors of WordPress. This means that the plugin follows the coding practices of WordPress.

2. It is very well documented, and the plugin author himself is very active on WordPress forums. Most questions related to the plugin get resolved quickly.

The answer also depends on which features you need for your website. For example, if you just need a like a button along with other social networking buttons such as twitter and google+ then you probably don't need either of above mentioned plugins, you should then use a plugin like Digg Digg WordPress › Digg Digg " WordPress Plugins.

You can also obtain code for Facebook social plugins and implement them into your website. Social Plugins this way you can only get the plugin you need.

View Answer on Quora

Noumaan Yaqoob

02/02/2013

Just found out that contact form on this site was not working. Installed WP Mail SMTP plugin to solve mail issues. If you contacted me recently and didn’t hear back from me, please accept my apologies. If you want you can send me another message now.

BuddyPress Needs Some Love

Leave a reply

Recently, I had a chance to work on BuddyPress again after a long time. I was surprised to see that things are not much changed since the last time I used it. It is a wonderful tool to build online communities and with the help of community support it can become even more wonderful. This post is about some things I noticed, and I feel that we should do something to improve these things.

BuddyPress Logo

The first thing that every one notices while working on BuddyPress is that it is not well documented. It uses the same coding standards and practices as WordPress. But due to lack of documentation it is difficult for users to change things on their websites. Most users trying BuddyPress expect that it will be well documented just like WordPress Codex. But it is not, so that’s a disappointment for new users.

I found etivite’s BuddyPress and bbPress action and filter API hooks very useful.

There are not many themes available for BuddyPress. Free themes in the WordPress Theme Directory are few and not very good. Many of them haven’t been updated in a long time. There are just a few BuddyPress themes that are actually good and can be used to build online communities.

Premium themes on various other websites are mostly terrible. Be extra cautious when buying a premium BuddyPress theme. The theme you are buying may only have sliders, and an insane amount of shortcodes and widgets but all of this will not be very useful for you to actually run an online community.

Lastly, I noticed that not many people are writing about BuddyPress. I think blog posts, tweets and other smaller social actions can really boost the project. More ways to get involved with buddypress project.

Working at WPBeginner Full Time

18 Replies

Nearly a month ago I started working at WPBeginner. Leaving my previous job at Axact was a tough decision. I liked my previous job and if I had kept it I would have become associate manager this month. Apart from a comfortable work environment, Axact offers a good salary package, emergency health care benefit, transport, personal loan, etc. Every one I talked to asked me why would you leave a job like that to work with a company in the United States?

Firstly, salary was a big difference, Axact tried to match the offer in their counter offer which was very nice of them but my online mentor advised me that it is extremely unethical to even consider a counter offer once you have resigned. Secondly, I just wanted to work on WordPress. Now with this job offer I had the chance to do so full time and a chance to focus and do something great.

I am so glad that I joined WPBeginner. Each day, I start by checking my twitter feed to see what’s new. Usually there are some new plugins, themes, or development that I learn about. I am following some really nice WordPress developers, experts and plugin authors on twitter. All of them are very nice and kind to me. I learn a lot from these people almost every day and I would recommend you to follow them too.

Brian Krogsgard, Andrew Nacin, PippinsPlugins, Jeff Starr, Siobhan McKeown, Konstantin Kovshenin and many other nice folks. Check out my WordPress list on Twitter.

At WPBeginner, our target audience is beginner level WordPress users. We try to keep our posts simple and to the point. The main focus of our posts is to provide a solution to some common problem. We write about how to do things the easier way without breaking any thing.

It is not an easy job. A couple of days ago I was writing a tutorial and then my boss Syed Balkhi edited it. He pointed out some very obvious mistakes that I left in the article. These mistakes would have left the readers confused. I wrote it again and Syed again pointed out some things that were still unclear. I edited it again. Finally it was published and we got feedback from the readers.

After spending time on twitter, I try out plugins and test themes. A lot of new plugins are not good and some are just awful. Sometimes I find plugins which are actually good but plugin authors are not aware of some easy to fix bugs in their code, mainly because no one has reported those bugs. I try to open support ticket and contact plugin authors. So far I got two plugins improved with my bug reports then I reviewed those plugins. By the way if any of you is working on some interesting new plugin or theme please let me know I would love to test it.

Working from home has also allowed me to do other things with my time. I am learning new things, spending time with my family, I have made travel plans, and I am excited about future prospects.

Yoast’s Review of WP-Types

Yoast’s review of WP-types plugin. Types is a plugin for WordPress, it allows you to create custom post types, add custom fields for that post type and makes it easier for you to publish different kind of content easily. Types is available for free but there is an accompanying plugin called Views or WP-Views, which allows you to customize your template to display your post types differently.

Link: http://yoast.com/types-wordpress-plugin/

topic-wordpress

WordPress: Displaying External RSS Feeds

How to display an external RSS feed on your WordPress blog without causing heavy server load. I wanted to display an external RSS feed on one of my blogs. There were many plugins to display external RSS feed as widgets on sidebar. There are also plugins that can display feed content inside a post or a page. Some also used cache to store feeds, some used cron jobs, some plugins needed me to make a directory writeable.

If you ask me they are all useless since WordPress has built in functionality to fetch, cache and display external rss feeds. The function to do that is Fetch_Feed. It uses SimplePie and FeedCache to do the job and it is very effecient. However, the WordPress Codex for this function shows only one usage example for this function which is fine if you are not a person who has good knowledge of PHP, WordPress tags and HTML. But there is a lot more you can do with this function. To learn what else you can do with it you need to read the SimplePie documentation. Using Simplepie and WordPress template tags you can display RSS feeds in many different ways.

I love WordPress, but each day it is becoming more and more complicated for me. For example if I need to choose a plugin to do some job and I search for it on Google, the results will show me many plugins that do the same thing. Now the problem is that how do I choose the best one? I want to use things that do not cause heavy server load. I prefer plugins with caching abilities, better code and effecient resource usage. But believe me not many plugins out there are that good. They are ok for small blogs but on busy websites with lots of visitors they create problems. So the solution to this problem is to first look at the WordPress it self and use it’s own functions to do the job.

Securing a WordPress Blog

wordpress security

Due to some troubles with a few of my WordPress blogs. I have recently learned a lot about security and protecting my WordPress blogs from hacking. There is no way to be 100% sure that your website couldn’t get hacked. However, using the best practices described below, you can make it very hard for someone to crack into your WordPress installation. Taking these steps does not take much time but it saves you from a lot of trouble, even if your website get’s attacked you can fight back quickly and restore your website easily. Without these security precautions you not only make your WordPress installtion vulnerable, but you also make it difficult for yourself to recover from horrible accidents. So lets begin securing of your blog:

Back up often

You have heard this many times. Here it is once again, back up your website and database at least once a week if you update your website daily, or atleast once a month if you don’t update that often. But please back up. Do not trust your webhost when they tell you that they have back ups of your website created on a daily basis. It is very smart to have backups on hand just in case something goes terribly wrong with you or your webhost. There are many WordPress plugins to back up your database. I use WordPress database manager plugin called wp-dbmanager. Using this plugin you can schedual weekly backups to be sent to you via email.

Stay Updated

Whenever there is a new version of WordPress, upgrade your installation as soon as possible. Since 2.7 WordPress has automated the upgrade process or you can manually update to latest version. It only takes about ten minutes but it saves you from a lot of trouble. Older, outdated and upsupported installations often get hacked. Once hacked it is a very lengthy process to clean your blog and upgrade. So protect yourself now upgrade your WordPress.

Also keep your plugins updated to newest versions. If you notice that a plugin author has not released an updated version since a long time go to plugin’s home page and check its status. If the author has abandoned the plugin then stop using it right away.

Strong Passwords

If no one has ever stolen your password then it does not mean that no one ever will. There are some really bad people out there who randomly pick their victims and crack their passwords to take control of their websites. WordPress has strong password indicator which you can use to generate a strong password. A strong password contains atleast 8 characters a combination of alphabates and numbers and special characters. Avoid using words that can be found in a dictionary.

You should have strong passwords not only for your blog’s admin interface, but also for your site’s SSH shell and FTP access. Doing so you make it very difficult for hackers to crack your site and access your files via ftp. Try to use SSH or SFTP instead of plain FTP.

But strong passwords are difficult to remember. Well you should then read this wonder post from the blog herald that tells you how to create strong but memorable passwords. You can also generate a strong password using Aautomatic password generator tool.

File Permissions

One drawback of using WordPress or some of its plugins is that sometimes you need to make a few files writeable on your server. For security it is important that you keep file permissions as strict as possible. It is ideal to have your directories file permission set to 755 and your files 644. See WordPress Codex Changing File Permissions.

Default Username

At the first installation WordPress automatically creates a user account with the username admin. Now using the default username means that half of cracking is done without any guessing. Unfortunately it is not possible to change this username from the WordPress admin interface. However you can change it by running a simple mysql query.
Update tableprefix_users set user_login='newusername' where user_login='admin';

Replace tableprefix with the table prefix in your wp-config file. If you didn’t add a table prefix then it would the default one which is wp_ . You can run this query or manually edit table in phpMyAdmin or you can also run this query using wp-dbmanager plugin.

Other tips:

Remember, no website is 100% secure. But taking these precautions reduces the chances of your blog or website getting compromised easily. The following web pages has more tips on securing your WordPress even more.

Hardening WordPress
WordPress Security Tips and Hacks
WordPress Security Whitepaper