WordPress Form Tutorial (Part 3)

The form data needs to be validated on the server, even if it’s validated with Javascript on the client. We’ll do that with our wp_form_demo_validate function. But first, we know we’re going to need a method to set error messages in the event we encounter some invalid data. So let’s write that method first.
Read more…

WordPress Form Tutorial (Part 2)

Now that we have a working plugin and a function stubs, we can add some functionality.

We’ll start by creating the form. The cleanest way to capture HTML is with the two functions: ob_start() and ob_get_clean().
Read more…

WordPress Form Tutorial (Part 1)

Many plugins are available for WordPress that allow you to create forms through the GUI without writing any code. But many of them are bloated and contain a lot of features you don’t need. They can slow down your website. And sometimes you need a custom form that can’t be created through an existing plugin.

It’s fairly simple to create a form plugin if you know PHP and the basics of plugins. This tutorial will show you how.
Read more…

Page teaser extractor plugin ready

The plugin to extract teasers into a post is now ready. It works similarly to the way Facebook’s extractor works. I’m going to enter the following URL (http://www.washingtonpost.com/politics/4-top-secret-service-executives-told-to-leave-their-posts-in-agency-shake-up/2015/01/14/a084b164-9c1f-11e4-96cc-e858eba91ced_story.html?hpid=z1) into the next line. When I click “Publish,” it should replace the URL with the teaser. Read more…

Website security

img_cyber_criminal_283x229According to team-cymru.org, most of the nefarious and malicious activity on the internet originates in China, Korea, Taiwan, India, Russia, and Great Britain. One of my sites that’s not very active was recently hacked due to a WordPress vulnerability. The new WordPress auto-updater is a great new feature so we don’t need to worry so much, but these people — mostly young programmers with too much time on their hands — never stop looking for ways to cause trouble.

Since I don’t have any use whatsoever for traffic outside the U.S., I recently installed some code to block all traffic from other countries. Doing so required the use of geodata. I got mine from maxmind.com, which is freely available for non-redistribution.

This product includes GeoLite data created by MaxMind, available from

I included the code in the document root index.php file. If a visitor from outside the U.S. visits my site (usually a crawler), it gets a simple ACCESS DENIED message. I use this same technique on a few sites I’ve worked on and it works well. None of those sites have had any problems and it can actually improve performance by lessening the server load.

Webpage excerpt plugin

I had a request to create a plugin that extracts information from a webpage and creates a blog post from the excerpt (kind of like Facebook does when you enter a URL).