Jan 11
13
This site is dead
I don’t post to it any more, but I shall, at some point in future, consider resurrecting it.
One of the sites I work on has recently been suffering private message spam, ranging from fake market research to child porn. Needless to say this needed solving, and since I couldn’t disable private messaging, there was only one option, and that was to only allow Buddypress friends to send private messages to each other.
The is a “bug” in Buddypress that allows any user to send a private message to any other user simply by entering the username in the “to” field of the compose message form. This isn’t an obvious flaw since the ajax function that shows the available users as you type in the box does indeed only show your friends.
I looked all over the web for a solution, but the only one I found, a hack at that, wasn’t compatible with the version of BuddyPress I’m using. There was only one thing for it, and that was to roll my sleeves up and sort it myself.
The solution I came up with, while not the most elegant, works.
This may vary slightly depending on your version of BuddyPress, so instead of offering line numbers, I’ll explain where in the code you need to look. Don’t worry, you only have to edit a single file with just a few lines.
The file you want is /wp-content/plugins/buddypress/bp-messages/bp-messages-classes.php
Annoyingly, because I hate doing this, there are a few classes in the same file, so you need to find “class BP_Messages_Message”
In there is the method, “send”.
Quite near to the top of that method is the line “if ( $this->thread_id ) {”
That is instructing the code to take a different path is the “message” already exists, i.e., somebody is replying to an existing thread. We don’t want to change this, so look for the else component of that if statement; it should be marked with the comment “// Create a new thread.”
Directly under that, paste this code.
foreach ($this->recipients as $recipientName)
{
$recipientId = get_user_id_from_string( $recipientName );
if (!friends_check_friendship($bp->loggedin_user->id,$recipientId))
{
return false;
}
}
Save the file, upload it to your site, and you’re done. Users can now only send a message to their friends.
The only downside to this is that the failure message isn’t ever so elegant. Rather than giving the reason for the failure, it simply says that sending the message failed. This shouldn’t be a problem for normal users though, if anything it just makes the spammers life a little more confusing, which I’m sure we can all agree is a good thing.
So there you go, that’s how to prevent spam private messaging within BuddyPress.
Mar 10
2
MySQL Slow Query Log with WAMP
Although in hindsight this is DEAD easy, I’ve just had a bit of a hard time finding out how to do it, so I thought I’d make a quick post which will hopefully get indexed by Google and save some other folk the hard time I had. Thoughtful, eh.
So, to enable the slow query log in WAMP is as simple as adding
log-slow-queries=PATH to your config file.
The config file is located in your wamp installation directory, under bin/mysql/mysql.version/my.ini
In there you will find an entry for standard logs, which will look something like log-error=c:/wamp/logs/mysql.log
Add the slow query flag, and change the log file name to something like log-slow-queries=c:/wamp/logs/mysqlslow.log
Restart wamp, and you’re done.
Oct 09
8
Bad Code
Further to my last post about the quality of code in certain well known PHP projects, I just stumbled across this fantastically pointless finger spew.
function the_title($before = '', $after = '', $echo = true) {
$title = get_the_title();
if ( strlen($title) == 0 )
return;
$title = $before . $title . $after;
if ( $echo )
echo $title;
else
return $title;
}
How entirely pointless that is, indeed, it gets worse, the entire thing is bloody well restrictive.
$title = get_the_title(); goes off and gets the title, but it adds HTML to it. I just want to get the title, but instead I end up getting <span blah blah>TITLE</span>.
Very poor code folks, and I think the naming conventions for the functions are not even worth commenting about… oh go on, I can’t resist “the _title”? Nice and descriptive, ain’t it. 
The thing is, I cannot understand why somebody would have done this. It’s just adding code that is in no way required. I think you’ll find that this particular program is riddled with dodgy designs, or lack thereof, like this, and if it was just coded properly in the first place, I dare say it would run considerably quicker, not to mention making the lives of us developers infinitely easier.
Sep 09
30
Wordpress is shit
I’ve finally cracked, I can take it no more. I’m just going to have to blog about it.
Before I quit the world and disappeared sailing for 4 months this summer, I wrote a post titled “Drupal is shit“, in it a ranted about how I couldn’t stand Drupal, and that I use either Wordpress or an MVC framework in its place. That post drew quite a bit of attention this summer after Webschuur blogged a reply to my original post.
The time has now come for me to bitch about the very product I defended in that post; Wordpress.
Here, are you ready for it, I’m going to say it. Wordpress is shit!
Ok, it’s not on the face of things, I happen to love Wordpress, but I’ve been working on a contract rececntly which involves some fairly in depth Wordpress development. I’ve had to peer under its skirt and what I’ve found was not something you’d want to tell your friends about.
This post goes beyond my opinion of Wordpress though, I want it to highlight a more fundamental problem with PHP development. People just don’t seem to be very good at it, and it’s giving PHP a bad name.
I got a bit of a telling off in the Drupal thread for not giving examples of what I considered to be poor code, so I’m not going to allow that to happen again. Let’s take a look at a random snippet of Wordpress code.
Can anybody tell me what that does? I doubt it, and that makes for bad code from the off. Thankfully, despite the atrocious function naming and cringe inducing syntax, it is doc tagged, so a mouse over in eclipse tell me that the_post() “iterates the post index in the loop”. I’m still not entirely sure what’s going on here, but I’ve got a better idea.
Let’s dig a bit deeper, F3 in Eclipse open the declaration.
/**
* Iterate the post index in the loop.
*
* @see WP_Query::the_post()
* @since 1.5.0
* @uses $wp_query
*/
function the_post() {
global $wp_query;
$wp_query->the_post();
}
This hasn’t helped much, I still have no idea what’s going on, but it has invoked a sub rant about Globals.
Why do people use them? It’s such a dumb idea. You have no control over that variable, no idea where it comes from, and no idea who has fettled with it before it’s used in this function.
Now, at this point, I’d open declaration on the the_post() method, but I can’t since Eclipse has no idea what $wp_query is. I can’t even find it without a search through the code because Wordpress doesn’t do, is put classes in individual files. They are just mixed up where ever in an orgy of mouldy spaghetti code. Again, this is bad because it makes a developers life hard for no benefit.
Searching for “WP_Query” was of little benefit since it’s littered throughout the code. I had to try another tactic, let’s find the function itself with a search for “n the_post”.
Aha, found it in wp-includes/query.php which isn’t too bad I suppose, although I would have preferred the file be called the same as the class within it. wp_query.php. Makes it nice and obvious then doesn’t it.
Opening the file shows another horror story; a huge mix of procedural and OO code. I can understand why this may have happened, it was probably because they are trying to port it to OO yet retain backwards compatibility, at least I hope that was the reason, but this is just a bloody confusing mess.
Anyway, onward we go. Let’s open up the code for the_post() and see what’s going on.
/**
* Sets up the current post.
*
* Retrieves the next post, sets up the post, sets the 'in the loop'
* property to true.
*
* @since 1.5.0
* @access public
* @uses $post
* @uses do_action() Calls 'loop_start' if loop has just started
*/
function the_post() {
global $post;
$this->in_the_loop = true;
$post = $this->next_post();
setup_postdata($post);
if ( $this->current_post == 0 ) // loop has just started
do_action(‘loop_start’);
}
I think this can be summarised with a simple, yet effective WTF!!!!???!!!
I don’t think I can bear to dig any deeper. What is wrong with using an iterator? There are well established design patterns for this sort of thing.
The bottom line is, Wordpress is like so many projects out there, a complete kludge of crap code. I will still defend Wordpress for being a good product, I can make it do things quickly (mostly) and for standard use it’s nice and easy to use, but my god do I pity you if you have to go beyond that.
HTML is also well and truly mixed in with the core code, which means to apply a specific design, you may well have to start hacking around within the functions of a plugin. This means that what should be a modular website with themes, quickly turns into a customised hunk of code that you can’t upgrade any more through fear of braking it all.
The above example reflects the vast majority of PHP code I’ve worked with, and it’s sadly a rare thing to stumble across well written and designed PHP software. The unshakable attachment to it’s roots as a hobiest language are all too apparent.
Come on folks, we can do better than this. When you turn up for work tomorrow, have a think about replacing those globals in your code with a static class or two, but more importantly, find out why you should. The PHP world will thank you for it, I promise.
Posted in Coding Tips and Tutorials Opinions by .
Feb 09
20
Zend framework on 1and1 hosting.
I had a bit of a hard time getting Zend Framework to run on my 1&1 hosting. It was all down to the .htaccess file in the end. The default htaccess configuration in the ZF getting started guide just doesn’t work, and neither did all the other posts I could fine on the subject around the internet, however, I’ve finally cracked it.
Presuming you’ve put your ZF index file in the webroot, here’s what the 1and1 htaccess file should look like.
AddHandler x-mapp-php5 .php
AddType x-mapp-php5 .php
Options -MultiViews
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule !\.(txt|swf|js|ico|gif|jpg|png|css|xml)$ /
Note: The same file will not work on my local dev machine, which is running only PHP5. You will need to comment out the first two lines (AddHandler, AddType) to get it to run on a stadard PHP5 installation.
Posted in Coding Tips and Tutorials by .
I was having a bit of a problem with TinyMCE not loading in Zend Framework (ZF). It turns out the .htaccess file was not configured correctly. It was redirecting .js to the index bootstrap and causing the page to fail to load.
The solution was the htaccess file as so…
Options -MultiViews
RewriteEngine On
RewriteBase /website
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule !\.(txt|swf|js|ico|gif|jpg|png|css|xml)$ /website/
Posted in Coding Tips and Tutorials by .
Feb 09
16
Super blogging – My Corribee
I run another blog, although it’s hosted on wordpress.com rather than my domain, here.
The blog is about my boat, ‘Kudu’. It’s a 21ft Corribee – a sailing yacht – and we are planning some substantial voyages toghether. Anyway, the other evening I got an excited facebook message from a friend saying my blog was listed on the wordpress.com’s Blog Of The Day stat’s page. I had the 7th fastest growing blog on all of wordpress. I was ecstatic about it. The 7th fastest growing blog on all of wordpress!
I awoke in the morning to find I was no longer 7th, but 1st. I was shocked. I had THE fastest growing blog on all of wordpress, which means I had one of the fastest growing blogs on the entire internet at that point in time. Sadly it was short lived, I’ve since dropped off the list, but to sustain the sort of growth I was seeing was never going to happen.
Posted in Opinions Search & PPC by .
Feb 09
16
Nathan whitworth.co.uk site rebuild
I decided to rebuild my home page since it was originally done as little more than static pages. Ok, I used a bit of PHP to include headers and footers and do a couple of other litte things, but it was nothing clever.
Since it is trying to promote me as a developer, I thought I should apply a bit more effort than that. It turns out, I failed. I used Zend Framework to rebuild the site, and it just made everything even easier and less effort. From form validation to displaying my twitter feed, I had the lot built in about 4 hours, well, excluding the other 4 hours it took me trying to figure out how to get Zend Framework working with 1and1’s hosting.
Posted in Opinions by .
Jan 09
16
Card Smart
I’m just giving some link love here since a friend of mine has just launched a new project.
Cardsmart.co.uk is a credit card comparison service and it went live about 3 minutes ago at the time of writing. It’s quite exciting to see the birth of a brand new company, it’s quite a refreshing change given all of the dying one’s that are around at the moment.
As I recall, they’ve got about 250 credit card offers on the site, which compared to money supermarket is a HUGE selection.
So there you have it, if you are in the market for a new bit of plastic check out the site.
JP, you owe me a beer. 
Posted in Opinions by .