Tag Archive for PHP

SleePy | January 23, 2012
No comments

Pastebin rewrote

I have taken my original code I wrote for my SMF powered pastebin and rewrote this script. This was a massive rewrite from the original code and hopefully it works out well for anyone else who is looking into using it.

I wrote it so it should be plugable with different databases, user information and templating engines. The design was mostly to implant it into my mixed environment of SMF and WordPress, but also to make it robust so it could be used in other ways.

The source of the code is up on GitHub at https://github.com/jdarwood007/pastebin

Tags: , , , , ,
SleePy | January 21, 2012
One comment

SMF in WordPress

For some reason, while using WordPress and including SMF’s SSI.php, it would not detect my logged in SMF session. Baffled and almost thinking this was a SMF bug of some sorts, I began to debug this process.

Well it turns out it is sorta a SMF old PHP support issue, but the problem lies in WordPress. This is the function in WordPress wp-includes/load.php

/**
 * Add magic quotes to $_GET, $_POST, $_COOKIE, and $_SERVER.
 *
 * Also forces $_REQUEST to be $_GET + $_POST. If $_SERVER, $_COOKIE,
 * or $_ENV are needed, use those superglobals directly.
 *
 * @access private
 * @since 3.0.0
 */
function wp_magic_quotes() {
        // If already slashed, strip.
        if ( get_magic_quotes_gpc() ) {
                $_GET    = stripslashes_deep( $_GET    );
                $_POST   = stripslashes_deep( $_POST   );
                $_COOKIE = stripslashes_deep( $_COOKIE );
        }

        // Escape with wpdb.
        $_GET    = add_magic_quotes( $_GET    );
        $_POST   = add_magic_quotes( $_POST   );
        $_COOKIE = add_magic_quotes( $_COOKIE );
        $_SERVER = add_magic_quotes( $_SERVER );

        // Force REQUEST to be GET + POST.
        $_REQUEST = array_merge( $_GET, $_POST );
}

The problem here, is that they add magic quotes to the cookie. Not quite sure why they are even doing this. But it broke adding SMF. The part in SMF which failed because of this is in SMFs Sources/Load.php in the loadUserSettings function

		// Fix a security hole in PHP 4.3.9 and below...
		if (preg_match('~^a:[34]:\{i:0;(i:\d{1,6}|s:[1-8]:"\d{1,8}");i:1;s:(0|40):"([a-fA-F0-9]{40})?";i:2;[id]:\d{1,14};(i:3;i:\d;)?\}$~i', $_COOKIE[$cookiename]) == 1)
		{
			list ($id_member, $password) = @unserialize($_COOKIE[$cookiename]);
			$id_member = !empty($id_member) && strlen($password) > 0 ? (int) $id_member : 0;
		}
		else
			$id_member = 0;

Because of old PHP support in SMF, its trying to combat a cookie security issue that existed below PHP 4.3.9. Now I don’t use that version, but I rather not strip out the code. The preg match was failing because it was not finding that valid string in the cookie. Since all the double quotes where escaped with a slash \.

For my code, I called in Settings.php from SMF and then did a stripslashes on the cookie. Then I included SSI.php, with the results I expected of it finding my active SMF session.

		require_once(pBS::get('smf_dir') . '/Settings.php');
		if (isset($_COOKIE[$cookiename]))
			$_COOKIE[$cookiename] = stripslashes($_COOKIE[$cookiename]);

		require_once(pBS::get('smf_dir') . '/SSI.php');

I should note because SMF uses a lot of global variables, that I had to globalize all of those before hand. I just borrowed the globals from SSI.php and put them into that scripts function.

Tags: , , , ,
SleePy | December 31, 2011
No comments

SMF Package Manager Generator

Hello,
Originally I had wrote my original SMF Package Manager Generator a few years ago. It was sloppy coding, poor JavaScript and relied heavily on the server. Not my absolute best work, but was something I was proud on at the time from my efforts to dive into JavaScripting.

However, todays times are different. So with JQuery out there, I decided to take breaks from my projects for a couple hours for a few days and put forth a effort to rewrite this. Needless to say, I had the initial code wrote in only a few hours. My original script took me a few days alone. That didn’t count the package-info creator I made later which also took a while.

The new script attempts to rely all on JavaScripting via JQuery. It was a fun experience to build it this way. Although, because of JavaScript’s security measures, I couldn’t leave downloading the file outside of the server. So alas, I still have to process the actual download via the server. There is a work around with using Data URIs, however it didn’t provide the filename and sounds a bit flaky when the length of the url gets to be a bit long. I included both as a option though.

Oh and Its on github, because I see no reason to not share the code. Including the code I used to integrate it into my WordPress blog.

Tags: , , , , , , ,
SleePy | November 20, 2011
No comments

WordPress templates on non wordpress pages

I have a couple pages such as my password generate that are non wordpress templates. However I want these to be styled as if they where from my wordpress. So after some google searches, I came up with very little information. I decided to dive into the code and came up with something that works for what I need it to do and requires little code edits to any of my pages to work.

This does also require a template edit to your wordpress templates. Sadly I couldn’t avoid this, I looked around and tried to see if I could modify the_content(), however it doesn’t look very pleasant to do so. I might in the future look into doing this. If somebody has a better solution that requires no wordpress template edits, please let me know. Back on topic, I modified page.php in my template and changed:

					< ?php the_content(); ?>

To this line:

					< ?php if (isset($specialPageContent)) echo $specialPageContent; else the_content(); ?>

Next I will just dump a file I named wp-ssi.php and explain how it works at the end.

< ?php
// Change the default template to use.
define('WP_SSI_DEFAULT_TEMPLATE', 'page');

// Register a shutdown function (DOES THE ACTUAL WORK!)
register_shutdown_function('do_wp_ssi_wrap');

// Don't output anything yet.
ob_start();

// Get WordPress going.
require_once('./wp-blog-header.php');

// The shutdown function that does the actual work.
function do_wp_ssi_wrap()
{
	global $specialPageContent;

	// Simply get all contents.
	$specialPageContent = ob_get_clean();

	// Allow some over rides.
	$theme = defined('WP_SSI_THEME') ? WP_SSI_THEME : get_template_directory();
	$template = defined('WP_SSI_TEMPLATE') ? WP_SSI_TEMPLATE : WP_SSI_DEFAULT_TEMPLATE;

	// Pass it on as if it was a page.
	require($theme . '/' . $template . '.php');
}

Now for all my files I add at the very top. Of course, you need to substitute the path to match yours. 

require('/path/to/wordpress/wp-ssi.php');

As for wp-ssi.php, I will can explain more about how that works.
Read more

Tags: , , ,
 
Highslide for Wordpress Plugin