Namespaces aren’t used by WordPress programmers, but I’ve been using them, and like them. This short tutorial explains namespaces, and how they work together with class autoloaders to keep your code organized.
Continue reading PHP Namespaces, Autoloaders and WordPress
On the page where they explain how to create tables for your plugin, there’s a link to the register_activation_hook function, which is run when the plugin is activated. However, right in the first section, it says:
Note: Don’t use activation hooks (especially for multisite). Do this instead:
It’s far better to use an upgrade routine fired on admin_init, and handle that per-site, basing it on a stored option.
That links to another page, which repeats the information, but doesn’t tell you how to do this. Here’s one way. Continue reading WordPress Plugin Update and Install Functions
I’ve been a real nut for filter_var() for years, and have come up with concise ways to use it, but totally missed this other function, which, at first look, seemed a little too specialized.
Well, I was so wrong. This is a great way to filter inputs. I figured this out when I had to fix up some code because it was throwing a zillion “Notice, index foobar not defined.” in the error logs. Continue reading filter_var? filter_input? No, Use Filter Input Array to Modernize Legacy Code (Best Practices)
This is a function to change a password within an htdigest password database file. htdigest is one method of user authentication in Apache HTTP Server.
Global $htdigest contains a path to the htdigest file. Global $domain is the security domain.
The htdigest formula for the hash is:
htdigest is like htpasswd, except it uses the md5 hash for hiding the password, and it supports digest authentication. Digest authentication is more secure than “basic” authentication, because basic authentication sends your password in clear text. Digest authentication sends a hash. This is ever-so-slightly more secure. (Use SSL for real security.)
For more information: read the caveat about basic authentication.
function changePass( $username, $secdom, $oldp, $p )
$changed = false;
$in = fopen( $htdigest, 'r' );
while ( preg_match("/:/", $line = fgets($in) ) )
$line = rtrim( $line );
$a = explode( ':', $line );
if ($a==$username && $a==$secdom)
if ($a == md5("$username:$secdom:$oldp"))
$a = md5("$username:$secdom:$p");
$changed = true;
print "Old password was wrong, or username exist
$output .= implode( ':', $a )."\n";
if (! $changed) // assume it's a new password
$hash = md5("$username:$secdom:$p");
$output .= "$username:$secdom:$hash\n";
$out = fopen( "$htdigest.new", 'w' );
fwrite( $out, $output );
fclose( $out );
system("mv -f $htdigest.new $htdigest");