NoCatSplash With Authentication

DD-WRT is an open-source Wi-Fi firmware that you can install on select consumer-based wireless routers. I’ve been using the DD-WRT firmware on several Linksys and Buffalo wireless access points for a number of years. In addition, I have also implemented a feature called NoCatSplash.

NoCatSplash is a feature that allows wireless users to be redirected to a special splash page, whether to notify users of a disclaimer, or to make users agree to certain terms and agreement, or simply to advertise a web page. The NoCatSplash feature will prevent users with access to the Internet until they click on the submit button, thereby agreeing to the terms and agreement.

What was lacking with NoCatSplash was authentication. So, with a little bit of research, I found someone’s code at Github that allows simple authentication with NoCatSplash. It’s written in PHP and doesn’t require a database. It’s quite simple, but works flawlessly. The login credentials are kept on a file and can be changed anytime you’ll need to change passwords.

I’ve modified his code to fit my needs. Suffice to say, the code works great as advertised.

Twenty Twelve Title Contain No Spaces

There is a conflict between the Twenty Twelve WordPress and the All in One SEO Pack plugin. When the plugin is installed and you happen to be using the Twenty Twelve theme, the result is, there will be no space between your site title and blog title. You’ll notice this if you look at the title bar of your browser. After a couple of searches, I found a fix online. It involves editing the Twenty Twelve functions.php file and commenting out line 185 which contains the code below.

You will need to change:

add_filter( 'wp_title', 'twentytwelve_wp_title', 10, 2 );

and comment out:

// add_filter( 'wp_title', 'twentytwelve_wp_title', 10, 2 );

Also, you need to clear your browser cache to see results.

Fixing CodeIgniter Email Setup

I have been using an application I wrote in CodeIgniter that sends email notifications when an advertising link is activated or when it has expired. Several weeks ago, it suddenly stopped working. It was no longer sending email notifications as intended. I was using GMail’s SMTP server to send out the email notifications. GMail’s SMTP does require authentication. Typically, the CodeIgniter’s email preferences are located in the “config/email.php” file. It dawned on me that changing my GMail password broke my script. Here’s my email preferences found in the config/email.php file.

$config['protocol']='smtp';
$config['smtp_host']='ssl://smtp.gmail.com';
$config['smtp_port']='465';
$config['smtp_timeout']='30';
$config['smtp_user']='yourusername@gmail.com';
$config['smtp_pass']='your password';
$config['charset']='utf-8';
$config['newline']="\r\n";

So, updating the password fixed my problem.

Tricky WordPress Multisite Setup

I was converting a regular WordPress blog to a Multisite blog the other day. I got stuck in the part where I needed to edit the wp-config.php file. I applied the changes to wp-config.php as suggested in the installation instructions. The problem was I wasn’t seeing the Multisite menus you would normally find under ‘My Sites’ inside the WordPress Dashboard. The installation instructions tells you to add the following lines to your wp-config.php file.

/** Enable WordPress Multisite */
define('WP_ALLOW_MULTISITE', true);
define('MULTISITE', true);
define('SUBDOMAIN_INSTALL', false);
$base = '/';
define('DOMAIN_CURRENT_SITE', 'domain.com');
define('PATH_CURRENT_SITE', '/');
define('SITE_ID_CURRENT_SITE', 1);
define('BLOG_ID_CURRENT_SITE', 1);

It was a silly mistake on my part. I placed these entries at the end of the wp-config file. It is important that these lines remain above the absolute path statement and before the wp-settings are loaded. See below.

/* That's all, stop editing! Happy blogging. */
 
/** Absolute path to the WordPress directory. */
if ( !defined('ABSPATH') ) define('ABSPATH', dirname(__FILE__) . '/');
 
/** Sets up WordPress vars and included files. */
require_once(ABSPATH . 'wp-settings.php');

Keep these lines at the end of the wp-config.php file.

Regain Your WordPress Admin Account

So, I decided to get cute and changed my WordPress admin username to a username I wanted via a utility called phpMyAdmin. I went to the wp_users table and made a simple username change to the user_login field. I logged out and logged in back to the WordPress Dashboard. Disaster! I just lost both my WordPress admin and network admins rights. My former admin account has been reduced to a regular plebe. So, this is how a regular WordPress subscriber looks like.

It was a scary five minutes at WordPress land. I’m laughing now, but I wasn’t then. So, I went back to phpMyAdmin and also changed the user_nicename and display_name to the wp_users table hoping that would fix it. No cigar. Panic set in. After a few Google searches, I finally found the solution. Thanks to people who post their solutions online.

What a relief! First, you have to make sure you have the right user_id, especially if you have a multisite blog. Go to your wp_users table and make a mental note of your admin ID. It’s usually an ID of 1.

Next, I went to the wp_usermeta table and changed the wp_capabilities entry to a:1:{s:13:”administrator”;s:1:”1″;}.  The key here is the entry s:13. My account was reset to s:1 for some reason. I temporarily changed it to s:10, but it didn’t work. Setting it to s:13 did the trick. It worked wonderfully.

Now, I’ve regained all the admin rights for each blog that’s on the network, except that I’ve lost the Network Admin. Well, another Google search. Thank you. To make the story short, I also had to edit the wp_sitemeta table. Look for the meta_key and change to a:1:{i:0;s:11:”yournewname”;}. The s:11 is the length of “usernewname” which is 11.

That was the fix. Whew. A close shave. All in all, all is good once again at WordPress land. I am one happy admin. Just a bit on the adventurous side, but otherwise a happy camper. I’m posting this article because, I know some dufus admin in the future will probably do the same thing that I did. It wasn’t all that bad. It was just a little bit disconcerting when you lose all admin rights.

Simple Invoices 500 Internal Server Error

Simple Invoices is a free, open source, web based invoicing system that you can install on your server, desktop, or at a service provider. I installed Simple Invoices on a webhost company I rather not mention. The application was working fine, until they tweak their PHP settings several months back. As a result, the PDF export in Simple Invoices no longer worked. I was bummed. So, I was forced to run Simple Invoices from my home server, which was fun, but the issue was, I can’t access it outside of the house.

So, I decided to install Simple Invoices on my new account at Linode. Now, the funny thing was, the application won’t even come up. Not even a login page. So, I searched online for a possible solution to my dilemma. Some suggested to increase the php memory settings to 128M, but that didn’t work out for me. At one time, I thought I had a missing pdo_mysql module, but that wasn’t the case. Then, I stumbled into something that led me to the ultimate discovery.

Simple Invoices has this configuration file called config.ini located inside the config folder. One thing this application doesn’t like are extra characters inside the config file. I happen to like funky passwords with interesting characters like +-)!@#. My MySQL password happens to have a close parenthesis in it. Essentially, this extra character caused the entire application to not start. So, I change my password, and sure enough, the application worked.

So, if you ever get a 500 internal server error with the Simple Invoices application, make sure you don’t have any of those extra characters inside your config.ini file. I wasted two hours trying to fix this issue, only to be surprised by such an idiotic requirement. That means I can’t use difficult passwords for this application. I think this is either a design issue or a funny requirement of the Zend Framework, which by the way, Simple Invoices is written on. It was somewhat funny, but I wasn’t amused.

Use UUIDGEN For Passwords

An impenetrable system is only as good as its weakest password. Computers systems are often attacked using brute force. Most users tend to use really simple and easy to guess passwords. The use of complex passwords on the other hand, makes it almost impossible for them to remember. That’s why passwords typically fall in the 6-8 character range.

For systems and applications, that don’t need human intervention, when communicating to databases and other systems, a much more complex password can be assigned. These passwords typically do not need to be typed-in on forms, so they can be long, difficult and outrageous. There’s a Linux utility called UUIDGEN which randomly creates and generates unique universal identifiers.

A typical output would be:

150152b0-cd0e-11e1-9b23-0800200c9a66

These keys are perfect for systems and applications. For example, WordPress requires a username and password to talk to the MySQL database. The database credentials are typically stored in wp-config.php file. A key generated by UUIDGEN can be used in this scenario. This is just one example where long and difficult passwords can be deployed. They can be used for other purposes as well.

So, if you have access to a Linux system, to generate a unique key, all you have to do is type the command, “uuidgen” in the Terminal.

WordPress Blank Dashboard

I recently moved one of my blogs to Linode, a VPS hosting company. I noticed right away, when I logged in as admin, that the WordPress Dashboard, displayed a blank page. That’s not good. So, I started removing plugins by renaming the plugin directories until I found the offending plugin. Sure enough, it was a custom plugin I wrote myself.

Nothing has changed. The plugin hasn’t been touch. WordPress is the same latest version. The only thing that changed was the host server. So, I started looking into my PHP installation. What could possibly be missing? When I looked into my plugin code, I noticed some references to curl. I realized my server was missing a php5-curl module on the new host server.

A simple command to install php5-curl on the new server does the trick.

sudo apt-get install php5-curl

In this particular case, a missing module in PHP, caused the plugin to die unexpectedly, resulting in a blank Dashboard page within WordPress. Removing offending plugins temporarily fixes the issue, but it doesn’t get to the root of the problem. In my case, I was able to narrow it down to the missing PHP curl module that my plugin desperately needs.

In any case, everything is back to normal as expected, except for the blog, which is serving pages exceptionally fast, since I’m now running at Linode.

Install CodeIgniter The Secure Way

CodeIgniter is a PHP framework for rapid application development. It’s exceptionally fast and it comes in a small footprint. Installing CodeIgniter is fairly straightforward. You just upload the CodeIgniter files and folders to the directory of your choice.

But, for a much more secure installation, you should probably move the application and system folders above your webroot folder, so that nobody has direct access to it. In addition to moving them, you also need to set the full server paths in the main index.php. You will need to edit index.php found in the main CodeIgniter folder.

Change the following entries to:

$system_path - '/full-server-path/system';
$application_folder = '/full-server-path/application';

Save. That should do it.