Open-source PHP applications that changed the world. From managing databases to shopping, writing blogs to sending emails. Ten years of passion, great software architectures, team work and revolutionary ideas. Here are the most influential open-source PHP applications.
Blog
Wordpress - is a state-of-the-art semantic personal publishing platform with a focus on aesthetics, web standards, and usability.
BBS
phpBB -is a high powered, fully scalable, and highly customizable open-source bulletin board package. phpBB has a user-friendly interface, simple and straightforward administration panel, and helpful FAQ. Based on the powerful PHP server language and your choice of MySQL, MS-SQL, PostgreSQL or Access/ODBC database servers, phpBB is the ideal free community solution for all web sites. Features include: Unlimited forums and posts; Multiple language interface; Private or public forums; Powerful search utility; Private messaging system; Templates.
CMS
Drupal - an open source content management platform. Equipped with a powerful blend of features, Drupal supports a variety of websites ranging from personal weblogs to large community-driven websites.
Wikis
MediaWiki - is a free software wiki package originally written for Wikipedia. It allows collaborative editing on documents within a familiar interface. It was designed to be run on a large server farm and requires Apache, PHP, and MySQL.
Database Tools
phpMyAdmin - handles the administration of MySQL over the Web. phpMyAdmin performs many database administration tasks like running SQL statements, adding and dropping databases, and adding, editing or deleting tables or fields.
Photo Tools
Gallery - is an open source project with the goal to develop and support leading photo sharing web application solutions. It allow some basic photo manipulation, such as resizing, rotating, and altering image quality, but does not include advanced photo editing.
Advertising Tools
OpenX - OpenX is a hugely popular, free ad server for web publishers. Take control, manage your advertising and make more money from online advertising today.
DIGG
Pligg - Pligg CMS provides free software to create your own social networking website. Start a site in minutes using Pligg Content Management System and save time and money on your next website.
RSS
Gregarius–Gregarius is a web-based RSS/RDF/ATOM feed aggregator, designed to run on your web server, allowing you to access your news sources from wherever you want.
E-Commerce
osCommerce - osCommerce("open source Commerce") is an e-commerce and online store-management software program. It can be used on any web server that has PHP and MySQL installed. osCommerce provides a basic set of functionality that meets the common needs of online businesses.
Showing posts with label tips. Show all posts
Showing posts with label tips. Show all posts
Sunday, July 5, 2009
Saturday, November 29, 2008
Top Ten Wordpress Security Tips
Below are 10 security tips that you can easily implement on your WordPress blog. Please share one or more life-savers you use permanently to help protect yourself from WordPress security issues.
1. Upgrade Wordpress - In general, keeping your Wordpress installation up to date is a great way to avoid known problems. Do note that the lastest version, especially in the case of major upgrades, may cause more problems then it resolves.
2. WordPress Version - The tag in your header.php that displays your current version of wordpress. Since everyone knows your wordpress version this way, your blog is prone to hackers if you have not upgraded to the new version.
3. WordPress Username - Every hacker knows Wordpress has a user “admin” with god-like administration privileges. Slow the hackers down by removing the “admin” user. Create a Wordpress user with admin privileges using the administration interface. Log out of Wordpress and log back in with the new user. Delete the admin user. The new admin user should be different than your normal post author.
4. WordPress Password - Are you still logging into your wp-admin page with the same default password that was emailed to you? If so, CHANGE IT! That password is only 6 characters and just numbers and letters. Make it complex and more than 10 characters if you can. Also, try not to use words, make it a nice jumble of letters, numbers, and symbols.
5. Prevent Directory Listing - In many Wordpress installations it is possible to view a list of installed plugins by navigating to the /wp-content/plugins/ directory. This is not a good idea as known plugin vulnerabilities can than be easily exploited. Add an empty default index file, such as index.html, to the directory. You can also protect it using an .htaccess file assuming you're using Apache.
6. Protect Your WP-Admin Folder - You can protect your Wordpress admin folder by allowing access to it from a defined set of IP addresses. Everything else will bring up a Forbidden error message. So if you only access your blog from one or two places routinely, it’s worth implementing. Also, you’re supposed to create a new .htaccess file inside your wp-admin folder, not replace the one at the root of your blog.
7. Protect From Search Engines - There is no need to have all of your filesWordpress files indexed by Google, so it’s best to block them in your robots.txt file. Add the following line to your list:Disallow: /wp-*
8. Install Login Lockdown WordPress Plugin - This plugin records the IP address and timestamp of every failed WordPress login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range.
9. Install WordPress Database Backup Plugin - You always have to take regular backups of your file directories as well as the database. WordPress Database Backup plugin creates backups of your core WordPress tables as well as other tables of your choice in the same database.
10. Install Wordpress Security Scan Plugin - The WP Security Scan plugin attempts to both to audit your blog security and to implement many of the suggestions mentioned above.
1. Upgrade Wordpress - In general, keeping your Wordpress installation up to date is a great way to avoid known problems. Do note that the lastest version, especially in the case of major upgrades, may cause more problems then it resolves.
2. WordPress Version - The tag in your header.php that displays your current version of wordpress. Since everyone knows your wordpress version this way, your blog is prone to hackers if you have not upgraded to the new version.
3. WordPress Username - Every hacker knows Wordpress has a user “admin” with god-like administration privileges. Slow the hackers down by removing the “admin” user. Create a Wordpress user with admin privileges using the administration interface. Log out of Wordpress and log back in with the new user. Delete the admin user. The new admin user should be different than your normal post author.
4. WordPress Password - Are you still logging into your wp-admin page with the same default password that was emailed to you? If so, CHANGE IT! That password is only 6 characters and just numbers and letters. Make it complex and more than 10 characters if you can. Also, try not to use words, make it a nice jumble of letters, numbers, and symbols.
5. Prevent Directory Listing - In many Wordpress installations it is possible to view a list of installed plugins by navigating to the /wp-content/plugins/ directory. This is not a good idea as known plugin vulnerabilities can than be easily exploited. Add an empty default index file, such as index.html, to the directory. You can also protect it using an .htaccess file assuming you're using Apache.
6. Protect Your WP-Admin Folder - You can protect your Wordpress admin folder by allowing access to it from a defined set of IP addresses. Everything else will bring up a Forbidden error message. So if you only access your blog from one or two places routinely, it’s worth implementing. Also, you’re supposed to create a new .htaccess file inside your wp-admin folder, not replace the one at the root of your blog.
7. Protect From Search Engines - There is no need to have all of your filesWordpress files indexed by Google, so it’s best to block them in your robots.txt file. Add the following line to your list:Disallow: /wp-*
8. Install Login Lockdown WordPress Plugin - This plugin records the IP address and timestamp of every failed WordPress login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range.
9. Install WordPress Database Backup Plugin - You always have to take regular backups of your file directories as well as the database. WordPress Database Backup plugin creates backups of your core WordPress tables as well as other tables of your choice in the same database.
10. Install Wordpress Security Scan Plugin - The WP Security Scan plugin attempts to both to audit your blog security and to implement many of the suggestions mentioned above.
Tuesday, July 15, 2008
Disable Wordpress 2.6 Post Revisions
Post Revisions Tracking is a new features of Wordpress 2.6, Which makes it a lot easier to share writing between people. Since you can save your copy, and the other person can see what you changed. Also you can revert to previous revisions of posts you've made.
But if there is only one author of WordPress blog, Post Revisions will taking too much space as every revision is a new row in wp_post table. It creates a alot of useless database-entries.
To disable Post Revisions, Add:
into wp-config.php, the wordpress 2.6 Post Revisions now disabled.
In my little opinion, there should be an option in general or writing settings to enable/disable the post revision feature.
But if there is only one author of WordPress blog, Post Revisions will taking too much space as every revision is a new row in wp_post table. It creates a alot of useless database-entries.
To disable Post Revisions, Add:
define('WP_POST_REVISIONS', false);
into wp-config.php, the wordpress 2.6 Post Revisions now disabled.
In my little opinion, there should be an option in general or writing settings to enable/disable the post revision feature.
Sunday, March 9, 2008
WordPress Excerpt Seo Tips
Wordpress blogs have duplicate content issues, and one of them is allowing reading the same content on both the posts, index page, archives and categories pages. To avoid search engine penalty it is important to optimize your Wordpress using Wordpress excerpt so that duplication will be avoided.
Instead of duplicating the whole content, you may use just an excerpt in the index, archives and categories pages. The WordPress displays the excerpt of the current post with [...] at the end, which is not a "read more" link. If you do not provide an explicit excerpt to a post (in the post editor's optional excerpt field), the first 55 words of the post's content are used.
To use Wordpress excerpt function, you may replace the_content() tag with the_excerpt() when on archive (tested by is_archive()) and category (is_category()) pages and index (is_home()) page in WordPress themes.
Now that you are in the correct section, locate the following piece of code:
You are going to replace that entire piece of code with the following:
Of course, this example uses the WordPress default template, but the same code can be used on most any template if you find the index.php or main index page and the spot where <?php the_content(); ?> is in the code.
Instead of duplicating the whole content, you may use just an excerpt in the index, archives and categories pages. The WordPress displays the excerpt of the current post with [...] at the end, which is not a "read more" link. If you do not provide an explicit excerpt to a post (in the post editor's optional excerpt field), the first 55 words of the post's content are used.
To use Wordpress excerpt function, you may replace the_content() tag with the_excerpt() when on archive (tested by is_archive()) and category (is_category()) pages and index (is_home()) page in WordPress themes.
Now that you are in the correct section, locate the following piece of code:
<div class="entry">
<?php the_content('Read the rest of this entry »'); ?>
</div>
You are going to replace that entire piece of code with the following:
<div class="entry">
<?php if(is_category() || is_archive() || is_home() ) {
the_excerpt();
} else {
the_content('Read the rest of this entry »');
} ?>
</div>
Of course, this example uses the WordPress default template, but the same code can be used on most any template if you find the index.php or main index page and the spot where <?php the_content(); ?> is in the code.
Wednesday, February 27, 2008
Top Ten WordPress SEO Tips
There is a lot of amazing SEO power built into WordPress. Unfortunately it does not all come by default, and you might not know what is best when it comes to templates and options. Follow these simple rules for search engine optimization and your blog will rank much higher in Search Engines.
1. Optimize WordPress Permalinks
The most search-engine friendly permalink MUST includes the post title (%postname%) in the link,having keywords in your URL is an absolute must, In your WP admin panel, click on the "Options" tab, then the "Permalinks" sub-tab, and choose the option just below the "Default" permalink option. My suggest permalink structure is /%year%/%monthnum%/%postname%/ or /%year%/%monthnum%/%postname%.html .
2. Optimize WordPress Post Titles
The post title is the most important part of the blog post for many reasons. From your reader's perspective, a descriptive and compelling title helps them decide if your post is worth reading or not. From an SEO perspective, think about the keywords or phrases people might type into a search box to find your post, and use those words or phrases in your post title.
3. Optimize WordPress Page Titles
According to most SEO experts, the page title tag is one of the most important tags on your page. In most WP themes, you'll find the page title tag in the Header Template, and the default version ususally looks very poor SEO. I suggest you to use a WordPress plugin so call "All in One SEO Pack" to fix that problem.
4. Optimize WordPress robots.txt
The robots.txt file is used to instruct search engine robots about what pages on your website should be crawled and consequently indexed. Most websites have files and folders that are not relevant for search engines (like images or admin files) therefore creating a robots.txt file can actually improve your website indexation. Here is an SEO optimized WordPress robots.txt file.
User-agent: *
Disallow: /wp-
Disallow: /feed/
Disallow: /comments/feed
Disallow: /trackback/
5. Use Google Sitemaps Plugin
Google Sitemaps is an easy way for you to submit all your URLs to the Google index and get detailed reports about the visibility of your pages on Google. WordPress user Arne Brachold has made the sitemap creation and submission process fairly simple with his Google Sitemap plugin. This plugin will create a sitemap for you and submit it to Google.
6. Use Wordpress Anti-SPAM Plugin
Akismet is the best automated spam killer that actually gets better as it learns from the whole community marking new spam comments as spam.
7. Use Related Posts
Amaury BALMER's Simple Tags plugin is a perfect tool to manage perfeclty your WP 2.3 tags, which can show related posts on your post and rss feed. Not only does it enhance your blog's usability, but it also helps create a dense link structure throughout your site, which makes it easier for the search engine spiders to find and index older blog posts.
8. Use Ping services
Use the Update service function, to inform tracking services that you have updated your weblog. By default, Wordpress pings rpc.pingomatic.com, which is good (if you don’t want to change this, you don’t have to).
9. Make your content searchable
Make sure your navigation bar is present on all pages of your blog. Your previous posts or atleast the popular ones should be linked to all pages so they get spidered easily.
10. Update your blog frequently
Update your blog frequently using all the rules mentioned above and your blog will surely get top rankings in a short time.
If you have further SEO tips for WordPress blogs, I’d love to hear about them in the comments.
1. Optimize WordPress Permalinks
The most search-engine friendly permalink MUST includes the post title (%postname%) in the link,having keywords in your URL is an absolute must, In your WP admin panel, click on the "Options" tab, then the "Permalinks" sub-tab, and choose the option just below the "Default" permalink option. My suggest permalink structure is /%year%/%monthnum%/%postname%/ or /%year%/%monthnum%/%postname%.html .
2. Optimize WordPress Post Titles
The post title is the most important part of the blog post for many reasons. From your reader's perspective, a descriptive and compelling title helps them decide if your post is worth reading or not. From an SEO perspective, think about the keywords or phrases people might type into a search box to find your post, and use those words or phrases in your post title.
3. Optimize WordPress Page Titles
According to most SEO experts, the page title tag is one of the most important tags on your page. In most WP themes, you'll find the page title tag in the Header Template, and the default version ususally looks very poor SEO. I suggest you to use a WordPress plugin so call "All in One SEO Pack" to fix that problem.
4. Optimize WordPress robots.txt
The robots.txt file is used to instruct search engine robots about what pages on your website should be crawled and consequently indexed. Most websites have files and folders that are not relevant for search engines (like images or admin files) therefore creating a robots.txt file can actually improve your website indexation. Here is an SEO optimized WordPress robots.txt file.
User-agent: *
Disallow: /wp-
Disallow: /feed/
Disallow: /comments/feed
Disallow: /trackback/
5. Use Google Sitemaps Plugin
Google Sitemaps is an easy way for you to submit all your URLs to the Google index and get detailed reports about the visibility of your pages on Google. WordPress user Arne Brachold has made the sitemap creation and submission process fairly simple with his Google Sitemap plugin. This plugin will create a sitemap for you and submit it to Google.
6. Use Wordpress Anti-SPAM Plugin
Akismet is the best automated spam killer that actually gets better as it learns from the whole community marking new spam comments as spam.
7. Use Related Posts
Amaury BALMER's Simple Tags plugin is a perfect tool to manage perfeclty your WP 2.3 tags, which can show related posts on your post and rss feed. Not only does it enhance your blog's usability, but it also helps create a dense link structure throughout your site, which makes it easier for the search engine spiders to find and index older blog posts.
8. Use Ping services
Use the Update service function, to inform tracking services that you have updated your weblog. By default, Wordpress pings rpc.pingomatic.com, which is good (if you don’t want to change this, you don’t have to).
9. Make your content searchable
Make sure your navigation bar is present on all pages of your blog. Your previous posts or atleast the popular ones should be linked to all pages so they get spidered easily.
10. Update your blog frequently
Update your blog frequently using all the rules mentioned above and your blog will surely get top rankings in a short time.
If you have further SEO tips for WordPress blogs, I’d love to hear about them in the comments.
Thursday, February 14, 2008
WordPress Mod Rewrite Make Subdirectory 404 Error
Last night, I getting lots of 404 error while using Google to search my own blog index page, I realized there is something wrong about my blog.
My user-created-outside-of-WP folder is throwing a 404 when trying to access it. Now for some details:
Blog www.moon-blog.com : normal WP blog. Permalinks "/%year%/%monthnum%/%postname%.html" through mod_rewrite in the default .htaccess file WP created.
Subdirectory www.moon-blog.com/MySubdirectory/): normal PHP application. User defind permalinks. Located at directory "/MySubdirectory/".
The problem is that the WordPress thinks My Subdirectory is 404, and do not allow Google to index my files.
I Try add some of php code into my php application to resolve this problem:
After adding that code, my PHP application in the subdirectory do not return 404 error again.
My user-created-outside-of-WP folder is throwing a 404 when trying to access it. Now for some details:
Blog www.moon-blog.com : normal WP blog. Permalinks "/%year%/%monthnum%/%postname%.html" through mod_rewrite in the default .htaccess file WP created.
Subdirectory www.moon-blog.com/MySubdirectory/): normal PHP application. User defind permalinks. Located at directory "/MySubdirectory/".
The problem is that the WordPress thinks My Subdirectory is 404, and do not allow Google to index my files.
I Try add some of php code into my php application to resolve this problem:
header("Status: 200 OK");
After adding that code, my PHP application in the subdirectory do not return 404 error again.
Wednesday, January 16, 2008
WordPress MU Optimization Script
WordPress MU will be automatically established more than 10 tables when a new user register, so when a large number of users register will caused a lot of problem. Then I write some performance scripts can delete the WordPress MU inactive users.
The PHP source code as follows:
The PHP source code as follows:
$mysql_host = "localhost";
$mysql_user = "root";
$mysql_pass = "";
$mysql_db = "wordpress";
$mysql_mylink = mysql_connect($mysql_host, $mysql_user, $mysql_pass)
or die ("Cannot make the connection");
mysql_select_db($mysql_db, $mysql_mylink)
or die ("Cannot connect to the database");
$strsql="select * from wp_blogs where blog_id>2 ";
$rs_query = mysql_query($strsql);
$alls=mysql_num_rows($rs_query);
while (($RS = mysql_fetch_array($rs_query))) {
extract($RS);
$blogid=$RS["blog_id"];
$query2 = "select * from wp_".$blogid."_posts ";
$result = mysql_query($query2);
$num= mysql_num_rows($result);
//print $num;
if ($num<=2) {
print "DROP TABLE IF EXISTS wp_".$blogid."_comments;";
print "DROP TABLE IF EXISTS wp_".$blogid."_links ;";
print "DROP TABLE IF EXISTS wp_".$blogid."_options ;";
print "DROP TABLE IF EXISTS wp_".$blogid."_postmeta ;";
print "DROP TABLE IF EXISTS wp_".$blogid."_posts ;";
print "DROP TABLE IF EXISTS wp_".$blogid."_terms ;";
print "DROP TABLE IF EXISTS wp_".$blogid."_term_relationships ;";
print "DROP TABLE IF EXISTS wp_".$blogid."_term_taxonomy ;";
print "DELETE from wp_blogs where blog_id=".$blogid.";";
}
}
mysql_close ();
Wednesday, January 9, 2008
Custom WordPress Database Error Page
From what i have mentioned before, we can use a program to monitor the WordPress MySQL server, when the server is down, WordPress will auto send an e-mail and write to a text log file in a recorded. Now, WordPress 2.3.2, the latest version of the popular blogging platform allows you to define a custom database error page.
It is very simple. Just follow the following steps and within a few minutes your custom database error page is ready!
First, upload a file named log.txt to the WordPress root directory, chmod it to 666.
Second, Download the file db-error.php and upload it to WordPress content directory(wp-content/db-error.php).
Finally, replace the e-mail address of the code to your own e-mail.
That's it! From now on this error file will be report the error whenever your WordPress blog has encountered some trouble connecting to the database server.
It is very simple. Just follow the following steps and within a few minutes your custom database error page is ready!
First, upload a file named log.txt to the WordPress root directory, chmod it to 666.
Second, Download the file db-error.php and upload it to WordPress content directory(wp-content/db-error.php).
Finally, replace the e-mail address of the code to your own e-mail.
That's it! From now on this error file will be report the error whenever your WordPress blog has encountered some trouble connecting to the database server.
Wednesday, December 26, 2007
WordPress Plugin: SimpleTags Modification
WordPress SimpleTags is a WordPress plugin that will allow you to easily manage tags of your blog. However, I found some of bugs of WordPress SimpleTags, here is my modification.
1. Search terms problem:
SimpleTags use of the full text of the search, as long as the article contains the keyword matching, which can lead to large errors match, I modify it only match of the headlines.
Open file simple-tags\inc\simple-tags.admin.php, in line 1466, replace:
to:
2. Untagged only problem:
When blog have large numbers of the article, the untagged only function will return errors, I change some of original code in the SQL statement , greatly improving the efficiency of search and speed.
Open file simple-tags\inc\simple-tags.admin.php, in line 1475, replace:
to:
1. Search terms problem:
SimpleTags use of the full text of the search, as long as the article contains the keyword matching, which can lead to large errors match, I modify it only match of the headlines.
Open file simple-tags\inc\simple-tags.admin.php, in line 1466, replace:
$search_sql = "AND ( (post_title LIKE '%{$search}%') OR (post_content LIKE '%{$search}%') )";
to:
$search_sql = "AND ( (post_title LIKE '%{$search}%') OR (post_title LIKE '%{$search}%') )";
2. Untagged only problem:
When blog have large numbers of the article, the untagged only function will return errors, I change some of original code in the SQL statement , greatly improving the efficiency of search and speed.
Open file simple-tags\inc\simple-tags.admin.php, in line 1475, replace:
$p_id_used = $wpdb->get_col("
SELECT DISTINCT term_relationships.object_id
FROM {$wpdb->term_taxonomy} term_taxonomy, {$wpdb->term_relationships} term_relationships, {$wpdb->posts} posts
WHERE term_taxonomy.taxonomy = 'post_tag'
AND term_taxonomy.term_taxonomy_id = term_relationships.term_taxonomy_id
AND term_relationships.object_id = posts.ID
AND posts.post_type = '{$type}'");
$filter_sql = 'AND ID NOT IN ("'.implode( '", "', $p_id_used ).'")';
to:
$p_id_used = "SELECT DISTINCT term_relationships.object_id
FROM {$wpdb->term_taxonomy} term_taxonomy, {$wpdb->term_relationships} term_relationships, {$wpdb->posts} posts
WHERE term_taxonomy.taxonomy = 'post_tag'
AND term_taxonomy.term_taxonomy_id = term_relationships.term_taxonomy_id
AND term_relationships.object_id = posts.ID
AND posts.post_type = '{$type}'";
$filter_sql = 'AND ID NOT IN ('.$p_id_used.')';
Saturday, December 15, 2007
How To Turning Off WordPress Autosave
WordPress autosave is the best features which I hate in WordPress. My WordPress hosting is very slow, when I post new article, sometimes I got two saved post. The autosave features almost make me crazy. How can I turn off the autosave?
I finally patched core program post_new.php to disable autosave for a "new" post and the problem went away. Do not know if this will help you or not. My patch for v.2.3.1 follows. Newer versions might be around the same location.
Edit the file wp-admin/post_new.php WP v2.3.1 and insert "//" (without the quotes) at the beginning of this line (currently line 8):
Save and upload the file post_new.php, and the WordPress autosave features is now disable.
I finally patched core program post_new.php to disable autosave for a "new" post and the problem went away. Do not know if this will help you or not. My patch for v.2.3.1 follows. Newer versions might be around the same location.
Edit the file wp-admin/post_new.php WP v2.3.1 and insert "//" (without the quotes) at the beginning of this line (currently line 8):
wp_enqueue_script('autosave');
Save and upload the file post_new.php, and the WordPress autosave features is now disable.
Sunday, December 9, 2007
WordPress Robots.txt For SEO
The robots.txt file is used to instruct search engine robots about what pages on your website should be crawled and consequently indexed. Most websites have files and folders that are not relevant for search engines (like images or admin files) therefore creating a robots.txt file can actually improve your website indexation.
Implementing an effective SEO robots.txt file for WordPress will help your blog to rank higher in Search Engines, receive higher paying relevant Ads, and increase your blog traffic.
Here is my robots.txt files, which can further protect WordPress from this duplicate content issue.
After you created the robots.txt file just upload it to your root directory and you are done!
Implementing an effective SEO robots.txt file for WordPress will help your blog to rank higher in Search Engines, receive higher paying relevant Ads, and increase your blog traffic.
Here is my robots.txt files, which can further protect WordPress from this duplicate content issue.
User-agent: *
Disallow: /wp-
Disallow: /feed/
Disallow: /trackback/
Disallow: /comments/feed/
Disallow: /page/
Disallow: /comments/
After you created the robots.txt file just upload it to your root directory and you are done!
Subscribe to:
Posts (Atom)