As we all know that WordPress is powered through PHP & MySql and by far phpMyAdmin is considered to be most adopted way of managing the MySQL databases. Most of the web hosting companies have it installed for their users and most of the users find it pretty intuitive. Same goes with WordPress these days. At times, it looks like a perfect marriage between the two!

When it comes to WordPress, there are various obnoxious situations that we can avoid with the help of phpMyAdmin and its neat little tricks. Thankfully, Many tech savvy and generous bloggers have shared those neat tricks with the world and in this post, I would like to accentuate them.

Tricks related to WordPress Users

1. Reset WordPress user password using phpMyAdmin – by WPBeginner.
2. Change WordPress admin username – by Mahesh Kukreja
3. Disable New User Registration – by Rajesh Patel [I don't see any reason for taking this step as it can be easily done through options under settings, but still you never know when these things can come handy].
4. Change post attribution from one author to another – WpRecepies.

Tricks related to WordPress Posts & Comments

1. Delete all spam comments using phpMyAdmin – by Technofriends
2. Batch delete posts revisions – by WPRecepies
3. Restore commenting back using repair feature of WordPress – by Speed of Creativity [of course, this is more of a troubleshooting trick, but one handy trick that may help you at certain time]

Troubleshooting WordPress using phpMyAdmin when nothing works

There are times, when you might be playing with some broken plugin/theme or not an updated plugin/theme that can cause WordPress to break then it gets little hard to Troubleshoot things if you don’t have the database backup already. However, you can save yourself by ensuring that you can create the database backup or restoring it with the help of phpMyAdmin -

1. Create WordPress database backup using phpMyAdmin.
2. Restore WordPress database backup using phpMyadmin.

Various other useful tricks

1. Move WordPress blog from one domain to another.
2. 12 quick and easy MySql tricks. [This is not through phpMyAdmin, however can come in handy through SSH]
3. Running multiple WordPress blog on single database. [not recommended, however if you are running out of number of database then this is the only solution - else change your hosting provider - Here's the guide to do so]

If you know more tricks, feel free to share it with us as we’ll keep this page up to date with all those wonderful tricks!

© mayank for Blog Design Studio, 2010. | Permalink

Related posts

• What should one do if the WordPress automatic upgrade fails? (3)

In a previous post I wrote about a simple and easy way to convert your html into WordPress theme. Starting from today I will post a small series of articles that will explain the sweet little details when building a new WP theme. So first things first, we will start by explaining how to install WordPress on a local computer (Learn how to install wordpress locally on mac). By doing so, it will save you time from updating and previewing files, also we will mention some problems that you may encounter during the installation and after it.

1. First get XAMPP lite, open the exe file, and install it at the root of some of your drives, usually C, but I prefer to install it on D to keep it separate.

2. Than go to C:\xampplite (or D:\xampplite in my case) and double click on setup_xampp.bat file. Than open xampp-control.exe and start the Apache and Mysql services, the upper two boxes.

3. Now Open your browser and go to http://localhost/ and click on phpMyAdmin on the left column. Now you should create a new database by entering wordpress in the field and than select utf8_unicode_ci in the drop down box in the next field. That’s it. Xampp setup is done.

4. Now you need WordPress. Go to their site and download the latest version of WordPress, than go to the c:\xampplite\htdocs folder in which you installed the Xampp and unzip it there.

5. Than find the file named wp-config-sample.php in that folder, open it in your favourite text editor and update the database details (db_name, user, password, host).

6. Finally open your browser and go to http://localhost/wordpress/wp-admin/install.php , follow the instructions and install WordPress.

There is just one little thing left: If you already have Skype installed it will occupy port 80 which is the port that XAMPP needs to communicate with your Internet connection, so open Skype and go to Tools and than select Options. From the list select Advanced and then Connection. There is a checkmark inside where it says “Use port 80 and 443 as alternatives for incoming connections” uncheck that box and save your changes. Don’t worry, Skype will still function as usual but now XAMPP will be able to use port 80 to run.

© Igor for Blog Design Studio, 2010. | Permalink

Related posts

• What you need to learn from Valleywag’s blogger! (1)
• Medical Tourism Guide (0)
• Blog Design Studio Edge – Minimal wordpress theme with javascript effects! (20)
• What should one do if the WordPress automatic upgrade fails? (3)
• How to choose webhost for your WordPress blog ? (0)

Parts of the loop

The loop has three parts:

<?php if (have_posts()) : ?>
<?php while (have_posts()) : the_post(); ?>

Part 1) Here stands the content that you want to be displayed in the Loop

<?php endwhile;?>

Part 2) Here stands what is displayed when the Loop is over

<?php else : ?>

Part 3) If there’s nothing to display

<?php endif; ?>

Template Tags in the Loop

Basic tags:

if (have_posts()) – checks to see if you have any post.

while (have_posts()) – if you do have it, while you have any post, execute the_post().

the_post() – call for the posts to be displayed.

endwhile; – this is used to close while()

else – is what to do when you don’t have any post at all

endif; – close if()

Than there are more template tags within the Loop that will output things such as the post title, the permalink, the content, etc:

<?php the_permalink() ?>

– This tag echos the permalink of the post

<?php the_title(); ?>

– This one echos the post title

<?php the_time(’F jS, Y’) ?>

– This will echo the date, for example July 4th, 1776.

<?php the_author() ?>

– This will display the author’s name

<?php the_tags(’Tags: ‘, ‘, ‘, ‘<br />’); ?>

– This will display the tags assigned to the post, separated by commas, and followed by a line break

<?php the_category(’, ‘) ?>

– This will display the categories

<?php edit_post_link(’Edit’, ”, ‘ | ‘); ?>

– This will display the  edit post link which will be visible only to those with permission.

<?php comments_popup_link(’No Comments »’, ‘1 Comment »’, ‘% Comments »’); ?>

– Will display the link to the comments. This will not be displayed on single posts or pages.

The rest of the tags are available at WordPress Codex.

Posts Nav Link

After the loop you should make the pagination that you see on the homepage, archives, and search results (but not on the single posts or pages):

<div>

<?php posts_nav_link(); ?>

</div>

where

posts_nav_link() – call for the Next and Previous links

If there are no posts to display then the following will be displayed after the <?php else : ?>:

<h2>Not Found</h2>
<p>Sorry, but you are looking for something that isn't here.</p>

Insert ads after the first post

OK, now let’s hack it just a little bit. The ads usually are displayed on the blog sidebar, footer or header, but if you think that’s not the best solution then you can insert them after the first post. You can do this by replacing your current loop with the following one:

<?php if (have_posts()) : ?>

<?php $count = 0; ?>

<?php while (have_posts()) : the_post(); ?>

<?php $count++; ?>

<?php if ($count == 2) : ?>

//Paste your ad code here

<h2><a href="<?php the_permalink(); ?>"><?php the_title(); ?></a></h2>

<?php the_excerpt(); ?>

<?php else : ?>

<h2><a href="<?php the_permalink(); ?>"><?php the_title(); ?></a></h2>

<?php the_excerpt(); ?>

<?php endif; ?>

<?php endwhile; ?>

<?php endif; ?>

That’s more or less what the loop in WordPress is about, its parts, template tags, necessary “navigation” after it and maybe the “ads” too.

© Igor for Blog Design Studio, 2009. | Permalink

Related posts

• Free custom blog design contest – group writing project! (40)
• What you need to try before upgrading to WordPress 2.7 (1)
• Widgetizing Your Non-Widget WordPress Theme (0)
• 84% of bloggers believe that Blog Design helps in increasing blog’s popularity! (2)
• 10 Hottest Bloggers You Must Check Out (3)

WordPress is a blog publishing application and content management system. It has a templating system, which includes widgets that can be rearranged without editing PHP or HTML code, as well as themes that can be installed and switched between.

Theme or WP theme are all the files you’re using: texts, images, codes, etc, etc. Every theme has at least two files: index.php and style.css. You tell your theme where everything goes within index.php same as you do in index.htm and you tell your theme how everything will look like within style.css. Apart from these two files the theme can contain:  home.php, single.php, page.php, category.php, archive.php, search.php, 404.php, comments.php, comments-popup.php, author.php etc.

Probably you already know how to install WordPress by now. Make sure that your WordPress engine is running, then go ahead and drop your folder that contains all the HTML in it into the wp-content/themes folder. Wp-content contains all the content, uploads, themes, plugins, upgrade files, etc, etc.

OK, let’s go.

Step 1 – The basic template files

First of all change the style.css by pasting this into it:

/*
Theme Name: WordPressify your XHTML in 5 simple steps
Theme URI:
Version: 1
Author: Blog Design Studio
Author URI: http://blogdesignstudio.com/
*/

After that change index.htm to index.php and that’s it, now you have the two basic template files.

Step 2 – The breakup

Now open the index.php file, than simply cut and paste the content this way: the header of the code in new file named header.php, the right column in a new file called sidebar.php, the footer in footer.php than just save the rest of it like it is.

Step 3 – header.php

After all that done, now let’s take care of the separate files one by one. Open header.php and replace the <head> with this code:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" <?php language_attributes(); ?>>
<head profile="http://gmpg.org/xfn/11">
<meta http-equiv="Content-Type" content="<?php bloginfo('html_type'); ?>; charset=<?php bloginfo('charset'); ?>" />
<title><?php wp_title('&laquo;', true, 'right'); ?> <?php bloginfo('name'); ?></title>
<link rel="stylesheet" href="<?php bloginfo('stylesheet_url'); ?>" media="screen" />
<script type="text/javascript" src="<?php echo bloginfo(stylesheet_directory) .'/js/domtab.js'; ?>"></script>
<?php if ( is_singular() ) wp_enqueue_script( 'comment-reply' ); ?>
<?php wp_head(); ?>

Done? Than go to the menu, get rid of the li’s, but keep the wrapping ul and the current page item. Type this in:

<?php wp_list_pages('title_li='); ?>

Than put these into the current page item:
Into <li class=”

page_item page_item_1 <?php if ( is_home() ) { ?>current_page_item<?php } ?>

than into <a href=”

<?php echo get_settings('home'); ?>

Save, refresh, and that’s it. Your menu is dynamic now.

Step 4 – index.php

Now let’s take care of the posts. Here you got “the Loop”. “The Loop” is a code that has information passed through it. Then it ‘loops’ or goes through the Database number of times to get the data required.

OK, now take the beginning of the loop:

<?php if(have_posts()) : while(have_posts()) : the_post(); ?>

And place it before your content i.e. the post, than close the loop with this:

<?php endwhile; endif; ?>

Now fill in the content tags, the tags that pull the information from the database within the loop.

<?php the_permalink() ?>"><?php the_title() ?>

gets the title of the post

<?php the_time('j M, Y'); ?>

gets the time (day, month, year)

<?php the_author_posts_link() ?>

gets the author

<?php the_category(', '); ?>

the category

<?php the_content('read more'); ?>

displays the contents of the current post.

<?php comments_popup_link('No Comments', '1 Comment', '% Comments'); ?>

displays a link to the comments

Here is an example with the content tags in bold:

<div id="leftcolumn">

 <?php if (have_posts()) : while (have_posts()) : the_post(); ?>
<div class="post">
<div class="title">
<h2><a href=" <?php the_permalink() ?> "> <?php the_title() ?></a></h2>
<div class="postdata">
<?php the_time('j M, Y'); ?> written by <?php the_author_posts_link() ?> in <?php the_category(', '); ?>
</div>
</div>
<?php the_content('read more'); ?>
<div class="postcom"> <?php comments_popup_link('No Comments', '1 Comment', '% Comments'); ?></div>
</div>
<?php endwhile; ?>
<?php else : ?>
<h2 class="center">Not Found</h2>
<p class="center">Sorry, but you are looking for something that isn't here.</p>
<?php get_search_form(); ?>
 
 <?php endif; ?>
</div>

Just don’t forget to put these include tags in the code:

At the beginning of the index.php:

<?php get_header(); ?>

This tag includes the file header.php from your current theme’s directory.

At the end of the index.php:

<?php get_sidebar(); ?>

includes the file sidebar.php from your current theme’s directory.

<?php get_footer(); ?>

includes the file footer.php

Step 5 – sidebar.php

The Sidebar may look difficult, but it isn’t at all. Simply put this into the ul:

<?php if ( function_exists('dynamic_sidebar') && dynamic_sidebar('Sidebar') ) : else : ?>

<?php endif; ?>

Than create a new file called functions.php, and paste this into it:

<?php
if ( function_exists('register_sidebar') )
register_sidebar(array(
'name' => 'Sidebar',
'before_widget' => '<li id="%1$s">',
'after_widget' => '</li>',
'before_title' => '<h2>',
'after_title' => '</h2>',
));
?>

Now you can go to Appearance >Widgets in your wp-admin and add the some widgets like categories, archives etc.

Well, that’s it, now you have a fully functioning homepage. The only small thing left is to take care of the single.php, page.php, archive.php and 404.php. Now again create four new php files: single, archive, page and 404.

Copy the contents of index.php. Paste that in archive.php, than replace

the_content()

to

the_excerpt()

than paste it into single.php. Delete the comments_popup_link, navigation links and the read more link. Paste that in page.php. Copy everything from page.php now, and paste it into 404.php. Than post this in the post area:

<div class="post">
<div>
<h2>Error 404 - Not Found</h2>
</div>
</div>

© Igor for Blog Design Studio, 2009. | Permalink

Related posts

• Maintain a WordPress blog in hindi, tamil, telugu, arabic and other languages (2)
• Why it makes sense to have permalink present in the feed footer (2)
• Thanks a ton to Rajesh and WPWebhost (0)
• RIP my-hacks.php in WordPress 2.8 (0)
• Why choose WordPress as the blogging platform! (1)

Recently, there have been reports that older versions of WordPress self-hosted blogs are under attack by an online creature named “eval/base64_decode” that changes the Permalinks (URL-Structure) of your blog posts such as : example.com/category/post-title/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_REFERER%5D))%7D%7D|.+)&%/.

Why I say that it’s our own fault?

WordPress team has been working hard all the time to give us new features in the new versions. They have been quick enough to supply the security updates, in case there is any in the new versions. It’s only the bloggers who don’t really give importance to these new updates by not updating the engines and we tend to raise the question about WordPress Security or play the blame game after our blog’s get attacked by these nasty tricks played by “some jerk”.

Will it be not your fault, if you don’t lock the doors of your house and go out on a holiday. Will it not be like, giving an open invitation to thieves? It’s exactly the same here as well, by not upgrading your WordPress installations, you are inviting hackers to exploit your blog.

What all can I do to keep my blog safe?

I’ve already written a series on how to secure your WordPress installations and I’m sure that those safety measures will surely keep your blog safe from prying eyes. However, that are the safety measures that you can take. However, if your blog is already hit by “eval/base64_decode” then you should go ahead and follow these FAQ on how you can save yourself from this nasty attack.

Suggestions for the Automattic team

Considering that how WordPress has grown in the internet world and how other engines are secure enough that they don’t get attacked by these exploits (It’s pretty much same as why Microsoft Windows gets viruses and other operating systems don’t), there are certain suggestions for the Automattic team that they should implement to keep things more secure than ever -

1. Certify the plugins – This wonderful suggestion came from Allen Stern and I think he’s right on the money. If there will be a system in WordPress or someone who’d look in the code of every WordPress plugin that’s uploaded on WordPress Extend, then it’ll give more assurance to the bloggers about the authenticity of the plugin.

2. Put Some WatchDog – Corsin Camichel suggests that it’ll be nice if the bloggers get an automated report every day by WordPress installation that tells them about the activity of the blog. I’m sure that a person will get alerted if he sees that 30 new posts were added on his/her blog when he was busy somewhere else.

3. Educated users through WordPress.TV – WordPress.TV is an excellent resource that has lots of videos that educate users about various sections of WordPress. I’m sure bloggers will certainly appreciate if they can get more videos (other than this video) on the topic of security and what all they can do to keep their blogs safe from prying eyes.

If you have any more suggestions for the Automattic team, then why not take part in the conversation and let them know that what all we are expecting from them! <sarcasm>After all, it was their fault that they built such a wonderful app; people will automatically have lot more expectations from them.</sarcasm>

Is your blog doesn’t look as cool as other blogs? Feel free to contact us (Free quote) and we’d love to help you in building a beautiful blog for you!

© mayank for Blog Design Studio, 2009. | Permalink

Related posts

• 10 Hottest Bloggers You Must Check Out (3)
• How to add a Flickr PhotoStream to your Wordpress Blog (1)
• Chromotherapy in Blog Design! (1)
• Evolution theme for Kevin of BloggingTips.com (0)
• Contact us (0)

While you ponder over the question (are you still thinking about it? if the answer is yes, go ahead and take these mind exercises or play these games), I would remind you to ensure that you subscribe to our blog for regular tips like these.

WordPress by default has “admin” as the username and thus it becomes easier for the hackers to run the bruteforce attack on your blog. If you use default username (i.e. “admin”), they just have to work on the password, however if you don’t use this username and have something different or personal, then it’ll be equally difficult for the hackers to crack the username and password (this explanation is for those who are still thinking about the question). Anyway, here are some of the steps that you should perform to ensure that you are safe from the “username” point of view as well -

1. Rename the admin username -

a. Using your webhost’s MySQL admin tool (e.g. phpmyadmin), locate and select your WordPress database.
b. Then – locate and select the wp_users table (wp prefix may differ) and then click the browse icon.
c. Locate “admin” and click the edit icon.
d. Under the user_login section, change “admin” to your preferred name and click go.

2. Mention your public name in profile – WordPress allows you to change your display name and gives the option of displaying the username, nickname, first name or full name as the author name in the post. It becomes an important step because by default, it displays your username as the author name.

So, you should specify the first name, last name and if you want you may specify the nickname too and then change the display name accordingly.

3. Create another username – I’ve been an avid supporter of not using the admin username for day to day stuff. It’s always sensible to have an extra and limited account. I will suggest you to add another username for your blog and give it the role of “editor” instead of admin rights and use it for everyday task.

I hope that you’ll be finding this series a little bit useful and that you’ll be able to keep your blog safe from the prying eyes!

© mayank for Blog Design Studio, 2009. | Permalink

Related posts

• How to change Admin Username (2)
• Find out if your WordPress theme is worth your love? (0)
• What all you need to do, to keep your blog secure from hackers! (5)
• Security Check – How about a stronger password for WordPress blogs? (0)
• Tools that can help you make wordpress secure! (0)

While installation of WordPress, we come across a value called Table Prefix, in Wp-config.php file. By default, this value is “wp_” and most of the bloggers tend to leave the default value over there. This is where, automated bots can easily start attacking as they already know the major structure of the whole database.

There can be two approach for this particular problem -

1. Changing the table prefix before installation – This is a no brainer! If you are doing manual installation, you just need to change the table prefix from “wp_” to anything else (e.g. wp12_ , wp_1_ – in short just about anything), in wp-config.php file.

2. Changing the table prefix after installations – There are many bloggers who tend to install WordPress through automated scripts like Fantastico or through one-click installers. Those scripts don’t allow you to change the table prefix and thus the only resort in that case is to play around with phpMyAdmin and by running sql queries. There is an automated way as well.

a. Manual way of changing – Sherif has posted a wonderful and detailed tutorial that allows you to change the table prefix in 6 simple steps.

b. Automatic way of changing – Fortunately, there are plugins available to automate this 6 step process and you may use them to make your life even simpler. Blog Security has already released a plugin that automates the things for you. WP-Security scan plugin also allows you to do the same work.

***Words of Caution*** – Don’t forget to make backup of your database.

I told you! It only sounds scary, however it isn’t that difficult to play around with WordPress and little advanced tools. Now you know that why I advocate for WordPress!

© mayank for Blog Design Studio, 2009. | Permalink

Related posts

• Security Check – Define the WordPress secret key if you haven’t (1)
• Amazing and quick security posts! (0)
• Find out if your WordPress theme is worth your love? (0)
• Security Check : Role of Username in securing your WordPress blog (7)
• Secure your blog using USB key! (2)

What is CHMOD?

The chmod command (abbreviated from change mode) is a shell command and C language function in Unix and Unix-like environments. When executed, it can change file system modes of files and directories. The modes include permissions and special modes.

The values that we are playing with are -

755 – 755 means read and execute access for everyone and also write access for the owner of the file.
644 – 644 means that it can be written by you, however can only be read by rest of the world.

1. Root directory – This is the directory where your WordPress is installed. This directory needs CHMOD value as 755.
2. wp-includes – This is the sub-directory and has various important files that perform various important functions for the blog. This directory needs CHMOD value as 755.
3. wp-admin/index.php – This is the file that displays you the WordPress Dashboard. It requires 644 as the CHMOD value.
4. wp-admin, wp-admin/js/ – Both these folders have the files that are again useful in various WordPress admin section. They requires 755 as the CHMOD value.
5. wp-content/, wp-content/themes/, wp-content/plugins/ – These three folders require the CHMOD value as 755 and these are the folders where you store the theme [ you can't beat us on that ] and plugins.

How can I change these values?

You’ll need an FTP software for the same. FileZilla is an excellent, free and open-source software that should take care of all your needs. In most of the FTP software, you just need to right click on it and you’ll see something like Properties or Get Info or Permissions as the option where you’ll be able to change the CHMOD value.

If you really want to ensure that your WordPress blog should be safe and secure then you should change the CHMOD value of all these directories and files. This should keep things slightly tight for the notorious fellows.

© mayank for Blog Design Studio, 2009. | Permalink

Related posts

• No related posts.

Is there any role of web host in this?

I doubt if there is any web-host who helps you in upgrading your WordPress blog. However, there are various other scripts that they have to upgrade at their end (Mysql server, IIS, phpMyAdmin, Apache server etc.) in order to ensure that their servers are hacker safe. Most of the popular webhosts like WPWebhost, Dreamhost, LunarPages ensure that they use up to date scripts on all their servers. It’s important to ensure that you choose your webhost wisely.

I hope that now you understand the importance of upgrade and the right webhost. Servers and blogging software are inter-connected with lot of things and all these scripts should be up to date in order to ensure that there is no zero day attack that’ll compromise your hard work!

© mayank for Blog Design Studio, 2009. | Permalink

Related posts

• Amazing and quick security posts! (0)
• WordPress 2.8.2 released; bbPress as plugin for WordPress? (3)
• Security Check : Role of Username in securing your WordPress blog (7)
• WordPress Security Service for free! (1)
• What all you need to do, to keep your blog secure from hackers! (5)

1. Try to avoid the user of dictionary and common words.
2. Keep the password minimum of 8 characters – Is it that hard to remember a password?
3. It has to be a mix of number, alphabets (upper case and lower case both) and if required try plugging in some special characters. I will not mind in generating a password using an automated password generator and then remember it.
4. Don’t write the password anywhere and try and not tell this to anyone else.
5. Your social security number, bank account number, your birth date, phone number, driving license number and for GOD’s Sake – no credit card number as your password!

Changing the password of the WordPress blog -

1. Click on the user name at the top right hand corner, where it says Howdy xxxxx (your actual username or display name, as show in the picture above.).
2. Scroll down to the bottom of the user profile page and specify the new password twice (for confirmation) and click on save changes. WordPress has this password security meter that tells you the strength of the password (as shown in the image below).  

LifeHacker has covered this wonderful post where they’ve listed the Five best password managers around the web. The reason, we’ve covered password managers is that it makes your life way too simpler. However, automation also tends to bring in the laziness and thus people tend to forget their passwords! Don’t forget to keep backups of your passwords, in case you may experience any hard disk crash!

© mayank for Blog Design Studio, 2009. | Permalink

Related posts

• Find out if your WordPress theme is worth your love? (0)
• Security Check – Define the WordPress secret key if you haven’t (1)
• Security Check – Do upgrades regularly and be secure! (0)
• Security Check – WordPress table prefix change adds more security (4)
• Secure your blog using USB key! (2)