Tag: php guides

My Article In Infokairali Magazine on Localization

About Lately, I’ve been volunteering for Swathanthra Malayalam Project (SMC). I took up the initiative in revamping KDE localization which was dorminant for many years. More about how, why I started this is in this Twitter thread. We were successful in pushing new Malayalam localization to the wide range of KDE products.
November 1 is the birthday of Kerala state of India. Kerala was formed on the basis of the language spoken, Malayalam.

How to cache the wp_oembed_get() function

The wp_oembed_get() function is not cached by default. Unfortunately, many themes (like Elegant Themes Divi) still use it which leads to your page making many background requests to YouTube and similar video embedding sites. This slows down your pageloads since WordPress has to wait for YouTube to response before showing your page.

If you’re not able to fix your theme, you can add the code below into an mu-plugin or into your themes functions.php file. It will cache embeds that are using wp_oembed_get(). Please note that embeds that fail to resolve (for example: deleted youtube video) will still not be cached. This is due to the way wp_oembed_get() works internally and is not trivial to fix.


The post How to cache the wp_oembed_get() function appeared first on Useful Snippets.

Configure how often WordPress sends recovery mode emails about errors

By default, WordPress sends a maximum of one email per day to the site administrator if a fatal error is discovered. (Since WordPress 5.2)

To configure this, use the following snippet:

add_filter('recovery_mode_email_rate_limit', function($rate) {
  return HOUR_IN_SECONDS;
});

Instead of using one of the predefined constants like HOUR_IN_SECONDS, you can use any integer value, like 600, which would correspond to every 10 minutes.

The post Configure how often WordPress sends recovery mode emails about errors appeared first on Useful Snippets.

Sending emails to multiple users when WordPress goes into recovery mode

WordPress 5.2 pioneered a new “Recovery mode” feature that can notify site administrators by email if their site experiences a fatal error.

By default, the email is sent to either an email configured under the RECOVERY_MODE_EMAIL constant or the user that created the website (admin_email option).

If you want this email to multiple addresses, you can use the snippet below in your themes functions.php or in a plugin. Configure the extra address on line 6.

add_filter('recovery_mode_email', function($email, $url) {
  $email_array = [];
  $email_array[] = $email['to'];

  // Adds another email
  $email_array[] = 'your-email@gmail.com';

  $email['to'] = $email_array;

  return $email;
}, 10, 2);

The post Sending emails to multiple users when WordPress goes into recovery mode appeared first on Useful Snippets.

Configuring WordPress to work behind an Application Load Balancer (ALB) in AWS

When putting WordPress behind an ALB that has SSL configured it might result in a configuration where the ALB uses SSL but WordPress communicates with the ALB over regular HTTP.

This can cause WordPress to server HTTP (non-ssl) CSS and JavaScript resources and/or fail in other ways.

The solution is to check the X-Forwarded-Proto header that ALB sets and let WordPress know whether it should treat the incoming request as an SSL request or not.

Put this code at the top of wp-config.php to do exactly that:

// Get true SSL status from AWS load balancer
if(isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') {
  $_SERVER['HTTPS'] = '1';
}

The post Configuring WordPress to work behind an Application Load Balancer (ALB) in AWS appeared first on Useful Snippets.

Cache warming on low-traffic WordPress sites

If you have a WordPress site that relies on time-based static page caching (like W3 Total Cache), you may notice that the low default cache timeouts (1-5 minutes) aren’t really working well for sites that receive a low amount of traffic.

In these cases, cache warming provides a great option to make sure every visitor gets a fast TTFB response.

I recently wrote a PHP script to enable cache warming based on a sitemap. (Which both Yoast WordPress SEO and Google XML Sitemaps provide.)

You can find the script and setup instructions by clicking on this link.

Caching strategy for low-traffic WordPress deployments

Let’s talk about caching strategy! Sites fall into one of two categories:

Low amount of content (~20-30 unique posts or pages)

Use a long cache expiration time (24 hours or more), but make sure that the cache is flushed when any content changes. (This is usually configurable in the cache plugin.)

Schedule crawls generously, as crawling will be fast as long as cache hasn’t expired. Crawling every 15 minutes or so is no problem.

Large amounts of content (> 100 posts or pages)

If you have a lot of infrequently accessed pages, the problem gets harder to manage. Crawling hundreds of pages will take a toll on your server, racking up high CPU usage. The only option here is to cache indefinitely, to only flush parts of the cache that are affected by a change, or cache for even longer periods of time (over 1 week).

For caching, I recommend the free Cache Enabler.

Schedule crawles less frequently, once per 1-4 hours. Keep track of the time it takes to run a crawl. If your web host enforces low PHP timeout the crawler might get killed before crawling all the pages.

The post Cache warming on low-traffic WordPress sites appeared first on Useful Snippets.

Convert MySQL connection string to WordPress wp-config.php parameters

If you work with SaaS services like Heroku or Amazon AWS / RDS / Aurora, it’s common to receive a connection string rather than a neatly divided variable for database host, port etc. With the snippet below you can convert a database string into the correct WordPress wp-config.php parameters.

View the code on Gist.

The post Convert MySQL connection string to WordPress wp-config.php parameters appeared first on Useful Snippets.

Varnam, An Editor To Easily Type Malayalam & Other Indian Languages

Today, I’m introducing Varnam Editor, an easy software for you to write Malayalam and other Indian languages. It is easily installable for GNU/Linux distros like Ubuntu, Linux Mint, Debian, Archlinux etc.
Technically, it’s an editor for transliterating Indian languages. Varnam Editor uses an existing library called Varnam and makes it easy to install & use.
Transliteration From Wikipedia :
Transliteration is a type of conversion of a text from one script to another that involves swapping letters (thus trans- + liter-) in predictable ways (such as α → a, д → d, χ → ch, ն → n or æ → ae).

Restrict viewing of uploaded attachments to logged-in users using WordPress and Nginx

Even if you lock down your WordPress site so outside visitors can’t see it, all uploaded attachment such as media, images and PDFs are available to anyone as long as they know the direct link to those files, or can find it by other means such as search engines. Sometimes that’s not acceptable and you want to make sure only logged in users can see uploaded media files.

This approach works by proxying all files in /wp-content/uploads through a script (dl-file.php) which should be placed in the root of your WordPress installation. The script checks whether the user is logged in before serving the file. If the user is not logged in a redirect is performed so that the user can log in before viewing the file.

Because this approach uses the same check as WordPress itself, it should be considered a very safe way of protecting attachments. You could also extend the proxy script to check for different access levels (for example if you have a membership site) and much more!

The Nginx config

# Hotlink protection
location ~ ^/wp-content/uploads/(.*) {
    try_files /dl-file.php =403;
    include fastcgi_params;
    fastcgi_pass php7;
}

This config should be placed in a server block and the example is for servers running EasyEngine, but it should work with minor modification on any php-fpm server.

The proxy script

 / khromov
 * @license GPL-3.0+
 * @registry SPDX
 */

require_once('wp-load.php');

//Check if we are logged in before attempting to serve the file
is_user_logged_in() || auth_redirect();

//FIXME ... simplify this
list($basedir) = array_values(array_intersect_key(wp_upload_dir(), array('basedir' => 1)))+array(NULL);

//Check if file exists
$getFile = isset($_GET[ 'file' ]) ? $_GET[ 'file' ] : $_SERVER['REQUEST_URI'];

//Normalize file path
$getFile = str_replace('..', '', $getFile);
$getFile = str_replace('wp-content/uploads/', '', $getFile);

//This provides a notice in the log
trigger_error('Loading protected file ' . $getFile);

$file =  trailingslashit($basedir) . $getFile;

//If file is missing, 404 it
if (!$basedir || !is_file($file)) {
    status_header(404);
    die('404 — File not found.');
}

$mime = wp_check_filetype($file);
if( false === $mime[ 'type' ] && function_exists( 'mime_content_type' ) )
    $mime[ 'type' ] = mime_content_type( $file );

if( $mime[ 'type' ] )
    $mimetype = $mime[ 'type' ];
else
    $mimetype = 'image/' . substr( $file, strrpos( $file, '.' ) + 1 );

header( 'Content-Type: ' . $mimetype ); // always send this

// If we made it this far, just serve the file
readfile( $file );

Similar StackOverflow question

Photo by Micah Williams on Unsplash

The post Restrict viewing of uploaded attachments to logged-in users using WordPress and Nginx appeared first on Useful Snippets.

Fix broken / overlapping Instagram embed for WordPress

At some point recently (February 2018), Instagram broke their oEmbed implementation which causes JavaScript errors and embeds that overlap each other. Use the snippet below to mitigate this issue and hopefully Instagram will fix it in the future. The snippet makes sure only one

/**
 * Remove Instagram embed.js script on each embed
 */
add_filter('embed_oembed_html', function($html, $url, $attr, $post_id) {
  $regex =    '//U';
  $regex_2 =  '//U';

  if(preg_match($regex, $html) || preg_match($regex_2, $html)) {
    add_filter('kh_has_instagram_embed', '__return_true');

    $html = preg_replace($regex, '', $html);
    $html = preg_replace($regex_2, '', $html);

    return $html;
  }

  return $html;
}, 100, 4);

/**
 * Enqueue the embed.js script once at the bottom of the page, if at least one Instagram embed is enqueued
 */
add_filter('wp_footer', function() {
  if(apply_filters('kh_has_instagram_embed', false)) :
    ?>
      
    

The post Fix broken / overlapping Instagram embed for WordPress appeared first on Useful Snippets.