Full Throttle Development has done a bang up job on my website. As soon as I started working with these guys, they were immediately designing my site as well as providing training so I could update my website myself. I would definitely recommend Full Throttle to any business in need of designing a great website!!

I wanted to thank Full Throttle for their kind and careful help. They listened to my goals and promptly created ways to solve my challenges. They never complained about small glitches and persisted until they finished the job. They did a great job with a great attitude.

WordPress has some great hooks for adding extra fields to the Add Category page (as well as the edit category and the table listing the categories). Where / how do you save that data though. I ran accross a couple other devs on Twitter this evening that were asking this question. This post is primarily for them and it doesn’t provide all the code you need to get finish, but it should get most dev on their way. For instance, you will need another action for adding to the edit page, another action for adding to the table, and another action for editing the data.

This shows you how to save the data. I’ll update the post later to provide a complete example.

A couple of disclaimers:

• The hook name changes from 2.9.1 to 3.0 for adding the field to the form… hence the conditional in the code
• If you’re running trunk, the extra field will appear twice because of a bug in the code. I placed a ticket in trac: http://core.trac.wordpress.org/ticket/12171

This following code, placed in your theme’s functions.php file:

// Adds fields to add category screen
function ft_add_category_field(){
	?>
	<div class="form-field">
		<label for="extra"><?php _e('Extra Field') ?></label>
		<textarea name="extra" id="extra" rows="5" cols="40"></textarea>
		<p><?php _e('The description of the extra field.'); ?></p>
	</div>
	<?php
}
if ( get_bloginfo('version') < 3 ){
	add_action('edit_category_form','ft_add_category_field');
}else{
	add_action('add_category_form_fields','ft_add_category_field');
}

// On Insert Category
function ft_created_category($term_id,$tt_id){
	// This lets you see the values of the two args being passed in
	echo "term_id = ".$term_id."<br />";
	echo "tt_id = ".$tt_id."<br />";

	// This is the name of your extra fields
	echo "extra = ".$_POST['extra'];

	// You should now have everything you need to update options.
}
add_action('created_category','ft_created_category',10,2);

Download a text file with the above code: here

FullThrottle is announcing our crazy referrals limited time offer. We are looking for 5 high quality referrals and we’re dishing out some serious rewards to you and your referral if you deliver quickly.

Rules are simple:

• Referrals are not officially recognized until the client has signed a contract and delivered their down payment to FullThrottle via PayPal or check
• Client and Referrer must inform FullThrottle of referral prior to contract and down payment being received by FullThrottle.
• Referrals will be for one of the following areas of work:
  • Web Design
  • WordPress Plugin Development
  • WordPress Theme Development
• Winners will be determined as followed:
  • The first officially recognized referral wins 1st place
  • The second officially recognized referral wins 2nd place
  • The third officially recognized referral wins 3rd place
  • The fourth officially recognized referral wins 4th place
  • The fifth officially recognized referral wins 5th place

Prizes are Crazy

• First place
  • Referred client receives 50% off of their final quote
  • Referrer receives 100% of the client’s down payment*

• Second place
  • Referred client receives 40% off of their final quote
  • Referrer receives 50% of the client’s down payment*

• Third place
  • Referred client receives 30% off of their final quote
  • Referrer receives 25% of the client’s down payment*

• Fourth place
  • Referred client receives 20% off of their final quote
  • Referrer receives 13% of the client’s down payment*

• Fifth place
  • Referred client receives 10% off of their final quote
  • Referrer receives 7% of the client’s down payment*

Note: FullThrottle’s down payments usually fall between 30% and 50% of the project’s quote.

It has recently been reported that WordPress blogs are being attacked by a Brute-Force campaign.

A Brute-Force attack happens when a malicious individual creates an automated script with the sole purpose of guessing your administrative password. It does this by pointing the script at your blog’s login URL: http://yourblogsdomain.com/wp-login.php. The script repeatedly guesses at your login name and password from a dictionary of commonly used usernames and passwords.

Here is an explanation from the post linked above:

The wp_brute_attempt() function takes 3 parameters, $ch which is cURL’s structure (cURL is a command line tools that can be used to perform HTTP requests). The other two parameters define the site and the password that will be tried. If the script logged in successfully, the page that gets returned by the server will contain the phrase “Log Out”, and the function will return a true value.

If you are currently running a WordPress blog and would like to secure your site against these attacks, the easiest thing to do is to simply change your admin username and to make sure you have a strong password in place.

If you would like assistance securing your site against this attack, FullThrottle is available to help. Simply contact us for more details.

Requiring a fairly specialized plugin interface between a local Filemaker database and our WordPress installation, we much appreciated FullThrottle’s response which satisfied our initial request. They paid great attention to detail, fully implicating themselves into a job which proved more complicated than envisioned. At a distance, we enjoyed a close working relationship. We recommend his services – indeed we ourselves probably will call on them again!

FullThrottle Development has exceeded expectations in delivering quality plugins in a timely fashion. They focus on correcting issues and rolling out updates on a regular basis and are responsive to requests on projects. I would definitely recommend FullThrottle to other developers who are looking for a quality company to partner with on WP Plugin development.

[update: you can now download this as a plugin. file at bottom of post]

WordPress has a great admin interface for managing just about every aspect of the software. One integral part of this interface is the “Authors & Users” screen:

This is a great utility and it gives us,  as the developers, the freedom to let our clients have control over their own authors and users.

If you develop like we do though, you’ve probably learned that its better for everyone when we limit the clients ability to have access to areas of the site that they don’t need on a day to day basis. The Plugins and Appearance utilities are a great example.

This usually isn’t a problem because Wordpress integrated role management into their software. A common solution – and one that we use at FullThrottle – is to simply retain the “Admintrator” role for yourself and split up the remaining roles for your client as needed. No problem!

What if we don’t want our clients to be distracted by the default “Administrator” account that we leave in tact though? Is there a simple way to remove this from the client’s screen? Well… if simple means fool proof and strictly using PHP and WordPress hook, then no (though we may submit some patches to make this possible). Regardless, what you can’t do with PHP, you can always do with jQuery. Below is our ’smoke and mirrors’ way to remove all administrator level roles from the User’s screen if being viewed by anyone not in that role.

Removing Administrators from WordPress Users & Authors

All of the code below will be placed in your theme’s functions.php folder:

Step one: Queue the jQuery. Technically, jQuery should already be enqueued, but better safe than sorry:

// Enqueue jQuery
add_action('admin_enqueue_scripts' , 'ft_hide_administrator_jquery' );
function ft_hide_administrator_jquery(){
	global $pagenow;
	if ( 'users.php' == $pagenow ){
		wp_enqueue_script('jquery');
	}
}

Step Two: Remove ‘Administrator from the dropdown boxes

// Remove Administrator from "Editable Roles"
add_action( 'editable_roles' , 'ft_hide_adminstrator_editable_roles' );
function ft_hide_adminstrator_editable_roles( $roles ){
	if ( isset( $roles['administrator'] ) && !current_user_can('level_10') ){
		unset( $roles['administrator'] );
	}
	return $roles;
}

Step Three: Use some jQuery magic to remove the administrator

// Hide Administrator from list of users
add_action('admin_head' , 'ft_hide_administrator_user');
function ft_hide_administrator_user(){
	if ( !current_user_can('level_10') ){
		?>
		<script type='text/javascript' >
			jQuery(document).ready(function(){
                          var admin_count;
                          var total_count;

			  jQuery("#list-filter > .subsubsub > li > a:contains(Administrator)").each(function(){
			  	admin_count = jQuery(this).children('.count').text();
				admin_count = admin_count.substring(1, admin_count.length - 1);
			  });
                          jQuery("#list-filter > .subsubsub > li > a:contains(Administrator)").parent().remove();
			  jQuery("#list-filter > .subsubsub > li > a:contains(All)").each(function(){
			  	total_count = jQuery(this).children('.count').text();
				total_count = total_count.substring(1, total_count.length - 1) - admin_count;
				jQuery(this).children('.count').text('('+total_count+')');
			  });
			  jQuery("#users > tr .administrator").parent().parent().remove();
			});
		</script>
		<?php
	}
}

That’s it! As always, if you find any bugs or have any suggestions, just leave a comment. Below is a link to download the whole chunk of code. Just paste the contents into functions.php and you should be good to go!

Download Code:

• Zipped PHP file
• Text File
• Plugin zip

Final Result:

In WordPress MU there are two levels of users. There are users who have a blog and users who do not have a blog. This option is usually chosen when the user creates their account. If they choose to have just a username only (no blog), then the user is added as a subscriber to the main site (default setting). If they chose to have a blog, WPMU adds a subsite for them with an administrator user for that subsite. However, it does not give them subscriber permissions to the main site.

This became an issue with a site I was working on recently. The main site had a calendar that any logged in user needed to be able to add an event to. To do this I had to create a custom group that allowed users to post in a specific category only, which worked great, except for blog users. Since blog users are not given any rights on the main blog, I needed to find a way to automatically create the same functionality that normal users have on the main site.

This is what I came up with:

function ft_new_user_meta($blog_id, $user_id) {
add_user_to_blog('1', $user_id, 'calendar' );
}
add_action( 'wpmu_new_blog', 'ft_new_user_meta', 10, 2 );

Basically, I hook onto the wpmu_new_blog function, so whenever it is called, it calls my ft_new_user_meta function. Which passes in the two variables $blog_id and $user_id. Then I run the function, add_user_to_blog with 1 as the blog_id for the main site, the $user_id that I’m adding, and the role that I want to give. In this case it is my custom “calendar” role.

I added that into a file named new_user.php which I placed in the mu-plugins directory. Now, whenever a user goes to the site and creates their own blog, it gives them access to the main site with rights to add events to the calendar.

If you have any WordPress blogs on 1and1 then you’ve probably ran into some problems with updating certain plugins, updating the blog, or even importing to your blog. The reason is because 1and1 has some issue with PHP4 but there is an easy fix.  You need to hand edit your .htaccess file (located in the root of your WordPress directory). Here you will add the line, AddType x-mapp-php5 .php to the end of the file. It doesn’t matter too much where you put it, so it’s best just to put it at the end.

Let us know if this helps you out or not.