Surnia Ulula

UNIX Ideas for SysAdmins

NextGEN Facebook Open Graph v4.3 Plugin for WordPress

Aside by Jean-Sebastien Morisset - Tuesday, April 16th, 2013 - (0)

Here’s a summary of new features in version 4.0 to 4.3 of NextGEN Facebook Open Graph (NGFB), the best and most complete Open Graph plugin for WordPress.

Version 4.0 introduced many internal code changes in order to use the WordPress Object Cache and Transients API functions to improve performance. The performance gains will be most noticeable for logged-in users and websites that aren’t using full-webpage caching plugins.

You can download NGFB from the wordpress.org website, or install / upgrade it from the Plugins admin page of an existing WordPress website.

Read Adobe XMP / XML in PHP

by Jean-Sebastien Morisset

Categories: PHP, WordPress

Tags: adobe, function, gallery, image, iptc, library, lightroom, media, method, nextgen, photoshop, php, rdf, shortcode, xml, xmp, xmpmeta

Comments: No Comments

Published on: Tuesday, April 9th, 2013

I’ve found a few snippets of PHP code to read XMP / XML meta data from an image file, but none that I would call very robust or efficient. I ended up writing my own for Underwater Focus, and I’m quite pleased with the result. In fact, after adding support for a shortcode, I packaged it as an Adobe XMP plugin for WordPress.

The first part of using XMP meta data is reading the XMP information from the image. I’ve seen a few solutions that read the whole file into memory, and others that read-in just a small part. If the XMP / XML contains a lot of information, that small part may be incomplete. And each time the XMP meta data is required, the original (and sometimes quite large) image file must be re-read. Since the XMP doesn’t change unless the original image is updated, there’s no reason to keep re-reading the same large file time and time again.

PHP Class to Cache Remote Content by URL

by Jean-Sebastien Morisset

Categories: PHP, WordPress

Tags: cache, google+, javascript, php, social buttons, tumblr, url, wordpress

Comments: No Comments

Published on: Thursday, February 14th, 2013

While developing the NextGEN Facebook OG plugin for WordPress, which adds social buttons from Facebook, Google+, LinkedIn, etc. to content and pages (along with several other features), I found the response time from these websites to be disappointing at times. When speed testing the pages of my websites, the JavaScript and images from these social elements would sometimes be a significant part of the total page load time. You can’t really save a copy of these files and serve them yourself, because they are frequently updated. You could create a cronjob to update them on a regular basis, but the maintenance of this can be cumbersome (as you add or remove files, etc.). It’s much easier to use a PHP method that caches and refreshes the remote files, and translate the URL at the same time. For example, something like:

$url = $cache->get( $url );

1	$url = $cache->get( $url );

Optimize Images to Save Bandwidth and Speed Page Load

by Jean-Sebastien Morisset

Categories: Bash, Perl, UNIX (Generic), WordPress

Tags: bandwidth, compress, image, improve, optimize, page load, save, smushit, speed, wesley.pl

Comments: No Comments

Published on: Sunday, February 3rd, 2013

A few weeks ago I mentioned the wesley.pl script from GitHub to optimize images, and how I had modified it to keep (or discard) the EXIF / XMP information. Making sure images are as small as possible is important to save bandwidth and improve page load times (and google rank), so I think it’s worth discussing my image optimization process in more detail.

Secure Vulnerable WordPress Files and Directories

by Jean-Sebastien Morisset

Categories: HTTP Server, WordPress

Tags: apache httpd, bulletproof security, cache, configuration, custom code, nextgen gallery, plugin, security, vulnerability, w3 total cache, wordpress

Comments: No Comments

Published on: Friday, December 28th, 2012

Recently Jason A. Donenfeld reported a simple vulnerability in W3 Total Cache on the Full Disclosure mailing list, which was picked up by the Security Ledger website, and then posted on Slashdot. The vulnerability is a simple Apache Httpd configuration oversight — plugins often create their own folders under ./wordpress/wp-content/ without considering that directory indexing might be turned on, or that files within that folder are located under a DocumentRoot, and thus available to anyone. Some configuration files are also vulnerable in this way — the wp-config.php file, for example. During the WordPress install, it is recommended that the wp-config.php be re-located one folder above ./wordpress/, to move it out of the DocumentRoot.

page 1 of 3»