A Better ‘pre_get_posts’ Search for WooCommerce

WPSSO + WooCommerce logos.

I recently wrote a plugin to provide missing GTIN, GTIN-8, GTIN-12 (UPC), GTIN-13 (EAN), GTIN-14, ISBN, MPN, Depth, and Volume values for WooCommerce Products and Variations. As part of that plugin, I extended the WordPress search feature to search metadata from WooCommerce products (and their variations). The standard way to extend the WordPress search feature is to hook the “pre_get_posts” action and modify the WP_Query to include additional posts / products in search results. There are some serious drawbacks to doing this – with or without WooCommerce – but especially with WooCommerce.

Continue reading


[Solution] Sharper Thumbnails for Facebook, Google, Open Graph, Pinterest, Schema, SEO, Twitter, etc.

Pop quiz! Did you know?

1) WordPress creates thumbnails automatically?

WordPress uses the larger / full-size image you upload to create smaller thumbnail images (see your WordPress Settings > Media page for the complete list of sizes).

For example, a photo gallery page will show small thumbnails of the larger / full-size images you uploaded. Themes will often include the featured image you selected in a predefined image size and location in the webpage.

2) All images must be sharpened after resizing?

This is such a standard process that Photoshop, for example, automatically applies a default amount of sharpening when resizing any image — you must specifically uncheck an option in Photoshop to avoid sharpenning an image during the resize process!

3) WordPress does not sharpen resized images?

Continue reading


[Solution] WordPress Creates Fuzzy Thumbnails

Did you know that WordPress creates thumbnails from images you upload?

You may have already known this — not everyone does, but most WordPress users are aware of this (or at least should be).

Did you also know that all resized images must be sharpened?

This is common knowledge for photography and website design professionals, but probably not for the majority of WordPress users.

And did you also know that WordPress does not sharpen resized images?

I bet that you didn’t know that one… not many people do. ;-)

WordPress creates several different thumbnail / resized images by default (see WordPress Settings > Media page for details) and potentially several more, depending on your theme and plugin settings. It’s not uncommon, for example, for WordPress to create a half-dozen (or more) images from the original image you upload. And in all cases, WordPress does not sharpen or make any adjustments to the resized image it creates!

Continue reading


WPSSO Ditches WordPress & Gutenberg Notifications

The release of WordPress 5 and the new Gutenberg editor are just around the corner, and Gutenberg developers still have not tackled a serious design issue with the current Gutenberg notification system — notices in Gutenberg are being displayed over the content area, forcing users to dismiss notifications to gain access to their content — and in some cases, where several non-dismissible notices are displayed, users may not have access to the content area at all.

The notification system in the current version of WordPress is nothing fancy — and can feel a bit intrusive when several notices are displayed at once — but it’s a lot more flexible and functional than the proposed Gutenberg notification system. :-) As an example, here are some typical SSO (Social and Search Optimization) notifications when editing a test post in the current version of WordPress, in the Gutenberg editor, and with the upcoming release of WPSSO Core v4.2.0 that moves SSO notices into the admin toolbar.

Continue reading


Choosing your PHP Image Extension for WordPress

WordPress supports two different PHP image processing extensions — ImageMagick and GD — with a preference for ImageMagick over GD (even when ImageMagick is not installed). The GD extension can still be used in cases where the preferred WordPress ‘WP_Image_Editor_Imagick’ class does not provide support for the requested mime-type or class method.

In some cases, the ImageMagick extension might not be installed, or might be unreliable (old versions of ImageMagick can be buggy). You can hook the WordPress ‘wp_image_editors’ filter to manage the preferred order of WordPress image classes.

For example, here’s a filter and function to remove the ImageMagick class altogether:

add_filter( 'wp_image_editors', 'select_wp_image_editors' );

/**
 * The default $editors value:
 * 
 *      array( 'WP_Image_Editor_Imagick', 'WP_Image_Editor_GD' )
 */
function select_wp_image_editors( $editors ) {

        return array( 'WP_Image_Editor_GD' ); // only return WP_Image_Editor_GD
}

Continue reading


Fix “sslverify=false” for Pro Plugin / Theme Updates

This is a pet peeve of mine – some plugin and theme authors (to make their lives easier) set “sslverify = false” in their Pro / Premium version update checks and/or other HTTP requests.

Luckily a few security and error checking plugins like the Query Monitor plugin (for example), will show a warning if the WordPress wp_remote_get() function is executed with “sslverify = false”. To make sure this is never the case, you can use the following filters in your functions.php file.

 
add_filter( 'https_ssl_verify', '__return_true', PHP_INT_MAX );

add_filter( 'http_request_args', 'http_request_force_ssl_verify', PHP_INT_MAX );

function http_request_force_ssl_verify( $args ) {

        $args[ 'sslverify' ] = true;

        return $args;
}

Continue reading


WordPress Lies About Image Sizes / Dimensions

There are a few functions available to retrieve the URL and size of an image in the WordPress Media Library, but few people know that these functions will often lie about an image’s dimensions.

As an example, let’s define a custom image size of 1000 x 1000 cropped, and use image_downsize() to retrieve the URL and size of an image ID (this example can be used with wp_get_attachment_image_src() as well). I’ll use list() in the example, instead of an array variable for the return values, to keep the code more readable. ;-)

add_image_size( 'my-custom-size', 1000, 1000, true );

list( $img_url, $img_width, $img_height, $img_is_intermediate ) = image_downsize( $id, 'my-custom-size' );

WordPress will return a URL for the image and the values of $width / $height may be 1000 / 1000 – it all depends on several factors.

Continue reading


Secure Vulnerable WordPress Files and Directories

Recently Jason A. Donenfeld reported a simple vulnerability in W3 Total Cache on the Full Disclosure mailing list, which was picked up by the Security Ledger website, and then posted on Slashdot. The vulnerability is a simple Apache Httpd configuration oversight — plugins often create their own folders under ./wordpress/wp-content/ without considering that directory indexing might be turned on, or that files within that folder are located under a DocumentRoot, and thus available to anyone. Some configuration files are also vulnerable in this way — the wp-config.php file, for example. During the WordPress install, it is recommended that the wp-config.php be re-located one folder above ./wordpress/, to move it out of the DocumentRoot.

Continue reading