How to fix 302 redirect issue when updating posts in WordPress? [Solved]

Recently, while writing a blog post I found that I am not able to update/publish any post on my WordPress website dashboard rather it redirects me to the website front page when I click the “Update” button. Now, I was unsure what’s creating this trouble and how to fix this 302 redirect when updating posts in WordPress.

Debug:

To check what could be the issue, I tried the followings :

  • I checked for any javascript errors through chrome dev tool’s console, but no errors there.
  • I deactivated all the plugins
  • Even changed the theme to the default Twenty Sixteen

Root Cause:

Still, the issue was there. After debugging a little more I found the cause of this. It was the strict Mode_Security which was causing the trouble. Now the question is: “What is Mod_Security?”

ModSecurity is an open source, cross-platform web application firewall (WAF) module. Known as the “Swiss Army Knife” of WAFs, it enables web application defenders to gain visibility into HTTP(S) traffic and provides a power rules language and API to implement advanced protections.

Basically, this is an Apache module that is installed on most servers by default to help protect your website from various attacks. It is used to block commonly known exploits by use of regular expressions and rule sets. This sometimes blocks the POST requests being generated after a post is updated or published because of the complex HTML content having all the tags, embed code, shortcodes etc. which get caught by the ModSecurity’s rule set.

cPanel-Mod-Security-Subharanjan

Solution:

To fix this issue simply disable the module on your server. This can be achieved through the Modsec Manager plugin for cPanel if you are on a shared server. Read the following to know how to disable manually on VPS and Dedicated servers. http://www.inmotionhosting.com/support/website/modsecurity/what-is-modsecurity-and-why-is-it-important

I am sure there are a ton of other reasons for a 302 redirect issue but in my case, this was Mod_Security causing the problem and after disabling the module I am able to update and publish the posts. πŸ™‚

How to stop outgoing emails being sent through postfix from your local machine in Mac OS X ?

stop-local-mails-from-postfix In latest versions of Mac OS X, by default the postfix is set to send emails from your local machine to outside world. This might cause you troubles if you are developing applications on your local machine and your application has email sending functionality to customers. Unfortunately if you have some customers’ email addresses in the database or in your code in the local setup, then test emails get delivered to them which is embarrassing. This happens even if you have not setup/integrated any 3rd party smtp services in your application.

To avoid this kind of situation, you can stop outgoing emails being sent through postfix from your local machine. Simply put the line below into the /private/etc/postfix/main.cf file in your Mac OS X.

default_transport = error:No outside emails.

The variable default_transport specifies which transport is used to deliver non-local mail (default is smtp). With this setting, any outgoing mail will bounce back with the error specified.

References:
http://www.postfix.org/postconf.5.html
http://postfix.cs.utah.edu/postconf.5.html

How to pass dynamic values from PHP to CSS/JS in WordPress

There are situations when you have to use some values stored in DB or values being calculated in PHP script based upon different conditions in the java-script and css code. This can be achieved by writing the inline js/css code directly inside the php script. But in WordPress, this can be done very easily with help of functions built for that which is kind of more neat and clear way of doing the same.

Image: Flicker

Photo Credit: Dmitry

Pass dynamic values from PHP to JS in WordPress:

wp_localize_script( $handle, $name, $data ) : Makes any dynamic data available to your java-script that is available in the server side of WordPress.

Now in the JS code the above passed values can be accessed as: ajaxobject.ajaxurl, ajaxobject.ajaxnonce

 

Pass dynamic values from PHP to CSS in WordPress:

wp_add_inline_style( $handle, $data ) : Adds in-line style with dynamic data being passed from php.

It will add inline css into the header of your page like the below.

 

References:
http://codex.wordpress.org/Function_Reference/wp_localize_script
http://codex.wordpress.org/Function_Reference/wp_add_inline_style

Setup PHP CodeSniffer along with WordPress Coding Standards [ Windows, XAMPP ]

The other day, I had some problem setting up latest WordPress coding standard for PHP CodeSniffer on a Windows machine. It was throwing some errors/warnings like the below. There were some others, but eventually we had fixed some of those. However the WP coding standards were not getting listed in phpcs. πŸ™

Here are the steps to fix the problems and setup PHP CodeSniffer along with WordPress Coding Standards namely WordPress, WordPress-Core, WordPress-Extra and WordPress-VIP. FYI, I am on a Windows 7 box with XAMPP setup for Apache, MySql & PHP.

Image: Flicker

Image: Flicker cc

Install PHP CodeSniffer on Windows through PEAR installer:
Uninstall the old CodeSniffer(if any):

Install the latest CodeSniffer using PEAR:

It failed, that means we need to clear the cache:

Again, try installing the latest version of the PHP_CodeSniffer package:

Update the channel as asked above:

Upgrade pear too. Incase if any things are old.

Do a cache clear again:

See the list of default coding standards in PHP CodeSniffer:

 

Install WordPress coding standard definitions for the CodeSniffer:
Navigate to the coding standards directory:

Fetch the WordPress coding standards into CodeSniffer’s standards directory. (if git command not working on your command prompt, you may use any gui for git clone)

As, all of the individual standards of WordPress namely WordPress, WordPress-Core, WordPress-Extra and WordPress-VIP are in one directory, for phpcs to be able to detect the standards we need to add the path to phpcs’s installed_paths.

Check if all the installed standards are listed now:

 

How to use PHP_CodeSniffer:
You can use command prompt to check your code, or you can also configure the same with different IDEs like NetBeans, PHPStrom etc.

You can write the output of code sniffer to a file:

How to install Xdebug and Webgrind on Mac OS X – [everything from terminal]

Recently, I have been asked to help install and setup XDebug along with Webgrind in a Mac OS X system using SSH on one of my colleague’s system. All of this setup were done remotely from another system. Here are the steps/commands for achieving the same.

Steps for installing Xdebug:

xdebug-profiling

  1. Get the information about installed PHP on the system. This is needed to get the custom installation instructions from xdebug website here: http://xdebug.org/wizard.php
    Copy the whole output of the above command and paste it in the textarea provided here: http://xdebug.org/wizard.php
  2. Get the url for the latest xdebug script and download it to your mac.
  3. Compile and build the php extension from the source. Install the same.
  4. Enable Xdebug in the php.ini file.
    1. Find the complete path of the xdebug.so file prior to editing the php.ini file. The path looks something like this: /usr/lib/php/extensions/no-debug-non-zts-20100525/xdebug.so Can be located using the command:
    2. Edit the php.ini file and add the following lines to the extreme end.
      Lines to be added:
    3. Restart Apache.

Setup Webgrind:

  1. Download and put Webgrind source into a folder in webserver. ( /Users/subharanjanm/Sites/webgrind/ in my case )
  2. Create a folder inside /private/var/tmp/ to store and read profiler files by Xdebug and Webgrind. This step can be skipped if you want to use the “tmp” directory directly to write files.
  3. Make changes needed in the Webgrind config file.
    Change the values of these two variables as per the path.
  4. Finally add following lines into php.ini below the xdebug settings to enable profiler and its related paths.

Now you can append ?XDEBUG_PROFILE=1 into the url of your php script to see the profiling data on Webgrind interface.

webgrind_xdebug

How to compare files on Mac OS X

Questions those come into mind when someone switches from Windows to Mac OS X for web development and wants to compare files:

  • Which editor has support for file diff or file compare functionalities on Mac OS X ?
  • Which is the best tool for file comparison while developing on Mac OS X ?
  • How to use FileDiff package on Sublime Text editor ?
  • How to use File Compare functionality in Text Wrangler in mac OS X ?

Answer/Solutions:
After developing 4 complete years on Windows, I have recently moved into a MacBook Air. During development, one thing I was missing was the “File Compare” plug-in on Notepad++ which I was using for a long time while on Windows. Even though NotePad++ doesn’t have a Mac version, there are some alternatives to that on Mac OS X. Two editors which I find very useful are Text Wrangler and Sublime Text 3.

 

File Compare on Text Wrangler:

  • Open both the files on the TextWrangler editor. Did I mention, this is a free editor and best for editing text based files.
  • Now select both the files in “Opened Documents” sidebar. [ ⌘ + Click ]
  • Right click on the selected files and click on “Compare”.

How to compare two files on textWranglerCompared Differences TextWrangler

 

File diff on Sublime Text 3:

  • Install “Package Control” for Sublime if you haven’t yet. How to do that ? https://sublime.wbond.net/installation
  • Now open the package installer and install “FileDiffs“.
  • To diff. two files, open those two files in Sublime Text 3. Right click on that file tab and click on “Diff Tab”.
  • Now you can use the diff. file generated (unified) to see changes between two files.

Diff with TabUnified Diff Result

 

To know how to integrate DiffMerge(an application to visually compare and merge files) with Sublime Text read: http://subharanjan.com/integrate-diffmerge-with-sublime-text-comparing-files/

List of useful tools for WordPress development

When a developer starts WordPress development and tries to make the process easier and faster, generally he searches for best tools and various boiler plates which can alleviate the manual task of starting the development from scratch.

wpgearWordPress Gear (WPgear.org) is a website which lists out lots of useful tools those are free and GPL(OpenSource). The list includes tools and its related information for all aspects of WordPress development. Starting from WordPress base tools to Debug tools, PHP boiler plates, Meta fields frameworks, Theme development tools and lot more..

New and latest tools are being added constantly into this list as this is a community driven site. Whole of the code for this page resides in Github and anybody can add any free tool into the list. Just fork the project, add/edit your tool with a link, submit a pull request.

Visit WPGear.org to browse the complete list of tools. Happy WP Coding πŸ™‚
1) http://wpgear.org/
2) https://github.com/wycks/WordPress-Gear

Timthumb not showing images and throws “Warning: file_exists() [function.file-exists]: open_basedir restriction in effect. ” error. [Solved]

timthumbRecently I faced a situation where the timthumb script was unable to crop the images and was throwing error messages. There are themes those still use timthumb even though its a bad practice to use in themes when we have already functions available in core WordPress. Anyway I had to fix the issue as I was not state to replace the timthumb functionality with core WordPress functions.

Here is the error message:

This issue occurs in several hosts, mainly the free hosts available these days. So, the trick is to find where the $docRoot variable was set and set it to my public_html folder manually in my home directory. In my file it was on line number 825. I did the following…

Obviously the /a9582221/ would be your username.

Where to make this changes ??
Search for the file timthumb.php and make the above changes. Thats it. The issue got resolved now.

How to disable responsiveness in the admin theme of WordPress 3.8

How to disable responsiveness in the admin theme of WordPress 3.8 ? How do I disable responsiveness of WP 3.8 admin ? Is there any way to disable responsiveness ? I want to disable the responsive hiding feature for tablets and mobile for the newly introduced WordPress 3.8 admin back end.

The question comes, Why do you need to disable the responsiveness ? So, here is a problem/situation that describes WHY ?
Stop Responsiveness WordPress 3.8
Problem/Situation:
I just updated my WordPress setup to WP 3.8 and most of my custom functionality are either inaccessible or very hard to manage on mobile devices. There are some things which doesn’t even get displayed on mobile devices. Earlier, I was able to manage my site’s functionality from backend on a mobile device too. Even though it was not responsive and not so cool. The problem is that I have installed some custom made plugins which were made keeping an eye on the old style admin theme and it provides me some custom made interface on the admin side. Obviously these were not made responsive. Now, with this new WordPress admin theme, all those custom interfaces are completely messed up. So I have two options:

  • Either revert back to WP 3.6/3.7 ( but I really like the look and feel of the new WP 3.8 theme yet I don’t need the responsive property πŸ™ )
  • Or make changes to all the custom made screens/interfaces in the admin side to be responsive. ( I can do that, but it would take much time to accomplish. Also, does it worth doing just for the sake of a new responsive admin theme in mobile devices ? πŸ˜• )

How can I keep the new, super cool, awesome theme of WordPress 3.8 yet disable responsiveness of the theme ? ❓ ❓ ❓

Solution:
I tried to search for any solution but didn’t find any. Here is a quick solution that I have done to get back my custom functionality in the admin screen.

  1. Create a plugin to add custom code.
  2. Take the css file that is responsible for the wp-admin side styling and responsiveness. Make changes to remove the responsive property out of it. Basically remove all the media queries written for mobile devices.
  3. De-register the default admin styling that comes with WordPress.
  4. Register and enqueue the changed css file again to apply the custom styling.

Download the code as a plugin: disable-responsive-admin

Code for disabling responsiveness:

Download the above code as a plugin: Plugin to disable responsiveness in WP 3.8 admin

Note: This never a proper/good way of doing changes to admin styling. Still, as I have upgraded and would like to keep the theme and remove responsiveness, I am using the above quick solution. If you are facing the same problem as I am, use the above procedure or download and install the plugin. You can modify the css file present inside the plugin directory too. Caution: Use with your own risk. πŸ™‚ πŸ™‚

Do you need an admin interface to stop / disable auto update feature of WordPress ?

Now that the “Automatic update of WordPress core” has been introduced in WP version 3.7, there are some obvious questions those come into mind. Where can I control this automatic update functionality of WordPress 3.7 ? Is there any admin interface for it ? How can I disable auto update of WP ? So, before going to show you how can you control the automatic update feature on admin settings page, let me tell you some facts.

This newly introduced auto update of WordPress core files is only for security and maintenance releases which is considered to be MINOR releases. That means this auto-update feature won’t be affecting the major releases of WP.

automatic-update-wordpressMajor releases:Β 3.x –> 3.(x+1) Β OR Β 3.x.x –> 3.(x+1)
Version 3.6 to Version 3.7 or Version 3.8

Minor releases:Β 3.7 –> 3.7.(x+1) Β OR Β 3.7.x –> 3.7.(x+1)
Version 3.7 to Version 3.7.1 or Version 3.7.2 or Version 3.7.3

As this feature is not for major releases rather only for the minor ones, it won’t break your site and won’t create any major problems. So stay cool and don’t worry !! Β  πŸ™‚

Somehow, if you don’t need this auto-update feature for some reasons like:

  • You manage your site using version control.
  • You implement your own deployment mechanism.
  • You think there is no guarantees in this auto-update feature.
  • You want to upgrade manually with complete control and at you own convenience.
  • OR if you think there is any error in the stats provided by Nacin regarding zero failures πŸ˜‰Β 

 

Now the Solution (Plugin that creates an settings interface for WordPress admin to manage & control auto updates):
By default, there is NO admin interface provided by WordPress to have control over this. However there are some hooks and config variables to manage this. Like:

 

Certainly there is a cool plugin called “Update Control” in the WordPress repo which provides a nice and easy interface to manage this newly introduced feature along with some more options. Plugin URL: http://wordpress.org/plugins/update-control/
 
disable auto update wordpress
Various features & controls provided by this plugin:

  • Enable/Disable automatic updates.
  • Set the level of releases for Auto Updates.
  • Enable/Disable automatic Plugin updates
  • Enable/Disable automatic Theme updates
  • Enable/Disable automatic Translation(languages) updates.
  • Enable/Disable the code versioning check
  • Enable/Disable sending emails for updates etc.

If you are developer and you want to do this in your existing code then read this answer by Chip Bennett at stackexchange.Β http://wordpress.stackexchange.com/a/120082/13615