Metro style theme/template designs for blogs

Posted on December 27, 2011 by Michael Sync

Touchality run a metro style theme contest “Design for Windows Phone 7 Metro UI WordPress Theme” for their blog on 99designs.com. The wining award is $1,023. Six designers submitted 33 designs for that contest. By the time when I checked the contest, the winner was already chosen and the contest was completed so I didn’t manage to see all of the designs but here is what I got.

All credits go to the original designers and people from Touchality and 99designs.

Update:

Patrick Yong shared a working copy of wordpress theme in his blog. You can download it from this link if you like the screenshot below.

Digg hates me!

Posted on December 18, 2011 by Michael Sync

It’s true! Digg hates me. We were friends a few years back. The bloggers around the world submit the awesome links to you and you helps us to give some traffic for our blog. It is win-win situation for both sides. I didn’t know that things has been changed until I submit one of my posts to that site today.

I got this error below as soon as I enter my link in yours. Look at the screenshot. How bad is that? Your development team didn’t create the overlay message properly and your QA failed to find out about it.

I’m sure you can’t even read your own message so I posted the text below.

Stop right there criminal scum!

This page may be a forgery or imitation of another website, designed to trick users into sharing personal or financial information. Entering any personal information on this page may result in identity theft or other abuse

It’s not the first time that you treat my site like a spam site, Digg! I will show you the email history that I and your support team had a couple of months back.

Digg Support – Nov 18

Hello mchlsync,

We use the Google Safe Browsing API to help prevent spam and malware from getting submitted to Digg.com. It appears that Google has flagged that domain. For more information please check the link provided below:

http://code.google.com/apis/safebrowsing/

I went to Google Web Master tool and checked my site. I found no issue, Digg!

I replied to your support with this screenshot.

Digg support team – Nov 19~

Hello,

We’ve contacted our development team who are investigating the issue, and will fix it as soon as possible. Please don’t hesitate to contact us should you have any further questions.

For more information, please see Digg’s FAQ section (http://about.digg.com/faq).

Follow us on Twitter! http://twitter.com/digg

After a few hours on the same day, they asked me to try again.

Try again now, it should work. Let us know if you’re still having problems

When I checked it again, I found that the issue has been fixed.

But today, the issue show up again. I’m not sure how you guys are handling the regression issue but it’s not cool if this issue keep on coming back again and again.

So Digg! do something about it!

backwp.php in Twenty Eleven Theme

Posted on December 17, 2011 by Michael Sync

Some of you know that my blog was under attack a few months back. I started taking care of my blog’s security as much as I can since then. One of the things that I did is that I installed WP-Malwatch to scan the suspicious activities on my blog everyday. That plugin is kinda useful tho.

I received a notification from that plugin saying that it’s suspecting some viruses on my blog this morning so I quickly logged in and scanned my current template manually on dashboard. I found one new file called backwp.php inside the theme folder.

I’m guessing that it might be the back-up file of Twently Eleven them but I couldn’t find any information from theme download page so I posted a question about that file on forum and am still waiting for the answer. Let me know if you have any idea about this file. For the time being, I deleted this file and tested my blog. It’s still working. I think that it’s very safe to delete that file.

Another weird thing which is happening since I started using “Twently Eleven” theme is that I’m getting this error often when I’m playing around in dashboard area. I tried contacting with people behind this theme and no reply from them.

This theme is awesome and it was created by the official wordpress.com team but after using it for a while, I realized that this theme comes with quite a few problem as well.. Maybe, it’s time for me to look for new theme..

My blog was under attack

Posted on August 15, 2010 by Michael Sync

Bad news! guys.. My blog was under attack for several times during this year. (Thanks to my readers who informed me about the problem.) I have successfully removed the injected script from my blog so it’s safe for you guys to read my blog again. (Actually, It was safe for you guys because the domain in the injected script is in the blacklist so the browser will automatically block you from accessing it. ) In this post, I will inform you about the injected script and the list of changes that I did to prevent this from happening again.

The attacker was targeting the footer.php file in the current theme that I’m using. The following script was injected in footer.php file.

The Injected Script

Fig 1: The injected script

Analyzing the Javascript

By looking at the script, I knew that that person was using Javascript function “unescape” to decode his encoded string. But I couldn’t say what he wrote in that encoded text. So, I used the online JavaScript Escape/Unescape Converter tool to decode the string.

I copied the whole text and paste it in “escape text” textbox and click on “Complete Unescape” button.

Here is what I got for the first conversion.

Fig 2: The decoded script - part 1

As you can see, the text was encoded twice so I copied the text between unescape brackets and converted it again in converter webpage.

Here is the second part of the decoded script.

Fig 2: The decoded script - part 2

But there are some % and number (e.g. %62 ) in the URL but it’s very easy to figure out what it is. I went to the “HTML URL Encoding Reference” page and I got the ASCII character for four numbers.

%20 = {whitespace}
%62 = b
%65 = e
%63 = c

The purpose of this script is that when user access my blog then it will show this site below in iframe. But luckily, this site is in black list so the most of browser will warm you or refuse to show that site so the attacker will not get what he wanted.

Fig 3: Black website

I thank to him for not deleting any data or etc. It encourages me to take good care of my site even I’m very busy. :)

What did I change to prevent this?

I changed the following things but honestly, I have no idea whether it will work or not. I will have to wait a few months or year to see the result. I’m posting this because if you are facing the same problem as I had and you don’t know what to do then you can probably try doing the same thing like I did. Please feel free to let me know if you have any better idea or suggestion.

Tips

Ensure WordPress and all plugins are up-to-date.
Delete all unnecessary plugins or themes that you are using in your blog. If you have other extra files in your host, do delete them as well.
Disable unused accounts in your host and change the password of current account that you are using.
Use auto-backup software or plugin or etc to back-up all files (including images, samples) and database.
Double-check the security setting of your blog (You can read the best practice for WordPress Security in this link Hardening WordPress ) If you are not familiar with those things then you should ask your hosting provider to help you or get someone to do this.
Install some security plugins. I installed the following plugins for security in my blogs

Well, That’s all that I did. Like I mentioned, let me know if you have any better way to secure the wordpress blog. Thank you all for reading.. :)

Related ~

Bulk Image Downloader for WordPress Users

Posted on January 28, 2008 by Michael Sync

A tool for downloading images from your WordPress.com blog to your local machine. It is also an example of how to use XML RPC service in C#.

Executable : WpBulkDownloader-Alpha-Executable.zip
SourceCode : WpBulkDownloader.zip

Contents

Introduction
Background
Software Requirements
How to use
How it works
FAQ

Introduction

This is a tool that helps you to download all of your images that you posted in your blog. This tool is created especially for WordPress.com users but it will support all other blogging softwares in future. You will definitely need this tool when you want to move your blog from wordpress.com to self-host.

WP Bulk Image Downloader (Alpha) for WordPress Users

Background

My blog was hosted on WordPress.com last year. I had too many images uploaded in my free space. When I wanted to move my blog to self-host, I noticed that there is no way to bulk-download all of my images from WordPress account to my local disk. I didn’t want to copy each and every images manually so I wrote this tool that can scan each and every urls from my blog and create the directory based on the URL. And then, download them into my local harddisk. It’s just 2 hours program that I wrote at that time. So, I’m sure that there won’t be all features that you want in this program. But don’t worry. Just drop a comment in this post. I will add the feature that you want in next release.

Software Requirements

Microsoft .NET Framework 3.5

How to use it?

The steps are very simple.

Configure your blog in Bulk Image Downlader. Click “Options” and fill your blog URL, user name and password as picture below.

WP Bulk Image Downloader - Options

Click “OK” button to save your configuration and close the dialog
Click “Get Files” button to get the list of image URLs from your blog. (You may need to wait a few minutes while retrieving the list of images from your blog.)
After retrieving the list of Image URL, you can click “Download” button to download the images to your local disk. (You may need to wait a few minutes while processing. )
After that, you can check all of your images in “Downloaded Images” directory.

How does it work?

Note: This is for those who like to read the sourcecode and want an explanation about codes. If you are just a normal user, you may skip this section.

Firstly, the program will read the user name, password and blogurl from config file. It will append “xmlrpc.php” which is the standard XML RPC interface for WordPress at the end of blogurl string. Then, it will invoke getRecentPost() API of wordpress. I used opensource XML-RPC.NET library in this sample. As there is no getPosts() API in xmlrpc.php, we have to use the alternative method (getRecentPost() API) for retrieving the posts from the blog. The max number of posts is set to 1000 in the program. If you have more than 1000 posts in your blog, you probably need to change the default value.

If the authenticating is successful then we will get the list of posts from the blog. So, we have to filter the URL of images from the contents. Initially, I was thinking to filter <img> tag from the content. But there are some cases that we used big image in <A> tag and small images in <img> tag. So, I decided to filter the <img> tag and <a> tag from the contents based on the extensions (*.jpg, *.png, *.gif) by using regular expression. After that, I shows the list of URLS in ListView.

When the user clicks “Download” button, I start downloading the image one by one. (Note: I used C# downloader class which is written by Shailen Sukul in this example. ) Based on the URL, the program will create the directory accordingly. For example, If the image URL is “http://your.wp.com/2009/09/image1″ then the program will create the directories like “09″ folder under “2009″ folder under “/Downloaded Images/” folder. So, you can easily upload all of your images to your new host via FTP.

That’s all about how Bulk Image Downloader works. If you have any question, please let me know.

FAQs

1. Can you make the better UI for this program?

Yes. Of course. I’m thinking to change this Windows Form to WPF version so that you will definitely get the better UI for this program.

2. The form is freeze while downloading the images. Why?

Sorry about this issue. For the time being, all processes are running in single thread so that UI will be freeze while processing. I will separate the UI and logic into different thread in next release.

3. Can I request new feature?

Yes. Of course. This is the main reason why I released it as alpha. Feel free to drop a comment in this post. I will make a list of feature requests and will be added in next version.

October Wrap-up

Posted on October 31, 2007 by Michael Sync

This is the wrap-up of this blog for October, 2007 [ "October 12 to October 31 ( 20 days )"].

1. Host and Blogging Software

My blog is shifted to Dreamhost on 11st October, 2007. Luckily, I got a lot of discounts from them because they were celebrating 10th Birthday at that time.
I started using the standalone WordPress from WordPress.org. ( The one that I used earlier is WordPress MU (WordPress Multi-User). )

2. Plugins

WordPress.com Stats : This is a stats system that I’m using for more than 1 year. I still love this plugin so I use it here too. (But it doesn’t allow me to take my previous stats from my old blog. :( )
Akismet : The greatest spam-fighter on the net.
Feedburner FeedSmith : It will redirect your own site feed (i.e: http://michaelsync.net/feed/) to your feedburner’s feed (i.e: http://feeds.feedburner.com/michaelsync/).
Google XML Sitemaps : It is just for Google Webmaster Tool.
Subscribe to Comments : This is the best way to keep in touch with my readers.
SyntaxHighlighter : This makes my sourcecode looks cool.

Which plugins are you using on your site?

3. Theme

Yeah. I’m using my modified version of “Unsleepable Widget-friendly” theme for now.

4. AdSense

This might be interesting topic for you all. I have started using the Adsense from the following service. I wanna share some of my experiences… I promise that I’m NOT going to use the most annoying ads in my blog. All ads will be placed on the sitebar or under the comment box . I hope that it would be okay for you. Frankly speaking, I’m not going to blog for money. I have no plan to make money with my blog.. Why ads here? Because as my blog is on self-host, there are some costs for it. I like to cover those things. And also, I would like to run some programming or blogging contests on my blog..

Google AdSense : I think Google Ads is the best adsense service on the net. They pay for impression, clicks and actions.
AuctionAds : This is also a nice ads service after Google Ads. I start using it last 10 or something.. I got 4703 impressions, 4 clicks and 1 referral. I got free $25 bucks for signing-up with them. I’m not very sure whether this promotion is still available or not. You may try here if you want.
Chitika : I think that Chitika is “Pay-per-action” service that didn’t work well from me. So, I have removed it.
BidVertiser : I signed-up on that site today. It allows you to sign-up as both advertiser and publisher.

If you are also using Ads on your blog, please share some information with me. Which Service are you using? How many impressions and clicks do you get for a day? How much have you earned? Thanks.

Stats

PageViews : 17618 PageViews for 20 days ( it doesn’t include my own visits.)
Technorati Rank : 32,510 ( My rank dropped too much this month. My rank was 25,703 on 1st October. :( )
Google PageRank : 5 (I got it on 26th January this year. it has been nearly 1 year. I think the PR of my blog should has been dropped this time because this is fashion for now.. a lot of pro-bloggers are shouting about Google PR drops for their blogs.. )
Technorati Authority: 182
Bandwidth : 3.684 GB

Michael Sync

Sharing our knowledge

Category Archives: WordPress/Blogging