addThis share not working for ajax loaded sharing icons

addThis is a robust solution for sharing content to different social platforms. It has plugins also which can be used for this purpose. addThis provides the html or we say toolbox which shows the social icons when we implement that to any page or post. We can also provide the url, title media or description of the page or post within the toolbox which are to be shared through social media icons.

Sometimes, we need to show this toolbox with sharing content through ajax. I we simply show the toolbox html through ajax, then the sharing icon will not display or will not work. To show and to make them work, we will have to reinitialize the toolbox in just single line which is : Keep on reading

Get list of countries using gravity form plugin

Sometimes, we need to show list of countries in custom form or in simple page. Writing each country name in file is very tedious. If we have installed gravity form in our site then we can create and show dropdown of countries easily with help of gravity form plugin.

In gravity form plugin, there is a class GF_Field_Address in which address fields are created. In this class there is a function get_countries that returns the arrray of countries added in gravity form. We can use this class and method to create our country dropdown in custom form which is not a gravity form. Keep on reading

[SOLVED] Add new columns to the wp-admin users list

One of the most reason of becoming wordpress is as a powerful CMS is its action and filter hooks. One can make modifications in any part of site (both front-end and back-end) using these hooks.

You can also simply add new columns to the users list of wp-admin by using two great action and filter hooks of wordpress i.e. manage_users_columns (filter hook) and manage_users_custom_column (action hook).  Filter manage_users_columns is used to add heading/label of new columns in header of users table and action hook manage_users_custom_column is used to show values of new field for each user in the list. Keep on reading

[SOLVED] paragraphs tags not showing in wp content fetched from get_the_content() or paragraphs not showing at front end added from wp-editor

Recently I faced a very wierd issue while adding a post from wp-admin that on adding paragraphs from wp editor, the paragraphs were not showing at front end. The issue was that I have used get_the_content function.

When we use the_content function to show the content o post/page then filters added for the_content also execute ,one of them used to show content with <p></p> tags which are added from wp-editor while adding content. So, when we use get_the_content function, this filter does not execute, so content shows without paragraphs which looks very ugly if there is very large content added. Keep on reading

[Solved] How to allow user to do login after submission of gravity form

We can create gravity form of having any type of fields. If we want to create a login form using gravity form, then to allow user to do login , we will have to perform extra actions for it. Suppose if I have a gravity form having ID 1 and having username, email fields and login button, then I will have to perform extra actions in the gform_after_submission filter of gravity form, as :

add_action( ‘gform_after_submission_1’, ‘do_login’, 10, 2 ); Keep on reading

Update WordPress Post URL also, whenever Post Title gets changed

In our wordpress theme or wordpress plugins, there may be have used many methods or filters to add/edit posts or custom type posts. We know, once a post is created and then we edit its title then its slug or url does not change automatically.

To change the URL of wordpress post according to its title, we will have to use this filter hook in our functions.php : Keep on reading

[Solved] How to set dynamic confirmation url in ajax enabled gravity form OR Redirect user to the newly created post by gravity form

In gravity form settings, there are two kind of confirmations, first is redirect url and second is text. You can either redirect user to another page like thank you page after form submission or you can show the confirmation text like thank you, your form is submitted successfully.

For the redirect setting, we can use there form field values also, to set string etc, but we can’t set there completely dynamic url on based of conditions. For example, I have used Post fields in my gravity form, from which post creates automatically after submitting the form. Now, if I want ti redirect my user to the newly created post which is just created by him by submitting the form, then I cannot do it via Form settings. Keep on reading

wp nonce in ajax calls to secure ajax call request

We all know that it is a best protocol to use wp nonce methods in wordpress to secure the POST or GET requests. WordPress nonce method creates a string that can be used once and have a limited lifetime after they expire. Thus by verifying the created nonce we can authenticate the incoming request. To use wp-nonce in ajax calls, first we will have to pass the nonce to our jquery file, in which we are having code of ajax request.

To pass the nonce value in jquery file, we will have to localize the jquery script as : Keep on reading

Steps to Remove Security Vulnerabilities of WordPress Site

There may have many security vulnerabilities in your wordpress site which may result in an easy security hack. Here I have listed the possible security hacks and their solutions, which may help you to prevent your site got being hacked :

  1. Authenticated Reflected XSS Exists : This vulnerability is caused if data is being displayed directly according to the url parameters.
  • Example: http://example.com?user_id=1><script>alert(1)</script>. Thus, any script can also be added in the url which is major security issue, as anyone can run his script and can affect our data.
  • Recommendation: The best way to prevent this vulnerability you should use data sanitization techniques of wordpress in your theme and plugins. If you are using third party theme and plugins then make sure the developer has used wordpress data sanitization methods.
  1. Clickjacking : Clickjacking is a malicious technique in which a different domain’s frame set is being displayed with button or click content on another site and user doesn’t know that the frame set does not belong to current site. If user clicks over the button or link the malwares get being installed. Thus hackers hijacks the user’s click that’s why it is called clickjacking or cross frame scripting.
  • Recommendation: To prevent this we should use Xframe options in our htaccess file, to prevent  other wesite’s frame get being displayed. If your website is not using iframe then you can set XFRAME- OPTIONS to DENY and if your website is using iframes then you can set XFRAME- OPTIONS to SAMEORIGIN, so that your website’s frame will be displayed only.

      3. Data cached locally : If  caching of pages containing sensitive data is not disabled then the browser stores                  local copies of these pages, which may be accessed by anyone who has access to the user’s computer. Keep on reading