peterlihou
Forum Replies Created
-
Forum: Fixing WordPress
In reply to: Comments not workingI’m getting an error saying Firefox can’t connect to the server, when people try to leave comments and in Safari they can post them but they aren’t appearing on the site! I’m using Twenty Eleven and the site is TheBookAwards.com
Can you help please?
Forum: Plugins
In reply to: [IP2Location Tags] Latest upgrade problemI simply followed the update plugin option in one of my wordpress sites. It didn’t say anything about the database. I didn’t do this on my other site and that continued to work fine so I’ve now reverted to the older version for both sites and they’re working.
I’m not a technical person but I presume a code sample will now just give the older code.
Forum: Plugins
In reply to: [IP2Location Tags] Latest upgrade problemHi
The problem is with the latest version. I’ve reverted to the older version because of this.
Forum: Plugins
In reply to: [IP2Location Tags] Latest upgrade problemCan I get version 2.1 please? This works well on my other site.
G’day Ross
You’re completely right, I’m sorry it’s a damn cheek.
The author hasn’t been responding to support requests or any other questions for about a year so I got a bit desperate. I’m not a programmer but I rely upon this plugin for my ‘not for profit’ book awards site.
It would be great if someone would write a new version of a ratings plugin because I’m not the only who is stranded. But that isn’t your problem.
Thanks anyway for your suggestions so far.
Pete
Hello Ross
Thank you very much for your help.
I’m guessing my problem would be that the transients may not have expired, I just want to delete the IP addresses that are older than 1st January this year.
You are dealing with a total amateur here but I copied the following code from the “Edit Plugin’ option in WordPress, post-ratings.php file.
Does this mean it will only store 20 IP addresses and they should expire after 90 days?
If I change the expiry to 35 days and then run your code, would that work and if I then wanted to increase these numbers to improve security against multiple votes, could I just change them?
I really do appreciate any advice you can give and I might just add that post ratings is the only plugin that includes a ‘top 20’ sidebar widget, and the plugin has been out of support for ages. If you were to write and support a new ratings plugin I’m sure there must be a market – including me!
Cheers
Pete/* * Attempt to get the visitor's IP address * * @since 2.3 * @return string */ private function getIP(){ if(isset($_SERVER['HTTP_CLIENT_IP'])) return $_SERVER['HTTP_CLIENT_IP']; if(isset($_SERVER['HTTP_X_FORWARDED_FOR'])) return $_SERVER['HTTP_X_FORWARDED_FOR']; if(isset($_SERVER['HTTP_X_FORWARDED'])) return $_SERVER['HTTP_X_FORWARDED']; if(isset($_SERVER['HTTP_FORWARDED_FOR'])) return $_SERVER['HTTP_FORWARDED_FOR']; if(isset($_SERVER['HTTP_FORWARDED'])) return $_SERVER['HTTP_FORWARDED']; return $_SERVER['REMOTE_ADDR']; } /* * Process rating, or set up plugin hooks if this is not a rate request * * @since 1.0 */ public function Run(){ $options = $this->getOptions(); extract($options); if(!isset($_GET['rate'])){ if($custom_filter) add_filter($custom_filter, array($this, 'ControlBlockHook')); if($before_post || $after_post){ // post content add_filter('the_content', array($this, 'ControlBlockHook'), 20); // bbpress add_filter('bbp_get_topic_content', array($this, 'ControlBlockHook')); add_filter('bbp_get_reply_content', array($this, 'ControlBlockHook')); } add_action('wp_enqueue_scripts', array($this, 'assets')); // this is our $.ajax request }else{ defined('DOING_AJAX') or define('DOING_AJAX', true); $post_id = (int)$_GET['post_id']; $voted = min(max((int)$_GET['rate'], 1), $max_rating); $error = ''; $post = &get_post($post_id); $rating = 0; $votes = 0; if(!$post){ $error = __("Invalid vote! Cheatin' uh?", self::ID); }else{ // get current post rating and vote count extract($this->getRating($post->ID)); // vote seems valid, register it if($this->currentUserCanRate($post_id)){ // increase global post rate count if this is the first vote if($votes < 1) $options['num_rated_posts']++; // global vote count $options['num_votes']++; // update post rating and vote count $votes++; $rating = (($rating * ($votes - 1)) + $voted) / $votes; update_post_meta($post->ID, 'rating', $rating); update_post_meta($post->ID, 'votes', $votes); // update global stats $options['avg_rating'] = ($options['num_votes'] > 0) ? ((($options['avg_rating'] * ($options['num_votes'] - 1)) + $voted) / $options['num_votes']) : 0; update_option(self::ID, $options); $ip_cache = get_transient('post_ratings_ip_cache'); if(!$ip_cache) $ip_cache = array(); $posts_rated = isset($_COOKIE[$this->getRecordsKey('posts_rated')]) ? explode('-', $_COOKIE[$this->getRecordsKey('posts_rated')]) : array(); $posts_rated = array_map('intval', array_filter($posts_rated)); // add user's IP to the cache $ip_cache[$post_id][] = $this->getIP(); // keep it light, only 10 records per post and maximum 10 post records (=> max. 100 ip entries) // also, the data gets deleted after 2 weeks if there's no activity during this time... if(count($ip_cache[$post_id]) > 10) array_shift($ip_cache[$post_id]); if(count($ip_cache) > 10) array_shift($ip_cache); set_transient('post_ratings_ip_cache', $ip_cache, 60 * 60 * 24 * 14); // update user meta if(is_user_logged_in()){ $user = wp_get_current_user(); $current_user_ratings = get_user_meta($user->ID, $this->getRecordsKey('posts_rated'), true); if(!$current_user_ratings) $current_user_ratings = array(); $posts_rated = array_unique(array_merge($posts_rated, array_filter($current_user_ratings))); update_user_meta($user->ID, $this->getRecordsKey('posts_rated'), $posts_rated); } // update cookie $posts_rated = array_slice($posts_rated, -20); // keep it under 20 entries $posts_rated[] = $post_id; setcookie($this->getRecordsKey('posts_rated'), implode('-', $posts_rated), time() + 60 * 60 * 24 * 90, '/'); // expires in 90 days $this->rated_posts[] = $post_id; do_action('rated_post', $post_id); $this->clearQueryCache(); }else{ $error = __('You cannot rate this post!', self::ID); }This is usual file
‘# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /awards/
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /awards/index.php [L]
</IfModule># END WordPress’
As soon as I save an IP the site crashes and the file changes to:
‘# BEGIN All In One WP Security
#AIOWPS_DISABLE_INDEX_VIEWS_START
Options All -Indexes
#AIOWPS_DISABLE_INDEX_VIEWS_END
#AIOWPS_IP_BLACKLIST_START
Order allow,deny
Allow from all
Deny from 65.55.213.63
Deny from 99.16.80.30
#AIOWPS_IP_BLACKLIST_END
#AIOWPS_DISABLE_TRACE_TRACK_START
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* – [F]
#AIOWPS_DISABLE_TRACE_TRACK_END
#AIOWPS_FORBID_PROXY_COMMENTS_START
RewriteCond %{REQUEST_METHOD} =POST
RewriteCond %{HTTP:VIA}%{HTTP:FORWARDED}%{HTTP:USERAGENT_VIA}%{HTTP:X_FORWARDED_FOR}%{HTTP:PROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:XPROXY_CONNECTION}%{HTTP:HTTP_PC_REMOTE_ADDR}%{HTTP:HTTP_CLIENT_IP} !^$
RewriteCond %{REQUEST_URI} !^/(wp-login.php|wp-admin/|wp-content/plugins/|wp-includes/).* [NC]
RewriteRule .* – [F,NS,L]
#AIOWPS_FORBID_PROXY_COMMENTS_END
#AIOWPS_DENY_BAD_QUERY_STRINGS_START
RewriteCond %{QUERY_STRING} tag= [NC,OR]
RewriteCond %{QUERY_STRING} ftp: [NC,OR]
RewriteCond %{QUERY_STRING} http: [NC,OR]
RewriteCond %{QUERY_STRING} https: [NC,OR]
RewriteCond %{QUERY_STRING} mosConfig [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(globals|encode|localhost|loopback).* [NC,OR]
RewriteCond %{QUERY_STRING} (\;|’|\”|%22).*(request|insert|union|declare|drop) [NC]
RewriteRule ^(.*)$ – [F,L]
#AIOWPS_DENY_BAD_QUERY_STRINGS_END
#AIOWPS_ADVANCED_CHAR_STRING_FILTER_START
<IfModule mod_alias.c>
RedirectMatch 403 \,
RedirectMatch 403 \:
RedirectMatch 403 \;
RedirectMatch 403 \=
RedirectMatch 403 \@
RedirectMatch 403 \[
RedirectMatch 403 \]
RedirectMatch 403 \^
RedirectMatch 403 \`
RedirectMatch 403 \{
RedirectMatch 403 \}
RedirectMatch 403 \~
RedirectMatch 403 \”
RedirectMatch 403 \$
RedirectMatch 403 \<
RedirectMatch 403 \>
RedirectMatch 403 \|
RedirectMatch 403 \.\.
RedirectMatch 403 \%0
RedirectMatch 403 \%A
RedirectMatch 403 \%B
RedirectMatch 403 \%C
RedirectMatch 403 \%D
RedirectMatch 403 \%E
RedirectMatch 403 \%F
RedirectMatch 403 \%22
RedirectMatch 403 \%27
RedirectMatch 403 \%28
RedirectMatch 403 \%29
RedirectMatch 403 \%3C
RedirectMatch 403 \%3E
RedirectMatch 403 \%3F
RedirectMatch 403 \%5B
RedirectMatch 403 \%5C
RedirectMatch 403 \%5D
RedirectMatch 403 \%7B
RedirectMatch 403 \%7C
RedirectMatch 403 \%7D
# COMMON PATTERNS
Redirectmatch 403 \_vpi
RedirectMatch 403 \.inc
Redirectmatch 403 xAou6
Redirectmatch 403 db\_name
Redirectmatch 403 select\(
Redirectmatch 403 convert\(
Redirectmatch 403 \/query\/
RedirectMatch 403 ImpEvData
Redirectmatch 403 \.XMLHTTP
Redirectmatch 403 proxydeny
RedirectMatch 403 function\.
Redirectmatch 403 remoteFile
Redirectmatch 403 servername
Redirectmatch 403 \&rptmode\=
Redirectmatch 403 sys\_cpanel
RedirectMatch 403 db\_connect
RedirectMatch 403 doeditconfig
RedirectMatch 403 check\_proxy
Redirectmatch 403 system\_user
Redirectmatch 403 \/\(null\)\/
Redirectmatch 403 clientrequest
Redirectmatch 403 option\_value
RedirectMatch 403 ref\.outcontrol
# SPECIFIC EXPLOITS
RedirectMatch 403 errors\.
RedirectMatch 403 config\.
RedirectMatch 403 include\.
RedirectMatch 403 display\.
RedirectMatch 403 register\.
Redirectmatch 403 password\.
RedirectMatch 403 maincore\.
RedirectMatch 403 authorize\.
Redirectmatch 403 macromates\.
RedirectMatch 403 head\_auth\.
RedirectMatch 403 submit\_links\.
RedirectMatch 403 change\_action\.
Redirectmatch 403 com\_facileforms\/
RedirectMatch 403 admin\_db\_utilities\.
RedirectMatch 403 admin\.webring\.docs\.
Redirectmatch 403 Table\/Latest\/index\.
</IfModule>
#AIOWPS_ADVANCED_CHAR_STRING_FILTER_END
# END All In One WP Security# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /awards/
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /awards/index.php [L]
</IfModule># END WordPress’
I’m entering a simple IP address, the last couple of times just one IP at a time.
In order to fix the problem, I’ve deleted the contents of the .htaccess file between the parameters above (as was suggested here for a similar support problem), so I can’t show you unless it crashes again, which I don’t want to happen.
Forum: Plugins
In reply to: [All-In-One Security (AIOS) – Security and Firewall] Self Lock outIt’s locked me out as well!
I made one failed login attempt on my site (missed one letter) and it’s gone into lockout. It tells me to Log into my sites admin panel but clearly I can’t do that.
If the lockout is just one hour, I can live with that tonight but would have no idea how to deactivate using FTP if I had to. Do you give instructions somewhere?
Forum: Plugins
In reply to: [All-In-One Security (AIOS) – Security and Firewall] DB BackupMy average for the year is 222 per day but it’s been around double that number for the last couple of months.
Forum: Plugins
In reply to: [All-In-One Security (AIOS) – Security and Firewall] DB BackupHi
Thank you for an excellent plugin.One problem though, the db backup schedule doesn’t work. I can do it manually and it sends to my designated email address, but if I set it to every two days, nothing happens. Can you advise please?
Cheers
PeteForum: Reviews
In reply to: [Online Backup for WordPress] Restore doesn't workHi Jason
I visited the portal yesterday and was shown a list of recent backups from which to choose, I selected the backup from 11:00am on Tuesday morning. Every day people vote and add books to The Book Awards and when restored, the site was showing only those entries from weeks ago. When I saw it, I went back to the portal to select a different file but they had all gone other than the most recent. If you have backups of your backup files, I will be happy to walk through the process with you today. I gave up at 2:00 in the morning but now have to spend today resolving the problem because the site is busy every day.
I understand the distinction between paid and free but something as crucial as a backup system must have some level of support. I would pay a reasonable amount for a professional service but not one that isn’t there when you need it. I tried the forum and found several topics had questions (including my own) with no answers going back months. My site is a ‘not for profit’ run voluntarily but I still feel duty bound to offer an excellent service.
It seems to me that far to many people, vendors and customers alike, are happy to judge a backup system on the ease of installation or automation, the most important feature is the ability and ease of use when you need to restore. There is no information on this supplied with the application and the only help is in a FAQ section of your website. For the first time, when already stressed, you see instructions that are complicated to a non-technical person, you are told there’s no support and suggestions that help be sought from a hosting provider, even though the hosting provider doesn’t offer that support for the database.
A great free system will lead to sales of paid systems but a poor free system will damage your reputation and inhibit all sales.
I was surprised and relieved to see your note this morning (perhaps prematurely because I don’t know if anything will come of it) as I didn’t expect any response at all. If you are still able to assist me, I will gladly take down my negative review and revise my opinion.
Regards
PetePete Lihou
[sig moderated as per the Forum Rules]