login attempt limiter plugin for WordPress?

update: yay! I found exactly what I wanted in Owen Winkler’s un-released “Armor” plugin:
http://comox.textdrive.com/pipermail/wp-hackers/2006-March/005290.html

limits the login attempts and emails the blog owner to let them know of the attempts…
really well written code too!
———

Someone on the WordPress IRC channel told me that there is a login attempt plugin that will limit how many times a user attempts to login? I can’t find any such creature? So if you know of where it’s hiding let me know before I attempt to code it tonight

Also, apparently we are going to get a really nice plugin to ensure good passwords, really soon from the lushlab folks

$_SERVER[REQUEST_URI] doesn’t always work correctly! Here’s how to fix it.

Here’s something important for WP plugin developers that I have discovered on my server with wordpress and many plugins.

While PHP programmers have been taught to use
$_SERVER[REQUEST_URI]
to fetch the current page URI, IT DOESN’T WORK CORRECTLY in all cases with wordpress’s rewrite functions.

I discovered this while working with the paged-comments plugin. It caused the template and other plugins to not see the proper URI and miss out on the extra stub in the URL.

After some studying of phpinfo results, I discovered that the proper, complete URI was shown in:
$GLOBALS["HTTP_SERVER_VARS"]["REQUEST_URI"];

So I highly recommend that plugin developers use that reference instead.
Yes, I know they should be identical but apparently it’s an Apache + PHP bug.

My server has apache 1.33 and php 4.2 so your milage may vary on the bug.
But since ALOT of people have that server combo, trust me, this prevents problems.

How to “de-ajax” WP-Polls 2.11 & 2.12

WP-Polls is a great voting plugin for WordPress but after version 2.06b Lester decided to use ajax (only).

While ajax is the latest buzzword, ajax is not very handy if you want bookmarkable pages and despite what people are led to believe, it actually can put *more* load on the server. It also makes certain kinds of tracking difficult (or impossible). Worse yet, if visitors have javascript disabled, it won’t work at all. So if it’s not critical, I don’t like to use ajax.

While you can just use 2.06b if you don’t want ajax, the problem is he added some nice little features after that version (like tracking votes by member instead of IP) which you may want.

The good news is it’s not hard at all to make it non-ajax. I hope to release a mod of 2.12 at some point (if he doesn’t do it first) that lets you toggle between ajax and non-ajax with a simple admin menu choice, but for now here are the steps to undo the ajax features manually and make it static, exactly like 2.06b

Continue reading ‘How to “de-ajax” WP-Polls 2.11 & 2.12′

WP-Polls using CSS instead of images

Among Lester Chan’s great WordPress plugins is “WP-Polls“. His newest version uses ajax which I don’t care for but he has a slightly older version without it.

(here’s an alternate download location for WP-Polls while Lester’s site is down)

Both versions however require three small images for the little result graphs. The problem with this is that no matter how small the images are, the visitors’ browsers will have to do three more calls to the server to load them and even on broadband, that slows things down. However because he wisely uses templates to control how the poll results are seen, it’s easy to change the images to CSS.

Here’s how to do it:

Continue reading ‘WP-Polls using CSS instead of images’

Captcha without cookies or sessions

One problem I have had with adding captcha to my blogs is that virtually all of the plugins available require sessions to track the “magic code” via a cookie on the server side. Well this creates a big problem because many visitors turn off cookies by default for sites they are not familiar with which will make the post fail, then they have to hit the back button and because sessions are active, most browers will see it as an expired page so it empties out the comment form! That’s very fustrating and I have experienced myself on many blogs where I gave up commenting entirely because it was too annoying.

Well I finally found a decent WordPress captcha plugin I could modify easily enough. “Anti Spam Image” by Nio can be found over here:
http://nio.infor96.com/archives/369

My version uses MySQL instead of sessions to keep the code available for 30 minutes to the visitor. I’ve posted my modification at the bottom of his comments or you can get it here:
http://www.megaupload.com/?d=Y36AM5N5
(backup download location: http://pastebin.ca/168697)