One of the features I like best is the hooks and filters which allow developers (like us) to enhance the look and feel of the cart and they are well documented as well.

WooCommerce 2.0 see’s some and some visual ones as well including:

Don’t worry if some that went over you head – some of it is for the techies amongst us.

WooCommerce 2.0 is a major update

Now before you head off and click ‘update’ in wp-admin – make sure you are ready for the update and that you’ve tested it on a development site and know what needs to be done to ensure your production site stays working.

Having a sound backup strategy is imperative before upgrading.  We use and recommend Backup Buddy to create the backup and to replicate your site to a development site for testing purposes.

Once you upgrade WooCommerce to Version 2.0, the data in your database will be converted to the new data structure and there is no going back…. so be very sure before clicking the update button on your production site.

We will be testing thoroughly before doing any updates on our own or client sites.

WooThemes offer some excellent advice about preparing your site for WooCommerce 2.0 and, if you aren’t sure, we are able to help you with the WooCommerce update (request help via our helpdesk)

Celebrate the Release of WooCommerce 2.0

Want to see some WooCommerce Shopping Carts in action?

Here are just some sites where we have installed and configured WooCommerce:

Wishlist Member Plugins

Organize Your Life

Ask Charly Leetham

Dougs Word Clocks

WooCommerce 2.0 – Major Upgrade, be sure to test first! is a post from: The WP Warrior

The post WooCommerce 2.0 – Major Upgrade, be sure to test first! appeared first on The WP Warrior.

The issue appeared to be a conflict between WooThemes woo_title() function and WordPress SEO.  Whilst searching for a fix, I knew there had to be an answer, I found two posts by Spoonjab and Webexplorar that suggested editing header.php in my themes and replacing woo_title() with wp_title() to resolve the problem.

This really didn’t make sense to me for a couple of reasons:

1. First, unless you use a child theme, modifying header.php is a bad idea – if you want to upgrade your theme, you’ll loose your changes.  I was using a child theme, and I really didn’t want to have to replicate header.php just for this change…. Woo Themes provide some awesome hooks to allow us to customize the header area without having to recreate the file.
2. The woo_title() function already uses wp_title() and moving it from a function to the header.php file wouldn’t really fix anything
3. woo_title() provides a filter we can use to modify the output, so we don’t need to change header.php – we should be making use of this.

However, the ideas did put me on the right track.

With the able assistance of our WP Warrior, Morgan, the following function was created and worked perfectly

<?php
add_filter('wp_title', 'fix_page_title',30,1);
function fix_page_title( $title) {
$raw_title = $title.' | ';
return $raw_title;
}
?>

I tried adding the filter at the default priority of 20, i.e:

<?php
add_filter('wp_title', 'fix_page_title',20,1);

However, the problem still existed.  Moving the filter to a priority of 30, ensures that it is applied late enough in the process so that the other functions do their bit and won’t change our output.

Where Do I Add This Code?

The code above can be added your themes functions.php file.  The functions.php file is designed to be modified however, make sure you keep a backup copy each time you modify it – if you upgrade your theme, you may loose your changes!

Use It As A Plugin

To make it truly easy though, I’ve created the code in a plugin – right click here to download the plugin.  Use the WordPress installer to install the plugin, activate and that’s it.

WooThemes, WordPress SEO and woo_title() is a post from: The WP Warrior

The post WooThemes, WordPress SEO and woo_title() appeared first on The WP Warrior.

A brute force attack is literally multiple attempts against a username to ‘guess’ the password.  Regardless of how difficult you make a password for a person to remember, given sufficient computer power and time, any password can be guessed.

Securing WordPress and improving the security of anything is to use Two Factor Authentication.  Sounds techie doesn’t it? It’s not.  Two Factor Authentication is have two “things” that form your access code – as a younger woman in IT Security it was explained to me as “something you HAVE, and something you KNOW”.

You KNOW your password.  You HAVE a fingerprint

You KNOW a PIN code. You HAVE a key that you turn in a lock

 Just possessing one of these things is not enough to get through the security safeguards – you need to have both to use together.

Google offers Two Factor Authentication on all Google Accounts, you just have to enable it and get used to using it.

Googles’ Two Factor Authentication works by providing you with an App for your mobile device (iOS or Android).  When you log in to your Google Account, you still need your user name and password – but there is an additional step.  You are prompted to enter a one time code (that resets after a number of seconds).  In entering this code correctly, you are proving that you HAVE the unique code.  You KNOW your username and password, but you have to HAVE the authenticator app to be able to proceed.  Find out more about Googles Two Factor Authentication (or 2 Step Authentication) here.

The really funky thing with this technolog is that it is utilised by many other providers and I wondered how to use it in Securing WordPress.  The answer was suprisingly simple.

Securing WordPress using Google Authenticator

Securing WordPress becomes a little easier with the Google Authenticator Plugin by Henrik Schack.  I was impressed by how easy it was to setup and get going with it.  As we run a number of membership sites, I had a number of concerns that using the plugin would require all members to use Googles Two Factor Authentication – and I realised that not everyone had a Google Account OR wanted to use 2 step authentication.  What I did want, was to secure my administrator accounts.  Sure, having a members acccount hacked is not great, and other precautions are required.

Here are the steps in Securing WordPress with the Google Authenticator Plugin:

1. Setup Two Factor Authentication on your Google account and install the Google Authenticator app on your mobile device.
2. Install the Google Authenticator plugin – you can grab it from the WordPress Repository using the normal WordPress Plugin installer
3. After you activate the plugin, navigate to wp-admin -> Users -> Your Profile
4. Scroll down to where you find the Google Authenticator section
5. Click the Active box to enable Google authenticator on your profile
6. Set the Description to something meaningful, this is what will show on your Google Authenticator app
7. Click the Show / Hide QR code
8. With your mobile device, scan the QR Code that is displayed and click the ‘use browser’ function (or similar).  This will save the key to your Google Authenticator app.
9. I recommend logging in with a different browser and testing the process to make sure there are no latent issues – but that’s it. Your account is now protected with Google Authenticator.

As a website admin, Securing WordPress should be at the top of your mind. Whilst many hackings may not be malicious, the time and energy required to clean a site is considerable.  Securing WordPress right up front will save lots of heart ache.

Securing WordPress: Two Factor Authentication is a post from: The WP Warrior

The post Securing WordPress: Two Factor Authentication appeared first on The WP Warrior.

The guts of the matter is, is that ?doing_wp_cron is generally triggered by the WordPress Constant ‘ALTERNATE_WP_CRON’ being set to true.

According to the WordPress Codex, ALTERNATE_WP_CRON:

“this alternate method uses a redirection approach, which makes the users browser get a redirect when the cron needs to run, so that they come back to the site immediately while cron continues to run in the connection they just dropped. This method is a bit iffy sometimes, which is why it’s not the default.”

ALTERNATE_WP_CRON is often enabled when Hosts (webservers) have disabled ‘HTTP Loopback connections’.  I did some digging for a simple description of what they were and couldn’t find anything however, reading Otto’s explanation in the WordPress Forums gave me a great insight.  I won’t copy their entire response here, but I do encourage you to read it.

Essentially (and I’ll acknowledge there will be exceptions to this), ALTERNATE_WP_CRON should really only be used if your webhost does not allow WordPress to ‘call itself’ to trigger cron jobs…

What’s a CRON job I hear you say?

Cron is the time-based job scheduler in Unix-like computer operating systems that allows users to schedule jobs (through scripts / commands) to run periodically at certain times or dates.  Cron is used to run system maintenance and administration tasks automatically but can be used for a wide variety of tasks.

In our world today, whilst most people will think of a Unix-like system, I’ve heard the term “cron job” generically used to mean ‘automated task on my web server’….

With WordPress, these automated tasks may include:

• Backups (Backup Buddy)
• Checking for updates to the Core, Plugins or Themes
• Moving members through different levels of membership (Wishlist Member)
• Publishing scheduled posts
• Closing comments automatically

Just to name a few…

Is having ?doing_wp_cron appended to my url a bad thing?

The first thing to consider is how ALTERNATE_WP_CRON actually works – when a visitor comes to the site, if alternate cron is defined, they are redirected to the ‘cron’ system and then immediately back to the website.  My concern is how much extra time that adds to the sites load time, and what the visitor experience is as a result.

Secondly, the url is just plain unsightly.  Most of us optimize our sites for SEO, including the permalinks – and to have that tagged on the end is just disappointing.

Ultimately though, I question whether the requirement to disable HTTP loopback connections on a webserver is actually required – to quote Otto:

…However, some servers simply can’t do that for some reason. Among the possible reasons:
- Server doesn’t have DNS, and so it can’t figure out who “example.com” is, even though it is *itself*.
- Server administrators, in a misguided attempt at security, have blocked “loopback” requests, so it can’t actually make a call back to itself.
- Server is running something called “mod_security” or similar, which actively blocks the call due to brain-dead configuration.
- Something else.

Admittedly that post is 3 years old (at the time of writing) and I would be interested in others opinions as to why you would disable HTTP Loopback connections.

All In One Event Calendar and ALTERNATE_WP_CRON

I was horrified recently, when debugging an issue with ?doing_wp_cron being appended to their url, to discover that All In One Event Calendar forces the use of ALTERNATE_WP_CRON despite the existence of HTTP Loopback Connections or not.

According to their update, Why Am I Seeing ?wp_doing_cron in my url (published August 2012), the creators of the plugin have decided to FORCE the use of alternate cron because of a ‘bug’ in WordPress that is over 3 years old.  Is it really a bug?  I doubt it, based on Otto’s explanation and the fact that many other plugin providers are successfully working with the standard wp_cron functionality.

The other frustrating part is that the functionality they have implemented this for is only used if you are importing Feeds from external calendars.  If you aren’t using that part of the funcationality, you are still impeded by the problem.

As a result, this is not a plugin I would recommend to my customers however, if you are using it and loving and want to get rid of the ?doing_wp_cron from your url (as long as you aren’t importing external calendar feeds) here’s how.

1. You are best using FTP, but you can use the built in Plugin Editor in wp-admin (these instructions assume you are using FTP)
2. Navigate to …/wp-content/plugins/all-in-one-event-calendar and open the file “all-in-one-event-calendar.php” for editing
3. Find line 283 (in version 1.8.3-premium) and comment it out:
   

   //define( 'ALTERNATE_WP_CRON', true ); 

4. Save the file and upload it.

Backup Buddy and ALTERNATE_WP_CRON

Any google search for ?doing_wp_cron will show a number of entries for Backup Buddy causing this issue.

This is generally a case of that fact that the site owner / administrator has found that Backup Buddy has reported that “HTTP Loopback Connections” have been disabled and their backups are disappearing in an endless “ping” loop (those who have experienced this will know what I mean).  To address the issue of HTTP Loopback Connections being disabled, Backup Buddy recommend that the following be added to the sites wp-config.php file (anywhere above the line that has “/* That’s all, stop editing! Happy blogging. */”):

define( 'ALTERNATE_WP_CRON', true ); 

Whilst not an elegant solution, you do have control of whether you do this or not.

Of course, if you are experiencing issues with HTTP Loopback Connections being disabled you should contact your hosting provider and ask if this can be addressed first!

doing_wp_cron Appended to Site URL – Backup Buddy & All In One Events Calendar is a post from: The WP Warrior

The post doing_wp_cron Appended to Site URL – Backup Buddy & All In One Events Calendar appeared first on The WP Warrior.

If you live in the US you can sign the petitioning at http://americancensorship.org/ to send a message to your member, and everyone should sign the petition at avvaz http://www.avaaz.org/en/save_the_internet/?fpla. Every voice count.

FREE INTERNET is a post from: The WP Warrior

The post FREE INTERNET appeared first on The WP Warrior.

To buy backup creator please follow this link.

Using Robert Planks’ “Backup Creator” is a post from: The WP Warrior

The post Using Robert Planks’ “Backup Creator” appeared first on The WP Warrior.

As of today, there is no shortcode to do that but it is relatively simple to add your own shortcode using the Version 1.0 API of Wishlist Member.

The function call is:

WLMAPI::GetMemberCount

To use this API function call, you need to pass to the function the ‘level’ that you want to return the number of members for.  This can be string  be “all”, “nonmembers”, “pending”, or a comma-delimited string of level SKUs or names.

For example, the following code would display the total number of members on a site:

<?php echo WLMAPI::GetMemberCount('all'); ?>

To display the number of members for a level called “Paid”, the following would be used:

<?php echo WLMAPI::GetmemberCount('Paid'); ?> 

This is all very good and well, but creating a shortcode so you don’t have to mess with php in the post / page, is a much better idea.

To create a shortcode, you could add something like the following in your themes functions.php file:

<?php function showmemcount($atts) {
return WLMAPI::GetMemberCount('.$atts['memname'].');
}
add_shortcode ('showmemnums','showmemcount');
?>

You could then add the shortcode to your post or page:

Free: [ showmemnums memname="Free" ]

Paid: [ showmemnums memname="Paid" ]

To display the number of members for different levels, change the name between the double quotes – they need to exactly match the name of your membership level.

To display the Total Number of members, those pending and those who registered to WordPress but don’t have access to any Wishlist Member levels:

Total: [ showmemnums memname="all" ]

Pending: [ showmemnums memname="pending" ]

Non Members: [ showmemnums memname="nonmembers" ]

Note: I’ve put spaces after ‘[' and before the ']‘, these need to be removed.

Wishlist Member: Show Member Counts is a post from: The WP Warrior

The post Wishlist Member: Show Member Counts appeared first on The WP Warrior.

Until today, my position has been that the BEST way to handle this is to setup a new subscription payment and then manually cancel the ‘older’ subscription through the paypal interface.

Today, that changed.  In the process of updating my Enhanced Paypal Shortcodes plugin, I came across the “update” parameter for Subscription buttons – and after a little testing, found that it should be perfect for allowing members to change their existing subscription payments with you.

Introducing the Paypal Modify Subscription button

The Paypal Modify Subscription button will let subscribers modify their active subscriptions through a paypal button on a website.

This is perfect if you offer different subscriptions levels – your subscribers can upgrade to a higher level without an interruption in service.

Modify Paypal Subscription buttons let subscribers accept a new set of subscriptions terms and pricing for their current, active subscriptions.  Just perfect for our Wishlist Member websites.

A Modify Subscription button can allow subscribers to:

•  Modify their active subscriptions, or sign up for new subscriptions
•  Modify their active subscriptions only

The code required to add this button is reasonably straight forward (once you know what you need to do).

If you don’t mind pasting html into your webpage (I wouldn’t necessarily recommend this for WordPress because the Visual editor can mess with the paypal code), you can use the code in the next section otherwise you can use my Enhanced Paypal Shortcodes plugin to do the work for you (I’ve added the necessary parameters into the code today)

Modify Existing Subscription ONLY button

the code to setup a paypal button that only lets purchasers modify existing subscriptions looks similar to this:

 <form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<!– Identify your business so that you can collect the payments. –>
<input type="hidden" name="business" value="email@yourdomainname.com">
<!– Specify a Subscribe button. –>
<input type="hidden" name="cmd" value="_xclick-subscriptions">
<!– Identify the subscription. –>
<input type="hidden" name="item_name" value="The upgraded level name">
<input type="hidden" name="item_number" value="SKU for upgraded level">
<!– Set the revised subscription price and terms. –>
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="a3" value="69.95">
<input type="hidden" name= "p3" value="6">
<input type="hidden" name="t3" value="M">
<!– Let current subscribers modify only. –>
<input type="hidden" name="modify" value="2">
<!– Display the payment button. –>
<input type="image" name="submit" border="0" src="https://www.paypal.com/en_US/i/btm/btn_subscribe_LG.gif" alt="PayPal – The safer, easier way to pay online">
<img alt="" border="0" width="1" height="1" src="https://www.paypal.com/en_US/i/scr/pixel.gif" >
<!– close the paypal form –>
</form>

When subscribers click on the button created by this code, they will be prompted to login and then asked which Subscription with the merchant they want to modify to be $69.95 every 6 months.  Below is a screenshot similar to what your purchasers will see:

Modify Existing Subscription OR Create new subscription

If you don’t mind pasting html into your webpage (I wouldn’t necessarily recommend this for WordPress because the Visual editor can mess with the paypal code), the code to setup a paypal button that only lets purchasers modify existing subscriptions looks similar to this:

 <form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<!– Identify your business so that you can collect the payments. –>
<input type="hidden" name="business" value="email@yourdomainname.com">
<!– Specify a Subscribe button. –>
<input type="hidden" name="cmd" value="_xclick-subscriptions">
<!– Identify the subscription. –>
<input type="hidden" name="item_name" value="The upgraded level name">
<input type="hidden" name="item_number" value="SKU for upgraded level">
<!– Set the revised subscription price and terms. –>
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="a3" value="69.95">
<input type="hidden" name= "p3" value="6">
<input type="hidden" name="t3" value="M">
<!– Let current subscribers modify or create a new subscription. –>
<input type="hidden" name="modify" value="1">
<!– Display the payment button. –>
<input type="image" name="submit" border="0" src="https://www.paypal.com/en_US/i/btm/btn_subscribe_LG.gif" alt="PayPal – The safer, easier way to pay online">
<img alt="" border="0" width="1" height="1" src="https://www.paypal.com/en_US/i/scr/pixel.gif" >
<!– close the paypal form –>
</form>

When subscribers click on the button created by this code, they will be prompted to login and then asked which Subscription with the merchant they want to modify to be $69.95 every 6 months, or given the option to sign up for a new subscription.

My thoughts are this isn’t quite as simple to navigate for purchasers as I would like – particularly the small “Sign Up For A New Subscription” at the bottom of the screen – I think most new purchasers will miss this.

However, using the first method above on an “upgrade” page within your membership site could be incredibly effective and certainly much easier to manage than trying to sign up for new subscriptions and cancel existing ones….

Paypal Enhanced Shortcodes plugin

We’ve just released version 0.5a of the Paypal Enhanced Shortcodes plugin and implemented the ‘modify’ parameter.

If you don’t want to mess around with cutting and pasting HTML code into your WordPress editor – try the plugin instead.

Paypal: Letting subscribers update their Recurring Payments is a post from: The WP Warrior

The post Paypal: Letting subscribers update their Recurring Payments appeared first on The WP Warrior.

You know how you can be on a webpage and submit a form, click a link or simply interact and the content will update without the page having to reload?  Well, that’s most likely due to Ajax…. and I want to know more.

I’m not a ‘big’ reader of tech manuals- I prefer to ‘do’ and ‘try’, rather than ‘read’ about it. However, this book is pretty cool.

The WordPress and Ajax e-book is a comprehensive view on using Ajax with WordPress. The book lays the foundation for you, and then walks you through three real-world examples of how to use Ajax within WordPress.

I picked up the book as a free download – in fact I’m reading it on my iPod from www.wpajax.com but you can also purchase a ‘hard copy’ of WordPress and Ajax from Amazon.

If you’re serious about creating top notch WordPress Plugins and functions, this is a great reference point.

Ajax and WordPress: Cool Resource… is a post from: The WP Warrior

The post Ajax and WordPress: Cool Resource… appeared first on The WP Warrior.

Being really pedantic in my response, I would say that Javascript is actually executed on your computer, not the webhost.
When a webpage loads, it ‘calls’ a javascript that is downloaded to your computer and then executes locally through your browser.

The reason I’m being particular with this response is if the browser viewing your site does not support Javascript, or has javascript support turned off, the javascript called on a webpage will not execute.

WordPress can be configured to call javascripts.

Javascript is used for a number of things including:

• Displaying Navigation menus
• Creating dropdown functions on nav menus
• Shadow box / light box functions for images and videos
• Sliders
• Displaying opt in forms on pages
• Interacting on a page like:
  • accordian menus
  • dynamic responses via forms
  • changing the styling elements on a page based on user preference
  • change the elements (images, videos, text etc) based on user preference
• Live Search functionality

Really, what can be achieved with javascript is never ending….

Many wordpress plugins use Javascript.  WordPress, itself, calls a number of javascript functions.  However, playing with javascript is not for the faint hearted – and if your javascript uses jQuery (a javascript coding framework) there are additional considerations, like using the WordPress No Conflict method to reference your code.

So the ultimate answer to the question is Yes, WordPress can CALL javascript.

Can WordPress Run Javascript is a post from: The WP Warrior

The post Can WordPress Run Javascript appeared first on The WP Warrior.