Find ID and Class Elements in Any Webpage

It’s been quite sometime since I posted any new posts here.. Here’s a quick video tutorial on how to find ID’s and Class(es) on a webpage, using firefox and firebug addon.

How can this help?
If you’re looking into some automation stuff (using selenium or any other web automation tools), these ID’s and Classes will surely come in handy.

Ah what the heck? :) Let me watch the video:

Stay tuned for another video on how to use the firebug console to do some cool stuff with the webpage elements!

[Dev] Forcing A Download For Files On Web Pages

Something interesting happened today. I was working on a project for a client and the requirement was a file upload and downloadable system (with login of course :)).. I had completed most of the stuff like login, uploading docs and the right click “save as” worked like a charm. BUT with the latest browsers like chrome and IE9\10, on clicking the link to the document, the files were getting opened either using Google Document Viewer or inside the browser itself – which was a no no for my client..

After trying to pick my brain for couple of hours I figured it could be a server thing and all I had to do was to make sure that I pass the correct header for the respective files (could be .zip, .doc or .pdf or . anything else).

Then it flashed!

I figured it out… The problem was a server problem. Since I was using the WordPress framework to build the site, the header was automatically passed for content and hence the files would open-up inside the browsers. I had to add a small code – just 4 lines in order to make this happen. Here’s what I wrote in order to force the data download:

<FilesMatch “\.(?i:pdf|doc|docx|xls|xlsx|txt|zip)$”>
ForceType application/octet-stream
Header set Content-Disposition attachment
</FilesMatch>

And that was it! All those hours of brain picking finally paid off :)

I added the above code to the .htaccess file and the rest was taken care by my server :) Let me explain the above code:

 

  • FilesMatch: Simply tells the apache server for the document types. Here I only need to make .doc, .pdf, .zip etc as downloadable.
  • ForceType application/octet-stream: This told apache that the file types listed above is a generic content (MIME) type. So the browser should try to will always show the “open with” or “save as” download dialog if a server sends a file with such a MIME type.
  • Header set Content-Disposition attachment: Then I set the header of the webpage manually and woah! We’re done and that’s it!

For anyone having similar trouble.. Hope this helps!

aircel 3g

Why Choose Aircel Cheap Unlimited 3G Plan?

Everyone has it but Aircel gives it cheap is all I can say. I’ve been using the new Aircel 3G for quite some time and it’s really impressive. In my area Aircel 3G speed is pretty impressive when compared with other telecom data providers such as IDEA, Vodafone, Reliance and Airtel for that matter.

I’ve been living off a Reliance 3G Netconnect + dongle all this while but later switched to Aircel 3G which turned out to be a great choice. It’s not just the connection speed that impresses me but also the cost for the device and usage charges.

Aircel’s latest plan offers unlimited 3G data at just 8rs\day with speeds up to 3.6mbps. Got to say it’s reliable and cheap. So what do you do with these awesome speeds you ask? Simple – It completes all the tasks that I used to do with a wired LAN connection all this while. I’ve even thought about switching over to Aircel completely because of the great speed, speedy activations, great plans\offers and most importantly it does the job of keeping me connected with the web.

So what’s possible with 3G again?

  • Downloads – Most of the Social Media work involves downloading and reading ebooks, attachments and reports. With the new Aircel 3G, the downloads happen much easier, faster and on a mobile device :).
  • Video & Music streaming – Grooveshark.com is one of the popular sites that I hit up when I don’t have the right music on my phone. With the awesome 3G speeds, Aircel makes it possible to stream music & videos very smoothly. The choppy video\music playback while streaming on devices is 0 – trust me.
  • E-paper – With speeds up to 3.6mbps, it’s almost like a wireless broadband connection. If you’re a geek like me you’d probably read the newspaper on the phone. Again, the pages load up fast without any delay. Simply hit up epaper.timesofindia.com if you feel like catching up some news :)
  • Socialize – Facebook, Twitter, whatsapp, Nimbuzz, Aim etc… There are 100’s of online apps that need a web connection to work…  With the multitasking abilities of phones and the data connection speed, all you need is just your phone to keep in touch with buddies and stay connected.
  • Addons – It offers couple of add-on services which can be used once you subscribe. The services like PocketVideo, Video calling, Pocket finder, Pocket learning, Pocketgames lets subscribers to simply download stuff from the Aircel website instantly.

That’s NOT just all.. With features on smartphones like tethering, your smartphone can become a powerful modem with an awesome 3G data connection. Use your phone as a modem to use internet on your PC(s)..

The question must have been “What can’t you do with the Aircel’s unlimited 3G plan:D

Have you used Aircel’s unlimited 3G? Share your experiences below.

Deleting Multiple Pending Posts and Post Revisions Instantly from WordPress Using MYSQL Scripts

Have you ever tried deleting multiple posts (more than 500posts) from the WordPress admin panel before? If you’ve tried you’ll know that it fails! Yes it fails hopelessly.

I know that there are lots of Bulk delete WordPress plugins out there in the WordPress repository that can do the job. But how do you delete multiple pending posts, post revisions if there are way too many posts? (Say more than 2000 posts)

I’m not exaggerating things here guys. I had this exact problem myself and some of my friends who had guest posts enabled in WordPress faced the same issue too. So HOW do you delete multiple posts instantly in WordPress? The bulk delete plugin timed out on me and I was left wondering how else can I get the deletion work done easily?

Then I realized it ‘MySQL’! Yes, MySQL can do this for me and within no time at all. It took me less than 5 minutes to delete all the pending (spam) posts from WordPress. So this is me contributing to the WordPress ecosystem by sharing how I achieved what I needed!

>> Login to your MYSQL and select the SQL tab from the MYSQL window.

 

Step1 – Searching and deleting all Pending Posts in Bulk:

SELECT * FROM `wp_posts` WHERE `post_status` LIKE 'pending'

This fetches all the posts that are NOT yet published and which are in the pending state.

DELETE FROM `wp_posts` WHERE `post_status` LIKE 'pending';

This SQL query removes all the posts that are currently in pending state.

SELECT * FROM `wp_posts` WHERE `post_status` LIKE 'pending';

Now run the select statement again to see if the deletion of pending posts worked.

Once you’ve removed all the pending posts from WordPress. You would need to check the revisions made on those posts. These still do exist in WordPress and would consume some space.

Step2 – Searching and deleting all Post Revisions Posts in Bulk:


Thanks bacsoftwareconsultine for the image

Select * FROM wp_posts WHERE post_type = "revision";

Fetches all the posts that are currently under revisions state.

DELETE FROM wp_posts WHERE post_type = "revision";

Deletes all the post revisions.

Select * FROM wp_posts WHERE post_type = "revision";

Running the select statement to see if it worked!

Warning: To be tried only if you know a little bit of SQL (Structured Query Language) or you might end up screwing up your WordPress setup..

Need help? or Have you faced any other similar issues in bulk deletion of content from WordPress? Share your comments below!

Fix The Thumb.php or Timthumb.php WordPress Vulnerability

One of the WordPress site that I manage was recently hacked. Yes hacked! I’m going to explain the main reason on how my site was easily defenseless against the attacker.

I used the Woo Canvas theme and had already taken all the WordPress security measures to protect my site but still the hacker was successful in hacking the main page. How did this happen? Is WordPress safe? How do I avoid it? Is it going to happen again? What if it happens again? How do I prevent it from happening again? Tons of questions started in my mind.

Also, being a vivid Web Dev Geek myself, the other part of my brain started asking questions like how did he break in? I need to meet this guy, what technique did the hacker use?

So here’s what I did:

-          Looked at the server logs

-          Found out where more requests were coming from

-          Found the vulnerability in my theme file

-          Find and remove any suspicious files

#1. Look at the server logs

This is the most common thing anyone should do when the site gets hacked or hijacked. Where do you find it you ask? Simple, it should be available in the control panel. Or if you are using an FTP client, simple search for a file called error_log and open with notepad

When I looked at the logs I found out there were many unnecessary requests made to the thumb.php file from a particular IP. Since the hack happened a few minutes ago, I was able to easily identify who the real culprit was by seeing the logs.

#2. Found a pattern

Multiple accesses to my /wp-content/themes/headlines/thumb.php file. I wasn’t really sure why there were so many requests to the same file but was really surprised.

Then I looked the file access time. This time coincidentally matched the same time when the site was hacked. SO I Googled my find “thumb.php exploit” to find About 1,360,000 results. When I read through the list, I got to know that I wasn’t the first one to be exploited. It was already done – A lot of times, to a lot of websites.

#3 Concluded that My old theme file was screwing me

Yes an old theme file I had was used to screw me over. I was under the impression that the user was using the latest woo canvas theme’s thumb.php file but it wasn’t the case. The hacker somehow managed to find the inactive but still available in the wp-contact/themes folder theme.

#4 Finding any left over files by the hacker

Hackers usually do leave some piece of code behind, so that can whop the sites again. So make sure to compare your WordPress installation files code with the real file. (http://phpxref.ftwr.co.uk/wordpress was extremely helpful)… Looked into the cache folder to find 2 weird files – 1. externl_28ajssjlaax.php and 2.wsob.php file. Deleted it.

How to fix it and make sure this never happens again?

There are 3 main things that need to be done here.

-          Update the Thumb.php or Timthumb.php file

-          Remove the sites from thumb.php

-          Add a .htaccess file to your cache directory

#1 Update the file

The original source repository for thumb.php is located on the code.google.com website.Visit the site and update\replace the thumb.php or timthumb.php file with the new one.

 

#2. Remove sites

//external domains that are allowed to be displayed on your website
$allowedSites = array();

These are used to fetch and cache images from external sites.

 

#3. Add an .htaccess to the cache directory

Now that we’ve updated and patched the thumb.php or timthumb.php file we’d probably need to forbid anyone ever from accessing or stashing something in your cache folder.

Options -ExecCGI
AddHandler cgi-script .php .pl .py .jsp .asp .htm .shtml .sh .cgi

Upload a new .htaccess file to the cache directory with the following code

 

Oh and the hacker claims himself to be “Hmei7” – would love to meet him though :). I’m probably going to send an email out to all my WordPress clients to let them know to update their thumb.php files and follow the same steps I used. Being cautious is better than being hacked cautiously ;) Hail WordPress!

Thanks Mark!

An important Site Update!!!

It’s been quite some time since I’d written a post here – sorry for that. I was caught up in starting up my new project called Hell Blogger & now it’s time to let the cat out of the bag :).

 

I’m here to announce an important site update. mYpassion(thesharath.com) is now moving to Hellblogger.com. All the blog posts from this blog will now be available on HellBlogger! Alternatively, this blog will only host articles pertaining to Seach Engine Optimization, WordPress tricks, and Social Web news..

 

Please follow @hellblogger and subscribe the Hellblogger feed to stay updated.

 

What does HellBlogger mean?
HellBlogger is more of a social blogger platform… I’ve thought about it this way, I know there are lots of new bloggers out there still trying to find techniques or how to blog, where, what etc  (I’ve been there, done that). So this is an initiative to help new bloggers achieve success, get famous (through writing guest articles\posts on HB) AND make some money too :).

 

What’s new on Hellblogger & How to get started?

At Hellblogger, we believe sharing is caring.. So we share important blogging tips for newbies and give a chance for newbie bloggers to start blogging right here, right now.. Here are some articles to get started on guest blogging & making money online:

You can always email me at sharathgrao (at) gmail.com if you have any questions and don’t forget to subscribe to our future updates on HellBlogger

 

Thanks
Sharath

[Data visualization] Facebook Connections Map

How are friends connected on Facebook? Facebook intern, paul buttler has created an image that shows you the facebook friend connections worldwide based on cities, the number of friend connections in them.

When you have a social graph data of 500 million people, there are many ways you can look at them.
facebook connections map
{Click on the image to view full size}

The creator paul says:

Defined the importance of each pair of cities as a function of the Euclidean distance between them and the number of friends among them. Then I drew lines between pairs of importance, so that pairs of cities with more friends among them were drawn over others. The color scale goes from black to blue to white, each line with the color corresponding to their weight. Also transformed lines to fit in the picture, rather than lengthen them all over the map.

The image, besides being spectacular, it also gives us an idea of how friendships are spreading throughout the world, including oceans.

1 Million Users On WordPress Mobile

WordPress has announced 1 million users for its mobile service (m.wordpress.com). The application is a convenient way to post and edit posts on his blog to manage comments pages or in mobile situations.

The first mobile application for WordPress first appeared in 2008 on iPhone, since then the company has launched an application for the BlackBerry and Android.

If you don’t have the wordpress mobile app for your Blackberry, Android, Iphone or Nokia phone, here are some handly download links:

  • Blackberry – http://blackberry.wordpress.org/download/
  • Android – http://android.wordpress.org/download/
  • Nokia:
      For Symbian ^3 – http://store.ovi.com/content/66168?cid=ovistore-fw-bac-na-acq-na-wordpress-g0-na-1
      Older Devices – http://store.ovi.com/content/57192?cid=ovistore-fw-bac-na-acq-na-wordpress-g0-na-1
  • Iphone\Ipad – http://itunes.com/app/wordpress2

WordPress continuing to develop applications for mobile, the company has dalleur propose an application that runs on Nokia for some time with Symbian S60 (N97, X6) and Maemo (N900).

Here’s a video of the WordPress application for Nokia:

an inside look into my geeky mind