HTML forms. Removing the WP version

HitmanPro detects, identifies and removes viruses, spyware, Trojans, rootkits and other malware.

The utility uses its own behavioral analysis and file cluster examination engine, as well as innovative cloud scanning technology using SophosLabs, Kaspersky and Bitdefender antivirus databases. The HitmanPro scanner detects and removes potentially malicious threats with minimal impact on system performance.

* HitmanPro is a free antivirus scanner. The deletion feature is available for 30 days free of charge.

Key features of HitmanPro

Can your antivirus handle the latest threats?

A new source of malware can be found anywhere, even on trusted sites. These threats can use various techniques to evade antivirus protection. HitmanPro is designed to work with antivirus protection and uses deep behavioral analysis to find and neutralize zero-day threats - modern threats that try to evade detection.

Behavioral detection + collective experience

Instead of using signature definitions to identify malware, HitmanPro examines the behavior of each file for malicious activity. This approach gives HitmanPro the ability to block the latest insidious malware and viruses before they are identified. HitmanPro also connects to the SophosLabs malware database to detect more forms of new threats and trace them back to their source.

No installation

HitmanPro takes up 12 megabytes and does not require installation. The program can be launched directly from your desktop, USB drive, CD/DVD or remote storage. Even if your antivirus is controlled by malware or ransomware, HitmanPro will work correctly and be able to detect and remove threats.

Comprehensive restoration

HitmanPro allows you to remove persistent threats that have gained a foothold in the operating system and replaces infected system resources with safe, original versions, while continuing to block re-infection attempts.

Testing Awards

Transferring data through the $_SESSION array is allowed once; the transferred data is immediately deleted. This can be useful, for example, when “returning” data entered in another module to a form.

It’s good when all the service functions are combined into one module, which the main modules connect through the require_once directive. We will call our module of service functions function.php and, in addition to the mentioned trimall and magic methods, we will include the following functions there:

  • read() - will read the current database and return an array of records;
  • write($a) - will write an array of records $a to a file;
  • get_index_by_name ($a,$name) - will search for the corresponding entry by name $name and return its number (from zero) or the value -1 if the entry is not found. This is useful to differentiate between adding a new entry and editing an existing one.

In addition, the functions file will include the configuration file and start the session - these capabilities may be needed by any module that connects it.

Function.php file

Note that the read function additionally filters the record array from empty strings (just in case, in general, they should not occur), and trimall will first replace any non-empty string of delimiters with a single space (the second preg_replace), and then remove possible extra delimiters in the beginning and end of the remaining line (the first preg_replace).

There is also a nuance with the read function in terms of code compatibility. Since its only line contains an anonymous function, it is assumed that PHP version no lower than 5.3 is used. If necessary, replace the code below with one where the filtering function is named or not used at all, like here:

Function read () ( $str=@file_get_contents (FILENAME); $a=explode("\n",$str); return $a; )

Correctly casting the Unicode string to lowercase is also important (see mb_strtolower in the code). We don't use locale here.

Looks like it's time to write the main index.php file. He will solve the following tasks:

  • display a form for adding a new entry, which is processed by the add.php module;
  • next to the adding form we will display additional commands - clearing the form by “self-invoking” a script without parameters (the button will not work here, because it does not transfer data to the server) and a link to access the record sorting module named sort.php;
  • receive the results of their work from other modules in the form of a numeric variable $status and display corresponding messages (array $status_msg). The $status value equal to zero will be accepted by default, it corresponds to the output of a brief help about the program’s operation;
  • if the database is not empty, show its records and provide a transition to editing or deleting.

In order not to overload the table with additional buttons and links, let’s click by name by going to edit the entry using the edit.php module, and clicking by field "Number" will correspond to deleting an entry by the del.php module.

Here's what it looks like with a few entries added:

Appearance of the script "Mini-DB on a text file"

index.php file

Now let's move on to the missing modules. add.php seems to have a simple job - get the $name and $number variables from index.php and write them to a file. However, the module must check that non-empty data is passed to it, and also be able to distinguish the situation when a name that already exists in the database is entered from the entry of a new record (see if ($id>-1) ( ... ) else ( ... ) in the code). In the latter case, the entry is always added to the end, because there will be a module for sorting strings alphabetically.

It is also important that the $name string, “passed” through the parameter handler, is already devoid of “critical” markup characters like “, “,< и >, and in the array $a read from the data file, all lines are “as is”, and 123 will not be found if $name has turned into 123 after processing. Therefore, the record lookup function, which we call get_index_by_name , is passed a string converted “back” to its original form using the standard htmlspecialchars_decode function (available as of PHP 5.1). In the same form, the string is returned back to index.php through the $_SESSION array. This will provide some convenience - after entering a new entry, its data will remain in the form and it will be possible to enter another entry, slightly different in name ("Ivanova" after "Ivanov").

Well, the return from module to module is absolutely standard - through the standard header function. Remember that it can only be used if the module has not yet output anything to the browser.

add.php file

Now about editing, it will be implemented in edit.php. The editing form is almost the same as the adding form, we were just too lazy to create a separate function for displaying the form. What’s more important is that the module itself will be a processor of data transmitted through the editing form, and therefore must distinguish the situation when it is just called from the one when the user clicked “Save”. The last task is to check

If (!empty($_POST["submit"]) && !empty($name) && isset($number) && isset($id)) (

determining whether the button was pressed and all data was transferred. Second branch -

Else if (isset($a[$id])) (

is intended for the situation when there is an entry in the $a array, the number of which is passed to the script and it must be edited. The entry number is stored in a hidden HTML field.

File edit.php

The del.php record removal module will be quite simple, all it needs is to get a valid record $id (element number in the $a array), remove the corresponding element from the array, rewrite the file and return to the main module page.

File del.php

Finally, the sort.php sorting module will introduce a new problem - how to sort Unicode strings alphabetically without distinguishing between uppercase and lowercase letters? "Direct" sorting using the standard sort function is hardly suitable - it considers a lowercase and an uppercase letter to be different characters. We did not set the locale, especially since there is no single entry form for all operating systems to install it.

Let's limit ourselves to choosing usort from the whole variety of functions for sorting arrays with a custom function for comparing elements.

The used “direct” comparison of single-character Unicode strings, it seems, is not entirely correct, but strcmp compares strings byte-by-byte and is not suitable for us, but in general the comparison is correct any strings in Unicode is a very difficult task... Everything worked for me in the system for Russian and English, for example, after sorting I got natural word orders, such as

Abba, Avka, avklit, basya, Bobi, Bobik, bobik, Bobina

File sort.php

All we have to do is create a file in the folder named .htaccess , where we will set the default encoding to Unicode and indicate the directives for setting quotes for the site, so...

In the same folder, create an empty (0 byte) file data.txt (optional if all rights are configured).

File.htaccess AddDefaultCharset utf-8 php_flag magic_quotes_gpc off php_flag magic_quotes_runtime off php_flag magic_quotes_sybase off

You can see what happened and let me know about the problems you found, I wrote the script very quickly, in 2 steps, and I might not have thought something through :)

Collection of useful snippets (codes). The codes are designed for common tasks when editing or creating a theme.

Typically, all this code should be placed in the theme's functions.php file. Or, you can create a separate.php file, place the code there and connect the file to the theme’s functions.php like this:

// connect snippets require_once "functions-snippets.php";

CSS appearance for TinyMCE editor

Connects the styles file to the WordPress TinyMCE editor. This way we can set up editor styles in the admin panel and, when editing a post, see how it looks in the front end.

// Styles for the TinyMCE editor // You need to create a file "editor-styles.css" in the theme folder add_action("current_screen", "my_theme_add_editor_styles"); function my_theme_add_editor_styles() ( add_editor_style("editor-styles.css"); )

CSS for login page

## CSS for the login page ## You need to create a file "wp-login.css" in the theme folder add_action("login_head", "my_loginCSS"); function my_loginCSS() ( echo ""; )

CSS for admin panel

Includes a style file on all pages of the admin panel. Thus, you can conveniently modify and supplement the admin panel styles.

## CSS styles for the admin panel. You need to create a file "wp-admin.css" in the theme folder add_action("admin_enqueue_scripts", "my_admin_css", 99); function my_admin_css())( wp_enqueue_style("my-wp-admin", get_template_directory_uri() ."/wp-admin.css"); )

Removing the Admin Bar from the Front End

The admin bar may get in the way when the theme uses fixed (floating) blocks. In such cases, it is sometimes easier to remove this bar.

## Removes the Admin Bar from the front end add_filter("show_admin_bar", "__return_false"); ## Enable widget support. Add an area for widgets if(function_exists("register_sidebar"))( register_sidebar(array("before_widget" => "", "after_widget" => "", "before_title" => "", "after_title" => "", )); )

Activating custom menu support

Registers an area (location) for a menu and enables menu support. After installing this code in the admin panel, it will be possible to create custom menus and attach them to the areas created by this code. In a menu template, it is displayed by the wp_nav_menu() function.

## Add custom menus register_nav_menus(array("main" => "Main menu", "in_footer" => "Menu in the footer",));

Adding links to the RSS feed of posts and comments feed in

Custom background image or background ## Enables the ability to set a background image from the admin panel add_theme_support("custom-background");

As a result, the code will output:

body.custom-background ( background-color: #bdd96e; )

Including shortcodes in the Text widget

Many plugins use shortcodes, but not all have widgets. In this case, it would be convenient to use the plugin shortcode in the “Text” widget.

## Shortcodes in the "Text" widget if(! is_admin())( add_filter("widget_text", "do_shortcode", 11); )

Random text by default in the content field in the admin area

When creating a new entry (post or page), it is sometimes convenient to have some notes there, explaining how and what to write. To do this, you can insert default text into the content:

## Random default text for the editor add_filter("default_content", "writing_encouragement_func"); function writing_encouragement_func($content) ( global $post_type; // Texts for the editor, post type if($post_type == "post")( $array = array("Some message", "Some message", ); return $array[ array_rand($array) ]; ) // Texts for the editor, post type page else ( $array = array("Some message", "Some message",); return $array[ array_rand($array) ]; ) )

Changing the number of entries on the search page

By default, the search page shows the same number of entries on the page as elsewhere, as set in the settings.

This example shows how to display 100 records on a page.

## change amount of posts on the search page - set here to 100 add_action("pre_get_posts", "search_results_per_page_func"); function search_results_per_page_func($query) ( // query on the search page if(! is_admin() && $query->is_main_query() && $query->is_search())( $query->set("posts_per_page", 100); ) return $query; )

Determines how many words should be in a quote, which is usually displayed on archived pages of posts (categories, tags). The quote is output by the_excerpt() function.

## Changing the quote length add_filter("excerpt_length", "custom_excerpt_length_func"); function custom_excerpt_length_func($length) ( return 20; // number of words )

Removing fields from a profile in the admin panel: AIM, Yahoo IM, Jabber ## removes fields from the profile: AIM, Yahoo IM, Jabber / Google Talk add_filter("user_contactmethods", "remove_contactmethod"); function remove_contactmethod($contactmethods) ( unset($contactmethods["aim"]); unset($contactmethods["jabber"]); unset($contactmethods["yim"]); return $contactmethods; ) Adding fields to a profile in admin: facebook, twitter ## Adds fields to the profile: AIM, Yahoo IM, Jabber / Google Talk add_filter("user_contactmethods", "add_contactmethod"); function add_contactmethod($contactmethods) ( $contactmethods["twitter"] = "Twitter"; $contactmethods["facebook"] = "Facebook"; return $contactmethods; ) Adding the has_sidebar class to the tag if there is a sidebar

In order for this hack to work, the theme tag needs to use the body_class() template tag, as is customary.

## Adding the `has_sidebar` class to the `` tag if there is a sidebar add_filter("body_class", "has_sidebar_func"); function has_sidebar_func($classes)( if(is_active_sidebar("sidebar"))( // add a class $classes = "has_sidebar"; ) return $classes; )

Adding a widget to the console

Sometimes it may be useful to add a widget to the admin panel console to place important information regarding the current topic.

## Custom widget in the console in the admin panel add_action("wp_dashboard_setup", "my_custom_dashboard_widgets"); function my_custom_dashboard_widgets() ( wp_add_dashboard_widget("custom_help_widget", "Theme Notes", "custom_dashboard_help"); ) function custom_dashboard_help() ( echo "

Welcome to the "My Topic" topic! Here are some notes on the topic.";)

We get this widget:

Including a comment reply script

This script moves the comment form when you click on the "Reply" button.

## Connecting the comment response script add_action("wp_footer", "enable_threaded_comments"); function enable_threaded_comments())( if(is_singular() && comments_open() && get_option("thread_comments")) wp_enqueue_script("comment-reply"); )

Pictures Turn on post thumbnails

By default, posts do not have a block where you can set a post thumbnail. For such a block to appear, it must be enabled. You need to enable thumbnail support. This is done very simply:

## Enabling post thumbnails add_theme_support("post-thumbnails"); set_post_thumbnail_size(200, 200, true); // Normal post thumbnails

Creating additional intermediate thumbnail sizes

When you upload an image, additional sizes are created for it - thumbnails. You can easily add your own dimensions to the basic ones - arbitrary ones.

## Creating intermediate thumbnail sizes if(function_exists("add_image_size"))( add_image_size("mysize-horizont", 300, 200, true); add_image_size("mysize-vertical", 400, 500, true); )

To get the registered size, use the function:

Adding a thumbnail to an RSS feed

This code adds a post thumbnail to the top of the RSS feed.

## Adding a thumbnail to the RSS feed add_filter("the_excerpt_rss", "add_thumbnail_to_feed"); //add_filter("the_content_feed", "add_thumbnail_to_feed"); // usually this hook is not used, but it can also be... function add_thumbnail_to_feed($content)( $img = get_the_post_thumbnail(null, array(100, 80), array("align" => "left", "style" => "margin-right:15px;")); $content = $img . $content; return $content; )

Cancel the wrapping of images in a tag

In content

When displaying content in a theme using the_content() , the wpautop() function is triggered and as a result if is on a separate line, it wraps in

Those. was became .

This example shows how to remove this strange behavior.

## Cancel the wrapping of images in the ` tag

` in content add_filter("the_content", "remove_img_ptags_func"); function remove_img_ptags_func($content)( return preg_replace("/

\s*((?:]+>)?\s* ]+>\s*(?:)?)\s*/i", "\1", $content); ) // Connecting the html5 script for IE with cdn add_action("wp_head", "IEhtml5_shim_func"); function IEhtml5_shim_func())( echo ""; // or if you also need printing support // echo ""; )

Set the maximum number of record revisions

By default, the number of record revisions is unlimited and this can unnecessarily clutter the database. Disabling revisions completely is also not the best solution, because it happens that when editing a record something goes wrong and the entered data is lost - the job is down the drain...

Ideally, limit the number of revisions, for example to 5:

If(! defined("WP_POST_REVISIONS")) define("WP_POST_REVISIONS", 5);

The constant must be defined in the plugin or earlier.

Protection Removing WP version

This is necessary so that hackers do not know the WP version and cannot identify weak points. Along with this code, you also need to delete the readme.html file in the root of the site, because it also indicates the current version.

## Complete Removal of WP version ## You also need to delete the readme.html file in the root of the site remove_action("wp_head", "wp_generator"); // from the header add_filter("the_generator", "__return_empty_string"); // from feeds and URLs

Disable error messages on the login page

In case of an error when entering a login or password, WP reports what exactly was entered incorrectly: login or password. This provides additional information for password guessers.

Disable the ability to edit files in the admin panel for themes and plugins

The ability to edit files directly from the admin panel can become a big security hole. Let's close it.

## Disable the ability to edit files in the admin panel for themes and plugins define("DISALLOW_FILE_EDIT", true);

Close the publication via xmlrpc.php

By default, the ability to publish posts via the xmlrpc.php file is enabled.

This is an opportunity to publish posts from outside, for example from email... Most often, this functionality is not needed and there may be potential holes in it. Therefore, most often it is desirable to disable it. By the way, in earlier versions of WordPress this functionality was disabled by default and had to be enabled in order to use it.

## disable the ability to publish via xmlrpc.php add_filter("xmlrpc_enabled", "__return_false");

When creating even a personal website, not everyone can foresee all possible ways of its further use. It is very important to prepare the ground for further development of the site. If you've created a website in the past and assigned the .html extension to all pages by default, and only then decided to use PHP, then read on.

Previously, to use SSI, site page names had to end with the .shtml extension, but today most Internet servers are configured so that SSI can be used on pages with the .html extension, which is quite convenient. PHP is a completely different story - the .php extension is the default extension. Website developers, knowing in advance that a given programming language will be used, immediately assign the correct extension.

But what to do when all pages end with the .html extension?

Replace HTML extension with PHP

This can be done in several ways. The most obvious way is to give all pages a .php extension or change existing extensions (.html, .shtml, etc.). This method has disadvantages. For example, already indexed pages with the .html extension will have to be re-indexed by search engines. Or even worse, all external links that explicitly link to a particular page will be invalid. And you will have to notify the owners of each site about these changes and create another page with 301 errors for each page. Of course, changing one extension to another is acceptable, but what if the site already has many pages and many links to different pages from other sites?

For a conscious reason, at the moment all pages of this site end with the html extension, and I did not want to make the above changes, thereby creating unnecessary difficulties for myself.

You can do it another way. If the server hosting the site supports mod_rewrite (in most cases it does), and there is access to the .htaccess file, then you can add the following lines to this very file:

RewriteEngine on RewriteRule ^(.*)\.html $1\.php

By adding this code to .htaccess , you don't have to worry. All requested non-existent pages with a .html extension will be automatically replaced with a .php extension thanks to the wonders of Apache. But this method is not the only one. You can write the following in the same .htaccess file:

AddHandler application/x-httpd-php .php .html .htm

In my opinion the most successful way. This makes HTML pages equal to PHP pages, meaning all PHP functions can now be used in pages with an HTML extension. If you don’t have access to the .htaccess file, then you can write a letter to the hosting company and politely ask the admins to enter the required value for the site in the Apache configuration (httpd.conf).

By the way, if before this the site used SSI as follows:

then in the new PHP state this code needs to be replaced with:

Well, that’s all, I think one of the above methods will help.



Related publications