Archive for category Code
Simple LDAP Login 1.3 for Wordpress
Posted by clifgriffin in Code on May 13th, 2009
Find a bug?
If you believe you have found a bug, please open a ticket here. This will allow me to track the issue as a single issue and others to comment and give feedback.
I’m finding it difficult to discern user error from bug from configuration differences among different installations. All of this will lead to a quicker turn around for reported issues. Isn’t that cool?
This article only deals with version 1.3 and later. To view and discuss issues pertaining to version 1.2 and prior, click here.
Integrating Wordpress with LDAP shouldn’t be difficult. Now it isn’t.
Simple LDAP Login provides the features you need with the simple configuration you want. It has everything you need to get started today.
Features
- Supports Active Directory and OpenLDAP (and other directory systems which comply to the LDAP standard, such as OpenDS)
- Includes three login modes:
- Normal Mode: Authenticates existing wordpress usernames against LDAP. This requires you to create all Wordpress accounts manually using the same usersnames as those in your LDAP directory.
- Account Creation Mode 1: Creates Wordpress accounts automatically for any LDAP user.
- Account Creation Mode 2: Creates Wordpress accounts automatically for LDAP users in a specific Group you specify.
- Intuitive control panel.
Architecture
Simple LDAP Login redefines the main function Wordpress uses to authenticate users. In doing so, it makes several decisions.
- Is the provided username a valid Wordpress user?
- If not, are we allowed to create a wordpress user?
- If we are, are we able to authenticate the username and password provided against LDAP?
- If we are, does the user belong to the right (if any) group?
- If the user does, create the wordpress user and log the user in.
- If we are, does the user belong to the right (if any) group?
- If we are, are we able to authenticate the username and password provided against LDAP?
- If the username is a valid wordpress user, is the password provided the same as the one in the Wordpress database?
- Is the security mode set to low or the username admin?
- If so, log the user in.
- If not, do the provided credentials successfully authenticate against LDAP?
- If so, is the user in the required groups? (if any)
- If so, log the user in.
- If so, is the user in the required groups? (if any)
- Is the security mode set to low or the username admin?
- If not, are we allowed to create a wordpress user?
This is simply a high level overview. The actual logic the plugin employs is more complex, but hopefully this gives you an idea, philosophically, about how the plugin accomplishes what it does.
Installation
- Upload the directory “simple-ldap-login” to the `/wp-content/plugins/` directory
- Activate the plugin through the ‘Plugins’ menu in WordPress
- Immediately update the settings to those that best match your environment by going to Settings -> Simple LDAP Login
- If you don’t get the settings right the first time…don’t fret! Just use your wordpress credentials…they will always work! (See security section)
The control panel.
Frequently Asked Questions
Other than Wordpress, what does my system require?
If you are using Active Directory, you will probably need PHP 5. This is because I’m using adLDAP 3.0 to do my Active Directory integration. As far as I know, the rest of the code should work with PHP 4. It is also possible that the functionality I’m using with adLDAP 3.0 does not depend directly on PHP 5. Your mileage may vary.
Other than that, it is imperative that your installation of PHP be compiled with LDAP. Without it you may see errors referencing undefined functions like “ldap_connect”. You can view more information about PHP and LDAP here.
How do I know what the correct settings are?
I have tried to make the settings as self-explanatory as possible. If you are struggling figuring them out, you may need to speak with your LDAP administrator. I realize this is an obnoxious response, but there is no good, fail proof way to help you discover these settings. A good place to start, if you’re feeling daring, might be to use ADSIEdit for Windows and Active Directory, or GQ for Linux and OpenLDAP.
It’s still not working, what other things can I try?
If you are confident your settings are correct and it still does not work, it may be time to check for port or firewall issues. If your LDAP server is running on a non-standard port or an obsolete version of the LDAP protocol you are going to have issues. Port 389 is the port this plugin, and nearly every other LDAP enabled software expects. They are also expecting protocol version 3. If you are using an old version of LDAP or running a non-standard port you may need to modify the code that the plugin runs or update your LDAP installation.
Unfortunately I can’t be relied upon to assist with these types of requests. I chose not to support these scenarios because they are infrequent and because they confuse everyone else.
I took all of your advice, it’s still not working!
Post your question in the comments below, or e-mail me: me[at]clifgriffin.com
I’ll do my best to get you up and running!
How can I donate?
If you would like to donate to this project, please visit the donations page.
Roadmap/Security Issues
The following features and concerns will be addressed in coming versions.
- Potentially allow the provision of an admin password for binding to domains with tighter security.
- Potentially Support TLS
- Look into supporting non-standard LDAP installations
- Code cleanup to improve readability, on-going maintenance.
Download Now – Updated 8/04/2009
Click here to download Simple LDAP Login 1.3.0.3 from the Wordpress plugin directory.
Disable RSS Plugin for Wordpress
Posted by clifgriffin in Code on December 2nd, 2008
Find a bug?
If you believe you have found a bug, please open a ticket here. This will allow me to track the issue as a single issue and others to comment and give feedback.
I’m finding it difficult to discern user error from bug from configuration differences among different installations. All of this will lead to a quicker turn around for reported issues. Isn’t that cool?
Official Wordpress Link
Smashing Magazing did a post today including several RSS related Wordpress hacks. One of them featured a method to disable all RSS feeds. As they say:
“Let’s say you’re using WordPress as a CMS to manage your online portfolio or your company’s website. In such cases, the RSS feed isn’t that useful, and some people would probably want to remove it.”
Notably, they did not encapsulate the functionality in a plugin. So I will be converting the ones without a associated plugin into plugins over the coming days. This is the first one.
Simply put, all you have to do is upload the plugin, activate it, and viola! No more RSS feeds. You can edit the error message users receive by editing the actual plugin file. (disable-rss.php)
The code:
add_action('do_feed', 'fb_disable_feed', 1); add_action('do_feed_rdf', 'fb_disable_feed', 1); add_action('do_feed_rss', 'fb_disable_feed', 1); add_action('do_feed_rss2', 'fb_disable_feed', 1); add_action('do_feed_atom', 'fb_disable_feed', 1); function fb_disable_feed() { wp_die( __('No feed available,please visit our <a href="'. get_bloginfo('url') .'">homepage</a>!') ); }
Download Disable RSS 1.0 for Wordpress 2.7-RC1 Now…
Disable RSS 1.0 for Wordpress 2.7-RC1
Converting HTML to a C# String
Posted by clifgriffin in Code on November 24th, 2008
Today I was working on a project where it became useful to convert an HTML file into two C# strings. As I only intended to do this one time, I opted to not do all of the string replacements necessary and decided to look for someone else who had already done the heavy lifting.
In short time I found a singularly useful tool to do exactly what I needed. The tool is named HTML To C# String and is published as an open source project under the GPL (or MIT) license. (it isn’t extremely clear which)
It's simple.
The only limitation I found was that this project does not preserve whitespace or line breaks. That’s not a problem if you’re dealing with simple html, but if you have anything fancy–like javascript, you might run into troubles. For example this:
var something = "This is such a cool var!"; //A comment about this var var somethingElse = "blah";
becomes this:
var something = "This is such a cool var!"; //A comment about this var var somethingElse = "blah";
This will obviously not work. I converted his project (which is only a few lines of code) into a Visual Studio 2008 project and tweaked it slightly. You can download the result below. I did not compile it with a setup as this utility is too simple to warrant an installation in my humble opinion. Just run the executable in bin/Release.
Download it now…
HTML To C# String-Mod
Simple Post Template Wordpress Plugin
Posted by clifgriffin in Code, Technology on October 28th, 2008
Find a bug?
If you believe you have found a bug, please open a ticket here. This will allow me to track the issue as a single issue and others to comment and give feedback.
I’m finding it difficult to discern user error from bug from configuration differences among different installations. All of this will lead to a quicker turn around for reported issues. Isn’t that cool?
Official Wordpress Link
UPGRADERS, please read the updated installation instructions. There have been some important changes since the first release. (they’re good ones)
Many bloggers use a similar format for many or all of their posts. WordPress provides no native way to pre-fill your new posts with such a template. This plugin provides the simplest solution to this problem. It takes 5 minutes to install and setup. The template allows you to define a title and a body and support HTML and even PHP. There’s no easier solution.
Version History
Version 1.0.0.1:
- Fixed security issue. Now only administrators can access admin pages.
Version 1.0:
- Moved *all* settings to administration pages under Settings -> Simple Post Template.
- Moved content of template and title to WordPress options.
- Provided upgrade mechanism to convert old templates to the new format. (May not work for all applications. Some may work but may be more complex than necessary.)
- Added optional “Insert Template” button to new post page. You can now determine from the settings page whether or not the template will be automatically applied to all new posts.
- Plugin is now upgrade proof. Settings are stored using Wordpress’s setting functions.
- Various other improvements were made to address inefficiencies in the first version.
- Original release.
New administration panel.
New button (only appears when auto fill is deselected in admin panel)
Installation
- Upload the directory “simple-post-template” to the `/wp-content/plugins/` directory
- Activate the plugin through the ‘Plugins’ menu in WordPress
- Go to Settings -> Simple Post Template and enter your desired title and body for new posts. (Feel free to use any combination of HTML and PHP.)
- If you select “Auto fill new posts with this template.” all new posts will be created with your template. If you uncheck this, the new posts screen will have a new sidebar widget with a button allowing you to apply the template.
- There’s nothing else to do. Enjoy! (unless you are upgrading, in which case, see below)
ATTENTION UPGRADERS FROM VERSION 0.1, READ THIS:
If you use automatic upgrade from the WordPress plugin screen, WordPress will most likely delete your current templates. Period. I didn’t realize this until after I wrote and uploaded these instructions. If you wish to use the described upgrade feature (that I apparently spent way too much time on!) simply copy your template.php and title.php files to another location before upgrading automatically, OR upgrade the old fashioned way.
Version 1.0 provides vast improvements to the way templates are stored and executed. Consequently, I no longer use template.php and title.php to create templates. The template is now stored in the WordPress database and PHP is processed at runtime using eval(). To assist users of old version, the admin screen provides an Upgrade button for those who still have the old flat files. The upgrade tasks is not fool proof. The original templates were stored in a string in two flat files. I have attempted to copy over that string and encapsulate it in a PHP echo which should keep most HTML and PHP working well. However, the result is likely to be more complicated than necessary…
For example, if you original template had this:
$template = “Hi this is some text and whoops!”.$some_php_variable.” What was that??”;
Than your new template will look something like:
<?PHP echo “Hi this is some text and whoops!”.$some_php_variable.” What was that??”; ?>
Quite obviously, this can be done different/better with the new system:
Hi this is some text and whoops! <?PHP echo $some_php_variable; ?> What was that??
The latter example is obviously much better and will make templates *much* easier to do for first time users. This should be the last time I make large changes to the way templates are done. Because of this, I’m comfortable releasing it at version 1.0 instead of 0.2 or some derivative.
So, once again, the upgrade mechanism is provided as a curteousy. I’ve tried to make it as easy as possible to upgrade, but I encourage to fine tune the result of this upgrade and make it your own.
Frequently Asked Questions
Why not store the title/template in the database?
This was addressed in version 1.0.Will you be adding a way to modify the templates from the administration panels?
This was also fixed in version 1.0.- Can feature x be added?
Probably! E-mail me: webmaster[at]clifgriffin.com
Download it now…
Simple Post Template 1.0.0.1 for Wordpress 2.7.1
Recent Comments