rolfs.no: Experiencing weblogging

José Carlos Nieto Jarquín reported a vulnerability WP 2.5:
He published an advisory on SecurityFocus on 15 Apr 2008 regarding insecurity regarding the default SECRET_KEY configuration value. You could gain access to any account if you know the default SECRET_KEY value on a system where SECRET_KEY is left with default value.

Read about the vulnerability in Wordpress 2.5 on Securityfocus

To generate a random new SECRET_KEY for your configuration file, you can go
here.

The default wp-config.php sais:

Change SECRET_KEY to a unique phrase.  You won't have to remember
it later, so make it long and complicated.  You can visit
https://www.grc.com/passwords.htm to get a phrase generated for you,
or just make something up.
define('SECRET_KEY', 'put your unique phrase here');

Here is a example of what you could put in your SECRET_KEY

define('SECRET_KEY', 'b<r4 c/.I.?d+3<cW$DITK79.Aiq~W]Xk.!D^ic]O]ppxSgy+o\'gT\\r+*t0Kqlq:');

Today or actually yesterday I started on upgrading my wordpress blog. I found out that I would like to upgrade the wordpress to a newer version, reinstall some plugins and make sure not to tweak to much because that just makes upgrade even harder. I found the K2 to be a nice theme. I said to myself.. Shouldn’t I also move the domain at the same time? Ofcause.. After a hell of a work. I have done all that and even some more.
I’m still not satisfied with the way any of the plugins I have tested for presenting programmingcode/snippets in a easy readable way. I think I will go for the plain console lookalike thing laiter with black background. I guess I could fix that with only the <pre>-tag and some .css editing.

I should probably also install an image-manager and look if I missed out on any important plugins.

Here is a peek back at how the page was looking before the change.

I was impressed of the easy way to add widgets after adding new plugins.

I learned something new about favatar and gravatars. It was easy to add in the K2 theme.

I’m going to make some ideas/thoughts about how to synchronize what you have read of your RSS feeds between two computers. I have wanted to do this for a while now.

First part is if you want to do the sql-stuff to export and import the items that you have marked as read.

Alternative1: Export a list of read items from liferea.db on pc1 and update items in liferea.db on pc2
First, make sure to turn of Liferea on both computers. It locks the sqlite database so it is not possible for us to export the list of items that are read on pc1 or update them on pc2.
Make sure to have backup of both computers. I just say this so you don’t blame me.
Continue reading ‘Sync Liferea – How to synchronize what items you have read between two pcs’

There is normaly no problem for the server to recive both double and single quotes from a input field. The problem is when you want to show both single and double quote characters: ‘ and ” in a input text field. You can’t escape characters in html to make the browser show everytning between the outer quote-characters. The trix around this problem is to use javascript to change the value of the input field. That works because javascript understands the whole string when you have escaped it.

Continue reading ‘Handle both single and double quote characters in input field’

I’ve merged Simple Syntax Highlighter and iG:Syntax Hiliter by modifying the iG:Syntax Hiliter. That gave me the possibility to post code written in a file, just as Simple Syntax did, but with the nice boxed version like iG:Syntax have.
Continue reading ‘I’ve merged Simple Syntax Highlighter and iG:Syntax Hiliter’

I’ve just created a WordPress plugin to the MSN-SongText program.
Here is a the output (also on the footer of this page):
##WINAMP##

Writing the song anywhere in the themes..

echo winampsong();

or use one of the two strings:

 <!--winampsong-->
##WINAMP##

Download the plugin here put it in your wordpress plugin directory.

I guess this plugin does not work with WP2.5

Here is a idea of how to do it. Continue reading ‘Get winamp songname on webpage’

I just had to test if I could blog from my pda. I have a qtek9090 pocket-pc with wlan.

Conclution of testing: it works, but it is slow on keyboard typing, and page does not look good.

I’ve added the wp-plugin called SecureImage to disable automatic spam posting.