Herself's Webtools

Every so often it’s good to just run a quick pass on your WordPress database and look for troubles.

There are two things I check for: users who don’t comment, and iframes and scripts inside of posts.

You can easily bookmark SQL queries in phpMyAdmin, I do this and try to run the scripts every week or so.

To check for iframes and scripts added to your posts log on to phpMyAdmin and then click the SQL tab and run the following command:


SELECT *
FROM wp_posts
WHERE post_content LIKE '%iframe%'
UNION
SELECT *
FROM wp_posts
WHERE post_content LIKE '%noscript%'
UNION
SELECT *
FROM wp_posts
WHERE post_content LIKE '%display:none%'
UNION
SELECT *
FROM wp_posts
WHERE post_content LIKE '%ekibastos%'
UNION
SELECT *
FROM wp_posts
WHERE post_content LIKE '%visibility:hidden%';


This looks for hidden things in your posts. If you get any results back you should check that post very carefully for things you did not put in it.

Users who register and don’t comment are likely bots who got through the bot net, or spammers planning to come back later. I delete all users who register but don’t comment soon thereafter.

To check for users who haven’t commented run the following SQL query

SELECT user_login, user_email, date_format( user_registered, '%M %d %Y' ) AS user_registration_date
FROM wp_users
WHERE wp_users.user_login NOT
IN (
SELECT comment_author
FROM wp_comments
)
LIMIT 0 , 30

Another optimization you’ll want to make is to delete all those post revisions, they multiply quickly.

DELETE FROM wp_posts WHERE post_type = "revision";

And finally optimize your tables

OPTIMIZE TABLE `wp_comments` , `wp_links` , `wp_options` , `wp_postmeta` , `wp_posts` , `wp_terms` , `wp_term_relationships` , `wp_term_taxonomy` , `wp_usermeta` , `wp_users`;

Coppermine 1.4.19 has been released to fix a MySQL injection flaw, again. This is how TimesToCome was hacked last April and why you now have all these shiny new security tools and information on this website.

I went to the Coppermine site only because there was a huge increase in cross site scripting attempts last night on the Coppermine albums.

Anyhow update if you have not.

I’ve known for a few months I needed to move to another hosting company but I kept putting it off because the thought of redoing all the Coppermine stuff horrified me.

It turned out to be pretty easy. OK after 4 hours of going in circles I now know how to do it and it is easy now.

Backup old stuff:
Download your entire Coppermine directory from your old host to your home computer. This may take a while if you have lots of pictures.

Using whatever tools your webhost provides backup and download your Coppermine MySQL database. Most hosts use phpMyAdmin. If you have that available select your Coppermine database; Select Export; Select Save as file; Give it a file name ( template ) and download it with no compression.

Upload to new server:
Upload your entire Coppermine directory to your new webhost ( this may take a while )

Create a new database for Coppermine on your new host using what ever tools the host provides. Write down your user name, database name, and server if it gives you a server name. ( Most of the time it will be on the same server and you will just use localhost. )

Import the old database to the new database. If you are using phpMyAdmin, select the database; Select Import; chose the file and upload.

If you get permissions errors from MySQL while importing your data base try this: On your computer open your database backup you downloaded in a text editor. It is a plain text file you can easily work with it. ( Make a copy first of course! ) Remove every thing until the lines
–
– Table structure for table ‘cpg_albums’
–
Leave those lines and every thing after them in the file but remove the lines before that. The user name, database, CREATE DATABASE etc are all what is causing the permissions problem. Dump the lines below – yours will be slightly different.

– phpMyAdmin SQL Dump
– version 2.9.1.1
– http://www.phpmyadmin.net
–
– Host: 10.6.255.255
– Generation Time: Mar 11, 2008 at 02:06 PM
– Server version: 4.1.22
– PHP Version: 4.4.4
–
– Database: `her0731003345419`
–
CREATE DATABASE `her0731003345419` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
USE `her0731003345419`;

– ——————————————————–

–
– Table structure for table `cpg_albums`
–

It took me several hours to find that information. It is not well documented anywhere. The rest of the move was painless.

The last thing you have to do now is to change your user name, host and database name in your config.inc.php file to use your new database. You’ll find this file in Coppermine/includes. Just edit the entries and remove your old user name, password and host and enter your new password, host and database name.