Herself’s Webtools

If something happens in your php script you may want to force an HTTP error, rather than continue or redirect the user to another page. This is very simple to do. Just be sure the first line of output from your script to the browser is

header(’HTTP/1.0 403 Forbidden’);

or

header(’HTTP/1.0 404 Not found’);

Or which ever standard code other than 200 you wish to send.

If you are using the Security Plugin instead of redirecting the attacker to an error page you can send back an HTTP error.

There are two HTML Error pages in the security script, one for blocked ips, one for all else.

---

// print error page
print “<html>\n”;
print “<head><title>Banned</title></head>\n”;
print “<body>\n”;
print “<h2>Banned: $blacklisted:  $code</h2>\n”;
print “<p>If you believe this to be in error please contact <a href=\”mailto:timestocome@gmail.com\”>timestocome@gmail.com</a>”;
print “</body>\n”;
print “</html>\n”;

---

What you will do is remove or comment out the error page and in it’s place put:
header(’HTTP/1.0 403 Forbidden’);

No print, no extra quotes - use it just as I have it here.

---

$code = “Sorry but you are listed on our ip blacklist”;
global $wpdb;
header(’HTTP/1.0 403 Forbidden’);
exit();

---

Feel free to use any of the standard codes. HTTP/1.1 Error Codes

While I was building my wonder of me portal page for TimesToCome I thought it’d be neat to add in my twitter stream.

Here is some very simple PHP code to do so. Now I was lazy and I only check for one link in the tweet. 99% of the time that is sufficient. The only thing you need to change is to change the user name from timestocome to your username. Any other changes are optional.

$username = “timestocome”;
$tweets = fetch_rss(’http://twitter.com/statuses/user_timeline/’.$username.’.rss’);

foreach ( $tweets->items as $tweet ){

print “<hr>”;

$twit = ” “.substr(strstr($tweet['description'],’: ‘), 2, strlen($tweet['description'])).” “;
$link = $tweet['link'];

// hack around php null == 0 ugh!
$xtwit = “x” . $twit;
$mark = strpos( $xtwit, “http://” );

if ( $mark > 0 ){ // we have a link in our tweet perhaps more than one

$l = substr ( $xtwit, $mark, strlen($xtwit) );
$l = substr ( $l, 0, strpos( $l, ” ” ));
$full_link = “<a href=\”$l\”>$l</a>”;
$xtwit = str_replace ( $l, $full_link, $xtwit );
$xtwit = substr ( $xtwit, 1, strlen($xtwit));

print “<br><p>$xtwit <a href=\”$link\”>#</a></p>”;

}else{

print “<br><p>$twit <a href=\”$link\”>#</a></p>”;

}
$time = $tweet['pubdate'];
$time = substr( $time, 0, strlen($time)-6);
print  ” $time “;

}

While doing research for the WordPress Security Suite ( Prevent Bot Registrations, Prevent bots, scrapers and other badness on your WordPress blog ) I needed some tools to pull agents, user requests and ip numbers from my log files and just give me a list of the unique ones of each.

So I wrote 3 PHP scripts to do just that.

Download the scripts, put your access-log in the same directory and run them from a command line or just load those pages in a directory on your webserver and view them. ( Be sure to block them in robots.txt if you have them on a public webserver. )

Download log parsers

The original TimesToCome site was created in 1997. The web has changed a great deal since then but my scripts hadn’t. I just hacked my blogs to use the PERL scripts. Converting them to work in your blog without using PERL or CGI is actually quite simple.

The first thing to do is convert your old CGI scripts to PHP. Your forms will remain the same except for the name of the script they are calling. ( <form method=”post” action=”new-script-url”> ) I found that User Friendly Forms in PHP, and PHP Form Handling gave me enough information to convert the forms from PERL to PHP. Most of what works in PERL, works in PHP, you’ll find very little needs to be changed. ( ‘PHP Black Book’ is the best book I’ve found so far. )

Once you have a working PHP form you need to incorporate it into your blog. To do this you need to create a page template. The easiest way is to copy an existing page template in your theme. The archives.php page usually works well.

Remove the archives information from the page. I deleted everything after <div id=”content” class=”pages”> down to the matching </div> tag for that division. Your template may be slightly different.

Now copy and paste your PHP form - everything between <body> and </body> into that space between <div id=”content” class=”pages”> and </div>.

Rename the page to something useful, and don’t forget to change the ‘Template Name: xxxx ‘ in the template.

Now log into your Wordpress or other blog. Create a new page, name it something useful. Then go to the templated drop down menu (’Templates’) and select your newly created template from the menu. Save and publish.

If you wish to use multiple pages for your form just create multiple pages. If you wish it to reload the same page when the script runs, call yourself in the action= and place a hidden check that lets you know if this page is being loaded or if the form is filled out and submitted.

Put the hidden check if form submitted in the form:

<input type=”hidden” name=”submit_check” value=”1″ />

The check for it in the part of the form you do your calculations:
if ($_POST['submit_check'] == 1 ) { /*do something*/ }

See example: Calorie calculator
Download example: Calories example php form in a WP blog