Themes affected by TimThumb Zero Day Vulnerability

August 5th, 2011 Blog

You probably heard of the TimThumb Zero Day Vulnerability by now and unfortunately (or fortunately) only 2 of my themes (HackerWP and Celebrity Gossip) uses the TimThumb script for generating thumbnails. The fix is pretty easy.

1. Go to your theme cache directory (e.g /wp-content/themes/hackerwp/cache) and delete all files except index.htm
2. Download the latest version of timthumb.php and replace the file on your server at /wp-content/themes/hackerwp/timthumb.php
3. Optional: If you wish to grab image files from all external sites. Open timthumb.php, look for

$allowedSites = array (

and replace with

$allowedSites = array (

Share This | Read on | 4 Comments

Theme Update: OneNews 3.0

January 3rd, 2011 Blog

OneNews 3.0 receives a major revamp, in design and functionality. And now requires at least WordPress version 3.0 to work. I have tested it on WordPress 3.1 RC2 so I do not expect any issues when WP3.1 is released.

Main Highlights

  • Dropdown Custom Menu
  • New tooltip with thumbnail, social media, new indicator, relative date
  • Support for Vimeo videos
  • Sideblog revamp
  • Localization ready

For existing users, please contact me and I will email you the new package. Include your Paypal email address for verification purpose.

Contact me here

Share This | Read on | 6 Comments

Activating WordPress Multisite Mode

December 1st, 2010 Blog

I have 3 different installations of WordPress on this domain: one for this blog, one for the demo blog, one for the onenews blog. It can be a pain when it comes to upgrading the WP core and plugins. So I decided to take a jump and activate the multisite mode which was introduced in WP3.0.

Enabling multisite mode turns out to be a relatively easy task with this simple guide. Encountered some hiccups along the way but nothing where a hack won’t do.

The Road Blocks (and getting past them)

Google XML Sitemap plugin not compatible
The stable version 3.2.4 is not compatible with the new multisite feature. This being a must have plugin, I went ahead and installed the 4.0b3 Beta version.

Not given the option of sub-directories, sub-domains installed by default
Turn out that if your site is more than 30 days old, you will not be presented with the sub-directories option. Luckily you can force enable it. Simply follow the How to Force Multi Site to Use Subdirectories guide.

Broken links in main blog
All my posts permalink were modified to point to /blog, so becomes

That would be an SEO disaster! No fear. Go to Super Admin > Sites > Edit > Permalink Structure and remove “/blog”.

Funny characters in posts
As my database tables are of collation latin1, the define(‘DB_CHARSET’, ‘utf8’) was commented out in wp-config.php. Once I switch on multisite mode, suddenly WordPress decided that my tables should be in UTF8. I have to uncomment that line so that the non-english characters display correctly.

Unable to create new blogs
With the main blog settled, I happily went and created a new sublog. And got “Error establishing a database connection” or “One or more database tables are unavailable. The database may need to be repaired.”. I went into phpmyadmin and noticed no tables were created for the new sublog.

I suspect it was something to do with what I did to define(‘DB_CHARSET’, ‘utf8’). So I comment out that line again and viola.. new sublog added. After finish adding, I have to uncomment it again! I don’t understand the logic behind that but I’m glad it works. Also I don’t see myself adding sublogs frequently so a small inconvenience here. Just have to remind myself to comment/uncomment define(‘DB_CHARSET’, ‘utf8’) in wp-config.php when required.

Theme switcher not working
I have the theme switcher plugin in demo blog but it’s unable to switch themes anymore. Turn out it was being cached by WP-Super-Cache, even though I did not activate the plugin in the sublog. Apparently supercache is enabled across all the sublogs. The simple solution is to add /demo/ to the rejected strings field in supercache.

Share This | Read on | 6 Comments

How to Add a “Show All Comments” to Your Posts

November 2nd, 2010 Blog

Wordpress Show All Comments

Have you been to a blog that have hundreds of comments which are separated into many pages? Now made easy with the Paged Comments feature from WordPress v2.7 onwards. It can be a pain sifting through each page looking for something. Now wouldn’t it be nice if there’s an option to show all comments with a click? Do your visitors a favor by adding a “Show All Comments” feature.

Since codes differ from theme to theme, I will be using my Google Chrome theme as an example. It should be fairly easy to apply to other themes.

Open comments.php and replace

<h3 id="comments">Reader's Comments</h3>


<h3 id="comments">Reader's Comments</h3>
<?php if ($_GET['showall'] != '1') { ?>
<a href="?showall=1#comments">Show all comments</a>
<?php } ?>


<?php wp_list_comments(array('callback' => 'custom_comment', 'type' => 'comment')); ?>


<?php if ($_GET['showall'] == '1') { ?>
<?php wp_list_comments(array('callback' => 'custom_comment', 'type' => 'comment', 'per_page' => '0', 'page' => '0')); ?>
<?php } else { ?>
<?php wp_list_comments(array('callback' => 'custom_comment', 'type' => 'comment')); ?>
<?php } ?>


<div class="alignleft"><?php previous_comments_link() ?></div>
<div class="alignright"><?php next_comments_link('Newer Comments &raquo;') ?></div>


<?php if ($_GET['showall'] != '1') { ?>
<div class="alignleft"><?php previous_comments_link() ?></div>
<div class="alignright"><?php next_comments_link('Newer Comments &raquo;') ?></div>
<?php } ?>

Share This | Read on | 1 Comment

Widgets Admin Hack: Displaying 1 Sidebar at a Time

October 27th, 2009 Blog

Wordpress Widgets Admin Page

With the new WordPress v2.8, the WP-Admin > Appearance > Widgets page presents a new problem for themes with large number of widgetized sidebars, e.g onenews theme in alltop mode, where the number of sidebars can go to the 100s depending on how many pages are created. With around 15 sidebars, it can be a pain when you have to do a lot of scrolling up and down to drag-n-drop the widgets.

We will be re-using the code from WP v2.7 to re-instate the dropdown menu, so that you can choose which sidebar you want to work on. Then we will hide the rest of the unwanted sidebars from view with CSS. As this involves editing the core file widgets.php, we need to duplicate it so that it won’t be overwritten when we do a WordPress upgrade.

So first make a copy of widgets.php in the WP-Admin directory and rename it as widgets-2.php. Open widgets-2.php and look for the following line

<div id="widgets-right">

Insert the following code below it to display the dropdown menu

<?php if (!isset($_GET['sidebar'])) $_GET['sidebar'] = 'sidebar-1'; ?>
<form id="widgets-filter" action="" method="get">
<select id="sidebar-selector" name="sidebar">
<?php foreach ( $wp_registered_sidebars as $sidebar_id => $registered_sidebar ) : $sidebar_id = attribute_escape( $sidebar_id );
if ( 'wp_inactive_widgets' == $sidebar_id )
<option value='<?php echo $sidebar_id; ?>'<?php selected( $sidebar_id, $_GET['sidebar'] ); ?>><?php echo wp_specialchars( $registered_sidebar['name'] ); ?></option>
<?php endforeach; ?>
<input type="submit" value="<?php _e('Show' ); ?>" class="button-secondary" />

Now to hide the rest of the sidebars, replace

For WordPress 3.0-3.2

<div class="widgets-holder-wrap<?php echo $closed; ?>">


<div class="widgets-holder-wrap"<?php if ($_GET['sidebar'] != $registered_sidebar['id']) { echo ' style="display:none"'; } ?>>

For WordPress 3.3

<div class="<?php esc_attr_e( $wrap_class ); ?>">


<div class="<?php esc_attr_e( $wrap_class ); ?>"<?php if ($_GET['sidebar'] != $registered_sidebar['id']) { echo ' style="display:none"'; } ?>>

For WordPress 3.3.1-3.3.2

if ( $i )
$wrap_class .= ' closed'; ?>

<div class="<?php echo esc_attr( $wrap_class ); ?>">


if ( $i )
$wrap_class .= ' closed'; ?>

<div class="<?php esc_attr_e( $wrap_class ); ?>"<?php if ($_GET['sidebar'] != $registered_sidebar['id']) { echo ' style="display:none"'; } ?>>

You can now navigate to to see the hacked widgets page.

Share This | Read on | 7 Comments

28 Smashing WordPress Theme Clones

April 14th, 2009 Blog

Themes inspired and created by WordPress theme authors, based on their favorite desktop applications and websites. Comment away if you know any look-alike themes that’s not in the list.

Free WP Themes Clone Clone vs iBlog

CNN Clone


Coda Clone

Coda vs WP CODA

Digg Clone

Digg vs Digg-like

Digg Clone

Digg vs Max Magazine

Facebook Clone

Facebook vs CryBook

Facebook Clone

Facebook vs Facebook WordPress

Gmail Clone

Gmail vs Gmail WordPress

Google Chrome Clone

Google Chrome vs Google Chrome WP

Google Search Engine Clone

Google Search Engine vs Woogle

Mac OS X Clone

Mac OS X vs Leopard Mac

Mac OS X Clone

Mac OS X vs Tigerpress

Mac OS X Clone

Mac OS X vs iTheme

Mac OS Clone

Mac OS vs Retro MscOS

Msn Clone

Msn Messenger vs Msnlog

Tumblr Clone

Tumblr vs Tumblelog

Twitter Clone

Twitter vs Fresh Tweet

Windows Vista Clone

Win Vista vs Themedvista

Windows Aero Clone

Win Aero vs Aerodrome

WP Dashboard Clone

WP Dashboard vs WP DashboardLike

Gawker Lifehacker Clone

Gawker Lifehacker vs HackerWP

Wordpress Pinterest Clone

Pinterest vs iPin

Premium WP Themes Clone

Popurls/Alltop Clone

Alltop/Popurls vs OneNews Clone vs iBlogPro

Kineda Clone

BBC vs TheBeeb

CNN Clone

CNN vs The Gazette Edition

GameSpot Clone

GameSpot vs GameMaker

Kineda Clone

Kineda vs Celebrity Gossip

New York Times Clone

New York Times vs New Yorker

Win Aero Clone

Win Aero vs Aeros Clone vs Shade Pro

Wordpress Pinterest Clone

Pinterest vs iPin Pro

Share This | Read on | 74 Comments

WordPress 2.8 Theme Changes

March 23rd, 2009 Blog

[29 May 2009] Turned out I have been Aril Fooled. WordPress 2.8 should be released real soon (31st May according to the WordPress Trac). Added 2 more new functions: comments_open and pings_open.

With the release date for WordPress v2.8 scheduled on 1st April, I believe the theme codes are more or less stable. Not much changes between v2.7 and v2.8, thankfully. The current themes should work just fine without any modifications on v2.8. Basically 4 new functions were introduced: body_class(), automatic_feed_links(), comments_open(), pings_open().

Found in header.php
<body <?php body_class(); ?>>
Display css classes for the body element.

Found in functions.php
This will automatically generate all the relevant feed links. You may need to remove current hard-coded feed links in header.php e.g

<link rel="alternate" type="application/rss xml" title="<?php bloginfo('name'); ?> RSS Feed" href="<?php bloginfo('rss2_url'); ?>" />
<link rel="alternate" type="application/atom xml" title="<?php bloginfo('name'); ?> Atom Feed" href="<?php bloginfo('atom_url'); ?>" />

Found in single.php and comments.php
if ( comments_open() )
Checks whether the current post is open for comments

Found in single.php
if ( pings_open() )
Checks whether the current post is open for pings

Share This | Read on | 8 Comments

Upcoming WordPress Theme: Woogle

March 9th, 2009 Blog

Google Search Engine Clone Preview

After coming up with the popular Google Chrome WordPress theme, Kris commented that I should do up a Google Search Engine(GSE) WordPress clone. To be honest, at that time I didn’t think it was a great idea for a blog to look like GSE. It reminds me of those Made-For-Adsense(MFA) and domain parking sites, which always result in me clicking the back button.

Then, as April Fool’s Day is approaching, I was wondering what might make a fun theme for the occasion and bingo.. the Woogle theme! On the 1st of April, switch to this theme and proudly claim that your site has been acquired and integrated into GSE. This theme should be ready by April Fool’s day. No joke!

Share This | Read on | 4 Comments

Upcoming WordPress Theme: Food Recipe

January 21st, 2009 Blog

Wordpress Theme: Food Recipe

Been sometime since my last theme. Here’s one with your blog served up cafe-menu style. Main inspiration from a CSS styled Restaurant Menu. Hopefully the final product will turn out looking delicious.

Share This | Read on | 9 Comments

Themes and Plugins Compatibility on WP 2.7

November 10th, 2008 Blog


All four plugins should work fine in WordPress 2.7 without modification, baring any last minute changes in WP v2.7, which is highly unlikely.


I have updated all themes to work on WordPress 2.7 and should be backward compatible with v2.5. The most visible feature would have to be the threaded and paged comments. Of course you need to be running on WP v2.7 to use them. View the individual theme’s changelog to see the changes in the latest version.

Remember to backup your theme first before upgrading and report any bugs you found.

For existing premium theme owners, I will be sending out the emails with download links when WordPress v2.7 is officially released.

Share This | Read on | 22 Comments

WordPress 2.7 Theme Changes

October 27th, 2008 Blog

A comparison of the Default wordpress theme (v2.7 alpha vs v2.6.3). In short, my free/premium themes should continue to work in v2.7. Just that features like threaded comments and sticky post styling will not be available. Yet 😉

Old: <div class=”post”>
New: <div <?php post_class() ?>>
Found: multiple files
Display the classes for the post div e.g class=”sticky category-uncategorized tag-untagged”. Using this function will break your theme on older version of WordPress (< v2.7). Not using this, however, you are unable to style your individual sticky/category/tag post. Workaround would be to do a if function_exists() check.

Old: <?php include (TEMPLATEPATH . '/searchform.php'); ?>
New: <?php get_search_form(); ?>
Found: multiple files
Will first attempt to locate the searchform.php file in either the child or the parent, then load it. If it doesn’t exist, then the default search form will be displayed. Probably can safely ignore this for now because if you use this template function, your theme will not be backward compatible to older version of WordPress (< v2.7).

New: <link rel="alternate" type="application/atom+xml" title="<?php bloginfo('name'); ?> Atom Feed" href="<?php bloginfo('atom_url'); ?>" />
Found: header.php
Add Atom feed link

New: <?php if ( is_singular() ) wp_enqueue_script( 'comment-reply' ); ?>
Found: header.php
Add script for threaded comments if current page is a single post, is a page, or is an attachment.

New CSS classes in style.css, mainly for the threaded comments
.thread-alt {
.thread-even {
.depth-1 {
.even, .alt {
.commentlist li ul li
#commentform {
.commentlist li ul li

comments.php: Major code changes. I think this post on WordPress 2.7 Comments Enhancements will do a better job of explaining the changes.

Share This | Read on | 13 Comments

Upcoming WordPress Theme: Celebrity Gossip

September 30th, 2008 Blog

Preview Celebrity Gossip WordPress Theme

Just a rough preview of the WordPress theme I’m working on. Celebrity Gossip is heavily inspired by Kineda. Really love their simple yet elegant design. But much work remains to be done. Stay tuned..

And please keep your eyes off Leah Dizon and focus on the design :)

Share This | Read on | 18 Comments

Useful Plugin for OneNews Theme

September 22nd, 2008 Blog

Stumbled across the RSS Includes Pages Plugin and thought it might be useful for the OneNews WordPress Theme. The plugin was created out of the need to include pages in the RSS feed, thus automatically notifying popular ping update services to crawl your pages.

This is a perfect plugin for the OneNews theme when used in the multiple-pages aka Alltop mode. Ping every new page created by downloading the RSS Includes Pages Plugin here.

Share This | Read on | 5 Comments

WordPress 2.5 vs 2.6: Changes in the Theme Codes

July 3rd, 2008 Blog

With most of the work focused on the backend for WP 2.6, I’m kind of glad that there’s not much changes in the code on the theme side. In fact you can safely ignore the new codes and use your existing theme without any modifications. The changes are as below.

Note: WP 2.6 RC2 vs WP 2.5.1

1) comments.php – indicates whether the Name and Mail fields are required, mainly for browsers that support ARIA-Accessibility Rich Internet Applications

line 81:
<p><input type="text" name="author" id="author" value="<?php echo $comment_author; ?>" size="22" tabindex="1" <strong><?php if ($req) echo "aria-required='true'"; ?> /></strong>

line 84:
<p><input type="text" name="email" id="email" value="<?php echo $comment_author_email; ?>" size="22" tabindex="2" <strong><?php if ($req) echo "aria-required='true'"; ?> /></strong>

2) style.css – a new css class “.hidden”, which is used only once in searchform.php (see item 3 below)

line 619:
.hidden {
	display: none;

3) searchform.php – hidden for future use?

line 2:
<label class="hidden" for="s"><?php _e('Search for:'); ?></label>
Share This | Read on | 6 Comments

Theme Bugfix: TechnoHolic, SoftwareHolic, GenkiTheme (Fixed Width)

June 30th, 2008 Blog

Found some XHTML invalidation in comments.php file across the three themes, resulting in missing or extra < /ol > tag. It occurs when 1) there’s only comments and no trackbacks, or 2) there’s only trackbacks but no comments. Not a major issue as most browsers will still render the page correctly. If you have not modified the comments.php, simply download the new theme pack and replace only the comments.php for your blog.

Download GenkiTheme (Fixed Version)
Download SoftwareHolic
Download Technoholic (same comments.php for both free and premium edition)

Share This | Read on | No Comments

How to Show Only Parent Category in a Post

June 23rd, 2008 Blog

Parent category: WordPress
Child category: —- WordPress Themes
Child category: —- WordPress Plugins
Child category: —- WordPress Tips

When you use the_category() template function, it displays both the parent category and any child/subcategories under it. With the above example you will see something like “Filed in WordPress, WordPress Themes, WordPress Plugins, WordPress Tips”.

Sometimes you prefer less clutter and hide all the child categories. Unfortunately the_category() does not have any optional parameters like child=0 or depth=-1. The below code may be a few lines long but does the job well. To be used within The Loop.

$parentscategory ="";
foreach((get_the_category()) as $category) {
    if ($category->category_parent == 0) {
        $parentscategory .= ' <a href="' . get_category_link($category->cat_ID) . '" title="' . $category->name . '">' . $category->name . '</a>, ';
echo substr($parentscategory,0,-2);
Share This | Read on | 39 Comments

Theme Update: OneNews

May 23rd, 2008 Blog

Fixed one of the common complaint of layout breaking when unable to retrieve feed. Instead of displaying the lengthy “Warning: array_slice(): The first argument should be an array…”, a simple message “Feed may be down” is shown.

List of updates for OneNews Theme v1.5

  • Display “Feed may be down” message instead of “Warning: array_slice(): The first argument should be an array”, which breaks the layout
  • Tested on WP 2.5
  • Fix fat top banner in IE (style.css and styleb.css)
  • Upgrade Exec-PHP plugin to version 4.7
  • Upgrade flickrRSS plugin to version 4.0

Grab the latest version of OneNews package

For existing theme user who prefer to do manual upgrade, below are the code/file changes. Remember to backup first.

1. Display “Feed may be down” message
In your post (you may refer to post.txt for comparison)
search every instance of

$rss = fetch_rss

insert a blank line below and add

if ($rss) {

search for every instance of

echo '</ul>';

and replace with

else {
print 'Feed may be down';
echo '</ul>';

<strong>2. Deprecated rss-functions.php file</strong>
In your post (you may refer to post.txt for comparison)
<pre class="brush: php; gutter: true; first-line: 1; highlight: []; html-script: false">
<?php require_once(ABSPATH . WPINC . '/rss-functions.php'); ?>

replace with

<?php require_once(ABSPATH . WPINC . '/rss.php'); ?>

3. Fat top banner in IE
In style.css and styleb.css

div#banner-nav-center {
	width: 980px;
	margin:0 auto 0 auto;
	padding: 0.6em 10px 2em 10px;

replace with

div#banner-nav-center {
	width: 980px;
	height: 18px;
	margin:0 auto 0 auto;
	padding: 0.6em 10px 0.6em 10px;

4. Updgrade flickrss and Exec-PHP plugin
a. deactivate plugins
b. delete plugin files
c. update plugin files (in folders)
d. activate new plugins

Share This | Read on | 2 Comments

Comment on High PR Blogs for Free Linkbacks

May 20th, 2008 Blog

Raman commented on the post “Linkbacks from High PR Blogs”, saying that the blog compiling the list was suspended by A year ago, doing a review in exchange for a linkback was the rage. Until the google smackdown in July/August. So that list is probably redundant now.

The “in” thing to get free linkbacks now is posting comments on high PR blogs, preferably with dofollow. So here are some complied lists (dofollow not guaranteed):

Update: even more lists at “Make Money Online By Blog Commenting

While you can be lazy and post thank-you-i-love-your-blog one liner type comment, it is recommended that your comments be relevant to the blog post. Less the author delete your half-hearted attempt.

It can get pretty tedious after a while: visit blog, verify dofollow, post comment. Rinse and repeat. And these compiled list may not be up-to-date. Here’s where Fast Blog Finder can help us to reduce the load. Watch this video to see it in action.

There are two editions available:

  • Fast Blog Finder Free Edition
    – freeware, requires registration
    – search results limited to 50 blogs for each keyword phrase
  • Fast Blog Finder Gold Edition
    – commercial, $49
    – get 25% discount at SoftwareHolic
Share This | Read on | 71 Comments

Easier and Faster Ways to Upgrade to WordPress 2.5.1

April 26th, 2008 Blog

Oh no.. not another minor upgrade!

Did that thought cross your mind when you found out that WordPress 2.5.1 was released? I know I did.. given that I have 6 blogs to attend to.

If you installed WordPress using Cpanel/Fantastico, you can probably wait a few more days before doing a fuss-free upgrading (though some users have reported problems with this method).

You can also install the WordPress Automatic Upgrade plugin which, in Keith’s word, helps you to easily upgrade your wordpress installation to the latest version provided by wordpress, without having to download or upload any files. This plugin has proven useful for those who got it to work.

I promise myself to try out Keith’s plugin one day but for now, I’m still doing manual upgrading. I just feel more secure and in control :)

To shave time off the manual upgrade method, you can upload the changed files (98 files) instead of the whole 2.5.1 package (531 files). That should therotically save you 80% of your time. To download the changed files package, visit this link, scroll to the bottom and click on Zip Archive to start download. Happy upgrading!

Share This | Read on | 5 Comments

Video Tutorials For WordPress Users

March 7th, 2008 Blog

Quick List:

» How To Install WordPress Blog From Cpanel
» Installing WordPress To Your Free Hosting Server Part 1/3
» Installing WordPress To Your Free Hosting Server Part 2/3
» Installing WordPress To Your Free Hosting Server Part 3/3
» Installing on a Local Server
» How To Edit the wp-config File For WordPress
» How to Upgrade WordPress

» How to Post to a WordPress Blog
» How to Make a New WordPress Post
» How to Insert an Image & Make It a Link
» Insert Text from Word or Other Doc
» How to Wrap Text Around an Image
» How to Make a New WordPress Page
» How to Edit a WordPress Page

» How to Activate a New WordPress Theme
» Install Theme In WordPress
» How To Tweak or Edit Your WordPress Theme
» How to Put Adsense on Your WordPress Blog
» How To Create A Custom WordPress Page Template
» Make a Static Page Your Home-Front Page
» Custom WordPress Homepage (Method1 Raw code)
» Custom WordPress Homepage (Method2 WP Admin Panel Homepage)
» Custom WordPress Homepage

» Install Plugin in WordPress
» Install Plugin in WordPress
» WordPress Plugin Creation

Search Engine Optimization
» SEO Your WordPress Blog – Part I
» SEO Your WordPress Blog – Part II

» Recover WordPress Password When You Have Forgotten It


Share This | Read on | 7 Comments

to Top