Yet another reason not to use Flash for your site

There are no guaranteed safe solutions for website security, other than constant vigilance. A recently announced exploit of some versions of the Flash player can cause problems.

MacNN | Symantec: Flash exploit in widespread use
Hundreds of thousands of webpages have been affected by a vulnerability in Adobe’s Flash Player, says security vendor Symantec. Since at least Monday, approximately 220,000 pages have been been hacked to add redirection scripts, which send Flash users to some 57 servers that attempt to deliver malware, including botnet code and apps that steal World of WarCraft identities and passwords. Only Flash Player versions 9.0.124.0 and 9.0.115.0 appear to be at risk; the attack also seems to be directed primarily at Windows, says Symantec, although problems may yet arise on other operating systems (including Mac OS X) unless Adobe can close the exploit.

Sites victimized by the redirection scripts are generally said to be those belonging to small towns, businesses and non-profit organizations, which may have been chosen through a tool that uses Google to trawl for pages with security holes. If an attack fails, Symantec notes that it may still crash a user’s browser.

Adobe has yet to confirm or deny the security issue. “We are working with Symantec to investigate the potential SWF vulnerability,” an official statement reads, “and will have an update once we get more information.”

Make sure you have backups of your data, and be aware, it’s affecting the latest version of the Flash player, so now may not be the best time to update.

Adobe hasn’t officially responded.

Continue reading →

Turn WordPress into an online booking system with StayPress

WordPress is more than just blogging software, it’s a very extensible and easy to use Content Management System- that happens to get amazing Google love.

Everyday, we come across new extensions that turn WordPress into the perfect vehicle for some niche business. It doesn’t always mean all of the bugs are worked out- since this is Open Source Software- but it does mean we have a good start on customizing a tool into exactly what a client needs. Right now, we’re about to start work on an orthodontist’s site, and this online booking system extension might come in handy! It’s not quite out yet- but the preview looks interesting. April 2011 it’s out- http://staypress.com/

Clearskys.net Blog Introducing StayPress
StayPress is a collection of plugins that will turn a standard vanilla installation of WordPress or WordPress MU into a property management and bookings system. Of course when I say Property, I actually mean any bookable resource of which there is a finite availability. So the StayPress system will be able to manage property rentals, hotel room rentals, conference rooms and centres, B and B’s, training rooms, bands, etc…

The new StayPress system takes over from the previous clearskys.net collection of plugins and brings everything together into a more manageable and co-ordinated group.

Whilst there will obviously be a downloadable version of the StayPress plugins, we are also planning a hosted version of the system for those who do not want the trouble of running their own website.

Of course, if you are working with The Next Wave, we would be happy to configure and set this up for you.

Continue reading →

Posting Usable Code in WordPress With No Plugins

Due to the fact that Worpress decided to get rid of the “Press It” function until 2.6, I have recently had the need to post the code that will allow you to use the “Press It” feature on your own.

As it turns out, it is supposedly very hard to post code in WordPress. If you just copy and paste your code in, WordPress will turn your quote marks into “Smart Quotes”. They look pretty, but do not work with code. So I set about finding a plugin or some other method to correct this.

Everywhere I looked people were recommending different methods. From using plugins and custom fields, to manually editing, and to online converters. I tried them all, but they either didn’t display the code correctly, or messed up my formatting site wide.

So here is my solution, it may have been suggested before, but I sure couldn’t find it with hours of searching and testing. Simply insert this code into your style sheet:

pre {
width: 95%;
overflow: auto;
padding: 10px;
margin: 1em auto;
font-family: "Courier New", Courier, mono;
background-color: #ddd;
color: #555;
border: 1px dotted #999;
}

Now, when you paste your code into the WordPress editor, highlight it, and select the preformatted option from the “Format” drop down menu.

location of the format menu in the wordpress post editor

The pre tag will preserve your quote marks, spacing, indenting, and other elements.

And thats all you have to do. Your code will work when copied and pasted from the browser. If you have a long line of code, instead of running over everything, this will make a horizontal scroll bar to contain it.

Note: WordPress may apply separate <pre> tags to each line when you select it from the drop-down menu. (I have no idea why, it defeats the whole purpose of <pre> tags) To get around this, either manually add <pre> and </pre> before and after the text under the HTML tab in the edit screen, or apply the formatting with the code all as one line, and add the line breaks in afterward.

Continue reading →