Dưới đây là hướng dẫn thiết lập max_execution_time = 90 - Hướng dẫn fix The max_execution_ti me is set to a value that might be too low

🌿💖 Dưới đây là hướng dẫn thiết lập max_execution_time = 90 cho WordPress trong wp-config.php 👉🍀🍀 kèm khuyến nghị cấu hình cho Nginx/Apache để tránh timeout: 1. Thêm dòng sau vào wp-config.php (trước dòng /* That's all, stop editing! Happy publishing. */) 😲 // Tăng thời gian thực thi PHP @ini_set('max_execution_time', '90'); ✅ Dòng này giúp WordPress tăng giới hạn xử lý script dài như backup,…

Getting your website hacked is not fun. It's a serious matter that needs to be handled with care and intelligence. WordPress is gaining popularity with each passing day. Millions of websites are being powered by WP every minute of the day. However it's popularity is what makes it so vulnerable to hacking and security threats. Hackers find it easy to hack your WordPress websites through a majority of entry points. Thus, it becomes more important than ever to protect your websites from hacking and spamming. Hacking is something that cannot be stopped but it is something that should be prevented. Therefore, we have compiled a list of  tips that many cloud service providers, including our own, use to prevent websites from being hacked. The article is going to focus on few ways that can be used to protect your website against hacking and ways that aren't discussed time and time again on the internet because we understand security is a serious issue and should not be taken lightly. 0. Test Your Site For Vulnerabilities  Most website developers do not pay attention to the security status of a website. It's relatively easy to do than it looks. Here are some security testing tools to ensure your website does not expose a common vulnerability.  1. Don't Use Premium Plugins For Free There is a reason why premium plugins are not free. Downloading them from anywhere (un-authorized sites) for free put only your website at risk and obviously, you wouldn't want that. These pirated copies come with many flaws which give hackers' direct entry into your website. Though it's understandable what it's like to work within a budget, it doesn't make sense at all to use pirated plugins. There are various free plugins available as well which can be availed without having to spend even a penny. If you are still really in need of that plugin, you should just pay for it and use it. You can always go to the digital content marketplace like ThemeForest to shop for authentic WordPress plugins at a low cost. Alternatively, you can hire a freelancer or WordPress expert to do a quick feature upgrade on WordPress. 2. Eliminate PHP Error Reporting Your website's security has a lot to do with the loopholes and weak spots in your website. As a matter of fact, if your theme or plugin or any function does not respond properly, it will naturally generate an error message. These error messages may help you solve the problem but for hackers, these are some of the entry points to get access to your website.  These messages contain the server path, that's what all hackers are always on the lookout for. Therefore, it is always suggested to disable this error message. This can be done by adding a code in the wp-config.php file. Simply copy and paste this code anywhere in your wp-config file.  error_reporting(0); @ini_set(‘display_errors’, 0); 3. Disable Dashboard File Editing By default, WordPress comes with an option to edit your theme and plugin files right from your dashboard i.e. appearance -> editor. In case, a hacker gains access to your site, he/she can easily make changes in the code and execute anything he/she wants. Therefore, it is always a bright idea to disable file editing option from your dashboard by adding this code snippet to your wp-config.php file.  define( ‘DISALLOW_FILE_EDIT’, true ); 4. Regular Backups As we discussed earlier, hacking cannot be stopped, it can only be prevented. Thus, if ever any hacker finds an entry point to your website, or hacks it completely, there is no way you can recover without having a secondary copy of your site. Regularly backing up your website offers you an option to recover your site if something goes wrong with it. 5. Always use Security Plugins  WordPress comes packed with many security plugins that automatically backs up your website on a daily basis as well as secures it against hacking and spamming. Some of the best plugins are:  WordFense security plugin, BulletProof security, and Sucuri Security plugin.

6. Hide your WordPress Version Well, you probably are wondering why? WordPress is growing and every now and then you encounter a new upgrade of WordPress version. If you run a WordPress website, you probably have heard that you should keep your website up-to-date to prevent security threats.  If in case, you cannot update your WP version for a reason or two, you are giving an open invitation to hackers to hack your website. However, you can keep this threat at bay by hiding your current version. Reason? As the bugs of previous versions are well known to everybody on the web who uses WordPress, hackers can easily use those loopholes and get access to your website. Hiding WordPress version gives you full control over the update of the latest versions while keeping hacking threats at bay.  There are certain ways to do so: Using an older theme? Write this code in your theme's header.php file ('version'); ?>" /> For newer themes, use this code instead 7. Use 2-Factor Login Authentication 2-Factor login authentication, as the name suggests, is a two level of login to a service or page. Wordpress provides many plugins that help you efficiently implement this 2 level login authentication to your website and make your site more secure. Clef and Rublon are two most popular WordPress plugins that help you implement this strategy.  Clef makes use of your phone camera to set up the login authentication. However, Rublon uses emails for two-factor authentication.  You may also like to explore more two-factor authentication plugins for WordPress. 8. Protect Your Files: Htaccess If you have been running a Wordpress website for quite some time, you probably are familiar with the .htaccess file. Well, as a matter of fact, it is one of the most important files of your website. .htaccess file directly affects the permalinks of a website and how it deals with the security issues. .htaccess file can help you prevent your site against any hacking by allowing you to add various code snippets in it. However, make sure whatever code you add in the file should be outside #BEGIN WordPress and #END WordPress tags. First of all, you should hide your wp-config.php file completely since it is responsible for everything on your website and includes plenty of important details such as database details, user details and more. Add this code to hide it: order allow, deny from all By adding the following code snippet into a new .htaccess file and upload it to the wp-admin, you can restrict admin access. order deny, allow from 192.168.5.1 deny from all You can also restrict wp-login.php in the almost same way. Add the following code to your .htaccess file. order Deny from all # access from my IP address from 192.168.5.1 There are various other ways in which you can modify your .htaccess file and secure your website against hackers and spammers. 9. Use SSL Certificates to Encrypt Data. Using a Secure Socket Layer (SSL) certificate is a very smart move to secure the admin panel of your WordPress website. The SSL certificate always ensures a safe data transfer between the server and user browser. This makes it difficult for the hacker to spoof into your information or breach the connection. For a WordPress website, it is very easy to set up an SSL certificate. You can either purchase it from the dedicated and authorized SSL reseller like www.cheapsslshop.com at a huge discount price or you can also ask your hosting service provider to provide you with one. Most of the hosting service provider arranges it as a part of their service. The SSL certificates also give a boost to your Google ranking. If a website doesn't have SSL certificate then it will be ranked lower than the one which has the certificate. This will definitely increase traffic on your WordPress website. 10. Change the WordPress database table prefix. Do you know that the files in the WordPress database table have a prefix “wp-”? Why am I telling this in public, the hackers will get

benefited right? They already know that it is just you who didn’t know this (If that’s a shocker to you). Any hacker can hack into your database files just by simple SQL injection. Hackers and spammers run automated codes for SQL injections. Most of you didn’t bother that all the files in the WordPress database start with the initials “wp-”. You need to change the prefix as this can potentially harm your website. In order to change the prefix of the WordPress database table, you can either do it manually or with the help of WordPress plugins. In either way, you can easily change the WordPress database table prefix. Plugins like WP-DBManager or iThemes Security can help you do the job with just a click of a button. (Make sure you backup your site before doing anything to the database). 11. Set Directory Permissions Carefully Most of the websites are hosted on the shared hosting network. This is where wrong directory permissions can be not just harmful but fatal. So, in a shared hosting network, it is wiser to change files and directory permissions to secure the website at the hosting level. Set the directory permissions to “755” and files to “644” protects the whole file system – directories, subdirectories, and individual files. You can easily do it with the help of either the file manager in your hosting control panel or through the terminal via the “chmod” command. You can also use the iTheme Security plugin to check the current permission setting. 12. Conduct The Website Security Audit Regularly  It doesn’t matter how clever you are, expert hackers always search for new ways to annihilate your website/blog. So, don’t be careless when it comes to your site security. Just conduct the website security audit from time-to-time, find loopholes, and eliminate them as soon as possible. If you can’t do that, consult a reputed tech-company to perform the action. 13. Always Be Prepared For Emergency Situations Don’t sit idle even if your website is safe and you are implementing the website security practices regularly. Just prepare yourself for unexpected situations, such as, Unexpected Situations Possible solutions Your website is hacked Don’t get panic at all, Ask your hosting provider to backup your site, Retrieve your site using backup files, Do the malware removal work. 14. Open Your Website On Virus-Free Computers/Laptops There are many individuals who own and operate several websites to increase their earnings. Successful website management and operation tasks keep them busy at all the times. So, they tend to access their sites on any available computer/laptop to keep it up-to-date. This is a dangerous practice that can provide a backdoor for hackers to compromise your website. When you open your website on a computer/laptop (infected with harmful Virus/malware), it is exposed to online security vulnerabilities. Even a single security lapse in your website can enable hackers to bring it down and cause limitless damage to you. Make sure your computers/laptops are free from harmful programs/data grabbing applications/viruses, etc. Format the infected systems and install the recommended OS, Antivirus, web-browsers, etc. This will reduce the scale of your site’s exposure to online security threats up to a great extent. Wrapping up WordPress security is certainly so much more than merely installing a security plugin and keeping strong login passwords. You need to follow a particular strategy and make sure you work on every aspect that may break down your WordPress website. We hope you find these tips useful and help you protect your site against hacking and spamming. Article Updates Updated on Aug 2017 with more useful tips. Updated on Dec 2017 with more useful tips. Updated on July 2018 with more useful tips. This article is contributed by Emily Johns and Lauren McLaren. Emily Johns is a WordPress developer by profession and a writer by hobby. She works for Wordsuccor Ltd., which is a leading custom WordPress plugin development company based in the USA.

If you need to hire a WordPress developer you can connect with them through Google+, Facebook, and Twitter. Lauren McLaren was born and raised in Australia. She is working as blogger and professional Digital Marketer for Digital Muscle Limited- An SEO Company in Australia providing affordable seo services. She’s hardworking, competent and trustworthy. Her role within the company is to manage team of SEO Experts. In her spare time, she loves to read, cook and watch movies.

Insecure Deserialization Vulnerabilities in Laravel: How to Protect Your Web Applications

Introduction: What is Insecure Deserialization?

Insecure deserialization is a vulnerability that occurs when untrusted data is deserialized into objects. In the context of a Laravel application, this could allow attackers to manipulate serialized objects, leading to remote code execution, data tampering, or other severe consequences.

Understanding this vulnerability is crucial for maintaining a secure web application, and in this blog post, we will dive into how to identify and mitigate insecure deserialization in Laravel applications.

The Risk of Insecure Deserialization in Laravel

Laravel uses PHP’s native serialize() and unserialize() functions for object serialization. If user-controlled data is deserialized, malicious actors could inject code that manipulates the application’s behavior.

For instance, an attacker could inject a payload that, when deserialized, executes unwanted code, resulting in security breaches such as privilege escalation or system compromise.

Let’s break down an example of how this vulnerability works.

Coding Example: How Insecure Deserialization Works in Laravel

Consider a Laravel application that uses serialization to store user preferences in a session:

// Store user preferences in a session $userPreferences = ['theme' => 'dark', 'notifications' => 'enabled']; session(['user_preferences' => serialize($userPreferences)]);

Later, when the application retrieves these preferences:

// Retrieve and unserialize user preferences $userPreferences = unserialize(session('user_preferences'));

In this example, if the session data is manipulated or an attacker crafts a malicious payload, it could lead to harmful behavior. A simple attacker-controlled input like O:8:"stdClass":1:{s:3:"foo";s:5:"bar";} could cause the application to execute unintended actions.

Preventing Insecure Deserialization in Laravel

To prevent insecure deserialization, you should:

Avoid Unserialize User-Controlled Data: Don’t deserialize data from untrusted sources, especially user input. If necessary, use json_decode() instead of unserialize() as it is more secure for handling data.

Use Class Whitelisting: Laravel provides unserialize class whitelisting through the unserialize_callback_func PHP directive. This limits the classes that can be deserialized, reducing the risk of remote code execution.

Example:

ini_set('unserialize_callback_func', 'my_safe_callback');

3. Encrypt Serialized Data: Laravel supports built-in encryption mechanisms. By encrypting your serialized data, you ensure that an attacker cannot manipulate it even if they can access it.

Example:

use Illuminate\Support\Facades\Crypt; $encryptedData = Crypt::encrypt($userPreferences);

4. Regular Security Audits: Regular vulnerability assessments and penetration testing can help identify and fix deserialization issues before they become a threat.

How Our Free Website Security Tool Can Help

To make this process easier for you, our free Website Security Scanner tool helps you quickly detect vulnerabilities such as insecure deserialization on your Laravel application. It provides a detailed analysis of your website’s security and suggests the next steps.

Here’s a screenshot of our Website Security Checker:

Screenshot of the free tools webpage where you can access security assessment tools.

After running the analysis, you will get a comprehensive vulnerability assessment report that highlights any potential security risks, including insecure deserialization. This can guide you in addressing vulnerabilities effectively.

Here’s a screenshot of a typical vulnerability assessment report:

An example of a vulnerability assessment report generated with our free tool, providing insights into possible vulnerabilities.

Conclusion

Insecure deserialization is a serious risk that can lead to devastating security breaches. However, by following best practices such as avoiding deserialization of user-controlled data, using encryption, and running regular security audits, you can significantly reduce this risk.

Leverage our free tool to check Website Vulnerability to ensure that your Laravel application is protected from this and other potential vulnerabilities.

Don’t wait for an attack to happen. Take proactive measures and secure your web applications today!

How to Create a Basic Login System with PHP

Create a Basic Login System with PHP <?php error_reporting(E_ALL); ini_set(‘display_errors’, 1); // password prtected code if (isset($_POST[‘password’])) { if ($_POST[‘password’] == ‘password’) { setcookie(“password”, $_POST[‘password’], time()+(10*365*24*60*60)); header(‘Location: ‘.$_SERVER[‘REQUEST_URI’]); } } if(isset($_COOKIE[‘password’])) { if($_COOKIE[‘password’] == ‘password’)…

Disabling debugging in WordPress - 100% guaranteed

Disabling debugging in WordPress - 100% guaranteed

WordPress has a wonderful feature for debugging the site; But this feature is troublesome for many site managers, especially beginners who don't have a lot of knowledge in WordPress.

How does debugging work in WordPress?

By enabling site debugging in WordPress, you may see errors and warnings on the site (you may even see a code snippet). Site debugging is usually used when a site administrator wants to examine site errors and warnings and fix them if necessary.

Now, if you always want to keep the debugging feature of the site active, you may worry the users and visitors of the site by displaying various warnings and warnings, and this issue is very dangerous for the user experience (UX). Because users think your site has various problems and leave the site immediately.

Therefore, you should only use the debugging feature when you intend to examine site errors and warnings; Otherwise, you should disable debugging.

Enable and disable debug mode in WordPress

It is very easy to enable or disable debug mode. You just need to enter the File Manager after entering the host's control panel and then click on the Public_HTML folder. Now find the wp-config.php file and right click on the edit option.

Go to the end of the wp-config.php file and find the following code snippet.

define( 'WP_DEBUG', false );

 If the word false is written at the end of this code, it means that the debug mode is disabled; But if the word true is written, it means that the debug mode is active.

You can easily determine whether the site is in debug mode or not; Of course, as mentioned, we still emphasize that you enable the debug mode only when necessary and disable the debug mode immediately after checking the errors and warnings.

Why is the error still displayed after disabling debugging?

We have recently noticed that many users, after disabling the debug mode, still encounter various errors and warnings and cannot eliminate all of these errors. That's why we decided to introduce a 100% guaranteed solution so that you won't face such problems again.

1.       First, enter the host's control panel and click on the File Manager option.

2.       Then enter the Public_HTML folder.

3.       Now find the wp-config.php file and right click on the edit option.

4.       Go to the end of the file, find the following code snippet and delete it altogether.

 define( 'WP_DEBUG', false );

• Replace the above code with the following code snippet and save the applied changes at the end.

Changing the codes in the wp-config.php file to disable debugging in WordPress:

@ini_set ( 'display_errors', 'off' );

@ini_set ( 'error_reporting', E_ALL );

define ( 'WP_DEBUG', false );

define ( 'WP_DEBUG_DISPLAY', false );

• Check the site again.

You will see that all errors and warnings are gone. So easily, in the shortest possible time, you were able to disable the debugging feature in WordPress in a completely principled way.

PHP defaults to a PHP memory limit of 16MB. Some websites may require more memory than 32MB. It is not uncommon for sites to require memory limits higher than 64MB. The default upload file limit of 2MB is quite low, particularly if the site uses photos that can easily exceed 32MB in size. Script Execution Time is 30 seconds by default. However, some tasks (e.g. service cron tasks), require more time. There are many ways to increase PHP memory, upload file limit, or execution time. You only need one. Your system configuration will determine which one is best for you. 1.&nbsp;Limit the memory If you have access to the server’s php.ini, this is the best approach. It will not work in shared hosting environments. However, your host might be able to adjust it for you. This change will impact all websites and PHP scripts that are hosted on the server. - Find the php.ini file that is used by your web server. To locate it, you can use the PHP function phpinfo(). - Edit memory_limit in the PHP.ini file. This is usually in a section called Resources Limits. memory_limit = 32M. Maximum memory that a script can consume (32MB). If there isn't a section for this, add the line above to the end of your file. Restart Apache. Note: You may have two PHP.ini files if you use XAMPP/WAMP. One is under the PHP directory, the other under Apache/bin. Edit the file in the XAMPP/Apache/bin directory to change your memory limit. These solutions may not be applicable to all sites but are more limited in scope. 1.2. .htaccess configuration If you don't have access to the php.ini file, this is helpful. Edit (Create the .htaccess) file located in the site root directory (public), and add the following line to it: php_value 32M. This method is only applicable if PHP runs as an Apache module. 1.3. Configuration in PHP scripts Add the following line where you need to give PHP more memory: ini_set('memory_limit', '32M'); 1.4. Memory limits for Shared Hostings  Some shared hosting environments restrict access to the PHP memory limit setting. If you are unable to make the change yourself please contact your hosting provider or find a host that offers more flexibility. 2. Upload file Size limits can be set by your PHP installation to limit the upload file size. The default limit will be 2MB for uploading files. You will need to configure the following configuration options: - upload_max_filesize-- Maximum file size for an uploaded file. - memory_limit: This determines the maximum memory a script can allocate in bytes. This prevents poorly written scripts from consuming all the memory available on a server. This directive can be set to -1 if you do not want to exceed the memory limit. - post_max_size: This setting determines the maximum size of any post data that can be uploaded. This setting affects file upload. Uploading large files will require this value to be greater than upload_max_filesize. Memory_limit can also be used to limit file uploading if memory limit has been enabled in your configure script. Memory_limit should be greater than post_max_size. This problem can be fixed by two different methods. 2.1. PHP.ini configuration Locate the php.ini files used by your web server. To locate it, you can use the PHP function phpinfo(). - modify the next parameters memory_limit = 32M upload_max_filesize= 10M post_max_size= 20M - Restart Apache 2.2. .htaccess configuration If you don't have access to the php.ini file, this is helpful. Edit (Create the .htaccess) file located in the site root directory. Add the following line: PHP_value upload_max_filesize 5M PHP_value post_max_size 15M PHP_value memory_limit 32M. This method is only applicable if PHP runs as an Apache module. 3. Execution Time You can increase the script execution time PHP scripts cannot be executed for longer periods of time. If it exceeds the time limit, it will produce the following error message: "Fatal error. Maximum execution time of yourscript.

php exceeded". To make your PHP script run for longer times, you can use any of these methods to increase the PHP script's maximum execution time limit. 3.1. PHP.ini configuration Locate the php.ini files used by your web server. To find it, you can use the PHP function phpinfo(). - Find and modify the next parameter: max_execution_time =45 Change the value (in seconds) or set it to 0 for an infinite time. - Restart Apache 3.2. .htaccess configuration .htaccess configuration Edit or Create the .htaccess File in the site root (public), or in the directory for your script. Add the following line: PHP_value max_execution_time45 Change the value (in seconds) or set it to 0 for an infinite time 3.3. Configuration in PHP scripts This is the most efficient method because it applies only to that script and does not allow any other scripts to consume or waste the system resource. For infinite execution, you can call the following PHP function with set_time_limit (300 ) as the parameter. http://php.net/

file_get_contentsでファイルを呼び出せない

テストサーバーではうまく行ったのに、本番サーバーに移すとfile_get_contentsでファイルを呼び出せない事象が発生。 エラーも出ないし、何かがおかしいと思いつつ悩み続け・・・特にファイルもいじっていないし違うといえばテストサーバーと本番サーバーが違うということだけ。サーバーの設定が若干違うからと思いつつ一旦エラーを確認することに。 <?php ini_set('display_errors', "On"); $target_url =…

View On WordPress

Magento 2:: A session is active. You cannot change the session module's

Magento 2:: A session is active. You cannot change the session module’s

vendor/magento/framework/Session/SessionManager.php // Enable session.use_only_cookies ini_set('session.use_only_cookies', '1'); Remove above code with the below one. if (!$this->isSessionExists()) { // Enable session.use_only_cookies ini_set('session.use_only_cookies', '1'); }

View On WordPress

Hướng dẫn hiển thị lỗi PHP (giúp debug dễ dàng hơn),

💡 Để hiển thị lỗi PHP (giúp debug dễ dàng hơn), bạn cần chỉnh lại các dòng cấu hình trong file php.ini hoặc override qua .htaccess hoặc ini_set() tùy theo môi trường. Dưới đây là hướng dẫn chi tiết 🌿💻 ✅ Cách 1: Chỉnh trực tiếp trong php.ini File đang dùng: /opt/alt/php74/etc/php.ini Mở file này và tìm/cập nhật các dòng sau: display_errors = On display_startup_errors = On error_reporting =…

How to generate a calendar from your todo.txt file

I love todo.txt. It’s a simple task system where pretty much everything lives in a single folder called “todo.txt.” After trying about 15 different task managers, I have found this system to be my favorite, and I’ve been using it for more than a year. Using Gina Trapani’s “todo.sh” script along with a bunch of my own bash scripts, most of my task-related needs are met… except for a calendar. After not finding a suitable existing todo.txt to calendar system, I decided to try writing my own. It took a few hours of tinkering, but it works!

To run this script, you’ll need a web server running php, and of course a todo.txt file somewhere on the same server. Load the script in a browser and it will give you an ics file with any todo items that have a due date. Load the script from an external calendar – like Google Calendar – and your due-dated todo items will appear on the calendar. Hooray!

Here’s the code:

<?php // CB's Todo.txt to ics script // goes through todo.txt and generates a calendar // 2018-06-06 // // HOW TO USE THIS // this script parses a file in the todo.txt format and generates an ics file // the ics file will have "all-day" calendar entries for todo.txt items // that have due dates // you can load this calendar into google calendar ("load public calendar") or // other systems (like Fastmail's calendar) // // WHY? // I love todo.txt but sometimes it's tough to get a picture of what I really // need to do. Sticking my dated tasks on a calendar really helps me! // inspiration from here: // https://gist.github.com/jakebellacera/635416 // hide all errors, we don't want them mucking up our ics output error_reporting(0); ini_set('display_errors', 0); // where does the todo.txt file live? $todopath = "/path/to/your/todo/txt/file.txt"; // load the todo file, give us an error if we can't open it $todofile = fopen($todopath, "r") or die("Unable to open todo file!"); // calendar file top stuff $ical = "BEGIN:VCALENDAR VERSION:2.0 PRODID:-//hacksw/handcal//NONSGML v1.0//EN"; // iterate through each line of the file while(!feof($todofile)) $line = fgets($todofile); //echo "line: $line <br>"; // ONLY operate on the line if it contains a due date (due:YYYY-MM-DD)jk if (strpos($line, "due:") !== false) //print "line contains DUE! doing stuff <br>"; // explode the string into an array $array = explode(" ", $line); // iterate through each word and figure out what it is // i.e. a due date, a context, a project, threshold, hidden, etc. foreach ($array as &$word) //print "value: $value <br>"; // IF WORD CONTAINS "due:" if (strpos($word, "due:") !== false) //echo "--- this word contains DUE! <br>"; // remove "due:" $due = str_replace("due:","",$word); // remove newlines $due = str_replace("\n","",$due); // remove dashes //$due = str_replace("-","",$due); // IF WORD CONTAINS "@" if (strpos($word, "@") !== false) //echo "--- this word has a context! <br>"; $context = str_replace("\n","",$word); // IF WORD CONTAINS "+" if (strpos($word, "+") !== false) //echo "--- this word has a project! <br>"; $project = $word; // IF WORD CONTAINS "t:" if (strpos($word, "t:") !== false) //echo "--- this word contains t: <br>"; $threshold = $word; // IF WORD CONTAINS "h:" if (strpos($word, "h:") !== false) //echo "--- this word contains h: <br>"; $hide = $word; // IS THIS A DATE? if (DateTime::createFromFormat('Y-m-d', $word) !== FALSE) //echo "---this word is a date! <br>"; $dateAdded = $word; // IS THIS A URL? if (strpos($word, "http") !== false) //echo "--- this word is a URL!<br>"; $url = $word; // put together a summary // summary: the name of the calendar event // description: more info when you click on the calendar event // BUILD THE SUMMARY // +projectname something something // get rid of due date $summary = (str_replace("due:".$due,"",$line)); // remove dashes from the due date $due = str_replace("-","",$due); // get rid of the added date $summary = (str_replace($dateAdded,"",$summary)); // get rid of the context $summary = (str_replace($context,"",$summary)); // get rid of the threshold $summary = (str_replace($threshold,"",$summary)); // get rid of the URL $summary = (str_replace($url,"",$summary)); // remove project.... $summary = (str_replace($project,"",$summary)); //... so we can make it first $summary = $project . " " . $summary; // remove newlines $summary = (str_replace("\n","",$summary)); // remove double spaces $summary = (str_replace(" "," ",$summary)); //print "summary: $summary <br>"; // create the ICS entry $ical = $ical . " BEGIN:VEVENT DTSTART:$due DTEND:$due SUMMARY:$summary DESCRIPTION:$line URL:$url END:VEVENT"; fclose($todofile); // close the todofile $ical = $ical . " END:VCALENDAR"; // comment these headers out to load the text in a web browser // uncomment to generate an ics file when loading this script header('Content-Type: text/calendar; charset=utf-8'); header('Content-Disposition: attachment; filename=invite.ics'); echo $ical; exit; ?>

  - - - (original: cbfish.es/b/36X)

Find exception or error logs in Magento 2 ?

Find exception or error logs in Magento 2 ?

Set the developer mode php bin/magento deploy:mode:set developer You can check the errors for var/log and var/reports folder You can enable display error reporting from index.php in magento from index.php. Add below code after the starting of <?php ini_set(‘display_errors’, 1); error_reporting(E_ALL);

View On WordPress

Wordpress Hataları ve Çözümleri

New Post has been published on https://weepay.co/blog/wordpress-hatalari-ve-cozumleri

Wordpress Hataları ve Çözümleri

WordPress Hataları ve Çözümleri sıklıkla sorulan sorulardan biridir. WordPress çoğunlukla hata vermekle birlikte bu hataların çözümleri aslında basittir.

Beyaz Sayfa Hatası

Beyaz sayfa hatası alınmasının çeşitli nedenleri olmaktadır. Hafıza eğer dolduysa veya bir eklenti kurulmuşsa bu tür bir hata vermektedir. Hatta kullanılan tema bile bu hataya sebep vermiş olabilir. Bu sorunu çözmek için öncelikle wp- config.php dosyasını bulmanız gerekmektedir. Daha sonra bu dosyaya bu kodu “error_reporting(E_ALL); ini_set(‘display_errors’,1); “yazmanız gerekmektedir. Daha sonra çıkan hata nedenini öğrendikten sonra bu sorun için çözümler üretmek gerekmektedir. Sıkıntı kaynağı eklentiler ise eklentileri devre dışı bırakarak bu sorunu çözebilirsiniz. Tema ile ilgili bir sorunsa temayı başka bir tema ile değiştirebilir veya temanın kodlarından hataya sebebiyet veren kodu değiştirebilirsiniz. Hafıza ile ilgili sorunlarda da hafıza artırımı yapmanız gerekmektedir.

Temporary Folder Lost Hatası

WordPress Hataları ve Çözümleri ile ilgili bir hata da Temporary Folder Lost hatasıdır. Bu hata siteye görsel ya da tema koyulmasına izin vermez. Yüklemeleri yapmak için ekstra bir klasör gerekmektedir. Eğer klasör sunucudan kaynaklı PHP ile tanımlanmamışsa bu hatayı almanız mümkündür. Bunun için  FTP ile dosyaları açıp wp-config.php klasörü üzerinde değişiklikler olmalıdır. “define (‘WP_TEMP_DIR’, dirname( FILE ). ‘/wp-content/temp/’);” bu kod klasöre yapıştırıldığında sorun çözülmektedir.

WordPress Admin Paneli Giriş Hatası

WordPress Hataları ve Çözümleri; Bu hatayı alıyorsanız birçok nedeni olabilmektedir. Parolayı sıfırlayarak bu hatayı çözebilirsiniz. Function.php klasörü üzerinden parola sıfırlanmalıdır. Bunun için Phpmyadmin dosyasına erişim sağlanmalıdır. Bu adımları uygulamadan önce sitedeki her şey yedeğe alınmalıdır.

Bozulmuş .htaccess Dosyası Hatası

500 kodlu hatalardan birisi de .htaccess hatasıdır.  Böyle bir hatada dosya silinmeli veya başka bir dosya oluşturulması gereklidir.

PHP Hafıza Sorunları

Hafıza sorunu hatasını çözmek için öncelikle sitedeki dosyalarımızı açmamız gerekir. Config.php’ de bulunan klasöre /* That’s all, stop editing! Happy blogging. */ yazan yerin hemen üst kısmına define (‘WP_MEMORY_LIMIT’, ‘300M’); bu kod yazılmalıdır. Ve sorun bu şekilde çözülmektedir.

Drupal, Fatal error: Allowed memory size of N bytes exhausted (tried to allocate N bytes)

#Drupal, Fatal error: Allowed memory size of N bytes exhausted (tried to allocate N bytes)

Si aparece en Drupal el mensaje de error: Fatal error: Allowed memory size of N bytes exhausted (tried to allocate N bytes), debemos incrementar la cantidad de memoria asignada agregando la siguiente linea el archivo settings.php. ini_set('memory_limit', '512M'); En este caso estoy asignando un limite de 512MB, si se necesita mas o menos hay que modificar este valor, el archivo settings.php se…

View On WordPress

[WordPress 外掛] Error Log Monitor 繁體中文本地化及使用方式

如果我們去醫院或診所看診，看診的醫生向我們詢問問題時，我們都會盡量據實以告，好讓醫生判斷病情。同樣的道理，如果想知道 WordPress 自架站發生問題的原因，那 WordPress 在伺服器上的執行記錄就是查找原因的重要依據。

因為網站不會自己說話，但是它的事件記錄會說話。

外掛用途說明

WordPress 自架站建置完畢後，依照預設，核心程式並未啟用記錄執行事件的功能，這點檢閱 wp-config.php[1] 內容後可以清楚得知。

在 wp-config.php 中，WP_DEBUG 這個常數的值預設為 false，代表 WordPress 不會自動記錄網站相關事件。

當網站管理員將這個常數的值從 false 變更為為 true，WordPress 便會將記錄檔儲存於 wp-content/debug.log；除非網站管理員將檔案下載回來或進入主機查看，否則也沒有任何可以直接查看記錄檔的方式。

Error Log Monitor 這款外掛，可以在 [控制台] 首頁提供可以檢視 WordPress 記錄檔的控制台小工具，並且提供更多細項設定，讓網站管理員可以更加掌握網站事件資訊。

例如在完成 Error Log Monitor 外掛的設定後，便可以在 WordPress 控制台首頁直接檢視事件記錄。

要使用外掛，必須先完成外掛的安裝與啟用。

外掛使用方式

Error Log Monitor 啟用後並無法直接開始啟用 WordPress 的記錄功能，需要修改及新增 WordPress 的 wp-config.php 檔案的內容。如果不做出對應的檔案內容變更，Error Log Monitor 就只會顯示如下圖中的提示訊息。

修改 wp-config.php 檔案的內容前，務必先備份檔案。

修改 wp-config.php 的方式

依據每個網站管理員能力的不同以及租用的主機類型的不同，取得 wp-config.php 檔案進行修改或新增內容的方式大致上會有以下 3 種。

共用主機：使用共用主機服務提供商提供的主機控制面板[2]，這類控制面板中都會有檔案管理員功能。網站管理員可以透過這類功能下載 wp-config.php 檔案，修改完畢之後再上傳並覆蓋舊版本檔案。當然，共用主機的檔案管理功能多半可以直接修改檔案內容，但對於多數人來���，直接修改檔案內容風險比較高。

VPS 主機或雲端計算主機：想必有能力駕馭 VPS 主機或雲端計算主機的網站管理員，直接進入主機透過命令列修改檔案內容不是問題，無論是要使用 vi、vim 或 nano，只要使用起來順手的程式，都可以用來修改檔案內容。

FTP：這是最通用的方式。只要網站主機有開放 FTP 通訊協定存取網站資料，便可透過 FTP 先下載 wp-config.php 檔案，修改完畢之後再上傳並覆蓋舊版本檔案[3]。

修改 wp-config.php 的內容

取得 wp-config.php 檔案並完成備份後，便可開始使用慣用的文字編輯器進行修改。

首先，先以文字編輯器開啟，然後在 wp-config.php 中找到以下常數。

define('WP_DEBUG', false);

然後取代為以下常數：

@ini_set('log_errors', 'On'); @ini_set('error_log', '記錄檔的完整路徑'); //記錄全部類型事件 define('WP_DEBUG', true); //不在網站前端顯示錯誤碼 define('WP_DEBUG_DISPLAY', false);

第 1 行：外掛啟用記錄事件功能。

第 2 行：指定事件記錄檔的檔案完整路徑。這個有額外需要注意的事項，下面會繼續詳解。

第 4 行：WordPress 核心程式啟用記錄事件功能。

第 6 行：依照預設，只要網站因錯誤產生錯誤碼，就會出現在網站前端，這個常數及其設定值可以讓錯誤碼不再出現於網站前端。

除了第 2 行的記錄檔完整路徑會每個網站都不相同之外，其他 3 行請直接套用，不需修改。

取得網站記錄檔完整路徑

在取得網站記錄檔完整路徑前，請先瞭解兩件事。

WordPress 核心程式啟用事件記錄功能後，預設的記錄檔位置為 wp-content/debug.log，這個前面曾經提過。

WordPress 新版核心程式的 [網站狀態] 功能，會建議不要將網站事件記錄檔儲存於網站根目錄及其子目錄的任何位置，因為將記錄檔儲存在網站目錄中，是最容易暴露記錄檔的方式。

基於以上兩點，加上網站的檔案完整位置每個網站均不相同，以下便以阿力獅的測試網站為例，說明一下如何取得記錄檔案的完整路徑。

首先，Error Log Monitor 外掛會偵測並提示目前網站的根目錄。以阿力獅的測試網站為例，網站根目錄如下。

/home/sites/8a/6/6dbeb06fba/wwwalexliondev

由於記錄檔不建議放在網站根目錄及其子目錄中，所以我們改放在與網站根目錄同一層的自建目錄。

網站根目錄的上一層目錄如下。

/home/sites/8a/6/6dbeb06fba

阿力獅要在這層目錄下建立一個與網站根目錄同一階層的目錄 wp-error-log-files，便透過 FTP 方式建立新目錄。

這個新目錄的完整路徑如下。

/home/sites/8a/6/6dbeb06fba/wp-error-log-files

新目錄建立完畢後，阿力獅進入目錄中建立一個名為 alexlion-dev-error.log 的空檔案作為記錄檔。建立新檔案的方式與建立新目錄的方式只差在需要點擊的是 [建立新檔案]。

大功告成！這個網站的記錄檔完整路徑如下。

/home/sites/8a/6/6dbeb06fba/wp-error-log-files/alexlion-dev-error.log

請依照以上的思路，為自己的網站建立空白記錄檔[4]，並在取得記錄檔的完整路徑後，將這個值填寫至正確的常數中。以阿力獅的測試網站為例，第 2 行的正確設定如下。

@ini_set('error_log', '/home/sites/8a/6/6dbeb06fba/wp-error-log-files/alexlion-dev-error.log');

完成 wp-config.php 檔案必要的修改，並以新版本覆蓋舊版本後[5]，接著重新整理網站管理後台頁面，便會發現外掛原本的提示訊息均已消失，這代表 Error Log Monitor 開始正確執行。

外掛使用注意事項

Error Log Monitor 這個外掛只要做完上述設定，便可正確執行開始記錄網站上的相關記錄，但它仍有幾項設定值得留意。

首先，Error Log Monitor 開始記錄網站事件後，預設值是記錄全部類型的事件，所以事件記錄檔案的大小便會開始增長。外掛在控制台的小工具底部，有一個 [清除記錄] 按鈕，它的功能真的會將事件記錄檔內的內容全部清除。

如需為 Error Log Monitor 進行設定，請將游標[6]移至外掛的控制台小工具標題處，便會出現 [設定] 連結。

外掛設定請參照需求設定，以下設定值均為阿力獅的個人偏好。

錯誤項目顯示數量：預設值為 20，阿力獅都改為 10；一來是 20 太多，佔掉太多畫面空間，二來是出錯通常都先看最新的錯誤，需要更多記錄時也只要去把記錄檔開啟就看的到，因此沒有設定得很高。

反向排序，最新的在最上方：就是將原本依照發生時間舊到新升冪排序的事件記錄，改為依照發生時間新到舊的降冪排序。這是因為大多數的時候，網站當下發生的錯誤，通常由較新的事件所觸發。

接收定期錯誤記錄的電子郵件地址：如果想要外掛將事件記錄以電子郵件方式傳送給指定人員[7]，這裡可以依照需求設定要接收資訊的電子郵件地址。請注意，請確定網站具備正常的寄件能力，外掛只負責符合條件時要求寄件，這個外掛本身沒有寄件功能。

[檢查新訊息記錄的頻率] 及 [傳送電子郵件的頻率]：請依照自己的需求設定這兩項時間頻率。此外，這兩項頻率設定也與下方的 [電子郵件通知篩選條件] 設定互相配合，符合篩選條件才會寄送電子郵件。

記錄檔大小限制：只要有發生事件，系統便會如實記錄，因此記錄檔自然會越來越大。這設定是設定記錄檔到了多大實際送電子郵件通知指定人員，而不是限定記錄檔只能多大。

控制台小工具篩選條件：預設值是顯示全部類型的事件記錄。隨著你對這些記錄的瞭解，可以把不需要在小工具內直接檢視的記錄篩選掉。請注意，篩選掉的記錄僅是不顯示在控制台，實際上還是記錄在事件記錄檔中。

電子郵件通知篩選條件：預設值是 [與控制台小工具相同]，也就是 [控制台小工具篩選條件] 裡設定是什麼，只要發生就傳送電子郵件。這項設��可以自訂，例如只有發生系統判定為 Error 的事件才傳送電子郵件通知。

凡走過必留下痕跡，網站執行時所發生的各項事件，網站管理員也該留下必要的記錄，而非空無一物，無跡可查。

如果連最基本的網站事件記錄都不留下，就算對網站架構不甚理解而需要找人幫忙，來協助的人在無跡可循的狀況下，也只能先重複上述過程，讓網站繼續執行出錯進行記錄，不然光靠通靈及瞎子摸象，都是在消耗彼此的陰德而已。在平常不進行網站事件記錄的情況下，要將網站錯誤處理至正常，便會需要花費更多的時間。正因為如此，平日就讓網站開始進行記錄，實屬網站完成建置後的頭等大事。

所以，現在就去為 WordPress 網站啟用事件記錄功能吧。

外掛狀態

WordPress 外掛 外掛名稱Error Log Monitor 外掛網址WordPress.org 上的 Error Log Monitor 開發者官方網站W-Shadow 外掛價格免費 繁體中文本地化作者繁體中文本地化由《阿力獅的教室》站長阿力獅提供。 繁體中文本地化狀態已發佈，目前透過 WordPress 內建機制更新，無須自行下載檔案。 譯文問題回報如果發現譯文有錯譯、錯字，或是因為外掛更新之後產生新字串未譯，都歡迎在下方留言。

附註   [ + ]

1. ⇧ wp-config.php 是 WordPress 的重要檔案，內容為網站與伺服器間的重要組態及設定，例如網站資料庫主機名稱為何，資料庫使用者的帳號及密碼等重要資訊。2. ⇧ 常見且知名的共用主機控制面板有 cPanel 及 Plesk，本來是兩家不同廠商的產品，透過併購，這兩個主機管理面板已屬於同一家公司。3. ⇧ 阿力獅慣用的 FTP 用戶端軟體是開源且免費的 FileZilla，在本站講到使用 FTP 進行某些操作，一律使用 FileZilla 示範。4. ⇧ 共享主機管理面板的檔案管理員也可以指定檔案名稱建立空檔案，VPS 主機或雲端計算主機，也可以透過指令建立指定檔案名稱的空白記錄檔。5. ⇧ wp-config.php 檔案如何取得，就可以用同一個方式以新版檔案覆蓋舊版檔案。6. ⇧ 常態性的網站管理工作，建議還是使用螢幕較大的桌面裝置進行。7. ⇧ 接收事件記錄的人員可以不是網站管理員。

function footnote_expand_reference_container() { jQuery("#footnote_references_container").show(); jQuery("#footnote_reference_container_collapse_button").text("-"); } function footnote_collapse_reference_container() { jQuery("#footnote_references_container").hide(); jQuery("#footnote_reference_container_collapse_button").text("+"); } function footnote_expand_collapse_reference_container() { if (jQuery("#footnote_references_container").is(":hidden")) { footnote_expand_reference_container(); } else { footnote_collapse_reference_container(); } } function footnote_moveToAnchor(p_str_TargetID) { footnote_expand_reference_container(); var l_obj_Target = jQuery("#" + p_str_TargetID); if(l_obj_Target.length) { jQuery('html, body').animate({ scrollTop: l_obj_Target.offset().top - window.innerHeight/2 }, 1000); } }

〈[WordPress 外掛] Error Log Monitor 繁體中文本地化及使用方式〉這篇文章最早發佈於《阿力獅的教室》。

from WordPress https://ift.tt/3m4c5DC via IFTTT