Disabling Form Fields

I have an app I’m working on where the admins want to be able to disable certain form fields so they can’t be updated if your’e not an admin.  In other words, if you are a user updating your information, you can change xx and xxx fields, but not x or xxxx.  I figured, no problem, just add “disabled=’disabled'” to the fields you don’t want users updating if you’re not logged in as an admin.  

The problem…
When you add “disabled=’disabled'” to a form field, that form field doesn’t submit any data via _POST or _GET.  This translates to your app updating the fields with nothing,  effectively deleting the information in the database.  

The solution…
Instead of “disabled=’disabled'”, use “readonly=’readonly'”.  

The second problem…
“readonly=’readonly'” only works on <input> tags.  You can’t readonly a <select>.

The final solution…
I found this on Stack Overflow.  I’m not crazy about the solution because it simply creates a second variable of the same name.  This seems sloppy to me because, as the author admits, different web servers might deal with it differently.  I prefer to write code that is going to work everywhere.  

My solution was to change the form fields I didn’t want edited by anyone who isn’t an admin to unnamed <input>s with the “readonly=’readonly'” attribute set, then create a hidden form field with the proper name and the proper value that would take the place of the select field that couldn’t be made read only.

Hopefully that makes sense.  It means adding a bunch of code, but it’s going to work on any PHP script because it’s going to change what gets displayed depending on your user level.  If you’re an admin, you’ll see the <select> field with all the options.  If you’re not an admin, you’ll see a grayed out <input> that you can’t change, but you still see what is in the database.

Forms with Multiple Checkbox Arrays

When I’m making web forms I can never remember exactly how to set “stuff” up.  I’m thinking I’m probably not the only one with this leaky brain problem.  Anyway, I was setting up a pretty large form today and had to create a group of check boxes.  When you’re doing a checkbox group and actually need to be able to see all of the checkboxes that were checked so you can save the info to a database, you have to jump through a couple hoops. First of all, here’s what you get when you do a search for “checkbox group html” in Google.

That seems right, right?  Just name each checkbox in the group the same thing, and you’re good to go.  The problem is that when you try to read those values in PHP, all you get is the last one (value3, in this case). To get all three values, you need to make the checkboxes part of an array, like this.

Then, when you need to get the values, you just step through the array, like any other array.

Pretty simple.  Just thought I would share so maybe it helps someone else.    

One-Click WordPress Installer

old-wordpress-150x150So, I install a lot of WordPress.  It gets painful going to wordpress.org, downloading the latest stable version, unzipping it then uploading the zillion files up to the server through FTP.  Especially if you’re not on some crazy fast internet connection.  Personally, my home internet sucks, so it got to the point where it was taking 15 minutes, or so, to install WordPress.  That’s not fun.

space monkeyAnyway, I started looking around and I found a couple scripts that did a simple install from the server.  In other words, you upload a tiny file, run it and the install happens from the server.  Great!  Exactly what I was looking for!  Except they all still required you to edit the wp-config.php file, or they looked like they were designed by a monkey that just came back from outer space.

Luckily I finally found one that was old, but workable.  I spent a little time with it and made it pretty good.  Now, installing WordPress exactly the way I want it takes about a minute and a half.  All but the last 10 seconds is spent setting up the space on the server.  Not bad.  

Check it out on Github.  That’s where the latest version will always be.

Find it useful?  Help make it better, or buy me a beer to say thanks.  I love beer.  It makes me so much more productive.

If you’re too impatient to go to Github, here’s the guts of of what the script does.

  • Downloads the latest, stable version of WordPress
  • Displays a form:
    • DB Host, DB User, DB Password
    • Creates a random DB prefix for security purposes (you can also set your own)
    • FTP Domain, FTP User, FTP Password, FTP SSL?
    • Memory Limit (For PHP.  When we got to something like v3.7 my server started puking once in a while because it would run out of memory.)
    • List of plugins to download along with WordPress
  • Renames wp-config-sample.php to wp-config.php and updates:
    • Randomly creates the SALT fields
    • Adds code and the FTP information so you can actually use the Update links in Dashboard.
    • Fills in the DB information
    • Adds the memory limit line
  • Deletes the tar ball of the install package
  • Deletes license.txt, because it’s silly to have
  • Deletes readme.html, because it’s silly to have
  • Creates .htaccess file and makes it writable to the user (664)
  • Forwards to install.php (This is where the db is set up by WP)

The Plugin Generated xxx Characters of Unexpected Output During Activation


While developing a custom WordPress plugin I saw this error when activating it. 

The Plugin Generated xxx Characters of Unexpected Output During Activation

I did a little Googling and found that there are a few most common causes:

  1. A white space before or after the PHP opening or closing tags
  2. A file encoded in UTF-8
  3. Another issue when something is called at the wrong time, or a call that cannot be resolved without intervention
  4. Using the WordPress add_option function. Switching to update_option instead can resolve the problem.

In my case it was #1 that blew it up for me.  Who woulda thunk a blank line would be so horrible?  

Anyway, hope this helps someone down the road who is pulling their hair out like I was.

HTTP / HTTPS fix for WordPress

So, one of those pesky LaneCC blog network users had a problem with a syndicated blog post that included an iframe embedded YouTube video losing the HTTPS today.  I looked into it and found an additional filter to add to the plugin, so we’re up to v1.1.  Woo Hoo!  Anyway, you can still get it on GIT.

If you have a WordPress website hosted on a secure server (HTTPS) and you try to put a YouTube video in a post or page, the video stopped showing up about 3 months ago.  This is because web browsers started to recognize that showing non-secure content (HTTP) on a secure web page makes the secure web page not secure anymore.  It used to be that you would just get a little warning in your browser saying that a page had mixed content and you could continue on at your own risk.  Apparently that wasn’t good enough, so the browsers just started blocking the non-secure content.  Bummer.

HttpsIn my day job at Lane Community College, one of my duties is to manage a blog network built around WordPress MU.  Luckily I’m just the guy that handles updates and things like that.  Some other guy has to field the several hundred potentially irritated people that can’t get videos to show up on their blogs.

So, here’s the tech version of what happened.  WordPress uses something called OEMBEDs.  This allows you to simply copy and paste the URL of a video on the YouTube website into a WordPress page or post and have that video show up.  Rather than having to use shortcodes, or plugins, or some other intermediate step, you just use the address of the movie.  Pretty slick, when it works.  As I mentioned above, it breaks when you’re on a secure server though.  What happens is that WordPress, as of about v3.6, looks at the OEMBED for YouTube and recognizes of you’re trying to embed an HTTPS link.  Then it sends a request to YouTube with the address of the video.  What breaks is when YouTube sends the video back it uses HTTP, even though you requested it using HTTPS.  Stupid.  

So, after that long, but very informative explanation, here’s the fix.  You simply install a plugin that adds a filter to WordPress.  When it sees something coming in with an HTTP address, it rewrites it as HTTPS.  Kind of a brute force way of dealing with a silly problem, but it’s working.

The plugin I wrote isn’t available on wordpress.org, but you can get it here on GIT.  


Responsive iFrames (like YouTube videos…)

I’m working on converting a website from plain-Jane to responsive and the website happens to have some videos.  That’s all great and everything, except when you embed a YouTube, Vimeo… video or pretty much anything with an iFrame, like Facebook and Twitter embeds, they are fixed width and blow out your pretty little responsive design when you get to a screen width smaller than the fixed width of the embed.

I didn’t like that, so I went looking around and found that there is a way to kind of brute force the issue using CSS.  

**disclaimer:  This may only work on recent browsers.  I haven’t bothered to check because, really, shouldn’t everyone be using an HTML5 capable browser by now?  Seriously.  Get a life if you don’t.  Hasn’t it been made painfully clear that no one with a brain uses Internet Exploder anymore?

So, anyway, here’s how you do it.


 This is obviously geared toward videos, since the container is called “video-container”, but I’ll show you how to do it for Facebook below.  It’s a hair different.

Once you have the CSS in place, here’s the code for your HTML

 This is the basic embed code from Vimeo for the first video I was trying to make responsive.  I think the HTML is pretty straight forward.  What all this nonsense will give you is a video that is 100% the width of the container it lives in.  In my case, the container it lives in consists of a number of spans in the Bootstrap Framework.  It would work just as well in an responsive design though, I think.  As long as you don’t step on any class names.

Ok, so, now that we have that figured out, here’s how we do it for the Facebook iFrame.


 Notice it’s basically the same, except I dumped the overflow and added some margin below the main container.  If you leave overflow: hidden in place, you lose the bottom of the Facebook frame, so I commented it out and added some margin-bottom to keep the whole frame in the container.


 So, I know, there’s still a width and height in both HTML examples.  Through some kind of magic that I don’t really want to get into, the CSS overrides those those settings.  

So, hopefully this saves you some time if you came here trying to figure out how to make stuff responsive.


Sessions in custom WordPress applications

old-wordpressSo, I spent a couple hours trying to figure out why I suddenly couldn’t pass variables page to page in a custom WordPress application using $_SESSION.  Turns out that in one of the major releases in the last year or so they did something that kills $_SESSION variables.  Not sure how or why, but doing a Google search hinted at that.  

Quick fix though.  Like most things with WordPress, there’s a plugin for that.  I installed Simple Session Support and it took care of the problem.  I’m sure it does a bunch of stuff in the background, but, basically, you can now use $_SESSION variables again just like the old days.  Nothing to configure.  It just works.

Hopefully this saves someone the couple hours it took me to figure it out.

Require Login For Single WordPress Page

By default, anyone who comes to your WordPress website can see any page on that website.  What if you want your website to be open to everyone, except you really need to have a page or two that only registered, logged in users see?  Example?  A company intranet, a calendar that’s only for family or a contact info page that’s only for family.  Whatever the reason, there are only a few ways to make sure a page isn’t open to the world.

Make the page private

You know what I mean.  When you’re editing your page you look over on the right side just above the Publish/Save button an see a “Visibility” option.  You can make that private and the page is hidden from the public, but it’s also hidden from all other registered users.  When set to private a page also doesn’t show up in the main menus or anywhere else.  It’s basically hidden from everyone from the one who made it private.

Password protect the page

Under that same “Visibility” section you can also choose “Password protected”.  This is good.  The page shows up in the menus and all that, but this option asks for a password for this particular page.  Basically, you set a password for this page and then you have to share that password with anyone you want have access to the page.  That’s not quite what I’m after.

Create a new page template

So, to recap, I wanted a page that shows up in the menus just like any other page but whose content can only be seen by users who have an account on the website and have logged in.  For all others, I want the page content hidden.  Here’s what I came up with because I couldn’t find a plugin that accomplished this without annoying upgrade messages or adding a lot of bloat for no reason.

  1. Create a new page template by making a copy of your theme’s existing page.php template.  I named mine “page_logged_in.php”.
  2. Once you have your page you need to edit the file in whatever editor you like.  I use Dreamweaver, but any text editor will work just as well.  The first bit of code you need to add names the template so you can find it later.  (This is what you’ll select in the WordPress admin when creating your new page.)  Just add the following code to the very top of the code.  There will most likely be something similar already there.  If so, just replace it.
  3. Now you need to add a little code to see if the user is logged in.  This is pretty easy.  WordPress has hooks built in for this.  The following can be added directly below the Template Name code above, also at the top of the page before any of the standard WordPress stuff.


  4. Now, go to the very bottom of the page and add the following code.  This will call wp_die() to halt WordPress and display a notice to the visitor saying they need to log in to view the page.

     This little snippet does a couple things.  If it runs (if the user isn’t logged in) then it halts the page and displays a message that says “To view this page you must first log in.”  The words “log in” are a link created by wp_login_url() which is another WordPress hook.  You may notice get_permalink() embedded in wp_login_url().  What this does is gets the address of the page you’re on so that when the user clicks the link to log in, they come back to your password protected page once they log in.  You can forward them pretty much anywhere you want, but I like to bring people back to where they started to minimize confusion.


    Now just save the page template and upload it to your web server where your template files are.  Hopefully you simply duplicated page.php where it already lived, so this is a no brainer.

  6. Next, go to WordPress and create a new page.  Under “Page template”, select the new page template we just created.

  7. Save your new page and that’s all there is to it. That page will now appear just like any other page in your menus, but when a user who is not logged in tries to visit it, they will receive the notice you included above.

Hope this helps.  I looked for a way to do this for about a half a day.  This seems to be a simply way to go about it.


Create Calendar .ICS files with PHP

On a project I was working on recently it would have been cool if we could dynamically create an ICS file so people could download and import events into their calendars.  I did some looking and found several “scripts” that all claimed to do the trick, but none worked quite right.  I kind of pieced them together and came up with this.

 Lets look at a few things.  The header section tells your browser that we’re making an ICS file and it shouldn’t try to display it.  In fact, it should bring up a download dialogue so you can save it to your computer.

The next section sets up the file as a Microsoft Outlook file.  Seems like, without that, there are issues when you go to import it.  Like your calendar needs to know the file is formatted for Outlook.

The biggest section outputs the actual data that shows up in the event.  In my application I put this section in a loop to create the events list.  The $created variable is simply a date.  I used a PHP date function to create the variable.  The rest is pretty well documented.  Oh, and $random_number is really just a random number.  No secret here.

The next section sets up how reminders for the events happen.  You can edit the text as well.

The last section should be left alone.  It’s just closing out the opening tags above.

Not a great explanation of how it works, but you should be able to copy and paste the code and make it work for you.  Hopefully it helps if you need it.

Create DB Table from .SQL (dump) file

Not a really complex thing, but something that comes in handy if you’re moving data around and need to quickly create MySQL db tables through PHP.



 Pretty simple to use.  Just place the function at the top of your page (or at least somewhere higher up the file than when you call it) and give it the name (path included) to the .sql file. 

Something like:


Creates tables with or without data.  Simply takes whatever kind of sql dump you give it and re-creates the database or table it came from.