How to Handle a Hacked WordPress Install

WordPress is the most popular Content Management System in the world, and a significant percentage of the sites on the Internet use it. That popularity is well-deserved, but it also makes WordPress an irresistible target for hackers who want to spread malware.

How to Tell if Your Site’s been Hacked

Sometimes it is obvious that your site has been hacked. Occasionally hackers will simply redirect the site to a different server, so that visitors to your domain end up at a site infected by malware, a site displaying advertising the hacker can profit from, or a porn site. But often hackers add malware or spam links to a site which they want to remain undetected for as long as possible. Having a hacked site can infect your visitors with malware, and it will almost certainly result in a huge hit to your SERP rankings, or even blocking by search engines, so it’s important to be vigilant. There are a number of tools available to webmasters to determine whether a site is vulnerable and whether it has been hacked.

WP  Security Scan

The WP Security Scan extension won’t tell you whether your site has been hacked, but it will check for possible attack vectors and vulnerabilities, and offer suggestions for fixes. Of course, often the vulnerabilities will not be in WordPress itself, but in some other part of the software stack. The best way to ensure that there are no known exploits that hackers can use is to keep your software as up-to-date as possible.

Google’s Safe Browsing Diagnostic

Google has a service that enables webmasters to see whether they consider a site to be dangerous to visit. Copy the following URL into your browser address bar and replace the part following ‘?site=’ with your site’s URL.

http://www.google.com/safebrowsing/diagnostic?site=google.com/

Sucuri

Sucuri offers a free site scanning service that will catch major problems, and a paid for monitoring and cleanup service that can help if you are hacked.

Using these tools together can help you ensure that your site remains safe.

What Should You do If You’ve Been Hacked

Unless you are an experienced and expert developer or website administrator, cleaning a site with any level of confidence by yourself is almost impossible. Even if you think you have found all the malicious files and removed all the spam links, the files that make up WordPress itself may have been altered so that they reinfect a site after an attempted cleanup.

Contact your hosting provider and let them know you’ve been hacked. You might not be the only victim and the host provider’s sysadmins may already be taking action.

Securi, as mentioned above is an excellent tool, and it will attempt to auto-clean your WordPress installation. Should you choose not to use Securi, or hire a professional to clean your site, then the next best option is to delete the site and restore it from backups.

Hopefully, your site is hosted with a provider that offers a comprehensive backup service, in which case restoring the site to a previous version should be very simple. If not, we are going to assume that you have been making regular backups of your WordPress database.

Download a fresh install file from WordPress.org, to replace any files that may have been altered during the attack. Do not use the same passwords on the new install as you used on the hacked site.

After you have installed a fresh version of WordPress you can restore the WordPress database from a backup that you know to be clean.

Since you know that your site has been hacked once, and that there were vulnerabilities that malicious parties were able to exploit, if possible, it may be best to completely reinstall the server and restore from backups. At the least very scan the server with an anti-malware tool. If you are reasonably sure that the infection was limited to WordPress, then you should update all of your software to the most recent versions, to close vulnerabilities. If you’re using shared hosting your provider should take care of this for you.

If you haven’t been taking database backups, it may be possible that the WordPress database has not been breached, and that a fresh install of WordPress using the existing database is enough, but in that case be extra vigilant of alterations, follow the rest of the above advice, and start taking regular backups!

About Daniel Page — Daniel is the Director of Business Developement for ASEOhosting, a leading provider in SEO hosting and multiple IP hosting. Follow ASEOhosting on Twitter at @aseohosting.

  • Leave a Comment
  • All Killer WordPress Websites are Built Around These Concepts

    I’ve been coding with WordPress for a long time now. All the way back to when there was a my-hacks.php file. Shortly thereafter WordPress introduced plugins and widgets. Over all these years I find myself going back to a few key WordPress concepts that make blogs really functional.

    1. Popularity of Posts – The plugin I use, and hack often, is Alex King’s popularity plugin. If you download it from wordpress.org, it works great, but if you really want to make some cool features, you are going to have to hack it.The popularity plugin displays the most popular posts based on time frame, or category in a list (<li>)by default. I’ve hacked it to get the the raw posts, so I can do my own formatting. You can see an example in my “hot list”.
    2. Related Content – Notice how I didn’t say related posts. Finding related content goes much deeper then posts or pages.Related content is a must to build loyal readers (repeat visitors). You have to guide your readers and help them find content THEY are interested in. Remember, most people will find your content from Google, so feed them some related content and grow your user base. Related posts are easy to get, you simple have to a fulltext index to your database. You can then match terms to keywords.
    3. Categories – WordPress is nothing more then a way to organize your content, hence the term CMS (Content Management System). 80% of my traffic from Google comes from a relation to WordPress categories. Either trying to display top level categories without children, or trying to build a top menu/submenu navigation menu.Working with categories in WordPress can be pretty frustrating. I wish there was better information. Luckily there are a lot of help from the WordPress Community.
    4. Images – Magazine themes are the most popular style of theme on the Internet. It’s all about the cool graphics and images to get reader to click on posts. Content sliders and featured content sections with large graphics can be a pain to manually update, which is why you need to learn how to manipulate the images from your posts.

    There you have it. If you want to be a WordPress hacker and make killer websites, you gotta have a good working knowledge of those four topics.  Thanks for reading my post, and as always, don’t be scared to ask me for help.

    This guest post was written by Matt Dunlap who blogs about website development.

  • Leave a Comment
  • How To: Add a Twitter Link to Your WordPress Blog

    Twitter is all the rage these days and it doesn’t seem like it will be going anywhere any time soon.  With that said, it often surprises me that many WordPress blog owners  don’t offer a convenient way for their readers to retweet their content.  Anyone can grab a Twitter WordPress plugin to tweet their new content as it is published, but what about your older content?

    Rather than passing up all that potential traffic, I’ve found that offering a link somewhere within your post (optimally at the bottom of each post) is a great way to help your readers and incoming search engine traffic to promote your content for you.  When people find great content they like to share it with others, so why not make it easy for them?

    Not only is adding a “Tweet This!” link a great choice, but it is really easy to do.  Chances are if you do a search on Google for code to use you’ll find something like the following:

    <a href="http://twitter.com/home?status=Currently reading <?php the_permalink(); ?>" title="Click to send this page to Twitter!" target="_blank">Tweet This!</a>

    This code works just fine, but is not the most optimal solution in my opinion.  Depending on the permalink structure your WordPress blog uses, combined with the length of your domain name, it may be difficult to fit the link into a 140 character tweet.  It also doesn’t leave room for the person to add their own comments to the tweet.

    As a proposed solution, I recommend using some WordPress code like the following:

    <a href="http://twitter.com/home?status=RT @HackWordPress <?php the_title ();?> <?php echo get_settings('home'); ?>/?p=<?php the_ID(); ?>">Tweet This</a>

    This code will automatically insert the “RT” and your Twitter account name (the above example uses our Twitter account, @HackWordPress) then use the ID form of your post with the tweet.  When people click the link in the tweet, they will then be redirected to the actual post using your blog’s selected permalink structure, making a convenient and typically short URL.

    Have you integrated Twitter into your WordPress blog? Share your strategies in the comments!

  • Leave a Comment
  • Page Sensitive Multi-Level Navigation

    While most sites don’t need incredibly deep page navigation there are situations that justify a hierarchy beyond the typical 2 – 3 levels.  Unfortunately that can be cumbersome for top navigation drop-downs (more than 1 level of drop down is too much IMHO) so another solution needs to be found.  I ran into just such a situation for a client and while I”m also not a fan of left hand navigation it was the decision of the client to utilize it in conjunction with their top navigation, and in retrospect it made sense for them. To keep things easily navigable we also implemented breadcrumbs (which is a good practice anyway).

    The mission was to display sub-pages of the current page you are on in the left nav and once you hit the bottom of the hierarchy to show pages which are parallel to that page within the same branch of the hierarchy.

    After some digging and experimentation I came up with the following which executes perfectly in only a few lines of code.

    <?php
    $children = wp_list_pages("title_li=&child_of=".$post->ID."&echo=0&depth=1");
    if ($children == "")
    $children = wp_list_pages("title_li=&child_of=".$post->post_parent."&echo=0&depth=1");
    ?>
    <ul>
    <?php echo $children; ?>
    </ul>
    <?php endif; ?>

    Of course you style to taste…

    That’s it! Used in conjunction with a standard WordPress top-navigation and breadcrumbs you can easily display page sensitive multi-level navigation for your super-complex multi-level site!

  • Leave a Comment
  • Security Reminder: Upgrading Your WordPress Blogs

    While I was away over the weekend, it appears that a large number of bloggers who use WordPress have been hacked and a lot of damage has been done.  It seems this problem has shown up for a large number of people, including some very high profile bloggers.  Among them was Robert Scoble, whose blog was among those websites which were hacked.   Damages on Scoble’s site included porn information being placed in old posts, 2 entire months of content being deleted, and more.  Of course the porn then led to his blog being completely banned from Google!   Scoble is not the only one having these problems, however, and even lesser known bloggers have been attacked.  You can read more in this WordPress support forum thread.

    If you are wondering what the one thing all of these WordPress sites have in common, the problem is they were all using old versions of WordPress.   As someone that owns and operates well over 100 WordPress installations, I certainly understand the pain it can be to upgrade to the latest version of WordPress every time a new release happens, but I hope this goes to show why it is so important to take the time to upgrade all of your WordPress installations be using the most recent version of WordPress.

  • Leave a Comment
  • Separating Trackbacks from Comments in WordPress 2.7+

    Back when WordPress 2.7 was released, the WordPress team introduced a completely revamped comment form that included integration of threaded comments into the core software, introducing some dramatic changes with how comments are handled.   Unfortunately, this change broke one of the most popular comment hacks, separating trackbacks from comments.

    Since then, several people have stepped up and shared some great hacks for separating trackbacks from comment in WordPress 2.7 or newer blogs .  So far the best guide I’ve found came from Sivel.net, which can be viewed here.  Click over and follow those steps get everything separated.

    Note: The above guide is only for people using WordPress 2.7 or newer installations.  For people using WordPress 2.6 or earlier, you’ll want to use this tutorial.

    Once you’ve got the comments successfully separated from the trackbacks, there are a couple additional tweaks you may want to do to clean up how things look (it really depends on preference I suppose).   The first is to clean up your trackbacks/pingbacks by only displaying the title instead of an excerpt and everything else.   In order to do this, you’ll need to find the following code in your comments.php file:

    <ol>
    <?php wp_list_comments('type=pings'); ?>

    Now replace that code with the following:

    <ol>
    <?php wp_list_comments('type=pings&callback=list_pings'); ?>

    Lastly, you’ll need to add the following code to your functions.php file (which can be created if you don’t already have one):

    <?php
    function list_pings($comment, $args, $depth) {
    $GLOBALS['comment'] = $comment;
    ?>
    <li id="comment-<?php comment_ID(); ?>"><?php comment_author_link(); ?>
    <?php } ?>

    That should clean up the trackbacks/pingbacks section and you can also apply the same changes if you use a plugin to display tweetbacks.

    The other thing you may want to do is fix the comment count to only show actual comments, filtering out the trackbacks/pingbacks which are included in your comment count by default.   Simply add the following code to your functions.php file (which again can be created if you don’t already have one):

    <?php
    add_filter('get_comments_number', 'comment_count', 0);
    function comment_count( $count ) {
    if ( ! is_admin() ) {
    global $id;
    $comments_by_type = &separate_comments(get_comments('status=approve&post_id=' . $id));
    return count($comments_by_type['comment']);
    } else {
    return $count;
    }
    }
    ?>

    So there you go.  Anyone have any other tips for cleaning up your comment form?

  • Leave a Comment
  • How to: Use Thumbnails Generated by WordPress

    One of ten brilliant tips that I shared yesterday on my blog – display images on your blog’s homepage without any custom fields or any additional functions.php script, something I first saw on WebDeveloperPlus.

    How do you do it? First log in, on the sidebar select ‘Media’ (which is under ‘Settings’). You’ll then be taken to a page with an option to change the thumbnail size of images. Change that to whatever size you want your images to appear as. Next, insert the code below onto your homepage, archive page, whatever.

    <?php
    //Get images attached to the post
    $args = array(
    'post_type' => 'attachment',
    'post_mime_type' => 'image',
    'numberposts' => -1,
    'order' => 'ASC',
    'post_status' => null,
    'post_parent' => $post->ID
    );
    $attachments = get_posts($args);
    if ($attachments) {
    foreach ($attachments as $attachment) {
    $img = wp_get_attachment_thumb_url( $attachment->ID );
    break; }
    //Display image
    } ?>

    Then, to display your image you can just echo out the $img tag we just created:

    <img src="<?php echo $img; ?>" alt=" " />

    And there we have it. I told you it was easy! This is one of the tips from a post I wrote yesterday on WPShout – ‘10 Tips to Improve Your WordPress Theme‘.

  • Leave a Comment
  • Follow WordPress Hacks on Twitter!

    Based upon the emails we get each month from readers who are trying to find our Twitter feed, I feel this post is probably long overdue, but I wanted to point out to our readership that we do in fact have a Twitter page!   If you’d like to follow WPHacks.com on Twitter, you can get our updates here (@HackWordPress). 

    Our Twitter feed includes notification each time we publish a post here on WPHacks.com, but as an added bonus, you will also get some retweets of our favorite WordPress-related content published by others. 

    Note:  If you’d like to follow my personal tweets also, you can do so here.  (@KyleEslick)

  • Leave a Comment
  • How To: Hack WordPress Theme Template Pages

    The key to being able to display exactly what you want in WordPress is understanding WordPress theme template pages. These are the theme files that display pages, not the ones that perform functions like comments, sidebar, etc. Most of us don’t use the WordPress default theme that comes with installation, and end up downloading a free theme from the Internet. This is a great way to customize your blog, but not all theme authors code their theme the same way. The capabilities of that theme largely depend on how much time the web designer took to code it, in addition to their knowledge of WordPress itself.

    I’m going to explain everything you need to know to be able to customize all your theme pages any way you want, and this will give you enough information to begin coding your own theme as well. Even if you’re an ‘expert’ theme coder, you should learn something new from this article.

    How WordPress Works

    The most important thing you could learn about WordPress is the Template Hierarchy, or – “the order in which WordPress calls pages”. The ONLY file that is required in the PHP files of any WordPress theme is the “index.php”. That’s it! That one file could handle every single function WordPress performs (if you wanted it to). Or, you could have a WordPress theme that had a PHP theme for for every single WP function (or anything in between).

    The Order of Things

    Every time a WordPress page is called the WP ‘engine’, if you will, determines (through process of elimination) what kind of page it is. It’s kind of like a “where am I?” function. WordPress says “what page am I…” and in turn tries to call pages in a specific order. If WP doesn’t find the PHP file it needs it just defaults to the “index.php” file and uses it instead. There are 9 basic kinds of pages WordPress looks for first:

    Am I the Home Page?
    If WP thinks it’s on the home page it will look for “home.php” first, and “index.php” second.

    Am I Post Page?
    (Single) post pages look for “single.php” first, and then default to “index.php”.

    Am I a ‘Paged’ Page?
    (Static) or ‘paged’ pages in WordPress look for a “pagetemplate.php” first (if assigned when published), “page.php” second, and default to “index.php” last.

    Am I a Category Page?
    When WordPress determines it’s on a category page first it looks like a category specific ID page, such as “category-7.php”. If it doesn’t find that it next looks for a “category.php” (which would be used on every category page). If that’s not there is searches for “archive.php”, and last it defaults to “index.php”.

    Am I a Tag Page?
    If WordPress is on a tag page it tries to load “tag-slug.php” first, with ‘slug’ being the name of your tag. If your tag is ‘wordpress hacks’ the tag slug page would be “tag-wordpress-hacks.php”. It that’s not available, WP next looks for “tag.php” which would load for all tag pages, then “archive.php”, and if that’s not there last it defaults to “index.php”.

    Am I an Author Page?
    If your blog has multiple authors, first it looks for “author.php” to display the details. If that’s not there, it tries to load “archive.php”, and last it defaults to “index.php”.

    Am I an Archive Page?
    Archive pages are loaded when WordPress loads a date based page for previous posts. First it tries to load “date.php”, then “archive.php”, and last it defaults to “index.php”.

    Am I a Search or 404 Page?
    If WP determines it’s on a search (results) or 404 (not found) page the it tries to load either search.php or 404.php. If not, the default is once again “index.php”.

    Am I an Attachment?
    Out of all the WordPress theme template pages, the attachment page is probably the one used least, and I have to admit – I’ve not seen a single one of these in any of the hundreds of themes I’ve downloaded. WordPress uses these special pages usually for uploaded content, which would explain why it first looks for “image.php”, “audio.php”, “video.php”, or “application.php”. Then it tries to find “attachment.php” or “single.php”, and if none of those are available it also defaults to “index.php”.

    Inner Workings of WP Theme Templates

    As I said before, you could use a single index.php file to handle the 9 types of pages. You would simply code in some conditional tags, like I showed you in the last tutorial I wrote here on WP Hacks. A single index.php would then just contain code to say if is_home, do this, if is_single do that, etc. That’s a lot of code for just one page, and a bit unorganized – and it doesn’t leave a lot of room for customization.

    Coincidentally, like WordPress searches for 9 basic pages – each theme template page also contains 9 basic WordPress elements:

    1. a header call
    2. opening of ‘the loop’
    3. a call to get the permalink and (some) meta
    4. a call telling WordPress what to get
    5. a call to get either the content or an excerpt
    6. (maybe) more meta
    7. closing of ‘the loop’
    8. a sidebar call
    9. a footer call

    Those are only the WordPress elements, of course the PHP code to make them work is usually scattered throughout the appropriate HTML code make your theme’s layout and graphic design work properly. I’m going to explain these elements a bit more so you can understand how you can customize (or create) nearly any theme template page.

    Header, Sidebar, and Footer calls

    I’m going to handle all 3 of these elements at once, since they are all basically the same. When you see this code in a template:

    <?php get_header(); ?>

    WordPress is simply opening the “header.php” file. The same is true for get_sidebar (sidebar.php) and get_footer (footer.php). You could have multiple headers, footers, or sidebars, see the earlier link above for conditional tags.

    Opening of “the loop”

    The infamous “WordPress Loop” is when a call goes out to the database to do something until WordPress says “stop”, i.e. ‘get me the most recent full text posts in their entirety’. The structure of ‘the loop’ changes depending on what kind of page your displaying, and each of the 9 basic types of pages WordPress tries to load has a ‘loop’.

    The opening of the loop generally looks like this:

    <?php if ( have_posts() ) : while ( have_posts() ) : the_post(); ?>

    You may see it broken down with have_posts on one line to define conditional tags with the while and the_post on another, but it’s still the opening of the loop, and it’s pretty much the same in all pages. One way to use the multi-line loop opending is to place a parameter between “if have_posts” and the rest by using query_posts in between to show only a single post, posts from a time period, the last post only, posts from certain categories, or even change the ordering of posts being iterated in the loop.

    A Call to Get the Permalink and (some) meta
    The very last section of the loop opening (the_post) actually makes individual data available through each iteration of the loop. This data referred to usually as “post meta” because it’s descriptors and identifiers for the individual content being looped through. Typically things like the permalink (URL), title, date, etc. I say ‘some’ meta, because most themes show some things before the individual post content, and then some after – such as categories and tags.

    Here’s a short list of things you can call in post meta: the_permalink, the_ID, the_title, the_time, the_author, the_author_email, the_author_posts_link, the_category, single_cat_title, the_tags, single_tag_titls, edit_post_link, comments_popup_link, comments_rss_link

    Example code you might see for post meta would be something like this:

    <div class="post" id="post-<?php the_ID(); ?>">
    <h2><a href="<?php the_permalink() ?>" rel="bookmark"><?php the_title(); ?></a></h2>
    </div>

    A Call Telling WP What to Get
    Next WordPress will decide how much of the actual individual post content to get for you. How much is gathered from the database depends on whether your look uses “the_content” (to get it all) or “the_excerpt” (to get part of it).

    (Maybe) more meta
    As I previously mentioned, the common things to see after a post are assigned categories or tags, and sometimes you see an “edit” link here as well. Some themes even put date published meta after the post content.

    Closing of ‘the loop’

    The code looks like this:

    <?php else : ?>
    <?php endif; ?>

    Typically it’s on more than one line in case you want to build an option in, such as a message “Sorry, we didn’t find anything”. After the sidebar, before the sidebar and footer calls, is where you typically find the “next” and “previous” navigation links.

    Bastardized Loops?

    Well, just because most loops look like the examples I just gave you, doesn’t mean you can’t bastardize them in just about any way you can imagine. I recommend you read the WP Codex page The Loop in Action for examples of archive, category, and single post formats – as well as static home page.

    The Codex official page for the loop has several examples of how to place multiple loops in one page.

    Perishable Press has a great tutorial for multiple loops, multiple columns – if you want to try and split your content up. They also have some great loop templates, in addition to a great tutorial of horizontally sequenced posts in two columns.

    Conclusion

    Armed with just a tiny bit of knowledge, you can hack just about any WordPress theme template page to do just about whatever you want! Now that you understand (in great detail) how WordPress calls it’s pages and how the loop works, you can conquer any task! Have fun customizing your blog’s theme!

  • Leave a Comment
  • How To: Use WordPress Conditional Tags to Hack Your Theme

    By using simple conditional tags – it’s pretty easy to add some very basic hacks to your WordPress theme to have more control over what’s displayed when.

    Here are some things you could do with a conditional tags:

    • Display something only on certain pages
    • Display something only on certain categories
    • Display something in header and footer only at certain times
    • Display something only on sub-children of particular pages
    • Display something only in the WP dashboard
    • Display something in the sidebar only when certain conditions are met
    • Do something only when there’s a “sticky” post
    • Do something only when a “page template” is used
    • Do something only for “author pages”
    • Display something only on search or 404 pages

    Let’s say you want something to display only on the homepage, or just category pages, or maybe just your 404 (not found) page – it’s quite easy to do. You don’t have to be a hardcore programmer (I’m not for sure) to implement these very simple theme hacks.

    Where to Use Conditional Tags

    It all depends on your your theme is structured. I’ve seen WordPress themes that a single “index.php” file handle just about everything, and other ones that use only the home.php, index.php, single.php, archive.php, and category.php files. You could handle everything with a bunch of code in one file if you want using conditional tags, have individual files for each thing, or any combination in between.

    Most themes I’ve encountered usually have an index.php and a single.php only. If you want to know what pages WordPress looks for first in a theme before defaulting to the “index.php”, read the official WordPress Template Hierarchy page.

    Conditional tags are great because you can use them both in and out of the loop. You can use them directly in theme pages, but you could also use them in your header, footer, comments, and sidebar files. Actually the sky is the limit, and you have only your own imagination to limit you!

    Conditional Tag Examples

    The worst thing I see on most posts about conditional tags is that they don’t have a lot of examples for you to draw from – so I’ll try to give you a few ideas to get you started…

    If This is XYZ page

    One of the most common ways to use a conditional tag is to add a filter of sorts to tell WordPress “if I’m on ‘XYZ’ WP page – then do this. The most common reason would be maybe to show certain things (ads, text, messages, graphics, scripts, flash) in certain places.

    For example, let’s say you want to display a message to visitors on your home page only…

    <?php if (is_home()) { ?>

    Welcome, you will only see this message on my homepage!

    <?php } ?>

    replace “is_home” with “is_front_page”, “is_single”, “is_sticky”, “is_page”, “is_page_template”, “is_category”, “is_tag”, “is_author”, “is_date”, “is_archive”, or “is_attachment” to make your message show up on nearly any WordPress page. Remember, once the condition is met, you can “do” anything – from including a file to showing special graphics, running a script, anything! You could use this condition for example to show an ad on just your homepage, or just single pages.

    If this is XYZ page show this, else show that

    The nice thing about conditional tags is the fact that you can have as many conditions as you want…like this:


    <?php if (is_home()) { ?>

    <p>Show this!</p>

    <?php } elseif (is_single()) { ?>

    <p>Show this instead!</p>

    <?php } elseif (is_category()) { ?>

    <p>Show something different!</p>

    <?php else { ?>

    <p>Show this if no conditions are met</p>

    <?php } ?>

    OR – you could even structure it in such a way that you lump some conditions together like this:

    <?php if (is home() || is_single() || is_category() || is_page()
    || is_archive() { ?>

    <p>Show this on all those pages!</p>

    <?php } ?>

    The double-pipe or || in the code signifies “OR”, so WordPress knows, if this is home, or a single page, or a category page, or a “page” page, or an archive page – then so something.

    Show Everywhere, Except…

    Sometimes you want to show something everywhere possible except just one or two places…

    <?php if (is_home()) {
    }
    else { ?>

    <p>Show this everywhere!</p>

    <?php } ?>

    With this code we just say if it’s “home” do nothing, else show do this. You could add multiple conditions (exclusions) to this using the || OR operator as in previous examples.

    Getting even more specific

    One thing I hadn’t mentioned was that you could pass additional parameters to the conditional tags for even finer grained control. For example, instead of targeting are single post pages with “is_single”, you could actually target just one using any of these formats:

    is_single(’25’) // uses posts ID
    is_single(‘Title of my post’) //uses the exact title of the post
    is_single(‘title-of-my-post’) //uses the permalink of the post
    is_single(array(25,’this title’,’this permalink’)) //uses when any of the 3 are true

    You can use similar parameters for paged pages, template pages, categories, tags, etc. The official WordPress Conditional Tag page in the Codex lists them all.

    Force WordPress Functions for Certain Conditions

    Have you ever not wanted to add people to your blogroll because their link will display on EVERY SINGLE page of your WP powered site? That’s an easy hack with conditional tags, because you could hack your sidebar to display your blogroll ONLY on your homepage like this:

    <? php if (is_home()) {
    wp_list_bookmarks();
    }
    ?>

    You could modify this to display just about anything in the sidebar for whatever conditions you want. Let’s take this a bit further though – let’s say that maybe I want a special header or footer when certain conditions are met? You can do that too…

    <? php if (is_home() || is_single() || is_page()) {
    get_header();
    }
    elseif (is_category() || is_tag()) {
    include (TEMPLATEPATH . '/header2.php');
    }
    elseif (is_404() || is_search())
    include (TEMPLATEPATH . '/header3.php');
    } ?>

    Using that example code you could have as many different headers, footers, or sidebars as you wanted and you could include them for whatever conditions you specified. Just replace get_header with get_footer or get_sidebar, and edit the rest include the files you want.

    Using Conditional Tags to Change Styles

    So far my conditional tag examples have been to show you how code conditions to do this or include that. Another very simple (and powerful) was to use conditional tags is to just use them for coding style. You could have any element (paragraph, div, heading) change colors or font size or anything related to style when certain conditions are met.

    Let’s take a very simple example, maybe your pages have content contained within one div like this:

    <div id="content" class="main">
    <?php if (have_posts()) : ?>
    <?php while (have_posts()) : the_post(); ?>
    <?php endwhile; ?>
    </div>

    In most themes, that main “div” is styled the same way on EVERY single page of the theme. Maybe you want it styled one way for your homepage, but another for paged pages, single posts, archives, etc. What you do in this case is to write different classes in your stylesheet for each and call them something like “single”, “archive”, and “paged” – and then you code it like this:

    <div id="content" <?php if (is_home()) { ?> class="home"
    <?php } elseif (is_page()) { ?> class="paged"
    <?php } elseif (is_single()) ?> class="single"
    <?php } elsif (is_archive()) { ?> class="archive" <?php } ?> >
    <?php if (have_posts()) : ?>
    <?php while (have_posts()) : the_post(); ?>
    <?php endwhile; ?>
    </div>

    You use any variation of this to control any element of your theme at will under nearly any condition. This would also be a great way to control your Post title and meta and have it display different things on different parts of your WordPress powered site.

    Conclusion

    I think mostly that the power of conditional tags is widely underutilized. Many of us just take for granted the way a theme works and looks, and forget that with just a few strokes of code and some imagination – we can change just about anything under the sun in our WordPress theme! I’d like to see some comments on what kinds of things you’ve used conditional tags for in your WordPress site (code samples welcomed!).

     

  • Leave a Comment