[abctest483]

<?php wp_title(''); ?>

This worked for me.

If I understand correctly, you want to get the page name on a page that has post entries.

[abctest483]

According to the WordPress documentation, you should use wp_localize_script() in your functions.php file. This will create a Javascript Object in the header, which will be available to your scripts at runtime.

See Codex

Example:

<?php wp_localize_script('mylib', 'WPURLS', array( 'siteurl' => get_option('siteurl') )); ?>

To access this variable within in Javascript, you would simply do:

<script type="text/javascript">
    var url = WPURLS.siteurl;
</script>

[abctest483]

You could avoid hardcoding the full path by setting a JS variable in the header of your template, before wp_head() is called, holding the template URL. Like:

<script type="text/javascript">
var templateUrl = '<?= get_bloginfo("template_url"); ?>';
</script>

And use that variable to set the background (I realize you know how to do this, I only include these details in case they helps others):

Reset.style.background = " url('"+templateUrl+"/images/searchfield_clear.png') ";

[abctest483]

You do have some control over how the PDF appears in the browser by passing some options in the query string. I was happy to this working, until I realized it does not work in IE8. 🙁

It works in Chrome 9 and Firefox 3.6, but in IE8 it shows the message “Insert your error message here, if the PDF cannot be displayed.”

I haven’t yet tested older versions of any of the above browsers, though. But here’s the code I have anyway in case it helps anyone. This sets the zoom to 85%, removes scrollbars, toolbars and nav panes. I’ll update my post if I do come across something that works in IE as well.

<object width="400" height="500" type="application/pdf" data="/my_pdf.pdf?#zoom=85&scrollbar=0&toolbar=0&navpanes=0">
    <p>Insert your error message here, if the PDF cannot be displayed.</p>
</object>

[abctest483]

When uploading to a category our products were unavailable to view in the catalog or search, and none of our categories were showing up.

We had to create the categories as sub categories under the pre-existing ‘Default Category’.

[abctest483]

The WordPress global variable $pagename should be available for you. I have just tried with the same setup you specified.

$pagename is defined in the file wp-includes/theme.php, inside the function get_page_template(), which is of course is called before your page theme files are parsed, so it is available at any point inside your templates for pages.

• Although it doesn’t appear to be documented, the $pagename var is only set if you use permalinks. I guess this is because if you don’t use them, WordPress doesn’t need the page slug, so it doesn’t set it up.

• $pagename is not set if you use the page as a static front page.

• This is the code inside /wp-includes/theme.php, which uses the solution you pointed out when $pagename can’t be set:

—

if ( !$pagename && $id > 0 ) {
  // If a static page is set as the front page, $pagename will not be set. Retrieve it from the queried object
  $post = $wp_query->get_queried_object();
  $pagename = $post->post_name;
}

[abctest483]

Ok, you must grab the page title before the loop.

$page_title = $wp_query->post->post_title;

Check for the reference: http://codex.wordpress.org/Function_Reference/WP_Query#Properties.

Do a

print_r($wp_query)

before the loop to see all the values of the $wp_query object.

[abctest483]

You are storing your passwords in plaintext! That’s a major security issue if ever I saw one. What to do about that: at least use a (per-user) salted hash of the password, as seen e.g. here.

[abctest483]

Apart from the usage of addslashes(), these are some random issues found in this code:

• isset($_POST) is always TRUE, unless you run it from the command line. You can probably remove it.
• empty() is very tricky. For instance, if $password = '0' then empty($password) is TRUE.
• You can do this: if( isset($_POST['login']) && $_POST['login']!='' ){}
• extract($_POST) is a huge vulnerability: anyone can set variables in your code from outside.
• $password == $data['pwd'] suggests that you are storing plain text passwords in your database. That’s a terrible practice. Google for “salted password”.
• You can also do $loginOK = $password == $data['pwd'];. Do you realise why? 😉

[abctest483]

There’s another gaping security hole – extract. It may save you from typing a few characters, but opens up holes too numerous to mention, for it will overwrite any global variables.

What happens if I post this?

$_POST {
    'login' => 'Admin',
    'loginOK' => 1
}

Guess what, $loginOK is now == 1 , and I’ll be logged in as Admin.

Save yourself a lot of grief later, and just use the variables you want to use, instead of relying on the horrible hack that is extract.

[abctest483]

Use:

mysql_real_escape_string($inputToClean);

[abctest483]

Rather than addslashes you should use mysql_real_escape_string.

[abctest483]

You should use mysql_real_escape_string for escaping string input parameters in a query. Use type casting to sanitize numeric parameters and whitelisting to sanitize identifiers.

In the referenced PHP page, there is an example of a sql injection in a login form.

A better solution would be to use prepared statements, you can do this by using PDO or mysqli.

[abctest483]

After many hours I solved the problem simply by change:

$(this).fancybox({
to:
$.fancybox(this,{

$('#Contact').ready(function(){
    $('a#Contact-Map').live('click',function(event){
        event.preventDefault();
        $.fancybox(this,{
            'transitionIn'  :   'elastic',
            'transitionOut' :   'elastic',
            'speedIn'           :   600, 
            'speedOut'          :   200, 
            'overlayShow'   :   true
        });
    });

});

[abctest483]

Remove your onclick in your html, it’s triggering before your event handler.

[Author]

Posts