Beware of “pirated” premium plugins and themes that may add malicious scripts and open back doors into your server and/or your WordPress installations.

Apparently several people have had the misfortune of downloading a pirated version of my Advanced Events Registration plugin from some file sharing websites. One person’s site was entirely overwritten with spam posts and links pirated software. While another persons entire website was completely wiped out.

The website owner (whom I wont mention here) actually threatened to sue me because five years worth of content was completely removed from their blog. When I asked for a copy of their receipt from the purchase of the premium plugin. The person stated they had downloaded it from a free file hosting website. Can you believe it! So I stated the obvious, “You didn’t purchase the plugin from my website, so you will need to contact whomever you received the files from. I am not responsible for code that may be distributed by outside sources.”

Moral of the story:

Premium plugins and themes may be GPL licensed (or not in some cases.) Unless you get them from a trusted source, you may be taking a major risk using them.

Related information:

How Downloading a Premium Theme/Plugin From the Wrong Place Can Ruin Your Site

Downloading a Premium Theme from the Wrong Site can be Expensive

Download Free Premium WordPress theme :What’s the Catch?

WordPress Premium Developer and Author Piracy My Thoughts

The Ethics of WordPress Themes at a Premium

Today is the one year anniversary of the free version of the Advanced Events Registration plugin (originally named and still known as Events Registration with PayPal IPN.)

As well as being an important and cost effective addition to many small organizations and blog owners, it has become a very successful event registration plugin for WordPress. It all started off as a small project for my wife. She needed a simple system for people to register for her scrap booking events. Being a part time PHP developer (as well as loving  husband), I volunteered to help out. So I set out to find a solution and found a very simple Event Registration plugin for WordPress by David Fleming, but it seemed to be missing some of the basic features my wife needed for her business/hobby. We needed a way to accept payments using the PayPal IPN and a bunch of other custom features that seemed to be missing from David’s plugin. (I am not putting down David’s plugin at all, it is a very nice plugin and helped me to get moving on something more advanced.)

So I started studying the WordPress Codex and reading up on how to build plugins in the WordPress environment. After a few weeks of programming and testing. I was able to put something together based on David’s original plugin (version 1.0 I believe.) After a couple more weeks of testing I released the plugin on the WordPress Plugin Directory one year ago today (April 20, 2009.)

After almost a year of user submitted input, I was able to release the Advanced Events Registration Pro version of the plugin. Since the release of the pro version on January 28, 2010, I have made several hundred improvements throughout. One of the latest (and biggest) improvements has been a complete overhaul of all the old code. It now relies heavily upon the core WordPress functions and coding standards. Making it easier to use and more WordPress friendly. I have a Member addon almost ready. Among other things, I have added a way to include your own custom PHP functions, shortcodes, include files, and a simple template system for displaying events. All of which are stored in the “/wp-content/uploads/eventregis/” directory, so you don’t have to worry about overwriting all of your custom additions.  I am also ramping up to release alternate payment gateways such as Authorize.net, 2Checkout, and Google Checkout payment systems.

I love hearing from users, so please tell me about your experience with this plugin.

For a couple of weeks I was trying to figure out why the database tables in my plugin weren’t getting updated when the plugin was installed or activated. I had recently written a function (based on this example) to create tables in my WordPress plugin. I finally narrowed it down to the dbDelta function for WordPress. After doing  a few searches on Google I came across this article which explains the the dbDelta function in detail.

Come to find out I was missing a space between a ‘“‘ and a ‘(‘ as seen below.

$sql_create_table = "CREATE TABLE " . $wp_table_name . "( " . $sql . " );";

Here is how it should have looked:

$sql_create_table = "CREATE TABLE " . $wp_table_name . "  (  " . $sql . "  )  ;";

Notice the spaces highlighted in green? That was the killer. So for a while, every time I added a new field to a table in database install file. For a while I was using a function (seen below) to alter the table and add the new fields.

function add_column_if_not_exist($db, $column, $column_attr = "VARCHAR( 255 ) NULL" ){
global $wpdb;
$exists = false;
$columns = $wpdb->query("show columns from $db");
while($c = $wpdb->get_row($columns)){
if($c['Field'] == $column){
$exists = true;
break;
}
}
if(!$exists){
if (!$wpdb->query("ALTER TABLE `$db` ADD `$column`  $column_attr")){
$error = 'There was a problem adding columns to the database.';
}
}
return $error;
}

So, if you are having trouble with the dbDelta function when writing a Wrodpress plugin. Be aware of extra spaces

Here is more information about the dbDelta function and creating tables with plugins:

http://codex.wordpress.org/Creating_Tables_with_Plugins

http://wordpress.org/tags/dbdelta-1

http://hungred.com/how-to/wordpress-dbdelta-function/

http://designoplasty.com/2009/05/15/not-using-dbdelta-with-wordpress/