Escape strings for use in JavaScript

When using parameters from the URL, it should always be sanitized before using it in your javascript.

Using jQuery you can easily do:

var safeString = $(“<span></span>”).text(unsafeString).html();

Using plain javascript:

var entityMap = {
    "&": "&amp;",
    "<": "&lt;",
    ">": "&gt;",
    '"': '&quot;',
    "'": '&#39;',
    "/": '&#x2F;'
  };

  function escapeHtml(string) {
    return String(string).replace(/[&<>"'\/]/g, function (s) {
      return entityMap[s];
    });
  }

The stackoverflow discussion can be found here:  http://stackoverflow.com/questions/24816/escaping-html-strings-with-jquery

 

Posted in Coding Tagged with: , ,

Left Sidebar Under Content

Problem

Having a left sidebar move under the content in a responsive design needs a bit more thinking.  You can’t just do float left width 100% or display block and let the sidebar fall to the next line.

Solution

When the browser width is narrow, use display:table-footer-group for the sidebar, display:table-header-group for the content, and display:table for the parent container.

See more:

http://www.iandevlin.com/blog/2013/06/css/css-stacking-with-display-table

Posted in Coding Tagged with: ,

Run WP-Cron with no visitors

Got a website with noone visits or simply a website that is private but still need WP-Cron to be run?  no problem, you have 2 easy options.

1) Setup a free account with set https://www.setcronjob.com ( i like them better because they enable email notifications on the free account).   Create a cron job to visit wp-cron.php on your domain.

2) set up a scheduled task or cron job on your computer.  Mac OS X and Windows PC.  Problem with this though is your computer needs to be on with internet access, and if you ever buy another computer (and don’t turn your current one on) this job will never run:

https://developer.wordpress.org/plugins/cron/hooking-into-the-system-task-scheduler/

Posted in Coding Tagged with:

Macbook and the read only SD Card

Until recently I thought my SD cards from my camera were write protected by the camera formatting.  Apparently it’s just my macbook pro being flaky.  The macbook has some flaw where even when switching off the manual lock switch, SD cards are still readonly.  The solution is to set the switch in the middle between lock and unlocked.  You’ll need to try it a few times to get the position just right, but once you do the card is writable.
Sources:

http://www.jackenhack.com/sd-card-readonly-macbook-pro-card-reader-solved/

https://discussions.apple.com/thread/2166984?start=0&tstart=0

Posted in Random Thoughts

Order Non-hierarchical Custom Post Types

Non-hierarchical post types are like regular posts which normally do not have a menu_order attribute.  Hierarchical post type are like pages which allows a parent/child and is normally ordered by the menu_order attribute.  What if you have a custom post type that shouldn’t have a parent/child, but you still want to order it by something other than the post date?  This code does the trick on the admin side.

https://wordpress.org/support/topic/sorting-by-menu_order-in-admin-screen-on-non-hierarchical-custom-post-types

Posted in Coding Tagged with: ,

Moving Email Hosts

Transferring where your email is hosted can be tricky.  When moving from one host to another email is usually stored with the hosting plan.  If you have bad luck with hosting companies you may want to consider hosting your email on Zoho or Google Apps so you don’t have to go through this lengthy process every time you move.

Here are the steps to move email hosting:

  1. Backup your mail on your email client.  Usually it backs up to a .pst file.
  2. Set your incoming mail server to the IP address of the mail server.  This is so your mail client looks at your old server even after you change hosts.
    1. To do this, find the setting for your incoming mail server
    2. Do a DNS lookup to get the IP address.
    3. Paste the IP address into the incoming mail server setting.
  3. Set up email addresses on the new hosting account.
  4. Set up another account in your email client with the new host settings.
  5. Import your old mail into your new account by following your mail client’s instructions on importing.
  6. Now you should get mail from both new and old servers.
  7. After a week or so you can remove your old account and cancel the old hosting.  Be sure to transfer messages from the old account before deleting your old account.
Posted in Server Stuff Tagged with:

iPad textarea not selectable

Problem

The textarea on iPad could not be selected and could not have anything entered.

Solution

The textarea in iPad only responds to the ‘touchstart’ event and not the ‘click’ event, but regular input accepts the ‘click’ apparently.  I some javascript where it would catch the ‘touchstart’ event and trigger a ‘click’ event to make things a little faster on iPads.  This prevented the textarea from being selected and edited.

Another possible solution was I didn’t have the cols and rows attribute in the textarea html tag.  Adding these attributes before the class or id attributes solved it for some people.

http://stackoverflow.com/questions/3909843/why-is-my-text-area-disabled-on-ipad

Posted in Coding Tagged with: , ,

PCI Compliance

Fill out the SAQ-EP if you are a normal self hosted ecommerce site that outsources their payment to a 3rd party.  Self Assessment Questionnaire (SAQ).

http://www.pci-initiative.org/content/saq-ep-partially-outsourced-e-commerce-merchants

https://www.pcicomplianceguide.org/saq-a-vs-a-ep-what-e-commerce-merchants-service-providers-need-to-know-now/

Worth noting that others may interpret this differently:

http://stackoverflow.com/questions/21484714/is-pci-saq-a-sufficient-for-an-ecommerce-website-with-a-custom-payment-page

https://pcissc.secure.force.com/faq/articles/Frequently_Asked_Question/Why-is-SAQ-A-EP-used-for-Direct-Post-while-SAQ-A-is-used-for-iFrame-or-URL-redirect

Just fyi (shameless affiliate link coming up), WPEngine host is PCI Compliant “as long as no payment card data is stored, hosted, or otherwise processed by WP Engine…”

Posted in Server Stuff Tagged with:

What keyboard does an HTML input bring up?

I was having trouble figuring out what input type brings up what keyboard on the iPhone and iPad.  Turns out the number type doesn’t bring up the numeric pad.  Only “tel” does.

This is a great article on what input type brings up what keyboard:

https://about.zoosk.com/ko/engineering-blog/mobile-web-design-use-html5-to-trigger-the-appropriate-keyboard-for-form-inputs/

When your input is surrounded by a form tag, the keyboard will show a blue “Go” button.  Otherwise it will show a regular return button.

http://stackoverflow.com/questions/22986347/go-vs-return-button-in-ios-keyboard-for-html-input-forms

Posted in Coding Tagged with: , , , ,

Solar Service logging every couple seconds

After updating to OSX 10.10.1 my mid 2010 macbook became very slow.  Looking at my System Logs I found the following messages repeated over and over and still continuing:

11/20/14 8:10:53.608 AM Solar Service[518]: End of data
11/20/14 8:10:53.608 AM Solar Service[518]: Event = 2 device index = 2
11/20/14 8:10:53.626 AM Solar Service[518]: Input data callback for device 0x68cc0
11/20/14 8:10:53.626 AM Solar Service[518]: End of data
11/20/14 8:10:53.626 AM Solar Service[518]: Event = 2 device index = 2
11/20/14 8:10:53.627 AM Solar Service[518]: Input data callback for device 0x68cc0
11/20/14 8:10:53.627 AM Solar Service[518]: End of data

Logitech’s Solar Service app was printing a lot of messages.  Not sure if this was causing the slowness, but it definitely isn’t good.  There is no fix for this, just need to ignore the log messages.  Here is how to do it:

http://forums.logitech.com/t5/Keyboards-and-Keyboard-Mice/Solar-Service-writing-thousands-of-log-entries-on-Mac-OS-X-for/td-p/690182/page/2

Posted in Random Thoughts