My Favorite WordPress Plugins

Just want to give a shout out to my favorite WordPress plugins. Here they are, in no particular order:

Bad Behavior –
Prevents spam without having to use CAPTCHA.

BM Custom Login – 
Customize your WordPress login screen.

Developer Formatter – 
Uses GeSHi server-side highlighting to display your code in a post.

Fast Secure Contact Form – 
Contact form. 

HTML Purified – 
Replaces default HTML filters. 

Link Indication – 
Open external links in new window. 

Ozh’ Admin Drop Down Menu – 
A much better Admin menu plugin. 

Sociable for WordPress 3.0 – 
Let people easily link to your post thru social networks. 

the_excerpt Reloaded – 
A much better excerpt plugin for your posts. 

WP-PageNavi – 
Page navigation. 

WYSIWYG Inline Code Command – 
Easily add inline code to your post.

Windows Screen Resolution will not Save

I was having an issue with my Windows XP laptop, where I would change the screen resolution under settings, but everytime I re-booted it would start up in the correct resolution, and then about 30 seconds after boot, it would switch back to the old resolution. It was very annoying because I had to reset the resolution every day, and it used to work correctly for three years prior to this.

After searching the internet, I did come across several posts about checking registry settings. So I checked all the registry settings and they were all correct. This stumped me for few months and then one day while checking the programs that Startup at boot time I noticed NvCpl (NVIDIA Control Panel) and realized that I had found the source of my woes!

The problem was that I was using Windows Settings to change the resolution, but at some point I had also used NVIDIA Control Panel to change the resolution, so once NVIDIA started up, it was changing the resolution back to the old setting.

In order to fix it, I had to remove NVIDIA from the list of Startup programs. There are two programs that need to be removed. They are:
NvCpl     RUNDLL.EXE C:\WINDOWS\system32\nvcpl.dll,NvStartup
RunDLL32  RUNDLL.EXE NcMCTray.dll,NvTaskBarInit

In Windows XP choose Start then Run then type msconfig.

In Windows Vista or Windows 7 choose Start then type msconfig in the SEARCH box.

Now choose the Startup tab, and look for the two items mentioned above and uncheck them.

Press OK and then you can Restart Now or Restart later.

Your screen resolution should now be fixed!

Permalinks and Categories Paging Problem: Page Navigation Fix

I started using WordPress at about version 2.5 and when I customized my permalinks, I had a problem when there was more than one page. Only the first page of posts would display, and clicking Previous or Next to all other pages showed up as “404 sorry, nothing found!” The paging problem has something to with WordPress thinking that /page/ is a sub-category name as opposed to being a reference to a specific page.

So here is a very small plugin that attempts to fix the problem:

Click here to download the WP-PageNavigation Fix plugin.

I remember for sure that it worked in WP v2.7 and 2.8 but have not tested it on any other older versions, although it should probably work without a problem. The problem does not seem to be present in WP v3+ so I have not needed to use the plugin anymore since upgrading, but maybe somebody else has come across the problem.

Thanks to Doug Smith at

Remove and Ignore Password Protection on Subdirectories with htaccess

If you are using Basic Auth in your .htaccess file to protect a directory on your server, by default, it also protects all subdirectories as well. But what if you have one particular subfolder that you want to unprotected, and you want the password ignored or removed?

There is a very easy solution!

Create a new .htaccess file with:
Satisfy Any
on its own line, and place this in the subdirectory that you do NOT want to be password protected.

Note that all the subdirectories under this unprotected subdirectory will also become unprotected, so you may need to add new Basic Auth .htaccess files to these subdirectories if you want them protected as well.

Change Spellchecker Highlight in WordPress

Being color blind, I find the little red squiggly line that appears under mis-spelled words in WordPress TinyMCE editor window to be very hard to see. So I decided to change it to a solid yellow background, which makes it a lot easier to see my spelling errors!



You just need to replace one graphics file with your background of choice.
The file is located here:

Here is how to do it:


Rename the wline.gif file to something like wline.gif.ORIG so that you have the original in case you want to change it back.


The original wline.gif file is 4 pixels wide by 3 pixels high, but I made my background 3 pixels wide by 12 pixels high. Use any photo editor that can create .gifs and make it transparent unless you want a solid background like I have.

Download my yellow wline.gif here.


Put your new wline.gif file in the
directory and you should be good to go. You may have to clear your browser cache to get the new image to take affect.

WordPress Custom Comment Error Page

I am currently using WordPress version 3.2.1 and one mild annoyance with this version and previous versions, is the way errors on comments are handled. If you do not fill in a required field (usually Name/Email) or you forget to write something in the Comment field, then it takes you to a completely new page with a tiny error message in the middle of the screen. There are currently no hooks for this, so the only solution is to hack the core wp−comments−post.php file.

When there is an error in your comment, it takes you to a boring new page that looks like this:

With the modified code, it takes you back to your comment page and shows the error on the page, like this pic. Try it the comments at the bottom of this page by leaving the Name and/or Email field blank and clicking POST COMMENT:

DISCLAIMER: You make these changes below at your own risk! Backup your original files before you change them. I am not responsible if something breaks or stops working.


The following code is what actually displays the error message. Add it to your themes comments.php  file,  just above the call to the comment_form() function (download here):


Make a copy of your wp-comments-post.php to something like wp-comments-post.php.ORIG  so that you have a backup of the original file.


Replace the wp-comments-post.php with this one below (download here), and you are done!
Note that the modifications start at about line 75.
Also note that this is for WordPress v3.2.1 only:

comment_status) ) {
do_action('comment_id_not_found', $comment_post_ID);

// get_post_status() will get the parent status for attachments.
$status = get_post_status($post);

$status_obj = get_post_status_object($status);

if ( !comments_open($comment_post_ID) ) {
do_action('comment_closed', $comment_post_ID);
wp_die( __('Sorry, comments are closed for this item.') );
} elseif ( 'trash' == $status ) {
do_action('comment_on_trash', $comment_post_ID);
} elseif ( !$status_obj->public && !$status_obj->private ) {
do_action('comment_on_draft', $comment_post_ID);
} elseif ( post_password_required($comment_post_ID) ) {
do_action('comment_on_password_protected', $comment_post_ID);
} else {
do_action('pre_comment_on_post', $comment_post_ID);

$comment_author = ( isset($_POST['author']) ) ? trim(strip_tags($_POST['author'])) : null;
$comment_author_email = ( isset($_POST['email']) ) ? trim($_POST['email']) : null;
$comment_author_url = ( isset($_POST['url']) ) ? trim($_POST['url']) : null;
$comment_content = ( isset($_POST['comment']) ) ? trim($_POST['comment']) : null;

// If the user is logged in
$user = wp_get_current_user();
if ( $user->ID ) {
if ( empty( $user->display_name ) )
$comment_author = $wpdb->escape($user->display_name);
$comment_author_email = $wpdb->escape($user->user_email);
$comment_author_url = $wpdb->escape($user->user_url);
if ( current_user_can('unfiltered_html') ) {
if ( wp_create_nonce('unfiltered-html-comment_' . $comment_post_ID) != $_POST['_wp_unfiltered_html_comment'] ) {
kses_remove_filters(); // start with a clean slate
kses_init_filters(); // set up the filters
} else {
if ( get_option('comment_registration') || 'private' == $status )
wp_die( __('Sorry, you must be logged in to post a comment.') );

$comment_type = '';

//MOD Customize comment error message.
$comment_error_true = false; //MOD new code
if ( '' == $comment_content ) {
$comment_error_msg = __('Comment ERROR: Please type a comment.'); //MOD new code
$comment_error_true = true; //MOD new code
//wp_die( __('Error: please type a comment.') ); //original

if ( get_option('require_name_email') && !$user->ID ) {
if ( '' == $comment_author ) {
$comment_error_msg = __('Comment ERROR: Please enter your Name.
Note: If your comment text disappeared, try clicking your browser BACK button.'); //MOD new code
$comment_error_true = true; //MOD new code
//wp_die( __('Error: please fill the required fields (name, email).') ); //original
} elseif ( !is_email($comment_author_email)) {
$comment_error_msg = __('Comment ERROR: Please enter a valid Email address.
Note: If your comment text disappeared, try clicking your browser BACK button.'); //MOD new code
$comment_error_true = true; //MOD new code
//wp_die( __('Error: please enter a valid email address.') ); //original

//MOD Original code is now in the ELSE statement
if (true == $comment_error_true) { //MOD new code

//Set this to false to use default wp_die page
$use_comment_custom_error_page = true; //MOD new code

if ($use_comment_custom_error_page) { //MOD new code
$location = get_permalink() . '?comment_error_msg=' . urlencode($comment_error_msg); //MOD new code
if ( !$user->ID ) { //MOD new code
$comment_cookie_lifetime = apply_filters('comment_cookie_lifetime', 30000000); //MOD new code
setcookie('comment_author_' . COOKIEHASH, $comment_author, time() + $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN); //MOD new code
setcookie('comment_author_email_' . COOKIEHASH, $comment_author_email, time() + $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN); //MOD new code
setcookie('comment_author_url_' . COOKIEHASH, esc_url($comment_author_url), time() + $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN); //MOD new code
//setcookie('comment_content_' . COOKIEHASH, $comment_content, time() + $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN); //MOD new code //TO DO: Figure out how to get Comment field to re-appear and not be deleted.
} //MOD new code
} else { //MOD new code
wp_die($comment_error_msg); //MOD new code //This performs the default comment error page action
} //MOD new code
} else { //MOD new code

//Original unmodified code STARTS here
$comment_parent = isset($_POST['comment_parent']) ? absint($_POST['comment_parent']) : 0;

$commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type', 'comment_parent', 'user_ID');

$comment_id = wp_new_comment( $commentdata );

$comment = get_comment($comment_id);
if ( !$user->ID ) {
$comment_cookie_lifetime = apply_filters('comment_cookie_lifetime', 30000000);
setcookie('comment_author_' . COOKIEHASH, $comment->comment_author, time() + $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN);
setcookie('comment_author_email_' . COOKIEHASH, $comment->comment_author_email, time() + $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN);
setcookie('comment_author_url_' . COOKIEHASH, esc_url($comment->comment_author_url), time() + $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN);

$location = empty($_POST['redirect_to']) ? get_comment_link($comment_id) : $_POST['redirect_to'] . '#comment-' . $comment_id;
$location = apply_filters('comment_post_redirect', $location, $comment);
//Original unmodified code ENDS here

} //MOD new code


Better alternative to CAPTCHA spam prevention

I have to admit that I really dislike CAPTCHA, reCAPTCHA and all other variations of spam prevention that want you to prove that you are human by making you try to decipher some picture and then typing in the letters and numbers that you see.

You will find this most often when you are signing up for forums and blogs, or posting a comment on a website.  Sometimes I get it right on the first attempt, but there are many times that it will take me two or three tries before I figure out what it is I am actually seeing!

So a while back, I thought to myself “Self, there has to be a better way to prevent spam!“. And there is! It’s called Bad Behavior, the Web’s premier link spam killer (and it’s FREE).

From the author’s website:

Bad Behavior is a PHP-based solution for blocking link spam and the robots which deliver it.

Bad Behavior complements other link spam solutions by acting as a gatekeeper, preventing spammers from ever delivering their junk, and in many cases, from ever reading your site in the first place. This keeps your site’s load down, makes your site logs cleaner, and can help prevent denial of service conditions caused by spammers.

Bad Behavior works on, or can be adapted to, virtually any PHP-based Web software package. Bad Behavior is available natively for WordPress, MediaWiki, Drupal, ExpressionEngine, and LifeType, and people have successfully made it work with Movable Type, phpBB, and many other packages.

In a nutshell, Bad Behavior prevents spam robots from even accessing your site in the first place. It’s available as a plugin for WordPress and for several other popular programs, and also comes as a PHP script which can be easily integrated into an existing website or program.

Now if I can just get all those forums, blogs and comment forms to use Bad Behavior instead of CAPTCHA, then my life would be a whole lot easier!

The WordPress plugin is available here:

The Bad Behavior website is here: