Essential WordPress Plugins

404 Notifier helps you identify any broken links in your site. Great if you move posts around and need to update links. Note it only works with pretty permalinks (2006/12/30/post-name), not ugly (?p123) ones.

Redirection Manage 301 redirections, keep track of 404 errors, and generally tidy up any loose ends your site may have. This is particularly useful if you are migrating pages from an old website, or are changing the directory of your WordPress installation.

AWSOM Pixgallery an Image Gallery/Archive plugin designed to make it easier for Artists or Webcomic creators to set up a portfolio of their artwork.

NextGEN Gallery a Gallery plugin using jQuery and Web2.0 features.

WPAds is a WordPress plugin for showing and rotating ads in your blog. You only have to define the ad positions and the ads you want to rotate in each position, and WPAds will serve your ads randomly. WPAds can show contextual ads (ie, Google AdSense, Yahoo Publishers Network, etc) and also image banners.

WP Plugins Tracker This plugin helps webmasters to track new releases of the plugins they are using in their website from their admin panel.

TubePress is a WordPress plugin that displays YouTube video galleries in your blog.

FireStats is a very detailed web statistics system

Best Web 2.0 Web Sites

Real World Software Development has a comprehensive list of web 2.0 web sites including bookmarking sites, social communities, email, image and video sharing, and the list is getting longer.

One application that has been omitted from all the lists I’ve seen so far is Outlook Web Access from Microsoft. Sure, it needs a Microsoft Exchange server to run on, but it was one of the first web applications to use xmlhttprequest a long long time before the words Ajax and Web 2.0 were ever invented. Plus it still is an excellent web based email system.

Fix for StatTraq Calendar bugs

The StatTraq plugin for WordPress has a bug where the Year and Month time periods are not displayed correctly. Here is a fix for the problem.

Download Extract calendar.php from the file and copy it into your \wp-stattraq folder, replacing the file that already exists there.

Now when you check your StatTraq statistics, you will be able to select time periods by Year or Month correctly.

Add StatTraq to your WordPress Dashboard

StatTraq is one of the better statistics for WordPress blogs. Unfortunately Randy Peterman is no longer maintaining it, but Adsworth have patched a version which will run under WordPress v1.5 and 2.0 as well as fixing a couple of bugs.

I often forget the url to view my StatTraq statistics so I wanted to add a link to it in the WordPress Dashboard page. UrbanGiraffe shows one method of adding a link as a menu item. I adapted this slightly to add the link as a submenu under the Dashboard, along with a link to Webalizer which comes with my webhosting service.

To add the links, edit wp-admin\menu.php and add the following lines right after the $menu[45]=… line.

// Add StatTraq to Dashboard submenu
$submenu['index.php'][5] = array(__('Dashboard'), 'read', 'index.php');
$submenu['index.php'][10] = array(__('StatTraq'), 'read', '../wp-stattraq/statistics.php');
$submenu['index.php'][15] = array(__('Webalizer'), 'edit_posts', '../webalizer/');

2008/1/6 Update – A Better Menu
The above solution works to some extent, but your changes to the menu.php file disappear every time you upgrade WordPress. A much more satisfactory method is to create your own plugin. Add the following to a file called my_menu.php and save it in your wp-content/plugins folder. Enable your new My Menus plugin then you should find a brand new set of links to your statistics pages under your Dashboard.

Plugin Name: My Menus 
Plugin URI: 
Description: Add your own items to the WordPress menus 
Author: D. Mortell 
Author URI: 

add_action('admin_menu', 'mymenu_add_page'); 

function mymenu_add_page() 
   # Add sub-menus to the "Dashboard" page. 
   add_submenu_page('index.php', 'StatTraq', 'StatTraq', 1, '../wp-stattraq/statistics.php'); 
   add_submenu_page('index.php', 'Webalizer', 'Webalizer', 1, '../webalizer/'); 


The Washington Post describes one technique that e-gold is using to reduce the likelihood of phishing. It involves displaying images reading “THIS IS A FRAUDULENT WEB SITE” when the image is linked to by any site not included in a whitelist of sites permitted to use those images.

While this method is not infallible, anything that online companies can do to reduce the prossibility of unaware users falling for a phishing link is a Good Thing.

Other prevention techniques mentioned by the commentors to the article include entering your username first, then displaying an image you previously uploaded before asking for your password, and asking you a security question if you appear to be using a different computer than usual.

Users can also install tools that provide warnings about suspicious sites. Netcraft Toolbar, CallingID and even Internet Explorer 7.0 can help reduce the chance of your confidential information getting into the wrong hands.

PhpNuke on Windows XP

Heres how I got a PhpNuke server running on Windows XP.




Use WinZip to install MySQL. Install it to the default directory c:\mysql

See the documentation in c:\mysql\docs for configuration info.

Start the MySQL service. Open a DOS window and type

cd \mysql\bin
mysqld-nt –install
net start mysql

Start and stop the MySQL service with these commands:

C:> NET START mysql 
C:> NET STOP mysql

If you don’t want to start mysqld-nt as a service, you can start it as follows:

C:> C:\mysql\bin\mysqld-nt --standalone

You can test whether or not MySQL is working by executing the following commands:

C:\mysql\bin\mysqlshow -u root mysql  
C:\mysql\bin\mysqladmin version status proc  
C:\mysql\bin\mysql test

The default privileges on Windows give all local users full privileges to all databases without specifying a password. To secure MySQL you should set a password for all users and remove the row in the mysql.user table that has Host='localhost' and User=''.

You should also add a password for the root user. The following example starts by removing the anonymous user that can be used by anyone to access the test database, then sets a root user password:

C:\mysql\bin\mysql mysql  
mysql> DELETE FROM user WHERE Host='localhost' AND User='';  
mysql> QUIT  
C:\mysql\bin\mysqladmin reload  
C:\mysql\bin\mysqladmin -u root password your_password

After you’ve set the password, if you want to take down the mysqld server, you can do so using this command:

mysqladmin --user=root --password=your_password shutdown


Run the installer, select the web server youre using, and youre done.

You may need to make the following edits to C:\Windows\php.ini

magic_quotes_gpc = Off
include_path = ".;c:\www\"
doc_root =
extension_dir = "./;c:\www\php"
safe_mode_gid = Off  
safe_mode_include_dir =  
register_globals = On
pgsql.auto_reset_persistent = Off 


Use WinZip to uncompress PHP-Nuke to a temporary folder. Copy all the files and folders under the html directory to where you want them in your web site, usuall the root folder of your web site since PHP-Nuke will manage your whole site.

To create Nukes database, open a DOS window and enter the following commands, change the directory names as required.

copy nukedirsqlnuke.sql c:/mysql/bin
cd mysqlbin
mysqladmin create nuke
mysql nuke

At the top of config.php


Installing PhpNuke on ciHost

It was easier than I thought to set up phpNuke on ciHost.

First go to your Monstercontrol at

Login with your website username and password

Click on Script Archive

Note the “Add MySql database” button at the top of the page. 

Check the box beside PhpNuke then click the Install button at the bottom of the page.

Done, now try it. Go to

Login as God with password Password

Click Edit Admins and change the God password to something more appropriate. You can also add your own nickname and give yourself Superuser rights.

You might have to modify the phpNuke config.php file. 

  • I had to change $dbpass and $dbname
  • Make sure $system is 0 if youre running on a Linux server, or 1 if its Windows.
  • Modify the site name, url, logo etc to your liking. Or you can do this in the Admin Preferences at

Upload your modified config.php file.

Make sure config.php is world-writable. CHMOD 666 it.


The default ciHost phpNuke is quite bare. You can add a number of modifications; blocks and modules. Note that ciHost installs phpNuke 5.2. Make sure that any mods you do are compatible with this version. The latest right now is v6.5.

I had to add the get_lang() and title() functions from v5.6 to mainfile.php

It looks like v5.6 has an extra bit to prevent hackers, I added that too.

v5.6 also wraps sql functions to allow use of databases other than mySql. If you see errors like “Undefined function call sql_query()”, then you can either change the function calls to “mysql_xxxx()”, or preferably add the following line to mainfile.php and upload includes/sql_layer.php


Some of the newer modules need modifications or additions to the sql database.


Flash_Chat uses macromedia flash to allow users to chat with each other.To install, you must first edit a few variables before you upload the files to your modules directory.

  1. config.php – you must add the base url to the location of the chat files
  2. index.php – If you are changing the name of the module directory, you need to edit the first ‘include’ variable
  3. htmlcode.php – here you can copy and paste the code generated to put the chat anywhere within your existing html code
  4. change file permissions: CHMOD flashchat.txt and users.txt to 777  

To change the titlebar display, bgcolor (for netscape only) and flash skin, edit the first few variables in index.php 

You can either specify $flashskin = skin.swf or simply overwrite the existing skin with a new one, and keep the filename the same.

You can replace the file loadmovie.swf with your own flash movie, and it will be loaded into level 1, above the flashskin.

Once you upload the directory, you’ll see Flash Chat available in the Other Options menu.

Helpdesk just sends mail to the appropriate support staff. I’d prefer something where you can see realtime the pending queries and their status.

Gallery is a photo album

wysiwyg_editor lets you see formatting while youre entering news and topics.

Private Messages lets users send each other messages on your website

phpBB2 User Menu puts user commands into one menubox. Handy and quite cute too.

Statistics displays stats about your website such as visits, browsers used.


Blocks are small blocks that can be added to the left or right panels of your website. Add blocks by copying them to your block directory. Edit the order they appear in, and whether they appear on the left or right side in the Admin screen.

block-Amazon.php displays news from If you join Amazon Associates program, you can get commissions on purchases made at amazon if someone goes there from your site. You have to change $amazon-id to your amazon id. You also have to upload the image/amazon directory but ciHost doesnt allow this. I modified 2 lines in Amazon.php to use a directory called myimages/amazon instead.

$imgs = dir('myimages/amazon');
$content .= "

SophusNewHoaxes, SophusTopTen and SophusNewViruses give short lists of the latest hoaxes and virus. Useful to keep users informed.

Randompic displays a random picture from your photo gallerys. You need to install the Gallery module first.

phpBB2 User Menu puts all user info into one block. Put block-phpBB2_User_Menu.php into blocks directory. Put the icon images into images/blocks/-phpBB2_User_Menu directory. Add the lang-****.txt files into your language file in language directory. Unfortunately theres only English and Thai languages, so if users select any other language they wont see the menu correctly.