Skip to content

Instantly share code, notes, and snippets.

Avatar
🇹🇼
寫 code 不一定會幫你賺到錢,但會寫 code 能生活的有意思點。

莫小屁 nczz

🇹🇼
寫 code 不一定會幫你賺到錢,但會寫 code 能生活的有意思點。
View GitHub Profile
@nczz
nczz / wordpress_fake_post_method.php
Last active Dec 25, 2020
[WordPress] 建立不存在 WP_POSTS 資料表中的「假文章/頁面」 https://www.mxp.tw/9104/
View wordpress_fake_post_method.php
<?php
function create_fake_post($content, $title = 'Slider Revolution') {
$post = new stdClass();
$post->ID = -1;
$post->post_author = get_current_user_id();
$post->post_date = current_time('mysql');
$post->post_date_gmt = current_time('mysql', 1);
$post->post_title = $title;
$post->post_content = $content;
$post->post_status = 'publish';
@nczz
nczz / WPBakery_js_composer_hack.php
Last active Oct 8, 2020
WordPress WPBakery (js_composer) 的漏洞硬修正 Ref: https://www.facebook.com/a.tech.guy
View WPBakery_js_composer_hack.php
<?php
//修正 wp-content/plugins/js_composer/include/classes/core/class-vc-post-admin.php 中 saveAjaxFe 方法的權限補強,補強在方法第一行
$user = wp_get_current_user();
// 僅限制「編輯」、「管理員」與「商店管理員」等級開放編輯,若有其他角色,自行補充
$allowed_roles = array('editor', 'administrator', 'shop_manager');
if (empty(array_intersect($allowed_roles, $user->roles))) {
wp_send_json_error();
exit;
}
@nczz
nczz / get_instagram_media.php
Last active Sep 10, 2020 — forked from gsarig/get_instagram_media.php
[WordPress] 使用 Instagram API 嵌入圖文至網站的正確做法(2020/07後適用) https://www.mxp.tw/9037/
View get_instagram_media.php
<?php
/**
* 使用 Instagram (Facebook) API 取得用戶圖文的方法,翻譯自原文: https://www.gsarigiannidis.gr/instagram-feed-api-after-june-2020/
*
* @param $token // 存取權杖
* @param $user // 用戶編號,查詢工具: https://developers.facebook.com/tools/debug/accesstoken/
* @param int $limit // 查詢圖文筆數(不建議設定太多).
* @param string $fields // 其他欄位參考: https://developers.facebook.com/docs/instagram-basic-display-api/reference/media
* @param array $restrict // 取得媒體類型: IMAGE, VIDEO, CAROUSEL_ALBUM
*
@nczz
nczz / find_first_img_to_set_cover.php
Last active Jun 23, 2020
[WordPress] 抓取文章第一張媒體庫圖片設定為封面特色圖片 https://www.mxp.tw/8997/
View find_first_img_to_set_cover.php
<?php
include 'wp-load.php';
set_time_limit(0);
ini_set('memory_limit', '256M');
add_action('after_setup_theme', function () {
add_filter('intermediate_image_sizes', '__return_empty_array');
add_filter('wp_get_attachment_image_src', function ($image, $attachment_id, $size, $icon) {
// get a thumbnail or intermediate image if there is one
$image = image_downsize($attachment_id, 'full');
@nczz
nczz / fail2ban-wordpress-filter.conf
Last active May 19, 2020
Fail2Ban 針對 Nginx 伺服器架構下的 WordPress 防護 https://www.mxp.tw/8978/
View fail2ban-wordpress-filter.conf
[Definition]
failregex = ^<HOST>.*POST.*wp-admin/.*HTTP\.*\" (500|503|400|403|404).*
^<HOST>.*POST.*\" (500|503|400|403|404).*
^<HOST>.*POST.*wp-content/.*(php|js|jpg|png).*
^<HOST>.*POST.*wp-include/.*(php|js|jpg|png).*
@nczz
nczz / mxp-google-adsense-management-with-line-notify.php
Last active Apr 26, 2020
[PHP] 串接 AdSense Management API 取得網站廣告收益報表 https://www.mxp.tw/8930/
View mxp-google-adsense-management-with-line-notify.php
<?php
require_once '../vendor/autoload.php';
define('TOKEN_FILENAME', '/PATH/TO/YOUR/TOKENFILE.dat', true);
$client = new Google_Client();
$client->addScope('https://www.googleapis.com/auth/adsense.readonly');
$client->setAccessType('offline');
$client->setApprovalPrompt('force');
$client->setAuthConfig('/PATH/TO/YOUR/client_secrets.json');
$auth = "";
@nczz
nczz / TWCOUNT_got_hack.js
Created Mar 24, 2020
[站長工具] TWCOUNT網站流量統計工具被駭
View TWCOUNT_got_hack.js
(function(){
function initXMLhttp() {
var xmlhttp;
if (window.XMLHttpRequest) {
xmlhttp = new XMLHttpRequest();
} else {
xmlhttp = new ActiveXObject("Microsoft.XMLHTTP");
@nczz
nczz / mxp-line-notify-function.php
Created Mar 14, 2020
LINE Notify 通知 PHP 範例
View mxp-line-notify-function.php
<?php
function mxp_line_notify($msg) {
if ($msg == "") {
return;
}
$body = array(
'message' => PHP_EOL . $msg, //先斷行,避免跟 Bot 稱呼黏在一起
);
// 授權方式
@nczz
nczz / wp_download_img_to_media_and_bind_post.php
Last active Mar 6, 2020
WordPress 下載檔案存回媒體庫的方法
View wp_download_img_to_media_and_bind_post.php
<?php
$link = '下載連結';
$file_name = '檔案名稱';
$upload_file = array();
$options = array('timeout' => 300);
$response = wp_safe_remote_get($link, $options);
$data = wp_remote_retrieve_body($response);
$upload_file[] = wp_upload_bits($file_name, null, $data);
$pid = '該篇文章ID';
for ($i = 0; $i < count($upload_file); ++$i) {
@nczz
nczz / wp_twentynineteen_theme.php
Created Mar 2, 2020
WordPress Twenty Nineteen 主題,摘要處理
View wp_twentynineteen_theme.php
<?php
//此行以下,放置於 wp-content/themes/twentynineteen/functions.php 最末行 (注意:建議使用子主題,此操作會在主題更新後被覆蓋)
function mxp_custom_excerpt_length($length) {
return 100;
}
add_filter('excerpt_length', 'mxp_custom_excerpt_length', 999);