WordPress also has a pretty substantial and helpful community of plugin developers, theme designers, bug reporters, and patch testers that work solely for the improvement of WordPress as a Content Management System. Users can contribute to the WordPress project in many ways. Here are 5 fast and easy ways that you can help to improve WordPress.

Submit a valid Bug Report with proper information

I’ve been in software development for a while, and one thing I can’t stand is a bug report that’s either invalid or doesn’t have enough detail so that I can easily reproduce the issue. Supplying the development team with good steps to replicate a bug helps them quickly and properly fix it. Don’t just try the process on your own installation; try it on a development installation, in the previous version, in a different browser, etc. I typically try the following things to identify a bug in the core:

• Turn off all plugins.
• Use the stock WordPress Twenty Eleven Theme.
• Try it on the current version, previous version, and nightly release.
• Try in multiple browsers and versions on Mac OS X and Windows 7.
• Try with a user from every privilege group (if it seems related to a role).

Contribute in the forums at WordPress.org

Everyday there are hundreds of new users installing WordPress. At one time, you were just like them (or may be that person now). A great place for finding information from the WordPress community is by checking WordPress.org/Support. Here, you can submit and view forum topics related to WordPress, its themes, and plugins, and overall usage of the platform. The two sections that I find most people need help in are ‘How-To and Troubleshooting’ and ‘Installation’ threads. If you have experience with WordPress, stop in and help out a user or two.

Develop a Theme or Plugin and host it on WordPress.org

There are plenty of premium content houses out there developing fantastic plugins and themes for WordPress, but WordPress itself is free and open-source. If you appreciate that philosophy, what better way to support that than to provide a free and open-source addition to the CMS platform. Hosting a theme or plugin on WordPress.org requires that it be free (as there is no payment method on WordPress.org). Basically, you supply your product free of charge and they will host it for you. If you want to contribute in this manner, you can use the ‘Extend’ section of WordPress.org: wordpress.org/extend

Participate in the WordPress IRC Channel

Remember IRC or Internet Relay Chat? Yeah, it’s still around, and WordPress still uses it to hold meetings and offer general help with connecting members of the WordPress Community with each other. You can hop on to the IRC Server at irc.freenode.net and join #wordpress. Instantly, you’ll be in the chat room with other WordPress users and the occasional WordPress developer. It’s a rewarding feeling to help out another user and get instant results as opposed to waiting for a forum topic reply.

Test a WordPress Patch

This one is a little more on the advanced side. When a bug report is sent into the ‘Trac’ (at core.trac.wordpress.org), it goes through the basic process of being Accepted, Corrected in a Patch, Tested, and Committed to a Nightly. The Nightly is then built into a versioned release. The patches mentioned are supplied either by another WordPress user with development experience or a Core Contributor/Core Developer. You can install these patches into the current version of WordPress, a beta version, a release candidate, or a nightly version. If you apply the patch and it fixes the issue, you can state that it was successful for you and mark it as such in the comments. The more testing that is done, the better. Testing a patch is helpful to the community as it helps keep the quality of the updates being made at a high level.

These are 5 ways that users of any level can contribute to the WordPress open-source project.

Since reportviewer is not installed by default, you need to copy 4 dll’s to your bin folder:

• Microsoft.ReportViewer.Common.dll
• Microsoft.ReportViewer.WebForms.dll
• Microsoft.ReportViewer.DataVisualization.dll (for graphics and gauges)
• Microsoft.ReportViewer.ProcessingObjectModel.dll

the last two you need to get them directly from your c:\windows\assembly through command prompt, the first two from the reporting services folder in your program files folder

also you need to add this configuration to your web.config
msdn

Implementation

1. Make sure your page is using one of the templates in your theme by editing your page in wp-admin and selecting a template under Page Attributes.
2. Create your custom fields by editing your page in wp-admin and adding new custom fields under the Custom Fields section.
3. Edit the template to display custom fields by replacing your targeted text or image with:
   
   

   get_post_meta($post->ID, 'YourCustomFieldNameHere', TRUE);

Now, all you need to do to make a change is modify the value for that Custom Field.

Text Example

Let’s say you have a blog about job hunting and somewhere on your home page you provide a tip that you change on a daily basis.  Here’s the code in the template:

My Tip of the Day ~
<span>At least a day before your interview, drive to the location of your interview so you know where it is and you can determine the time it will take to get there.</span>

Here’s all you have to do:

1. Ensure your home page is using a template. If not, go back to step #1 of Implementation above.
2. Create a custom field called “Tip_of_the_Day”. The initial value should be “At least a day before your interview, drive to the location of your interview so you know where it is and you can determine the time it will take to get there.” without the quotes.
3. Edit the code in the template to:
   
   

   My Tip of the Day ~
   <span><?php echo get_post_meta($post->ID, 'Tip_of_the_Day', TRUE); ?></span>

4. The next day, change the value of Tip_of_the_Day to the new Tip. 

You’re done!!!

Image Example

The steps to change an image are the same as the Text Example. Let’s say you have a background image on the home page that you prefer to change periodically so the site is fresh for your customers. Here’s the code in the template:

<img src="blue_large_background.gif" />

After you’ve created your custom field named “Background_Image” with a value of blue_large_background.gif, change the code to:

<img src="<?php echo get_post_meta($post->ID, 'Background_Image', TRUE); ?>" />

Now, when you want to freshen up your home page, just change the value of your custom field!

The Problem…

When we deactivate a plugin, we forget about it and it tends to sit in our Plugins folder collecting dust. You may get a notice that there’s an update for the plugin, but since you’ve found a better one, you ignore the notice and decide not to upgrade it, because you aren’t using it anymore.

“Why is this a problem?”, you might ask. Well, while the plugin is not active on your site anymore, the code of a deactivated plugin still exists in your ‘wp-content/plugins/’ folder and therefore can be manually navigated to. This isn’t an issue for all plugins, but ones that have files configured to take in user supplied arguments like POST and GET request information, may become vulnerable to being executed… even when deactivated.

The Solution…

There are two ways you can handle an old plugin: delete it, or treat it like it’s a plugin you are using and update it. Personally, I’d rather just delete the old plugin. No sense in being a WordPress pack-rat. Get rid of it!

If there’s a chance you may use the plugin again, and you choose to keep it, just make sure you update it whenever a new version comes out. This way, you’re at least up-to-date with the most recent code base, even if you are not including it in your pages when users visit.

As a note, always remember to check with the WordPress plugins directory or the Plugin Homepage for any compatibility issues before upgrading. And, as WordPress recommends, backup all content and databases prior to upgrading any part of your WordPress site.

For more information on WordPress Plugin Security, you should also read Are Your Plugins the Weakest Link?.

Instead I looked at phpinfo.php on my hosting site (using WordPress). It showed that session.save_path was not set. (I had just moved my hosting to 4GH when all these problems showed up)

I found an article that suggested that I:

replace session_start(); with
session_save_path(“/tmp”); session_start();

This worked! All errors went away immediately.

I think GoDaddy needs to set the php5.ini file so that session.save_path is set as a variable. Since php finds that this variable is not set, php throws a bunch of errors.

Try it. I bet it’ll solve your problem also.

Surf the Internet
You really could use my laptop for this.  Just don’t try to open up more than 3 instances of your favorite browser.  Seriously, you could consider any low-end, new laptop on the market today.  If this is you, I would suggest getting the biggest monitor, RAM, and hard drive combination you can afford.

Back to School
If you’re going back to school or maybe you need a little more horsepower to stream videos or do programming, consider the Intel Core i3 or Core i5 processor as the minimum.  You can save money by going with the 1st generation of these processors.  Depending on what you’re comparing, it’s not a lot of savings.  You can save a few dollars or up to about $100.

Video Games!
You’ll need some good power for this so go with an Intel Core i7 processor with dual graphics capability.  You could get away with an i5 processor but it will need to be the 2nd generation.  Usually games are graphics intensive so don’t skimp on the graphics capabilities.  In addition to the built-in Intel HD Graphics, get a laptop that has a second graphics card by NVIDIA or by ATI.

Now that you’ve done your homework and have narrowed your choices to a few laptops, here are some things to consider to hopefully help in your decision-making.

Windows or Windows?
The title isn’t a mistake.  Look carefully at the operating system loaded on that laptop.  Is it Windows 7 Home Premium or Windows 7 Professional?  The professional version does cost more.  It has advanced networking features, network backup capabilities, and remote desktop capabilities.  These features may or may not matter to you but if they do make sure you get the right one for you.

Hard Drive RPM
It’s safe to say that the faster the hard drive spins the faster it can get the info you’re looking for.  Laptop hard drives are normally 5400 RPMs.  If you find one that is the same size but is 7200 RPMs or higher, give that laptop an edge in your final decision.

Who needs Reliability?
If you’ve purchased what ended up to be an expensive paper weight, you know what I’m talking about.  Currently ASUS and Toshiba have the least issues with their laptops.  This doesn’t mean they don’t have issues.  If they rest on their laurels, they could easily be one of the worst since the competition is right on their heels.  You may have had great luck with your Lenovo, Dell, or Sony laptop.  You also may have received one of the few lemons from ASUS.

Often, in larger companies, it can be easy to lose track of who is responsible for each part of the security that is needed. The assumption may be that the network guys are taking care of the network security, the administrators are taking care of the servers and the dependency software versions, and the developers and QA are taking care of the software security. While it’s good to assign these roles to specialized groups in larger companies, it’s never a bad idea to have overlap or oversight. We should be all concerned about the systems we work with and the potential for exploitation. The different roles may have different ways of overlapping in what they are looking for. So, with that being said, here are some tips, from a developer’s perspective, of security as a priority.

Trusting the Data
The data that is being brought in from users should never be trusted at face value. The majority of client data falls into two areas:

• Valid data the client meant to input.
• Invalid data the client either mistyped or doesn’t fit the requirements of the field.

In both of these cases, there is nothing malicious intended. However, the data should be vetted to make sure that passwords match a standard or other validation that may be required. While this may be the majority of data that passes from a client, there will be people with ill-intent. Making sure THEIR data doesn’t get executed or stored is the goal.

It makes sense that you would want to prevent malicious content from being executed immediately, but storing this data may also have consequences later. For example, if later another developer trusts the data coming from within the system but doesn’t verify that it was malicious content that was stored. Most languages provide their own ways to filter input data and these should be used anytime data is handled. Some of the most exploited issues exist because data is not vetted properly, allowing malicious users to cross-site script or inject and execute SQL statements on the server.

Server Transparency
From a black box perspective, server transparency mostly comes down to the URLs being used to access pages on your server. Ideally, a redirect layer should be in place before any request for a page is made to your web server process. If a malicious user is accessing your site and they see a URL that clearly indicates the file hierarchy of your server, it can be just another clue on brute forcing to find a URL that gets them access to something they should not have access to. By having a redirect layer, you can obfuscate the hierarchy of your server into something less meaningful to the user. Take for example the following URL and what it’s potential URL could be.

Instead of: https://www.domain.com/user/admin/manage.php

Use: https://www.domain.com/user-profile/

The path to access any other files that may be in the ‘user’ or ‘user/admin’ directories is not obvious to the malicious user. To be clear, however, security through obfuscation is not real security. The best you can hope for from obfuscation is to keep away those looking for a quick hack. A determined hacker will simply jump through more hoops. If those pages you do not want a user to access are on a live server and can be accessed by you, they can be accessed by that user as well.

Ideally, any pages you would not want a regular user to have access to would not be on the same server as pages users are accessing files on. For smaller companies and sites, it may not be within the budget to have multiple servers for this purpose. In these cases, here’s a good list to run through for files like these:

• File permissions are limited to only what is needed.
• The extensions on these files are ones that will process server-side code through your web server.
• Server-side code in these files to verify the identity of those accessing them.

Avoid naming any file with extensions that do not get filtered through your web server if they contain any data that can help a malicious user. If you’re running any software that needed installing, such as WordPress, phpBB, phpMyAdmin, etc., remember to remove any install files or documentation that came with these.

0day Vulnerable
A 0day is any open vulnerability that does not yet have a known fix. For any company that runs externally developed software, a 0day can be an Achilles’ heel. The best thing you can do is keep a list of all the software your server runs on and keep those as up-to-date as possible. Regularly visit their sites or repositories and make sure you’re as updated as you can afford to be for your applications. Going through any change logs for patches will also give you a good idea if your system is vulnerable. Keeping up on the patches will not protect a system from a 0day, but it will eliminate already fixed issues from causing your system downtime or costly attacks.

Your System Is 100% Secure
… to your knowledge. Approaching security from the standpoint that there are issues you just haven’t yet found is the best and most realistic approach. I have only covered a few things that you, as a developer, can do to protect your server. With constantly changing technology, there will always be new issues coming up. Keeping on top of your patches and always being thoughtful of the code you write is your best way to prevent becoming the victim of a malicious user’s ill-intentions.

A common mistake that people make is creating selectors that match a large number of elements on the page. This is an issue because the browser creates a document tree of all the elements being displayed on the page and matches these elements with any specified styles/classes according to three levels – cascading, inheritance, and ordering rules. When this is done, the CSS engine tries to match styles with elements based on the rules supplied in the CSS from the right-most selector (the “key”) until it finds a match or discards it and moves on. Therefore if there are multiple matches, it will only see the first one and disregard the rest.

Removing unused CSS is a BIG step in improving rendering performance in browsers. The more specific you are when defining your rules and avoiding repeating or redundant class/styles, the easier and faster it is for the style engine to find matches and continue forward.

Some examples of CSS rules that slow down the rendering process and are inefficient to use are:

1. Descendant selectors that use a universal selector as the “key” (`body * { color: #999;}`). This is inefficient because, for each element that matches “body”, the browser must now evaluate every ancestor element in the DOM until it finds a match or reaches the root element. This means, the less specific the key, the greater number of elements that have to be evaluated.
2. Using child/adjacent selectors with a universal key ( `body > * { color: #999;}`). Even though this approach is better than descendant selectors, it is still inefficient because the browser’s CSS engine still has to evaluate twice as many elements on the page, which is doubly more expensive in terms of rendering and evaluation.
3. Redundancy in terms of adding tags or classes to an ID selector (ex – “`form#UserLogin { font-size: 11px;}`”). In this example, there is no practical reason to add a tag or class qualifier to the ID because it’s information that is evaluated for no apparent reason, which bogs down rendering time.

To avoid slower page loads and browser rendering, it is recommended that you avoid using universal key selectors, make your CSS rules as specific as possible, remove redundancy in your CSS, avoid descendant, child, or adjacent selectors as much as possible, and use class and ID selectors instead.

Another good practice is removing all of your inline styles and placing them in a corresponding style sheet or, if need be, in the head of the page itself. Also, when using external style sheets, it’s best to link to them instead of using “@import”.

The last two steps you can take to speed up browser rendering are:

1. Specify the height and width of all images. If there are no dimensions, the browser will have to reflow the layout once the images are downloaded. However, never scale images by using smaller dimensions than what were specified originally when the image was created.
2. Specify a character set that includes setting a content type and character encoding. This prevents the browsers from having to find the type on its own using algorithms, which of course causes additional delays and security risks. These are set in your HTTP header or HTML meta tag. It’s important that these “charsets” match the HTML authoring tool you are using to prevent mismatched encoding, which can lead to your page being rendered incorrectly and delays in redrawing the page in the browser.

Just following these additional steps can vastly improve the speed and rendering of your HTML documents in the browser, leading to a better, more efficient browser experience for your end user.

• It simplifies selecting elements.
• Many complex operations are reduced down to just a method call.
• Event handling is extremely easy.
• There is very low overhead.
• The themeable widgets and interface are amazing.

I’ve been using jQuery for a number of years and have found it to be fairly robust and extending it is very easy. Also, there’s a large community of support for any questions that you may run into.

For those of you who have recently started with jQuery, here are the top five tips that I suggest:

1. Cache or chain operations after a selector.
   
   Saving a selector that is performed to a variable will prevent jQuery from having to do that selector operation over again.

   var div_prices = $('div .sale-price');
   

   You can also chain any methods you mean to perform at one time onto a single selector. This will help by only performing the selector one time.

   $('div .sale-price').removeClass('sale-price').addClass('list-price');
   




2. Avoid class selectors, if possible.
   
   Class selectors are heavy operations for jQuery to perform.

   $('.page-title').hide();
   

   In times like this, when there is more than likely only a single instance of your page title, then it is a much faster operation to target the element by it’s ID and not it’s class.
   

   $('#page-title').hide();
   




3. Learn when and the best way to bind an event.
   
   jQuery presents a number of ways to bind an event to an element and understanding when to use what will be advantageous. Here is the most common way.

   $('#submit-button').click(function(e) { ... });
   

   This binds a click event to the submit button. However, if the submit button is something that’s being injected later into the page, you have to make sure and run this again after it’s injected. Alternatively, you can use the live() method. In this case, the click function is bound to the submit button regardless of when it’s added to the page.

   $('#submit-button').live('click', function(e) { ... });
   




4. Total the number of selected elements.
   
   It can be helpful to find out how many elements a selector has selected. This will simply return the number of elements that use a class of ‘my-list’.

   $('.my-list').size();
   




5. Use jQuery’s data() method over state storing in classes.
   
   A common practice is to keep track of an element’s status and display it based on the classes it has or doesn’t have. There is nothing inherently wrong with doing this, but jQuery does provide a cleaner way of accomplishing this. Using the data() method on an element, you can store any data about that element.
   

   $('.my-list').data('on-sale', true);
   

   This property is stored on the elements and can be checked using the data() method as well.
   

   if($('.my-list').data('on-sale')) { ... }
   

You can find more information regarding jQuery at jQuery.com.

You can find information on jQuery UI at jQueryUI.com.

If you decide to try out jQuery, I hope you find it as easy to use and helpful as I have.

The one thing that most internet marketers want the MOST is what they need the LEAST.

Most internet marketers are actively looking for a new marketing tactic or tool. Their days are spent trying this idea and that idea, giving this new thing a chance and that new thing a chance.
They try a few list-building things.  They try a few traffic generation things.  They try a few affiliate marketing, things.

They do the SEO “trick” they heard about on the forum.  They write a gazillion e-zine articles ‘because they heard that works”.  They move on to videos.  Yeah, videos — that’s the answer because it’s new for now.

30 days later, 6  months later, 3 years later … they’re singing a new verse of the same song. They are actively looking for a new marketing tactic or tool.

In the process they’ve been spending money instead of making it.  They’ve been wasting time instead of freeing it up. What’s the problem?  Is it all smoke and mirrors?  Is it all one big scam? 
The problem is the ironic and sad reality:  most internet marketers never see huge success because they constantly pursue things they WANT instead of things they NEED.

We’ll get back to that in just a moment.  Hold that thought.
What I’m going to share with you in the remainder of this article will be a paradigm shift for a few who “get it”.

Some will skeptically say, “This person is just trying to sell me something.”  Some will say, “Ah, what does he know?”  Some will say, “I’m sure that’s right, but it’s not as sexy as all this other 3-ring circus stuff the gurus are doing”.

Whatever.

Take it for what it is.  I’ve been doing this for over ten years.  I make a lot of money.  I spend a whole lot more time traveling and playing tennis and going on mission trips that I do on my business.
I must know something.  It may not be flashy.  But it’s like Novocain, folks.  Give it enough time and it always works.

Someone out there will read this.  And they’ll get that what I’m telling you is legit.  For that person, it’s time for a new song.
For the rest of you.  Come back in 30 days. Or 6 months.  Or 3 years.  And read this post.  Maybe then it will sink in.
Here are 3 keys to kick-starting your business in the next 24 hours…

1. STREAMLINE.
The first order of business is to bring some order to your business!  You’ve got to streamline.  And what I mean by that is simply this:  do one thing and do it well. You need to “decide what you want to be when you grow up”.  That is, what business model do you want to follow?  What is the ONE primary thing you’re going to do to make money?

Are you going to create information products?  Be an affiliate marketer?  Sell items on eBay?  Create and flip websites?  Provide a service?  Coach?

Resist the temptation to try it all.  Resist the temptation to dabble.  Dabbling is a horrible, horrible thing for the average internet marketer.  Trying a little bit of many things almost certainly will mean you won’t do anything well.

Decide right now what the ONE PRIMARY method of generating cash for your business will be.  Don’t proceed until you’ve streamlined your business.

Then…

2. SYSTEMIZE.
Internet marketing is too big in and of itself.  Imagine someone saying, “Now go do health” or “get out there and be a traveler” or “start parenting”.

Regardless of what your ONE revenue path is, there will be many parts.  You’ve got to systemize your business into manageable chunks.  You’ve got to break everything down into a daily, weekly and monthly schedule of action steps.

For me, I keep it very simple.  I have three parts to my business…
* Offer creation.
* List marketing.
* Traffic generation.

I create a new offer.  I market it to my list.  I drive traffic to the offer site.
End of story. 
I have a system I  use to create a new offer.  I have a system I use to write and send mailings.  I have a system I use for getting visitors to my site. It’s the same system I’ve been using since 2000.  Novocain, folks.  Always works. 

Create a checklist of action steps for ONE kind of offer.  Create a checklist of action steps for ONE way to build a monetize a list.  Create a checklist of action steps for ONE method of generating website traffic.

Don’t try a bunch of things and do them average or poorly.  Find ONE method and do it WELL. You want to Uncomplicate things.  You want a MINIMAL set of action steps.  You want to do the very least amount of different things as possible to achieve your goal.
You’ve got to systemize your business into manageable chunks.
Then…

3. STICK.
Perhaps the most devastating thing in the life of the 95% of those who fail is this:  they don’t stick to it.
Seriously, that’s what failure is … it’s NOT DOING SOMETHING.  It’s quitting.  It’s coming up short of the finish line.  It’s NOT DOING SOMETHING.

When you narrow things down to ONE way of making money and then create a simple checklist of MINIMAL ACTION STEPS to make money, you absolutely must STICK TO IT.

Don’t quit.  Don’t quit.  Don’t quit.

Despite me saying this, most reading it will quit anyway.
A “new” offer of the week will come along and they’ll get distracted.  Someone well respected in the industry will convince them that the latest trick is the “most important thing you’ll ever do”  (Talk about a new verse of the same song!)  Things won’t happen instantly, overnight like other people promise.

Listen, you can rationalize the decision to quit in a thousand different ways.  You can make excuses for why you should move on and try something else. Label it whatever you want, but just below the surface you’ll see this word tattoed on your being in permanent ink … failure.  If you quit, it’s all the same … it’s NOT DOING SOMETHING.

I know it’s hard to stick to things when there LITERALLY is a new offer in your face every single day.  Most people just can’t resist that temptation. So, do this:  find yourself one mentor that you trust and believe and remove yourself from everyone else’s list.  Just cut that temptation off at the root.

At the end of the day, I can tell you this.  I’m about to celebrate 10 years online.  I make more money than ever and work less than ever.  I promise you, I know what I’m talking about here. If you want to do well online,  you’ve got to STREAMLINE, SYSTEMIZE and STICK.

You can stop reading right now and apply what I’ve told you so far and you’ll be right on target in six months.  Pay attention to what I’m saying.  You don’t need what I’m about to offer you.  I know that’s contradictory to most people’s sales pitch.  I’m supposed to convince you to buy something from me right now.  And it’s true that I do have an offer for you.  But I’m telling you up front, you can do everything I’ve told you above and be fine on your own.  You don’t need my offer.

Now, for those who want some hand-holding and some specifics for the three keys above, I can help you. I can personally (one-on-one) answer your questions, help you create a daily schedule and give you some specific action steps to take each week to build a streamlined, systematic plan of action, then stick to it!

Regardless of whether you get help with creating a plan together with your partner, or if you do it independently, it’s time for you to sing a new song. Good luck!