WordPress lostpassword_errors Filter

Unlike the registration_errors filter, there’s not a lostpassword_errors filter… but there is another filter you can use instead!

I spent a couple of hours of searching and another one debugging attempting to find a WordPress filter for errors like the:

ERROR: Invalid username of email.

that appears on the lost password page. Since there’s a registration_errors filter, I thought lostpassword_errors or something close to it would be available. Nope. Continue reading “WordPress lostpassword_errors Filter”

WordPress AJAX: Frontend & Backend Implementation

I was recently working on a WP site that required AJAX functionality on the frontend. Having implemented WordPress AJAX for my Book It! Transportation plugin on the backend, I figured it would be a cinch. Come to find out, it required a little more work to accomplish.

I was recently working on a WP site that required AJAX functionality on the frontend. Having implemented WordPress AJAX for my Book It! Transportation plugin on the backend, I figured it would be a cinch. Come to find out, it required a little more work to accomplish.

After digging around multiple blogs and the WordPress Codex, I found it a little difficult to find full working examples. Get ahead of the learning curve by learning how to implement WordPress AJAX for both the frontend and backend below.

WordPress AJAX for the Backend

This is a cinch to do. Currently, the core of WordPress uses AJAX only in the administration screens. For instance, AJAX is used for instant updates when you are doing comment moderation, and when you are adding and deleting items from lists such as categories, blogroll, and posts; AJAX is also the technology behind the auto-save functionality on post and page editing screens. Several themes and plugins also use AJAX; for instance, some post rating plugins use AJAX to store the visitor’s rating in the database and then display an updated average rating.

Since AJAX is already built into the core WordPress administration screens, adding more administration-side AJAX functionality to your plugin or theme is fairly straightforward, check out the example below.

This should be fairly straight forwared. It uses WP’s admin_footer action (see add_action) to include some JS in the footer that makes the AJAX magic happen. Take a look at $.post if you’re not familiar with it.

With the code above, you’re defining your action, a WordPress nonce for security, and any other data you want to send. You’ll use the action you define as part of the WP function you’ll create that handles the AJAX request. See below:

We’re using WP’s wp_ajax_(action) hook to handle the AJAX request. This hook allows you to create custom handlers for your own custom AJAX requests. The wp_ajax_ hook follows the format “wp_ajax_$youraction”, where $youraction is your AJAX request’s ‘action’ property you sent in the JS above.

Also, be sure to include the check_ajax_referer to verify that the request came from the right place.

That’s it! You will need to add a few details, such as error checking, but hopefully the example above will be enough to get you started on your own administration-side AJAX plugin.

WordPress AJAX Backend Example

Here’s a full working example of WordPress AJAX in the backend. This will produce a JS alert box with the text 1044 when a page has been loaded in the administration panel. In the functions.php file:

WordPress AJAX for the Frontend

This takes a little extra work to accomplish. Since WordPress 2.8, there is a hook similar to wp_ajax_(action):

You’ll need to use this hook if you’re planning on implementing WordPress AJAX on the frontend. If you want to fire your AJAX function both both logged-in and logged-out users, you’d do this:

Something else to keep in mind when implementing WordPres AJAX on the frontend is, unlike on the admin side, the ajaxurl javascript global does not get automatically defined for you, unless you have BuddyPress or another Ajax-reliant plugin installed. So instead of relying on a global javascript variable, you’ll need to declare a javascript namespace object with its own property, ajaxurl. Use wp_localize_script() to make the URL available to your script, and generate it using this expression: admin_url( 'admin-ajax.php' ). See below:

Another thing to keep in mind is, both front-end and back-end AJAX requests use admin-ajax.php so is_admin() will always return true in your action handling code. When selectively loading your AJAX script handlers for the frontend and backend, and using the is_admin() function, your wp_ajax_(action) and wp_ajax_nopriv_(action) hooks MUST be inside the is_admin() === true part.

AJAX requests bound to either wp_ajax_ or wp_ajax_nopriv_ actions are executed in the WP Admin context. Carefully review the actions you are performing in your code since unprivileged users or visitors will be able to trigger requests with elevated permissions that they may not be authorized for. See below:

Here the AJAX action my_frontend_action will trigger the PHP function my_frontend_action_callback() for all users. The AJAX action my_backend_action will trigger the PHP function my_backend_action_callback() for logged-in users only.

WordPress AJAX Frontend Example

Here’s a full working example of WordPress AJAX in the frontend. This will produce a JS alert box with the text 1044 when a page has been loaded in the administration panel. In the functions.php file:

In the example.js file:

Learn more about WordPress AJAX

WordPress Developer Tips & Tricks

If you haven’t already guessed, I’m a huge fan of WordPress. Having worked with both Drupal and WP, hands down I’d pick WordPress over Drupal any day. Though WordPress is a powerful CMS, there are some limitations that I hate to say, Drupal makes a little easier to overcome. But, if you’re a developer like myself, those limitations can be tackled with a little coding.

I’ve put together an ongoing post of useful WordPress tips and tricks to make life a little easier for other developers. Feel free to comment below and share your thoughts. tips or tricks you might have. This is my go-to guide to reference ways to make WordPress work exactly how I want it and hope it will be yours too!

Remove Unneeded Code from the WordPress Header

Make It Work! Overcoming WordPress Limitations

Feature Fun! WordPress Tips & Tricks

Useful WordPress SQL Queries

Customize HTML Markup

Customize Comments Markup

In a typical WordPress theme you output the entire list of comments for a Post/Page by using the function wp_list_comments(). This doesn’t offer much by the way of customizing what HTML markup gets generated for that comment list. To write your own markup for the comment list, you can use a callback function as a parameter in wp_list_comments(), so it’s just as nicely abstracted.

In functions.php

		function my_theme_comments( $comment, $args, $depth ) {
			$GLOBALS['comment'] = $comment;
		   	echo '<li ' . get_comment_class() . ' id="li-comment-' . get_comment_ID() . '">';
		   	if ( $comment->comment_approved == '0' ) {
		   		echo '<em>' . _e 'Your comment is awaiting moderation.' ) . '</em>';

		   	// Comments markup code here, e.g. functions like comment_text();

In comments.php

		wp_list_comments( 'callback=my_theme_comments' ); 

Remove Unneeded Code from the WordPress Header

Removing unnecessary code from your site is essential to optimizing it for both performance and SEO:

  • Your important page content gets moved further up on the page.
  • You increase your content to code ratio.
  • Your pages will load faster. Visitors may not notice, but search engine spiders will.

Here’s some code I routinely remove from the WordPress sites I work on:

<link rel="EditURI" type="application/rsd+xml" title="RSD" href="http://www.benmarshall.me/xmlrpc.php?rsd" />

Are you editing your WordPress blog using your browser? Yes? Then you’re probably not using a blog client and this link can probably be removed. This link is also used by a few 3rd party sites/programs that use the XML-RPC request formats. One example is the Flickr API. So if you start having trouble with a 3rd party service that update your blog, add this back in. Otherwise, remove it.

To remove the EditURI/RSD link from your header, open functions.php (in your theme folder) and add this line:

remove_action( 'wp_head', 'rsd_link' );
<link rel="wlwmanifest" type="application/wlwmanifest+xml" href="http://www.benmarshall.me/wp-includes/wlwmanifest.xml" />

If you don’t know what Windows Live Writer is (it’s another blog editing client), then remove this link.

To remove the wlwmanifest link from your header, open functions.php and add this line:

remove_action( 'wp_head', 'wlwmanifest_link' );
<link rel="shortlink" href="http://wp.me/36m0W" />

URL shortening is sometimes useful, but this automatic ugly url in your header is useless. There is no reason to keep this. None.

To remove the shortlink from your header, open functions.php and add this line:

remove_action( 'wp_head', 'wp_shortlink_wp_head' );

Remove the WordPress Generator (with version information) Tag

<meta name="generator" content="WordPress 3.4.2">

This announces that you are running WordPress and what version you are using. It serves no purpose. You should always be running the latest version of WordPress. If you are living life on the edge and are a few releases behind, why advertise how vulnerable you are?

To remove WordPress Generator from your header, open functions.php and add this line at the bottom of the page:

remove_action( 'wp_head', 'wp_generator' );

Make It Work! Overcoming WordPress Limitations

One of the most common things I hear from Drupal developers about why they don’t like WordPress, is it has limitations. This makes me laugh only because everything Drupal is complex and time-consuming. Yes, there are some limitations with WordPress, but their platform makes it a cinch to overcome these problems. Instead of taking hours to do something like it does in Drupal, you can knock out the same task in WordPress in less than 5 minutes.

Here’s some quick code snippets that will help you overcome the limitations WordPress has:

Change Add New Post to Add New Article

Add New Article

Have a client that prefers the Add New Post to say Add New Article? Use the code below in your functions.php file to keep them happy:

add_filter( 'gettext', 'change_post_to_article' );
add_filter( 'ngettext', 'change_post_to_article' );
function change_post_to_article( $translated ) {
	$translated = str_ireplace(  'Post',  'Article',  $translated );
  	return $translated;
Be careful with this one. The code you put in this hook will run every time WordPress runs a string through its translation filters. Complex cases and conditionals could add a considerable amount of overhead, especially when loading pages filled with translation strings, such as the administrative pages. But if you just want to rename one thing that confuses your client (for example, maybe changing “Posts” to “Articles” for that corporate client who doesn’t “blog” yet), then these hooks can be very handy.

Redirect Failed Logins

By default, WordPress redirects users back to the current page upon successful authentication, but what about failed logins? Here’s a hook and some code that you can put in your functions.php file that will redirect failed log-ins to any location of your choosing.

add_action( 'wp_login_failed', 'my_front_end_login_fail' );  // hook failed login

function my_front_end_login_fail( $username ) {

	// Where did the post submission come from?
  	$referrer = $_SERVER['HTTP_REFERER'];

  	// If there's a valid referrer, and it's not the default log-in screen.
  	if ( !empty($referrer) && ! strstr( $referrer,'wp-login' ) && ! strstr( $referrer,'wp-admin' ) ) {

  		// Let's append some information (login=failed) to the URL for the theme to use.
   		wp_redirect( $referrer . '?login=failed' );

Add Excerpts to Pages

Page Excerpts

By default, Pages do not support excerpts. Did you know that adding excerpt support to the built-in Page type is as simple as adding a few lines of code?

add_action( 'init', 'my_add_excerpts_to_pages' );
function my_add_excerpts_to_pages() {
  	add_post_type_support( 'page', 'excerpt' );

Add Your Own Credits to the Admin Footer

If you build WordPress websites for clients, then you should certainly make sure that WordPress gets its due. It wouldn’t hurt to sneak in a little credit to your agency either.

add_filter( 'admin_footer_text', 'my_admin_footer_text' );
function my_admin_footer_text( $default_text ) {
  	return '<span id="footer-thankyou">Website managed by <a href="http://www.highfivery.com">highfivery.com</a><span> | Powered by <a href="http://www.wordpress.org">WordPress</a>';

Feature Fun! WordPress Tips & Tricks

WordPress is great as a start to a fully-featured website, but sometimes you need some extra features to really make it do what you need. Here’s some quick ways to easily add additional features to your WordPress site.

Add Image Source Fields

Crediting and linking the source of any republished photo or illustration on the web is one of the most important best practices of web publishing. Unfortunately, there isn’t a standard way of doing it in WordPress and authors are left with their own decision on how and where to credit the original author or website.

To add a source name and URL to your images, add the following code to your functions.php file:

add_filter( 'attachment_fields_to_edit', 'add_image_source_url', 10, 2 );
function add_image_source_url( $form_fields, $post ) {
  $form_fields['source_name'] = array(
    'label' => __('Source Name'),
    'input' => 'text',
    'value' => get_post_meta($post->ID, 'source_name', true),
                'helps' => __('Add the name of the source where the original image was posted.'),

  $form_fields['source_url'] = array(
    'label' => __('Source URL'),
    'input' => 'text',
    'value' => get_post_meta($post->ID, 'source_url', true),
    'helps' => __('Add the URL where the original image was posted'),
  return $form_fields;

add_filter('attachment_fields_to_save', 'save_image_source_url', 10 , 2);
function save_image_source_url($post, $attachment) {
  if (isset($attachment['source_url']))
    update_post_meta($post['ID'], 'source_url', esc_url($attachment['source_url']));
  if (isset($attachment['source_name']))
    update_post_meta($post['ID'], 'source_name', $attachment['source_name']);

  return $post;

Thanks to the following people: