Hide related products on shop page in Woocommerce

Posted on in Wordpress, WooCommerce, functions.php, CSS, related-products • Tagged with Wordpress, WooCommerce, functions.php, CSS, hide-related-products, disable related products

Introduction

I found many instructions and guides in the Internet that describe How to hide related products tab on shop page to be NOT WORKING!

It's a freaking pain in the ass to hide your related products tab on your shop page. The method to actually hide related products depends on the WooCommerce theme that you are using. In this article, we are going to present a method that provably works for every theme and WooCommerce version out there.

How to disable related products - Step by step guide

Step 1. Open the product page where your related products are shown.

Step 2. Right click on the HTML with related products and open page inspect. See the picture below.

Inspect element

Step 3. Copy the class attribute of the container element that contains the related products HTML.

Copy css of container class

Step 4. Insert the copied class code to this CSS code. In my case, I copied related related-products-wrapper product-section and the resulting CSS will look like this. So you only have to replace spaces ' ' with points '.'.

In my case the final CSS code looks like this:

.related.related-products-wrapper.product-section {
    display: none !important;
}

Step 5. Replace CSS code from above with the line {{YOUR CSS CODE HERE …


Continue reading

Exploiting wordpress plugins through admin options (No 3. — Easy Media Gallery stored XSS)

Posted on in Php • Tagged with Vulnerablity, Websecurity, Exploit, Stored, Php, Programming, Security, Xss, Wordpress, Easy-media-gallery

Preface

This post is about general security weaknesses in wordpress plugins, that allow malicious attackers to gain code execution access on the web server (which is quite often the user www-data). To outline the problem shortly: Often, wordpress plugins need a administration form to handle settings and options. These options are meant to be exclusively alterable by the admin of the wordpress site. But unfortunately, lots of wordpress plugins suffer from a very dangerous combination of CSRF and stored XSS vulnerabilities, that wrapped up in a social engineering approach, may break the site.

I have done some research in the past about such attacks. You can read about a stored xss in flash album gallery plugin as well as my findings about a similar flaw in the wp members plugin.

How does the attack vector look like?

First we need to understand how administration menus are created in wordpress, because these forms are the point where data flows into a application. You can learn more about the underlying concept on wordpress codex.

But the crucial point to understand is, that they all consist of forms, independently of the fact that you can pack your options under a predefined and already …


Continue reading

The dangers of a poorly planned project

Posted on in Philosophical • Tagged with Architecture, Captcha, Philosophical, Programming, Php, Uncategorized, Wordpress

Preface

Do you like to fiddle around with programming projects in your spare time? And do you sometimes start endeavors ambitiously, but you never actually finish them? Are you fucking tired of stacking unsuccessful projects, doing mediocre work while never being thoroughly satisfied in what you do?

If yes, you may be inclined to listen to some words I have to say over my most recent failed project:

The idea was to create my own little captcha plugin for wordpress. You can learn more about the idea by delving into some of my accompanying investigations in the following blog posts:

Honestly I started this project because back in the time I was using this plugin and I was unsatisfied because for these reason. So this context information hopefully points out some of my motivations to start the project in the first place.

The destiny of every badly planned project

As with many spontaneously started projects in came up with in the past, I first was convinced that it was an awesome idea and subsequently started programming head-first without having a clear path or …


Continue reading

Wordpress comment form with bootstrap v3.0.2

Posted on in Programming • Tagged with Bootstrap, Comment, Programming, Form, Wordpress

Hey everybody!

In this short article I will explain how I designed my wordpress theme's comment section with bootstrap 3.0.2. For the most recent changes, you find my theme on github. If you want to see a live demo, just inspect the comment form on this site. It uses exactly this bootstrap styled form I am discussing here.

In order to follow the content's of this blog post, you should have basic experience with PHP and HTML/CSS.

The Problem

The tricky question here is, whether we can use a action or filter hook to manipulate the comment form to our liking, or if we have to use and modify the original comment_form() function directly. Our goal is to decorate the form with some bootstrap widget classes and use the bootstrap grid layout. We want to obtain a horizontal form, such as demonstrated here. After a quick search, I found the function comment_form( $args, $post_id); in the wordpress codex. While it looks promising on the first glimpse, some hindrances become clear after further thinking through. The function's description says:

Most strings and form fields may be controlled through the $args array passed into the function, while you may …


Continue reading