Dougal Campbell's geek ramblings

WordPress, web development, and world domination.

Blog Archives

Good Breakdown of Recent WordPress Vulnerability

The Sucuri Blog has a good dissection of the recent critical WordPress REST API vulnerability. I won’t rehash the details here, but I did want to point out that this is why developers should remember to follow these two rules of defensive programming:

  1. Sanitize inputs as early as possible
  2. Sanitize outputs as late as possible

In this case, there was a failure to follow the first rule. There are a couple of different places where this could have been handled better.

Continue reading

Project time

I’ve been tinkering a little bit with my electronics stuff again. Now I’m trying to decide on a project to do, and which hardware platform to use… I have a ton of different microcontrollers — Digispark (ATtiny85), Digispark Pro (ATtiny167), Digistump Oaks (ESP8266, wifi), Adafruit Trinket Pro (ATmega328), PunchThrough Bean (BLE), Particle Core (wifi) / Photon (wifi) / Electron (3G cell), NodeUSB (ESP8266, wifi), ESP201 wifi ┬ámodules, some Arduino Pro Mini clones, a Tessel2 (wifi, … Continue reading

A Rant

Once upon a time, before the Facebooks and Twitters and Reddits and MySpaces, there was Usenet. And on Usenet, flaming and trolling was an art form. It wasn’t just a bunch of angry, shocking, monkeys on keyboards. Trolls were subtle. Flames were eloquent and surgically precise. Then in the early 90s, they opened the internet up to the general public, and it became Amateur Hour. Newcomers, with no knowledge of the existing culture, nor the … Continue reading

DIY

We moved into our new house at the end of December. But we’re still doing fix-ups and clean-up at the old house to get it ready for market. One thing our realtor recommended was to remove the popcorn ceiling in the kitchen and master bath.  My wife, Susan, did all the popcorn ceiling removal, I sanded them, and we shared the painting work.  So, we started with something like this: ? Then got to this: … Continue reading

Yarrr! Talk Like a Pirate Day Is Almost Upon Us!

Once again, Talk Like a Pirate Day is almost here. Yes, this Friday, September 19 is Talk Like A Pirate Day, and all good citizens of the Interwebs are expected to participate! To make it easy for all of my WordPress friends, I created the Text Filter Suite plugin, which will automagically piratify your web site for TLaPD. Just go to ‘Add New Plugin’ in your Dashboard, and search for ‘talk like a pirate’. And … Continue reading