Custom user data fields with WordPress Membership plugin

Here’s a quick overview of integrating custom user fields with Membership plugin (v2.0.7 at the time of writing).

Basically, we’ll have to:

  • Create some fields to be added after Membership’s own registration form
  • Create a function to validate and save the new registration form fields on submission
  • Copy-paste the whole user account edit form from Membership plugin and modify it to suit our needs
  • Create a function to override Membership’s own account edit form

Bulletproof* image upload security guide for developers

In the series of tubes there’s a ton of tutorials and guides on image upload security, but apparently still not enough –  I stumbled upon yet another PHP application image upload vulnerability. These are ridiculously easy to spot, take about 10 minutes to exploit and if the attackers succeed, odds are they will be able to upload a shell, execute arbitrary code on your server and do pretty much whatever they want. So if you’re a developer (especially PHP!) and don’t know how exactly image uploads should be implemented, please please please take the time to read and understand.

Continue reading