So Google Blog Search it is then. When you use the search you have the option of subscribing to it through an RSS feed. I did a link:url search and just copied the resultant feed URL. Using this URL it is possible to fetch for instance 10 results and display them through parsing the atom feed.

The example script queries the Google search, requests an output format of atom and spits back out a listing of the other sites/blog posts that link to any given article.

My brother Mark has been doing a long term project based on Magento doing a lot of custom work on top of it, and has told me many points, both good and bad, about it.

According to Michael and Mark, speed of the application is a big hindrance. They also mention two points that could help make an ecommerce system so much easier to integrate into the "blogosphere" - publishing a blog feed of some of the user feedback about orders/products/etc and accept trackbacks from an external blog post reviewing the products.

As a php web developer, you should know that php is probably the language that has the biggest code repository. So no matter what module you want to include in your project there should be an open source solution. [...] Anyway, after many years as a web developer, I've compiled a list of php classes that can be easily integrated in any project and I am regularly use.

He has it broken up into the ten different categories including "sending emails", "user manipulation", "fetching RSS feeds" and "grabbing remote content". Some of his choices are things native to PHP (like the mail function) but others are external classes like the Magpie RSS package.

I was lucky enough to come across a blog post on Binary Moon that included a function that would allow you to break up the trackbacks and the comments in your template. [...] The problem with that is everytime Wordpress upgrades I overwrite functions.php and then comments no longer work.

To get around it, he used WordPress' own plugin system to make the separation via this simple plugin [zip]. It's a simple install, but a bit of functionality that can really help out if you get a lot of both trackbacks and comments.

The first advisory notes that:

While testing WordPress it was discovered that WordPress supports trackbacks in different charsets when PHP's mbstring extension is installed. This feature can be abused to bypass WordPress's SQL parameter escaping which leads to an SQL injection vulnerability that can result in a compromise of the admin account and end in a server compromise.

The second advisory talks about a problem with the WordPress admin interface that leaves it open to cross-site scripting issues.

The WordPress group has already released an updated version to resolve both of these issues. It is highly recommended that you update your installation immediately to prevent the exploits of either of these vulnerabilities.

It's been a long while since I worked on my PEAR package Services_Trackback, mainly because I was much too busy with work and university. Nevertheless I made up my mind about how to solve the problem of the so-called trackback spam.

Taking for granted, that the idea should work, there are 2 main questions to answer: "How can a sender of a trackback be identified?" and "If and how must the trackback standard be changed to support the identification?" For question #1 there is a simple answer (IMHO): PGP/GPG (further on referred to as GPG, for simplicity).

He suggests that since there is already a "trust relationship" inherent in the system, a PGP/GPG setup might be the most flexible, easy-to-use, constantly adapting method for preventing one of the banes of bloggers' existences...]]> Tue, 07 Feb 2006 06:53:10 -0600