Take Secure Credit Card Payments on your WordPress Website

I’ve been able to take Credit Card/Visa payments via Paypal for a while now and more recently via Stripe in conjunction with my invoicing system Zoho but over the last week or so I’ve properly and fully implemented credit card payments on this WordPress based website. On my payment page below you’ll notice a full credit card payment system that processes your payment immediately on this site. The payment page also has a an SSL cert for increased security.


What you’ll need to achieve the same is:

* Stripe requires an SSL cert/Secure payment page to work.

So my Stripe Payment page takes credit card details, processes them on submission and returns the user to a thank you page. Both Gravity forms and Stripe can be configured to send an acknowledgement email/receipt to the user and site owner.

No more paying a pile of money to bank merchant or credit card processing companies!

Here’s some details on Stripe transaction fees.

I can help install the system on your own WordPress based website if you need. A standalone Payment Page/Virtual Terminal like mine here can also be installed on any non WordPress based site also..

Get in touch. Or alternatively ask a question in the comments below.


Gravity Forms + Stripe Curl_Exec Issue

At the time of writing this the Gravity Forms + Stripe WordPress extension/plugin for Gravity Forms is about the only extension that will add a proper credit card fieldset to an existing form created with the excellent Gravity Forms plugin. I had been taking credit card details via credit card fields setup manually in Gravity Forms then inputting the details in my Stripe account but that was hassle and allegedly a bit insecure!

Unfortunately, my VPS server wasn’t setup correctly to handle the Stripe calls and after having installed The Gravity Forms + Stripe plugin I noticed none of my forms were visible anymore. After a few emails back and forth with the plugin developer Naomi and turning off all my other plugins except Gravity Forms and Gravity Forms + Stripe, I got the following error message:

Warning: curl_exec() has been disabled for security reasons in
on line 176

To sort this out I had to edit my VPS php.ini file to remove the reference to “curl_exec” in the “disable_functions” line. To do this you’ll need access to change your server settings. Non-VPS or shared hosting customers can’t normally change server settings. You can ask your hosting company to do this for you but I’d say it’s unlikely they will. Hopefully your hosting setup is suitable though.

First off, find out where your php.ini file is or which one your server is using by viewing your PHP info. Upload a file called “phpinfo.php” with the following content only:

<!--?php phpinfo(); ?>

Next, open up an SSH session to your server and login as the root user using something like Putty. Add the following commands to edit your php.ini file. The example given relates to the location of php.ini on my server only:

pico -w /usr/local/lib/php.ini

Finally, run the following command to restart apache so the changes are active:

/etc/init.d/httpd restart

My Gravity Forms + Stripe setup now works perfectly! Here’s my payment form:



How to Colour Menu Items Differently in WordPress

There might come a situation where you want to have one or two menu items/pages a different colour to the rest as I’ve done with my “Blog” link on this site. You might want to highlight or draw attention to one particular section or even just have every item a different colour for variety!

Here’s a quick how to on how to do it.

View your website in Chrome for example and right click on the menu item in question and choose “Inspect Element”. We’re looking for the “menu item id” so that’s “menu-item-1975” for my Contact Me menu item.

Menu Item Colour

You now need to add some new CSS to your theme’s stylesheet “style.css”. Add this line for a red highlight:

.menu-item-1975 a {color: #C30;}

or, to give a new background colour:

.menu-item-1975 a {background-color: #C30;}


Plugin and Theme Fault Finding in WordPress

Just a quick tip or 2 to help troubleshoot faulty WordPress plugins and themes. If you have a major WordPress issue it’s usually always the fault of rogue plugins or themes and if you contact your hosting company or Google around for advice you’ll see a lot of people say deactivate and reactivate each plugin in turn to find the culprit. With around 50 plugins in my own site, that would take forever.

Tip 1 (Plugins):

If you have access to FTP or a hosting File Manager for your site go into the remote “wp-content” folder and change the name of the “Plugins” folder to “Plugins2” or similar. This will quickly deactivate ALL plugins and tell you whether your issue is with plugins at all or not. Reload the site with the plugins folder renamed and see if the issue persists. If it does then it’s not a plugin issue so go back and rename the plugins folder properly and the site will be as was.

If the issue is fixed then one of your plugins is acting up. Rather than go through them one by one, take groups of about 3 or 4 plugins and deactivate/reactivate them.

Tip 2 (Themes):

If the above doesn’t fix your issue then the problem might be with your theme. Try switching theme’s temporarily and switch to a well known and stable theme like WordPress’s own “Twenty Twelve”. The first thing I always do when it’s obvious the theme is at fault is go into the theme’s “Functions.php” file and make sure there’s no white space at the start or end of the files php code. After that I might go and see if there’s an updated version of the theme available.

Tip 3 (Error Reporting & Debugging):

If nothing else works you can try a bit of debugging by turning on WordPress’s own error reporting tool. You add the following line in the “wp-config.php” file in WordPress’s root directory:

define(‘WP_DEBUG’, true);

You can also enable php error reporting in your site’s root “.htaccess” file with the below code which puts the errors in a log file on your site rather than show them to the public:

php_flag log_errors on
php_value error_log /home/path/public_html/www.YourWebAddress.ie/PHP_errors.log


Gravity Forms WordPress Newsletter Extension Review

My favourite WordPress plugin development company Tribulant have recently added a number of extensions for their popular commercial plugins to extend their functionality and integrate with other well known WordPress plugins. One that caught my eye and one I’ve been using for a while now is the Gravity Forms extension for their excellent Newsletter plugin.

Basically it adds new options to the best WordPress Forms plugin, “Gravity Forms“, that allow you to add a Newsletter Subscription box to any form you create on your site. And I’ve added it to all of mine!

Here’s some features:

  • Simple activation through the existing Newsletter Configuration screen,
  • Seamless integration with the Gravity Form builder,
  • Adds a “Newsletters” field under “Advanced Fields” in the Gravity Form builder (see below),
  • Auto check option,
  • Choose Mailing List option,
  • Routing/Custom Field options to grab the Name and Email fields from the Gravity Form.

Here’s a screenshot of the settings screen:

Gravity Forms Extension

Check out my Contact page to see it in action.

Get the extension from Tribulant.com now.


Can’t Edit Posts in WordPress

A friend was asking advice on an issue he was having with his WordPress Blog whereby since upgrading to WordPress 3.5.1, he couldn’t edit any posts. He would try to edit the text, then save but none of the changes were saved. The only strange thing he’d done was to add a new user and delete the old one. Posts were showing as un-assigned to any user and refused to allow themselves to be re-assigned.

After a bit of messing around with the usual fixes such as de-activating plugins, re-uploading WordPress files manually etc..I decided to do a Check and Repair on the database in Cpanel and after a couple of goes, all was working again.

In Cpanel click on the “MySQL Databases” icon and then Check & Repair as below for the database in question:

Corrupt Database

Different Sidebar Content on Different Pages in WordPress

Ok, this is an old one and easy to do these days with free WordPress plugins but here’s an alternative method of having different sidebar content on different pages in WordPress. It involves a little bit of adjusting of the default sidebar.php template file. I’m using the sidebar template from the default Twenty Twelve theme here.

Here’s the edited code:

<?php if ( is_active_sidebar( 'sidebar-1' ) ) : ?>
<div id="secondary" class="widget-area" role="complementary">
<?php if ( is_page('home') ) { echo "Home Page sidebar content'";
} elseif ( is_page('about') ) { echo "About Page sidebar content'";
} elseif ( is_page(contact') ) { echo "Contact Page sidebar content'";
} else { dynamic_sidebar( 'sidebar-1' );
} ?>
</div><!-- #secondary -->
<?php endif; ?>

Basically, what the above code does is tells WordPress via some if/else PHP statements to show different content depending on which page you’re on and if you are not on any of the pages mentioned, just show the default sidebar. The “if is page” bit can be the Page ID, Slug or Full name. I’ve used slugs in the example above. You need to get the spellings exactly right.


How to Remove ‘Eval Base 64’ Virus Code From Your WordPress Site

I use WordPress a lot and any time mine or a client’s WordPress site gets hacked, it seems to be the same way, ie multiple blocks of code get injected into all the site’s files, particularly files in the ‘wp-content’ folder, so your theme and plugin files. The code always seems to start with “eval(base64_decode” followed by a long string of random looking characters. I won’t pretend to know how the code works, what it does or how it gets in in the first place but here’s how to get rid of it.


First off I would do a manual upgrade of WordPress core as opposed to using the auto update function in WordPress admin which probably only updates certain files. A manual upgrade involves deleting all wordpress files and folders off the server via ftp EXCEPT the following ones:

  • wp-content
  • .htaccess
  • wp-config.php

And any other files you’ve customised or added, eg – Google Webmaster files, etc..

Then upload a fresh set of files from the latest WordPress version taking care not to upload any of the skipped files above or you’ll overwrite important settings and content.

Visit http://www.your-website.com/wp-admin and you’ll be prompted to upgrade the WordPress database so do that.

Next, download the above files and folders, wp-content, .htaccess & wp-config.php. You may need to turn off your anti-virus program as I did or it won’t let you download the files. It’s safe enough to do temporarily. Look in one or two of the downloaded php files for virus code similar to below:

Virus Code

Select & copy one instance of the virus code and use a program capable of doing Search and Replace in multiple files. I use Dreamweaver as below which lets me search for the same code in all files within a certain folder and replace it with blank space, which is the same as just deleting it. So I pick the root folder that contains all my website/wordpress files:


When Dreamweaver’s removed all the dodgy code from the site files, same them and re-upload.

Secure Your WordPress Site:

Now that you’ve cleaned out your viruses, make sure they don’t get back in by doing the following:

  • Change your Hosting, FTP, WordPress Admin & Database passwords.
  • Pick a long password (12 characters) and include upper & lower case, numbers and even symbols.
  • Add some security plugins to WordPress, WP Security Scan & SI Captcha Anti-Spam are 2 I use.

Stay safe.


Bulk Manage WordPress Sites From 1 Location

Just came across the excellent FREE software “InfiniteWP” via a Yoast post on Facebook. I’ve got WordPress Service Contracts setup with some web design clients of mine whereby for a small yearly fee I keep their core WordPress systems and installed plugins up to date. This helps keep their sites secure, fast and modern. Previously, I would have had a plugin on their sites that notified me via email whenever there was a new version of WordPress or any of the plugins installed on a site and I’d have to go login and upgrade or sometimes manually upgrade via FTP. With 24 sites (currently) to manage that turns into a fair bit of work.

Installing InfiniteWP (as a PHP application on my own local server) and adding my clients sites to it now enables me to bulk update plugins, themes and WordPress core from one location right on my own PC in pretty much 1 click! The system requires the InfiniteWP Client plugin to be installed on all sites too which is a bit of hassle but only needs to be done once to create the connection.

The software also handles Backups, Groups and other functionality via paid add-ons..