Now it’s time for the third theme battle. This is the first battle with two different designers going up against each other, with Brad (Tasty Showcase) and Anto (All Orange) volunteering designs. The voting process is pretty simple, just vote for which design you’d rather see as a WordPress theme. The design with the most votes will be coded into a WordPress theme by me.

Read on to vote. Come on out of the RSS reader for a second since you’ll need to be on the site to vote.
Read the rest of this entry »

Been a few weeks since the last round of WordPress resources, so hopefully there are some good ones in this bunch to make up for it.

Adding and using custom user profile fields – In another great tutorial from Justin Tadlock, he goes over how to use user profile fields in your theme, as well as how to make your own custom user profile fields such as a “Twitter” field. This can be useful on a multi-author blog to display author info on each of their respective posts.

Allow title overwrite on your WordPress blog – This WordPress recipe gives you the code to override the page title displayed on your blog. This can be especially useful for SEO, since you can use your regular title in your title tag, with a custom title on the actual page.

Best WordPress 404 Error Page Designs – This post at WPBeginner not only showcases a number of creative 404 page designs, it also goes over some best practices when it comes to error pages, and outlines the basics of making your own 404 template in your WordPress theme.

Free eBook: A Beginner’s Guide To WordPress Theme Development – This is a free eBook written by Alex Denning which outlines how to develop your own WordPress themes. In the book you go over the fundamentals of every WordPress theme, along with more information on the various template files included in a theme.

10 Ways to Customize and Personalize your WordPress Blog – This post over at Pro Blog Design outlines several ways to customize your WordPress blog. Tips include having a default Gravatar, as well as having a personalized login page. Each tip comes with example images and links to further resources.

That’s about it for this week. I regularly tweet links to WordPress resources like this on Twitter, among other things. Make sure you follow me if you don’t already.

There is a security exploit going around, and it could affect anyone not using the most up-to-date version of WordPress at the moment, which is WordPress 2.8.4. Lorelle has a good writeup on how old WordPress versions are under attack. To summarize, here’s what to look out for if you think your WordPress site may have been compromised.

• Unusual additions to your WordPress permalink structure. If you see anything like “eval” and/or “base64_decode” in your URLs, you’ve already been hit.
• This is a real kicker: a hidden admin account. That’s right, the exploit can let the attacker set up a hidden admin account that may not even be displayed in your user list.

This post offers some solutions if you have already been hacked. Remove the extra permalink code in Settings → Permalinks, remove the extra admin account, and (obviously) upgrade to the latest version of WordPress.

Has anyone been affected by this exploit? I’m happy to say out of all of my WordPress sites, I haven’t been hit, although I have still upgraded all of my WordPress installations to the latest version, including Theme Lab, and I highly recommend you do the same (as long as you backup first). Just another reason to keep your WordPress version up-to-date.