If you take a step back and look at the successful premium WordPress themes available today, the first thing you’ll notice is that they offer much more than the standard blogging template that most free WordPress themes offer.  You’ll find magazine themes, news themes, video themes, social networking themes, and all sorts of other themes that are designed to function as content management systems.  

In looking at the future of WordPress, my hope is that the standard build of WordPress will continue to grow and many WordPress plugins will fill the gaps to make a fully functional content management system. 

Recently BloggingPro did a great job of showing the versatility of WordPress with their post showing 7 different ways to use WordPress.  In their post, they highlight these 7 ways you can use WordPress:

1. Blogging
2. Photoblog
3. Tumblelog
4. Magazine
5. Online Shop
6. Contact Manager and Customer Relations Management
7. Twitter Platform

Click over to see the examples of each!  

I personally use WordPress for most of my content sites, including several static sites, a tumblelog, and of course several blogs.   Its versatility is amazing.   In what unique ways have you used WordPress?

This guest post was written by Hayes Potter, who is a 13 year old programmer and web developer that gives webmasters tips on protecting their website from common hacking techniques. If you have webmaster or WordPress knowledge and are interested in writing a post for Hack WordPress, please contact us.

Today I want to ask all the web masters out there “Is your site hackable?”. I’m a test hacker, and I’ve seen some very popular sites get hacked in some of the simplest ways. Hacking wordpress is actually quite easy if you know what your doing. Two words my friend, “SQL Injections”, most people bypass this thought when they make a blog. Even know wordpress login forms prevent SQL Injections but what about form making plugins? Always check to see if your site is hackable through SQL Injections, for more information on simple hacking with SQL Injection visit my post about it by clicking here.

Also if you have a “robots.txt” file in your home directory, keep in mind that disallowing search engines doesn’t disallow people! Never leave directories with password’s in them, even if it is encrypted. If you have to password protect the director and/or password file. Also always keep your cgi-bin password protected because a lot of file management systems use it to keep passwords that you use. I know some cPanel file management systems do. So always check your site for rogue password files and SQL Injection prevention.

Editor’s Note: If you aren’t very familiar with some of this terminology, your best bet is to always keep your WordPress blogs upgraded to the latest version of WordPress.

Learning More About Javascript Injections

Ok, for those of you who don’t know what javascript injections are, they are ways to manipulate the page source of any web page. Some very simple javascript injections are to simply display an alert box with any text you want. To execute any form of javascript injection enter “javascript:” in the URL bar in your browser, then after the colon you can enter any javascript code in the same way you would in a normal web page. For example if you type in “javascript:var a = “hello world!”; alert(a)” in the URL bar an alert box would pop-up displaying the value of the variable “a”.

Now that you know the basics to javascript injections lets learn how to hack with them, as you should know javascript can manipulate anything on a web page. Here is a simple way to hack into a username on a website. Although the site you try to hack you have to be logged into that site. Once logged in type in the following javascript injection in the URL bar: “javascript:alert(document.cookie)”. This will display the cookie information that the site has on you, look for something like “user_id=xxx” or “PHPSESSID=xxx”. Typically you want to change this string’s value to 1, because the administrator is usually user_id number 1. To change it type in the following in the URL bar: “javascript:void(document.cookie user_id=1);alert(document.cookie);”. Now the user_id’s value should be 1, so refresh the page and you should be logged in as the administrator.

Please remember that you should never mess around with someones site. Always contact the administrator if you find a security hole in their site. Now remember how I said javascript can manipulate anything on a webpage? Well lets start manipulating stuff, for the basics we can just start with forms. Lets say a web page has a form to buy something using a debit card or something like that. Lets say the price for this item is fifty dollars, now lets manipulate this price. Lets say the submit button is a form itself, and it has no other values. In the URL bar type the following: “javascript:void(document.forms[0] = $1.00)”. Ultimately this will change price to one dollar, yes! The “[0]” represents the form number on the page, for example if there are 3 forms on a page. The first one would be labeled “0″ the second one “1″ and the third one “2″.

As I mentioned in a post written last month, I wanted to collect everyones WordPress resources so I could throw together a WordPress resources page. After all, WordPress is community-based and it seemed like a good way to support WordPress users. I am proud to say that I was able to combine my favorite WordPress sites with yours to create a WordPress resources page here at Hack WordPress, which I hope people will find useful.

If you are wondering why a couple sites are left off the list, it is probably for one of two reasons. The first is that I don’t know about it and the second is because I had to leave off (for the most part) any submitted blogs that occasionally write about WordPress (such as a category or whatever). This is because the collection of WordPress resources is already very large and these types of lists can get out of hand if you don’t draw the line somewhere.

As with my WordPress theme galleries and other lists I maintain here, my ultimate goal is to keep this page useful. As a result, I will make every attempt to keep this page updated over time. You can help by letting us know if you find any invalid links or you would like to see something added.

As for the list itself, here is what I’ve collected so far:

This weeks batch of WordPress talk includes a number of great posts from the around the blogosphere. It is good to see just how many people are writing about WordPress!

• Bootstrapper has listed their 100 most usable plugins. I’m a sucker for lists like this and hopefully you enjoy them also. It is always fun to see what other peoples favorites are.
• Last week I collected your input on what you’d like to see on WordPress 2.6. It looks like Dan at WPCandy has collected over 30 ideas he’d like to see with WordPress 2.6. Talk about thorough! This list has a lot of great ideas that hopefully the WordPress team sees.
• Noticed some of your favorite WordPress features missing? The WordPress Expert has listed the 5 features removed in WordPress 2.5. Hopefully we can get these back for WordPress 2.6 (if not before).
• ThemeLab has explained how to setup a privacy policy on your WordPress blog. This is crucial for people that monetize their blogs with Google AdSense.

This guest post was written by Herbert of Digital Media Break, where he writes about the latest digital technology. If you have WordPress knowledge and are interested in writing a post for Hack WordPress, please contact us.

I recently wrote my first guest post for Hack Wordpress, which didn’t really go as smoothly as planned. I made an honest mistake about copyrighted images, which lead me to think that the readers at Hack WordPress could use a good lesson from my blunder and not fail where I did.

I’m now ashamed to admit it - yep, I’ve used copyrighted images before. This is dangerous in the sense that your reputation can end up a bit banged up (hehe…), but can also result in legal action. Whoa, if you’re not careful what image you use, you can get sued? Yep. But in this day and age, there’s a ton of non-copyrighted images out there that are published under Creative Commons that can be used.

The Solutions

Not to worry - I’ve got a solution for you. My primary solution, YotoPhoto, is down at the moment (and has been for a while now) - so I ended up actually having to do some research to find some alternative resources.

I chose to bring up image search engines instead because I feel that as bloggers, none of us have enough time to browse around entire stock image sites. For those that have time, I personally find SXC.hu to be a great stock image site - best of all, it’s free! Also, some photos on Flickr published under the Creative Commons license can be used freely. If you’ve got any other free stock image sites to suggest, feel free to list them in a comment.

ReadWriteWeb’s got a great set of reviews on YotoPhoto and four other alternatives - Xcavator which searches iStockPhoto.com as well as six other photo providers, everystockphoto which searches through licensed Creative Commons images, PicFindr which runs through free-to-use stock images but also Dreamstime images if you prefer, and FotoSearch which examines pay images . Click here to read the article.

I personally also enjoy using the Photo Dropper Wordpress plugin, allowing you to search through Flickr Creative Commons licensed images right from your blog’s dashboard.

Conclusion

If you’re looking for stock/creative commons-licensed images to take your post content to the next level, then why not give these search engines a try? However, if you want to take advantage of image SEO, then I won’t guarantee these will make the cut for you.

The fourth month of 2008 is now complete and this blog is celebrating the completion of its seventh month of existence. This blog has continued to grow and exceed my expectations. It’s getting a good amount of traffic, and the subscriber count has broken 1450 subscribers (up 350 from last month). Thanks to everyone for supporting Hack WordPress through reading, comments, guest posts, and any inbound links you’ve sent mentioning the stuff you find here. It really is appreciated!

In case you’re new to Hack WordPress, I like to kick off each new month with a quick wrap up of the previous month covering the most popular posts for that month. Here are some of last month’s most popular posts:

1. How To: Setting Up Your WordPress Permalink Structure
2. How To: Switching Your Blog’s Permalink Structure
3. Premium WordPress Theme: Shifter theme
4. How To: Creating a Custom Page Template
5. Does WordPress Need Trackbacks Any More?

I would also like to take this opportunity to thank this month’s sponsors:

• PremiumPress - Magnus is a freelance web designer with a couple of great premium WordPress themes for sale. If you are interested in purchasing your next WordPress theme, I recommend you check him out!
• WP-Premiums - This site is dedicated solely to showcasing premium WordPress themes. If you are looking for inspiration for your next theme, this is the first place you should look.
• SkinPress - SkinPress provides a large variety of website templates, including over 60 free WordPress templates.
• WonderHowto - As you could probably guess from the domain name, WonderHowto uses video to explain how to do a variety of things.  One recent tutorial explains how to upgrade your WordPress blog.

If you have WordPress themes, WordPress plugins, or other WordPress related products and services that you’d like to promote, we still have one advertising spot available.   Advertising rates may be going up soon, but all existing advertisers are grandfathered in at their existing rate for a few months, so now is a good time to get that last spot!  Please check out our advertising page, then contact us if you are interested.  First contact that qualifies gets the spot!