If I buy a theme from a website, can I read the source code from it?
If I can, how can I protect the source code?
You can view any of the theme's source code either from the Appearance>Editor menu in the Admin control panel of Wordpress, or by downloading the theme to your local machine via FTP, and just opening up the files in a text editor.
Now your question about protecting the source code of the theme. Who are you trying to protect it from? The source code is only visible from the admin side of Wordpress (which you need a username/password to get into) or via an FTP client connecting to your web server (which also would need a login account to do).
If your concerned about random website visitor seeing the php code for the site's theme, you needn't worry. Random website visitor won't have access to the php files that control your site's theme.
//Edited to add more info//
If someone buys your theme, and downloads the .zip of it in order to upload it to their own web server, there's virtually nothing you can do to prevent someone from seeing the .php code that runs the theme.
There might be some methods of encrypting code, and then having some 3rd party service decrypt the code before the web server runs it, but you'll be looking at some huge performance losses with something like that.
You would be better off building a solid theme with features people want, and would be willing to pay for, while maintaining good communication with your customers, and pushing bug fixes/updates in a very timely manner.
Related
When I visit first time on WordPress website, its open another website automatically on first click anywhere, I don't know why its showing this strong text
Of course, it is better to have more details. But if this happened without any actions from your side, I would agree with Michela - it could be some malware on your website.
If you don't know what's going on under the hood, it is hard to cleanup the website completely.
As a first action, I can recommend you to check if your hosting provider have any backups for the website. It is possible that you will be able to restore to the point when the website was clean.
To clean the website by yourself, you can use various Malware Scanner plugins, like Wordfence or other specific. They can check for changes inside Wordpress core or standard repositories + they can check for strange, vulnerable and malicious parts of code. But be careful - if you have some custom code, it is better to check it with the code author.
If you'll be able to cleanup the website, I will highly recommend to go harden the website security. Some classic recommendations may be found in the official documentation - https://wordpress.org/support/article/hardening-wordpress/.
So I am trying to customize my already running website via custom code
for better user experience etc.
I see a lot of people developing for WordPress via the code editor
and I simply can't find any information on how I can access my website
via a code editor and customize it with customer HTML, CSS, and javascript (or react.js)
and of course, PHP if necessary.
Could anyone please help me where I can find that information?
I would be very grateful!
Not sure exactly what you are looking for, but I go to CPanel on my host and open File Manager. Scroll down to the public_html folder and the web site below that. Select a PHP file and click Edit. Beware, though, that updating the theme will wipe out any changes when taking this approach.
I'm researching to see if building a full website for a hotel be a good idea to do on WordPress.
I read that wordpress is okay but there are better options.
I want to design and code my own front end look to the website, but have the backend on a stable platform that can take all the reservations seamlessly.
My main concern is to be able to have a backup of all the files and easily switch to another server in case something goes wrong.
I can host the website on my server or host with the service you suggest that comes with the platform all together.
Any ideas and/or suggestions are greatly appreciated!
There are other options, no doubt, but yes, it can and is really possible to build it using WordPress as CMS.
If you want to design and code your own theme, you'll need to study the WordPress Theme Structure and, since you'll build it by yourself, you'll also need to develop plugins to create custom post types (aka CPT) to make the hotel management easier on the WP back-end.
About the theme structure, files, child themes and everything, I'd recommend you to read https://codex.wordpress.org/Theme_Development
About the plugins development: https://developer.wordpress.org/plugins/
About Custom Post Types: https://developer.wordpress.org/plugins/post-types/registering-custom-post-types/
About the backup: it's super easy and you can even make a full backup using free plugins via back-end. But if the site goes down you can easily do it via FTP downloading only wp-content folder and the database. It's really simple to migrate from one WordPress to another, or from host to host.
About the hosting, you'll need to use a server if you want to build this project. There's a difference between wordpress.com and wordpress.org
The .com is simpler, you are not able to build everything you want. The .org is the open source project, which you get the files, upload to your server and connect to database (MariaDB or MySQL). Most hosts offer automatic installation for WordPress and, from there, you can change whatever you want and need.
Note: many developers create CPTs INSIDE the theme's code, but this is not recommended by WP as you can see in We recommend that you put custom post types in a plugin rather than a theme. This ensures that user content remains portable even if they change their theme.
WP is not really hard, after 1 week studying you'll see yourself getting over most difficulties. Even if it takes longer, don't give up. There's a huge community to help you with WP questions.
Hope it helps and I'm sorry my bad writing, I'm not an english native speaker.
C ya
I am looking to restrict access to plugins for a specific user. I still want this user to be able to edit the theme, but it should not be able to modify plugins or update wordpress.
I did a little research and don't think that there's a simple way to allow this, but before I go along the path of finding a plugin to support this feature, I wanted to ask and make sure there wasn't the ability to do this out of the box.
WordPress will only grant permission to edit the theme in the WordPress Admin Panel. While plugins may be able to restrict editing plugins in the same manner, using this feature at all is highly dangerous as all changes are effective immediately on a live server and can be extremely destructive. If the user's account is compromised someone can directly inject malicious code into the files.
Any changes to theme code, or plugin code for that matter, should be done on local copies of files and then uploaded to the server.
In all of my WordPress installations, even my local development environments, I put the following line of code in my wp-config.php file:
define(‘DISALLOW_FILE_EDIT’, true)
This disables the editor in the WP Admin Panel.
I'm working on a Drupal 6 site, and one of the requirements is for the company to be able to upload videos and whitepapers. No problems there.
The tricky part of the requirement is that when a site visitor tries to download one of these files, they need to be prompted to fill out a basic information form with the usual stuff; name, email address, business sector etc. If they've already done this before to download another file, then the site needs to pick up the cookie etc attached to the user and register them as downloading another file.
I've done this before on another site and it was a simple enough bunch of PHP with a database attached. I know I could easily do the same thing here, but it just doesn't feel very 'Drupal' to me.
Any Drupal-esque recommendations for the best way to tackle this (modules, plugins etc)?
Thanks
Froogle
There are more sophisticated (and complicated) ways to accomplish it, but the following would meet your basic requirements:
Under Admin > Site configuration > File system, set the Download method to Private.
On the Admin > Site building > Modules page, enable the core Uploads module
On the appropriate content pages, under the File attachments option, upload the videos and whitepapers
Under Admin > Site configuration > Error reporting, set the Default 403 (access denied) page to user/register.