Monthly Archives: March 2016

About Insanely Stupid Code

When looking into a JS-problem on an Autoptimized site, it turned out missing semi-colons messed things up. Missing semi-colons make JS un-minifyable, as eloquently explained by master-minifier and JS-guru Douglas Crockford in this Bootstrap issue from back in the day;

That is insanely stupid code. I am not going to dumb down JSMin for this case.

Forcing Featured Video Plus to display Lyte YouTubes

A couple of days ago a WP YouTube Lyte user asked me if Featured Video Plus and WP YouTube Lyte were compatible. It took me a day to find the answer (I first said “no”), but Featured Video Plus actually has a filter (get_the_post_video_filter) that allows one to override the code used to display the featured video. And after a bit of trial and error this is what I came up with;

function lyte_featured_video($in) {
	$post_id = ( null === $post_id ) ? get_the_ID() : $post_id;
	$meta = get_post_meta( $post_id, '_fvp_video', true );
  	if (($meta["provider"]==="youtube") && (function_exists('lyte_parse'))) {
		return lyte_parse($meta["full"]);
 	return $in;

Some extra checks ($post_id should not be empty, $meta should not be empty) would make this more reliable, but that’s something you should be able to add, no?

Music from Our Tube: Moses Boyd doing the Rye Lane Shuffle

In May last year I saw/ heard this Four Tet DJ Set during which a crazy jazz tune on white-label vinyl heated things up (with the needle jumping due to dancing people bumping into the decks). That crazy tune was by Moses Boyd, a young British drummer and his band, which now seems to have finally been released and was just “premiered” by Gilles Peterson;

Moses Boyd – Rye Lane Shuffle (GPWW Premiere)

Watch this video on YouTube.

Jazz, my friends, is very much alive!

Warning WordPress plugin users about their old PHP

After my initial disbelief about the amount of WordPress installations still on the slow and vulnerable PHP 5.2.17 (or older), I decided to warn users of my plugin with an non-dismissable warning on the plugin’s settings-page (and only there, so it’s not a default WordPress admin notice) cluttering the entire backend):

php52_warning_aoThis is going in AO 2.0.2 (out later today) and will in the future also be added to WP YouTube Lyte and WP DoNotTrack (both of which have a smaller reach).

If you’re a plugin or theme developer and want to warn your users as well (without blocking them), here’s the code I used (do change the translation-domain from “autoptimize” into one that is applicable to your plugin):

<?php if (version_compare(PHP_VERSION, '5.3.0') < 0) { ?>
    <div class="notice-error notice">
        <?php _e('<strong>You are using a very old version of PHP</strong> (5.2.x or older) which has <a href="" target="_blank"> serious security and performance issues</a>. Please ask your hoster to provide you with an upgrade path to 5.6 or 7.0','autoptimize'); ?>
<?php } ?>

Music from Our Tube: Carlos Nino & Miguel Atwood-Ferguson Tribute to J Dilla

In the latest Ghostdogradio radioshow there was one particular track which I immediately fell in love with; The Life Force Trio’s Alice, assumed to be a tribute to Alice Coltrane by The Life Force Trio (Carlos Niño & Dexter Story).

“Alice!” is not on YouTube, but Carlos Niño also has some great tracks with Miguel Atwood-Ferguson, including this pretty great instrumental version of “Find a Way” they recorded as a tribute to J Dilla (who produced the original “Find a Way” for A Tribe called Quest);

Find A Way – Carlos Nino & Miguel Atwood-Ferguson – Tribute To J Dilla

Watch this video on YouTube.

Check out Carlos Niño’s monthly radio show on if you’re into (t)his stuff!

Why would you still be on PHP 5.2?

For Autoptimize 2.0.1 I declared a pretty complex regex to extract font-face’s from CSS using the nowdoc-syntax which is supported from PHP 5.3 onwards. Taking into account that the first PHP 5.2 release was over 9 years ago and support ended with the release of 5.2.17, over 5 years ago I assumed using a nowdoc would not be a problem for anyone. How naive I was; several people contacted me with this ugly error-message PHP 5.2 throws;

Parse error: syntax error, unexpected T_SL in /wp-content/plugins/autoptimize/classes/autoptimizeStyles.php on line 396

There is a workaround and even a more fundamental fix for that already, but who would still want to run PHP 5.2, which has this huge list of security issues? Moreover PHP 5.5 and 5.6 seem approximately twice as fast as 5.2 according to these test results and PHP 7.0 is even over three times as fast as 5.2! And still almost 9% of all WordPress sites are running on that old version (so I could have known this was coming really, bugger).

I you are one of those, do urge your hosting company to urgently provide you with an upgrade path to PHP 5.6 (or even 7.0)!

Clam AV flagging CSS as Html.Exploit.CVE_2016_0108

So I had a bit of a scare yesterday, when a couple of users posted on the Autoptimize support forum that their hoster warned them about malware in autoptimized CSS-file. ClamAV flagged those files as being infected with Html.Exploit.CVE_2016_0108, which turned out to be a MS IE 11 specific memory corruption issue.

As Autoptimize only aggregates CSS and never adds any in and of it’s own and I was not too worried, but set out to investigate anyway (I’m curious like that). I soon found similar reports of users that were not on Autoptimize and some people kindly copy/pasted their “infected” CSS on pastebin. A quick inspection showed no signs of abnormal things going on and I submitted the files as false positives on Clam AV’s site. This evening I got a (vague) automated mail from ClamAV confirming that my

submissions have been processed and published

I just reached out to a user on AskUbuntu who had the same issue to test if his CSS was now not flagged any more, upon which he replied;

I can confirm that the CSS files no longer trigger a false positive!

So all’s well that ends well. I’m convinced ClamAV is doing a great job, but boy do I hate false positives!