I get fewer "you have commission" emails than before, Thomas, yay!

That is exactly what it is Gordi good spot.

Constant emails to up-sell are a huge red flag. What are they offering before you buy anything? I don't mean tidbits that could be found anywhere, I mean real content that's valuable? I have no idea who they are, but just from what you said here, I'd stay right away from them.

LOL - you're not serious. Kyle would never sign up to something like that. He wouldn't need to. You're here - why are you wasting time on things like that.? If things are not working out as you hoped - why not ask for people's advice here. You've been here long enough to know that.

:)Beverley

Actually Kyle does and writes his comments on his scam reports on his current website!

Or check on I'veTriedThat* It's a WA based blog on things that were tried for the scam vs not reality. Good check. I hope you get your refund :)

Can you elaborate? Is it in draft only... no that won't be it!

Do you have something like a background in the forefront? It's hard to figure out what's going on without more information!

kal

What I normally do is work backwards I'm afraid, to see what I did. maybe it's one of your media files that is too large or something.

Kal

PS. I have to get going to work soon, I'll check back here for awhile :) In the meantime maybe someone else can help

I'm waiting for more info!....???

Kal

What is the site to which you refer? I can take a look for you. It is probably that one or more of your pictures are too large for the space you have them going in or something like that. Working backwards through what you did like Kal suggested will often work for this type of error.

Did you get that fixed up?

Kal

I just got home I am not going to be able to sit and so this until the AM, I lwill et you know.
Do you have the name of the photo editor?

I will do as you say 1st and delete pix 1 at a time and see what happens

Thank you so much

Hey Kymee,

I recommend GIMP as a great image editing alternative to high priced software such as Photoshop, you can download it for free from http://www.gimp.org I also recommend wandering over to Lynda http://www.lynda.com and signing up for their free 7-day trial so you can do their 4 hour GIMP course which will give you a fantastic grounding in using GIMP to edit and manipulate your images.

Rich. x

Rich gave you some good info for editing.

If you are looking to edit and fix red eye etc, I'm not sure which editors I've used for that.

What do you need to do with your photos?

Good luck with the trouble shooting and let us know what happened

Kal

Kyle, Thank you for that. You will note that I do not feel that Kal is being fair and in fact he wanted to try to demonstrate superior knowledge. He did not try to find out what the issue was and I must say your Support desk guy understood immediately, and told me that WA gives full DB access to Wordpress applications. He did not know how to do it as he was not a programmer and said so.

In fact I was one of the most respected IT audit managers in the UK for over 30 years and advised companies such as the National Westminster Bank, Royal and Sun Alliance, Bowaters, Standard Telephone and Cables etc. etc on how to secure their systems and have even recovered lost security keys for banks ATM systems (supposedly impossible).

The only people who gave the correct answer was the guy on WA support and that helped me eliminate the false answers. The only valid point Kal makes is that one needs to define the question correctly, however in order to be able to do this one needs to know what it is you do not know.

My intention here as you well know was to try to help those that do not know. The problem with unlimited DB access is that those who do not know what they do not know (the majority unfortunately) can and do cause a lot of grief by damaging the servers.

In this case my vast IT experience does not help me discover the things that I know I do not know and it was quite unnecessary for Kal to be so rude about the whole thing. I merely treated him like he was treating me, and as you can see he does not like it. Neither does any reasonable person.

The issue is closed to me and anyone that wants a database in Wordpress can set it up as shown here on WA hosting. There are certain advantages to the control panel sites and that is they provide better security and more restriction over the users, with limited knowledge, and who are not experienced IT professionals. That is why they are called "control" panels.

I was trying not to bring the attention of those who might cause damage to the fact that a correctly informed person can create as many databases as they wish by hacking (used loosely here) the back door and programming them for themselves. Most hosts do not appreciate people who are not under their control working this close to the systems core, hence the "control" panel.

By the way I do appreciate the fact that you are thinking of adding this back again to help the more advanced users. It certainly would have made tracing my issue easier if I could have edited the files on the server directly. This is the other main reason for the control panel is that it grants the informed user controlled access to the servers utilities.

It is interesting that Kal still wants to be superior to all of the people and other IT experts by denigrating Wordpress and open sourcing in general, this despite his acknowledging that it is fast becoming the industry standard, and his finally admitting that yes what I needed to do was both possible and doable on WA hosting. He still had to denigrate the method. This is a man who has severe difficulty in doing what I did and saying I do not know, and that is the danger in an Open Forum such as this.

Those with the loudest voices can and do abuse other well intentioned members. I was not singling out any specific people, but Kal seems to have recognised himself in what I said makes you think does it not? He in fact was not a responder and I thank him for that.

Denigrating Wordpress now?

Case in point!

my.wealthyaffiliate.com/patricia-r/blog/warning


Kal
BTW. I'm a real standup guy and will put others before me 24/7. I love helping "good" folks and have no time for time wasters and I am here to serve and put myself out there.
My favorite saying is "what goes around comes around" and the sayin' I like the least is... "it is what it is"

Kal, I think you were totally misunderstanding my intent and problem here. Wordpress is as you well know an open source project., as indeed was the Internet itself. Like Wikipedia this makes them vulnerable to those with malicious intent.

Providing a low cost or free platform is fraught with this type of issue. Whenever a system is open the risk is that a small percentage of people have ill intent and will abuse the system. On the plus side there are many people with good intent' and they willingly provide good information and products for others to use. The open part is the risk and advantage as it will encourage helpful people like Kal to help people.

If as you say you are a person who likes to help and who is concerned about potential security issues in Wordpress then in fact we are two of a kind and I fail to see what your issue was. That said the fact remains that Wordpress has become the de facto standard and many are using it. I agree that it is flawed and at the same time quite brilliant. Most good things are like that, being aware of the deficiencies and utilising them effectively is our right.

That said have you not noticed that it is the good things that are attacked. You are nobody until you receive constant criticism. It is a failing of humankind that we tend to attack and try to bring our best down to our level. It is this that leads to gang rape and other suuch violent acts. The victim nearly always had or has something that the attackers wants and may never have without their bullying acts. In the case of Wordpress it is the fact that they are the dominant software that has made them the target of the attackers. They will strengthen security and get past this issue. The advice you have given on this is good and I agree with you on that.

This particular issue does not stop Wordpress being the most effective platform for most IM'ers just be aware that you need to protect the admin access with a strong password, and better yet set up another administrator with a strong password, make sure that it works and then delete the original admin account.

Actually Stephen,

I like breaking things to see how they work for fun.

I think I will use a login such as "exampleloginadmin" and use 1234 as the password and see what happens?

Being that the bots have to hack the user login to access the site.

Kal
PS. Another way to limit hacks is to limit the amount of login attempts one can do and therefore the bots usually keep themselves locked out of login attempts

I would bet that it may work if you try it on enough sites, most people use something very easy for them to remember and that is related to them in some way.

Unfortunately these days most hackers (bad sense) will have most of their personal profile from going through social media etc. This makes breaking the easy to remember passwords too easy.

Intial best practice was to use words they would never guess and then add numbers (most put 01 02 03 etc. on the end so they were too easy too. Now we add in things like %$#@ to make it more difficult, except these are hard to remember so people now write down their passwords again. Kind of vicious circle!

You and I have more in common than either of us would have at first imagined. I did not choose to have to hack that ATM password, but given access to the technical manual that is exactly what I did and it worked like a charm.

Racal the maker of the Host Security Module could not believe I had done it when told. Of course the loophole I found had been left by them on purpose so they could charge clients a fortune to do this when someone left the company in a rage and destroyed their part of the password to cripple the bank.

If you leave a door open a crack an uninvited guest will use it! LOL

I think I might have a domain that would be perfect for that and see where the crack will lead.
I also think it would be great to put a timer on that site too. Too see how far it goes. Of course I have to keep this incognito or my hosting company may not like that! hehe!

Kal

Stephen you need to let it go.
Kal just stick with Hostgator.

Thanks Welshy! I agree

That's cool!

I have "full access" to my database in the backend where I can create my db from scratch thru my command line or shell in Cpanel.

Whereas you have "restricted access" NOT "full access" to the database in WP where you are limited to accessing permissions etc. But you can have certain read/write/user privileges.

You are talking about access in Wordpress only through the dashboard or FTP and you can access that on ANY hosting period.

But what are you going to do when you lose your user name or password?

"Full access" the way you describe it, is not going to help you, or get you anywhere! Period!

The bottom line is your understanding of "full access" and mine are totally different.

Kal

PS. I know we're flogging a dead horse here,
but, it was the way you were asking the question in live chat that sort of set me off following the harsh comments you made about members that know about this particular topic that may have been trying to help but not understanding your question properly and therefore I see the confusion and dilemma on your part and also theirs!

I can see both sides here!

Kal asked for this WA gives full database access permissions to Wordpress so to set up a database you do not need to access a control panel for the server. The following information shows how this can be done in the applications (widget or plugin).

Another cause of this issue is that the 'database user' that WPOnlineStore creates does not have full access/permissions to the database. Most, but not all, hosting companies allow full access by default, but if the store does not have full access, it cannot write or create accounts.

To see what user name WPOnlineStore is using, look at the bottom of
/wp-online-store/admin/includes/configure.php
and you will see something like this:

define('DB_SERVER', 'localhost');
define('DB_SERVER_USERNAME', 'databaseusername');
define('DB_SERVER_PASSWORD', 'dbpassword');
define('DB_DATABASE', 'databasename');

Use 'MySQLDatabases' in your websites control panel (or equivalent) to verify/change the database user to have full access permissions. This is not necessary on WA hosting as it is granted to all Wordpress applications per the support team.

As you can all now see any plug-in can create its own database on the localhost. This is what the WP Store does and it works. You do not need a control panel!

Kal and others like him who did not know what they did not know misled me and are misleading many others on the live chat.

I am a Graduate in IT and a former Database administrator, can program in machine code and many other languages.I really wish that arrogant people would not insist on talking about what they do not know and with such an attitude to boot.

I am sorry that a post that was designed to help people degenerated to this extent, but I can not let this go as Kal is wrong and only sees what he wishes to!

Please only use this coding if you know what you are doing, there are potential issues if databases are set up incorrectly. Thank you.

That's strange! Your explanation seems pretty basic to me and I don't understand why you're upset at people for giving you an answer when you were not clear on your question in the first place!

If you already had db experience then asking would have been okay just for some direction and with that you can do some more perusal and complete your fact finding from there without judging others and help them with your discovery and findings.

But you chose to use this forum for disregard towards others that may have misunderstood your question and said no to your question because of no plesk or cpanel which you mentioned earlier in your original post, which is probably the case.

I to am an IT graduate way back just before the hi tech crunch came and I ran my own business in the Computer tech field.

I build out websites, have approximately 30 of my own and another too many domain names to mention.

I built a Ruby on Rails framework until I got bored because it was too easy and not challenging, databases I only play around with when I feel like it and I also feel "Wordpress has waaaay too many flaws in it to count. But it is the de facto standard and when you mention that the code was corrupt in your plugin, that should be a "red flag" to begin with.

I could keep going on here, but I am not going to try to defend my stance or position when this is not being productive or positive in nature.

I wish you all the best and please refrain from being so harsh towards others, it is not necessary.

kal

There's 2 forms of hosting here at WA, one which is the subdomain type and the other pointing dns version where you supply your own domain.

Withhout checking it out (I use hostgator reseller for now), I'm assuming it would be the one where you point the dns and have access to a dashboard in Wordpress.

Or is it both?

Kal

I am using the dns version so would not know about the other, however since they both accept Worpress sites and are on the same server (I assume) then it would be possible to have a database in both or either. You do not however have a control panel as you would on a c panel or plesk powered server, like the one at Hostgator.

A database would be from the original database installs on both.

But I'm asking about the additional database as you were wanting to add another.

If you don't have a control panel, then to add another database won't work (adding a "user" is different, that you can do that in the Wordpress dashboard)

So the final answer is you can add another database going into the control panel where you provide your own domain.
Whereas the other (subdomain) you do not have a control panel and therefore cannot add another database?

I just wanted to point out the difference and what you can do and cannot do between the two.

That's my understanding and anybody that's reads this will now know.

Which also probably means no domain mapping on the subdomain sites.

Kal

No you can set up a database as Wordpress has full database access. Alll you need to do is define the database in a admin.php file and there you have it. This was my point. If people do not know then do not try to make people think you do. It is worse, if you think you know better but in fact do not. The point is people need to be aware that they may have limited knowledge and may be misguiding.

In fact I see no reason why you can not add one on the sub-domain and in fact I have before they took the control panel away for those sites. That was the only reason I was not stronger in my original answer. The issue is not if you can, it is possible! The issue is are you safe to do it given that was the reason the control panel was removed (probably) as people can make a mess of the server(s) if they set up loads of badly thought out databases.

This was done in all probability to prevent those with little knowledge causing damage. If you are capable of programming then you will not be stopped by the lack of a control panel. I was making the point so that those with the requisite knowledge on defining databases would know that they can do it on WA hosting, thus saving the cost of additional hosting.

I have not disclosed the coding needed as those responding to my queries have illustrated to me at least exactly why the control panel is no longer available. This type of person can and will cause damage on the servers that would affect the income of many others. The issue is not what you know and don`t know that causes damage, but what you don`t know you don`t know. The latter is always the problem.

I hope that everyone now knows and will find the correct way to do things before they try. I do not yet consider myself to be expert enough to teach on this topic without running the type of issues I have mentioned. I did however find the answer to my problem, and in doing so discovered that it is perfectly possible to add a new database as that is exactly what WP On-line Store has done, and it works! It is on WA hosting owned domain. I have another site with a database on a sub-domain.

The only reason why you need a domain is in fact to allow you to register for an Adsense or Adwords account. Google in their wisdom wil not allow a subdomain site to register. Probably got more to do with the way they do accounting than the fact it is a subdomain. Ranking works fine on subdomains eg. Squidoo.

I hope you can now understand the points I am trying to make and that you could set up databases on WA if you need to.

admin.php is just telling Wordpress where the database is. It doesn't mean that the is database there. You have to create the database. That would mean you need a database engine on the other end

When you install Wordpress, you will have a database setup with the original installation when using a script or Fantastico or whatever.

Outside of that, you would need a control panel on a host to setup another one in mysql.

So you had mentioned about "full database access." The context in which you mentioned is still vague to me.



Kal

You have just illustrated my ponit precisely you don't know that you don't know!

Full database access means that an application is permitted to set up its own databases in this case that right is given to Wordpress which means that in fact you can define and set up databases and the required fields within the applications own applicationname admin.php file! OK

First of alI, I did not answer your question first of all or give you advice on "WA Hosting!"

Secondly, I am trying to find out where you are coming from?

Thirdly, then what did you learn so that you can share this with others that may have the same question about WA hosting.

Again, you are missing my point!

Kal

What question?

Regarding the database query

Kal

I would have to give that some thought as the plug-in handled that once I found the corrupted php file and replaced it.

I apologise, my comment was intended to make the point that it's not possible for a WA member to create a new user or database for another application that I'm aware of, but most members will never need too and maybe a support ticket request would get one created..

I know you can use a plugin like Portable phpmyadmin to access the wordpress database via your blog dashboard.

With that being said if someone asks me in the chat, how do we access phpmyadmin, I'll be telling them they can't access it, but if they want to use a third party plugin at their own risk use "Portable phpmyadmin".

Actually I think it is possible as the WP On-line store did just that from within one of the php files. Whilst trying to solve my issues with the set up I did come across the file. The problem is I was not at that time thinking that was the problem and did not keep a note of which file it was.

It was only after referring back to WP On-line store that I discovered that it needed full access to the database. WA hosting does in fact provide this (Technical Support confirmed this). Therefore your somewhat facetious request was in fact not as impossible as you thought. It is possible and the authority required is granted to Wordpress. To do this merely requires you to have sufficient knowledge of the database (SQL) and the ability to program or at least tweak without wrecking the system and hosting the php files that configure your applications to run.

I am not sure if it would be wise to give a tutorial even if I had all the requisite knowledge (i do!) given that this is in fact a security loophole and if done incorrectly people could create havoc on the server. That said it is necessary to allow Wordpress access to the databases to work correctly.

The problem I was having and the point I raised was that people were misleading on the live chat and Forums. If they really do not know or lack knowledge about a subject do not proffer help that in fact was at best misleading and/or even downright wrong.

I do not mean to be getting at you as in the past you have helped me greatly particularly when I first started here. I am just saying that systems are complex and just because a person has not done something, it is not therefore impossible. Mastering the web and all the related languages is like climbing Everest, difficult but quite possible given the right support and advice from people that know.

Given that WA is an open education forum this means that we have to rely on each other for advice and help. We owe each other a duty of care that any advice is correct and that it will not harm the person we are trying to help. My point was that if you do not know the answer or have not actually done the task in question do not answer leave it to a person that has done it and who does know. Nearly all the time if a topic is left open long enough there is someone here that does know. (There being many thousands of members with varying degrees of experience.) That was all.

If you really want to know how this database was set up I can send you a copy of the relevant file once I relocate it.

Hey Stephen.

I'm with Craig (@welshy) on this. I often tell Members that something is not possible when I'm aware of a "hack" that would in fact make it possible.

Many of the Membership often *want* to do something but lack the experience to implement it correctly even if it's a legitimate workaround.

I've lost count of the number of times that I've had to try and *repair* sites for Members after they have witnessed an interesting *solution* being bandied about in chat and then decided to have a go at it themselves. It can be especially difficult to sort out if it is a free siterubix subdomain which lacks authorised FTP access.

There are numerous plug-ins that will circumvent almost any restriction but no-one can guarantee that they will necessarily work – now or especially in the future – given updates to the hosting, WordPress itself, themes or other plug-ins. I've noticed only in the last week a recommendation by Kyle that one plug-in be removed and informing others that sites will be disabled for using another.

If the server team reports back that a plug-in is causing unfair loading, compromising security, etc. etc. it's likely that those using it will be requested to remove it, potentially disabling established functionality or maybe even have their sites disabled for them.

The very few members who want or need unfettered access to the innards of their hosting should be directed to a dedicated hosting service. WAU is a safe place to "learn to earn", not learn how to start hacking at code.

If you want to be sure of a more considered answer, it is always better to open a discussion on the topic or create a blog post, rather than rely on whoever is in chat to know for sure what is either possible or advisable and what isn't.

Rich.