Hacking live client websites

Hacking live client websites

More often than one would like, you need to make changes to a live web site. This can be due to working on a small budget or with legacy systems, where there's no separate development environment available. It seems we run into this most often with projects built on PHP based content management systems.

To reduce the chance of things going royally south, it’s good to make the changes in a way that they are only visible if a certain condition is met. There are quite a few ways to achieve this. In this post we have put down our most often used code snippets ready for your copy pasting.

Showing content only when a "secret" url parameter exists ( e.g. site.com?secretparam=1):

<?php

if( $_GET["secretparam"] && $_GET["secretparam"] == '1' ) {
     // Add extra CSS, JS files or do something else
}

Showing content for only certain user in Wordpress:

 <?php
 
 $user = wp_get_current_user();
 if ( is_user_logged_in() && $user->user_login == 'myadminuser' ) {
   // Add extra CSS, JS files or do something else   
 }

Showing a different Wordpress theme for a certain logged in user (drop into plugin folder and activate):

<?php

/*
Plugin Name: Change theme for user
Description: Display different theme to user if logged in as YOURUSER
Author: Wingmen LTD
*/

add_filter('template', 'set_theme');
add_filter('option_template', 'set_theme');
add_filter('option_stylesheet', 'set_theme');
function set_theme($theme) {
    $current_user = wp_get_current_user();
    if ( !($current_user instanceof WP_User) )
    	return $theme;

    if ( $current_user->user_login == 'YOURUSER' ) {
        $theme = 'themev2';
    }
    return $theme;
}

Showing content for only certain user in Drupal template:

<?php

Global $user;
if( $logged_in && $user->name == 'myadminuser' {
	// Add extra CSS, JS files or do something else
}

You can find more quick and dirty tips like this under the tag note-to-self.