SODEVE

browse by category or date

PROGRAMMING

[SOLVED] Missing Gravatar Pictures

29-Jun-2017           0      107 views

Today I noticed that the comment’s author pictures are broken. Some are visible, some are not.

Using Chrome’s Inspect Element function, I can see that the image URL starts with http://0.gravatar.com/avatar/. When I opened the image URL, Chrome shown “This site can’t be reached” error. My first instinct was replacing http with https. And voila… the the image loads.

Now I need to make this fix permanent on this blog. Digging through the sidebar source code, I found that the avatar image URL is produced by this function: get_avatar (codex URL). This function can be found inside file wp-includes\pluggable.php.

I proceed by adding this change at line 2415 (WordPress 4.8)

	if (strpos($url,"gravatar")>=0)
	{
		$url = str_replace("http://","https://",$url);
	}

Then I realized that my changes could be overwritten by WordPress future updates. Luckily, this function is pluggable. I can just copy over the whole function into my theme’s functions.php. I need to put the function into a plugin and then activate it. This is the only way to override the default get_avatar function.

Since I felt that my approach of using str_replace is probably the worst :D, I Googled for this topic. As it turned out, someone asked about this topic 3 years ago. In that page I confirm that my approach is indeed bad. There is a parameter to indicate what protocol Gravatar will use.

get_avatar( $id, $size, null, false, array('scheme' => 'https') );

By default this parameter is set to null. So I just need to change it to ‘https’.

function get_avatar( $id_or_email, $size = 96, $default = '', $alt = '', $args = null ) {
		$defaults = array(
			// get_avatar_data() args.
			'size'          => 96,
			'height'        => null,
			'width'         => null,
			'default'       => get_option( 'avatar_default', 'mystery' ),
			'force_default' => false,
			'rating'        => get_option( 'avatar_rating' ),
			'scheme'        => 'https', // 'scheme'        => null,
			'alt'           => '',
			'class'         => null,
			'force_display' => false,
			'extra_attr'    => '',
		);
   // ... SNIPPED ...
}

Finally, I bundled this function into a plugin called gravatar-secure. I didn’t bother to submit this plugin to WordPress Plugin Directory since it’s too simple 😀

So if you have similar issue to what I have, you can download the zip file below, extract and examine the source code. Once you’re sure my code is not malicious, you can upload the gravatar-secure folder into your WP’s plugins folder then activate the plugin.

Disclaimer: No guarantee, no warranty whatsoever. Do at your own risk.

the plugin in action here at this blog

About Hardono

Hi, I'm Hardono. I am working as a Software Developer. I am working mostly in Windows, dealing with .NET, conversing in C#. But I know a bit of Linux, mainly because I need to keep this blog operational. I've been working in Logistics/Transport industry for more than 9 years.

Hosting by: (affiliate)

HiFormance

You might also want:

Comments [ 0 ]

No Comment

Add Your Comment

Your Comment