Category Archives: Site

WordPress 2.6.2

Posted on by

WordPress 2.6.2 has been released.

Stefan Esser recently warned developers of the dangers of SQL Column Truncation and the weakness of mt_rand(). With his help we worked around these problems and are now releasing WordPress 2.6.2. If you allow open registration on your blog, you should definitely upgrade. With open registration enabled, it is possible in WordPress versions 2.6.1 and earlier to craft a username such that it will allow resetting another user’s password to a randomly generated password. The randomly generated password is not disclosed to the attacker, so this problem by itself is annoying but not a security exploit. However, this attack coupled with a weakness in the random number seeding in mt_rand() could be used to predict the randomly generated password. Stefan Esser will release details of the complete attack shortly. The attack is difficult to accomplish, but its mere possibility means we recommend upgrading to 2.6.2.

Here is a list of bugs fixed:

  • Can’t control where a user redirects to when they log in
  • Bug in textpattern import
  • include mysql version in version check query string
  • RSS widget shouldn’t link if there isn’t a link
  • get_post_meta fails to unserialize when $single=false
  • typing error in wp-settings.php
  • comment_max_links causes confusion when zero
  • get_posts not working properly
  • Insert image into post always inserts full size
  • Filter news on templates cant work
  • Typo in post revisions

Here is a list of changed files:

  • wp-login.php
  • wp-settings.php
  • /wp-includes/formatting.php
  • /wp-includes/pluggable.php
  • /wp-includes/post.php
  • /wp-includes/query.php
  • /wp-includes/version.php
  • /wp-includes/widgets.php
  • /wp-admin/css/press-this-ie.css
  • /wp-admin/import/textpattern.php
  • /wp-admin/includes/image.php
  • /wp-admin/includes/template.php

Download WordPress 2.6.2

WordPress 2.6.1

Posted on by

WordPress 2.6.1 has been released and it is a very minor release. Not security flaws has been found and hence WordPress 2.6.1 is not a security fix so if you are comfortable with WordPress 2.6 like me, you don’t have to upgrade.

2.6.1 offers several improvements for international users. Styling of the admin for right-to-left languages is much improved thanks to the efforts of the Farsi and Hebrew translation teams, and a mysterious gettext bug caused by certain PHP configurations is now fixed. For IIS users, 2.6.1 fixes several permalink problems. Image insertion problems in the Press This feature experienced by IE users are also fixed. Of note to everyone is a fix for a performance bug in the admin where those with a lot of plugins would experience slowness on some pages.

I am so looking forward to WordPress 2.7 as lots of features which are available as plugin will be built into the core.

Download WordPress 2.6.1

*UPDATE* I decided to upgrade to stopped the nagging upgrading message to appear.

Beta Version Of My Plugins Updated To WordPress 2.6

Posted on by

Whenever WordPress releases a .1 update and it is during my school holidays (May to August) or (December to January). I am always able to get all my plugins compatible with it before it is actually released and have some buffer for testing.

I had spent the whole night yesterday making my plugins work wells with WordPress 2.6 and perhaps even WordPress 2.7 while maintaining the backward compatibility with WordPress 2.5.

All my 15 plugins are available at the Downloads Page under Beta Scripts. It used to be 16 plugins, but I stopped developing WP-Wap and hence it became 15.

Do help me test it out either on WordPress 2.5 or WordPress 2.6 Beta. They should work just fine for both versions.

This site is running all 15 of them and it is based on WordPress 2.5. If you found any of my plugins that are not working well on this site, do let me know as well. I will update this site to WordPress 2.6 when RC1 comes out.

If everything goes fine, I will release the updates 2 days after WordPress 2.6 is being released.

PS: My mom always nag at me to get a job especially during my 3 months (summer holidays) from May to August. But I told her by developing plugins, I can get donations as well. If you really like my plugins and appreciate my effort that I have put into it, do drop me a donation. My Paypal email is lesterchan AT gmail DOT com. Thank You =)

WP-PostRatings 1.31 Beta 1

Posted on by

WP-PostRatings is my only plugin left which still uses an external Javascript file in .php instead of .js.

Finally, I have gotten rid of .php and now the only two Javascript files in WP-PostRatings are in .js and best of all, they are packed using Dean Edward’s Packer. This will not only reduce the size of the Javascript file but also lessen the load on the server as .js files can be served as static files which requires no overhead in processing.

Changelog:

NEW: Renamed postratings-admin-js.php To postratings-admin-js.js and Move The Dynamic Javascript Variables To The PHP Pages
NEW: Renamed postratings-js.php To postratings-js.js and Move The Dynamic Javascript Variables To The PHP Pages
NEW: Uses postratings-js-packed.js And postratings-admin-js-packed.js

I need you guys to help me test WP-PostRatings 1.31 to ensure that it is working like normal as before.

Upgrading from WP-PostRatings 1.30 to WP-PostRatings 1.31 Beta 1 is very easy, just overwrite all the files will do. You do not need to run anything.

Thank You

  WP-PostRatings 1.50 Beta 1 (unknown, 12,075 hits)

PS: I have upgraded this site to WP-PostRatings 1.31 Beta 1, if there is any bug in the rating systems do let me know.

Page 3 of 11« First...234...10...Last »