WordPress 2.3.2 has been released and this release includes a number of changes including one security fix.
- Performance improvements for post sanitization when raw content is required.
- Changes to is_admin() to ensure that it is only true for admin pages thereby protecting against exposing draft posts.
- Suppression of database errors unless WP_DEBUG is true.
- Check for valid database connection information during install and display and error if the install fails due to database rights.
- Support for a custom database down page to be displayed on database connection errors.
- Changes to make sure we are more selective in what we make clickable, this introduces different rules for different uri types.
- Changes to wp-mail.php to escape the error messages when displaying them to avoid a possible XSS attack.
- Changes to ensure that the post password is only exposed by the xmlrpc method metaWeblog.getRecentPosts to users with rights to edit a post.
- Changes to the information exposed the wp.getAuthors xmlrpc method to reduce the information exposed and add a capabilites check.
- Addition of extra capabilites checks to xmlrpc methods.
- Addition of extra capabilites checks to APP server.
- Changes to validate_file() to improve its traversal attempt detection when running on windows.
Get yours today.
I wish all my WordPress Plugins Users a Merry Christmas, hope you all have received your Christmas presents =D
Rest assured I have not stopped developing my plugins. I am going to revamp WP-Ban and have some minor features to WP-PostRatings =)
I spoke about WorPress Plugin Development with PHP on Wednesday, 12th December 2007 at the Singapore PHP User Group, Decemember 2007 meetup.
That is the first time I am speaking publicly and hence I was quite nervous and spoke very fast.
During normal days, I speak very fast (all my friends said that) + my nervous = super fast speaking
Anyway, enjoy this fast paced video:
And yes, embedding this video breaks my site XHTML validation!
*UPDATE* The slides can be downloaded here.
These 2 things that I have done should help reduce the load on the server.
If are interested to test it out, you can download WP-Polls 2.30 Beta 1.
Kila Morton of PureBlogic has written an article about me and the article is being submitted to digg.
Lester Chan is a student. While attending school, he decided to start developing WordPress plug-ins to support himself. These plug-ins offer great functionality that extend the WordPress platform. For instance, at the bottom of this blog there is a rating system. Where did that come from boys and girls? Lester Chan! Need polls for your blog? Who can you turn to? Lester Chan! In fact, Lester has developed over a dozen plug-ins for WordPress users. These are plug-ins that make it easier for people like you and I to blog about what we love and make money blogging .
THANK YOU Kila Morton!
View: Lester Chan Makes Great WordPress Plug-ins For Your Blog