WordPress 3.2.1

WordPress 3.2.1 has been released!

After more than a million downloads of WordPress 3.2, we’re now releasing WordPress 3.2.1 into the wild. This maintenance release fixes a server incompatibility related to JSON that’s unfortunately affected some of you, as well as a few other fixes in the new dashboard design and the Twenty Eleven theme. If you’ve already updated to 3.2, then this update will be even faster than usual, thanks to the new feature in 3.2 that only updates files that have been changed, rather than replacing all the files in your installation.

Fixes (Ticket):

  • JSON, the admin
  • A little bit tidier
  • Edge cases covered

Changelog: WordPress 3.2.1
Download: WordPress 3.2
Download: Modified files since WordPress 3.2

1 Star2 Stars3 Stars4 Stars5 Stars (499 votes, average: 4.11 out of 5)

AJAX Not Working For WP-Email, WP-Polls, WP-PostRatings or WP-PostViews?

About 2 weeks ago, I release an update to r WP-Email, WP-Polls, WP-PostRatings and WP-PostViews which added some nonce check and moved the AJAX request to be handled by /wp-admin/admin-ajax.php.

3 common issues that users are facing.

“-1” or “Failed To Verify Referrer”
This means that most likely you are using a caching plugin like W3 Total Cache (W3TC) and the Javascript being minified/combined and cached is outdated. Just empty the JS/CSS cache under the “Minify” section of W3TC in WP-Admin and W3TC will regenerate it again. This will solve the problem.

Password Protected /wp-admin/ Will Not Work
If you are using .htpasswd to protect your /wp-admin/ folder, AJAX request to /wp-admin/admin-ajax.php will not work. This problem is not unique to my plugin. Any WordPress Plugins that uses the WordPress AJAX API will break. As mentioned in this Codex, Hardening WordPress:

Simply securing the wp-admin/ directory might also break some WordPress functionality, such as the AJAX handler at wp-admin/admin-ajax.php

To bypass this, check out this tutorial, Password protecting the wp-admin directory, this tutorial will teach you how to whitelist admin-ajax.php in your /wp-admin/ using .htaccess.

I still hope in the future version of WordPress, they will separate front facing AJAX requests vs backend AJAX requests.

Your WP-Admin Is HTTPS While Your Site Is Not
If your WP-Admin is behind SSL aka HTTPS and you have the following config in your wp-config.php define('FORCE_SSL_ADMIN', true);, the AJAX will fail because https://yoursite.com is different from http://yoursite.com and the browser treat it as different domain.

To solve this issue do the following:
Find:
'ajax_url' => admin_url('admin-ajax.php'),
Replace:
'ajax_url' => admin_url('admin-ajax.php', (is_ssl() ? 'https' : 'http')),

What the code does is basically forcing http to be used when calling admin-ajax.php for AJAX request. Again this is a hack, I am trying to figure a way around it.

I have pushed the code to trunk of all the respective plugins.

1 Star2 Stars3 Stars4 Stars5 Stars (417 votes, average: 4.11 out of 5)

How To Turn Off Post Revision In WordPress 2.6

One of the irritating feature for me in WordPress 2.6 is the post revision. I am the only author of my blog and hence this feature is useless to me.

Just in case you are wondering how post revision works, whenever a post is edited, a new row will be created in wp_posts table. Hence if your posts or pages got edited 10 times, you will have 10 new rows in wp_posts table.

In no time your wp_posts table will be filled up and the post ID will be huge.

To turn off this feature, add this following code to wp-config.php:

define('WP_POST_REVISIONS', false);

You can also delete all post revisions by running this query in phpMyAdmin:

DELETE a,b,c  
FROM wp_posts a  
LEFT JOIN wp_term_relationships b ON (a.ID = b.object_id)  
LEFT JOIN wp_postmeta c ON (a.ID = c.post_id)  
WHERE a.post_type = 'revision'

Be sure to backup your database first before performing any queries in phpMyAdmin.

*UPDATE* Auto Saves does not create a revision of the post.

*UPDATE 2* Updated SQL query from Andrei Neculau as the previous query does not delete from wp_postmeta and wp_term_relationships tables.

*UPDATE 3* There is a proper way of cleaning up Post Revisions as mentioned by kitchin in Deleting Post Revisions: do NOT use the a,b,c JOIN code you see everywhere. I like his method more than the SQL query above.

1 Star2 Stars3 Stars4 Stars5 Stars (184 votes, average: 4.08 out of 5)

JavaScript In My Plugins II

I have completed the “update” process to my 5 of my plugins (WP-Polls, WP-PostRatings, WP-Email, WP-ServerInfo and WP-UserOnline) which use JavaScript.

  • WP-Polls and WP-PostRatings uses JavaScript on the frontend as well as the backend
  • WP-Email and WP-UserOnline uses JavaScript on the frontend only
  • WP-ServerInfo uses JavaScript on the backend only

Unfortunately the changes require at least WordPress 2.8 onwards to make use of the JavaScript enhancements in WordPress 2.8. I have updated this site to WordPress 2.8 Bleeding Edge aka WordPress 2.8 Nightly in order to test the JavaScript changes on a live site.

If you view the HTML source of this page, you will notice that only the CSS files get loaded in the header and the JavaScript gets loaded in the footer.

If you are running WordPress 2.8 bleeding edge, perhaps you can help me test out the plugins. Thanks in advanced 🙂

1 Star2 Stars3 Stars4 Stars5 Stars (183 votes, average: 4.05 out of 5)

WordPress 2.9.2

WordPress 2.9.2 has been released.

Thomas Mackenzie alerted us to a problem where logged in users can peek at trashed posts belonging to other authors. If you have untrusted users signed up on your blog and sensitive posts in the trash, you should upgrade to 2.9.2. As always, you can visit the Tools->Upgrade menu to upgrade.

Changelog: WordPress 2.9.2
Download: WordPress 2.9.2
Download: Modified files since WordPress 2.9.1

1 Star2 Stars3 Stars4 Stars5 Stars (928 votes, average: 4.04 out of 5)