WP-DBManager 2.62

I have released WP-DBManager 2.62.

  • Added Auto Repair functionality via WP Cron, similar to the current implementation of Backing Up & Optimizing DB
  • Added nonce to all forms for added security
  • Replace get_bloginfo('name') with get_option('blogname') and make it goes through wp_specialchars_decode()
  • Ported the readme.html to readme.txt

Finally, Props to Joakim Jardenberg, Jonas Nordström and Andreas Viklund for finding and reporting the previous security vulnerability.

Download: WP-DBManager 2.62

1 Star2 Stars3 Stars4 Stars5 Stars (190 votes, average: 3.92 out of 5)

WP-DBManager 2.61

WP-DBManager 2.61 has been released and it fixes a security vulnerability which will allow user to download your wp-config.php. If you do not use the default backup folder path, you are not affected by this.

However, most users are affected and it is recommended that you upgrade WP-DBManager to 2.61.

WP-DBManager 2.62 will be out on Tuesday with added nonce security and auto-repair functionality.

Sorry for any inconvenience caused.

Download: WP-DBManager 2.61

1 Star2 Stars3 Stars4 Stars5 Stars (113 votes, average: 3.85 out of 5)

WP-ShowHide 1.00

I have created a new plugin, WP-ShowHide. It is a simple plugin (83 lines of codes including comments) with no configuration screen needed.

This new plugin came about when Hisham tweeted me about whether there is a “Show/Hide Press Release” WordPress plugin like what Engadget does when posting a Press Release.

I can’t seem to find it and decided to code one myself using WordPress ShortCode API. I made the plugin more generic rather than focusing on Press Releases, so you can have multiple Show/Hide content within a post.

I tested it on WordPress 3.1.1 but technically it should work with any version higher than WordPress 2.5 because ShortCode was introduced in WordPress 2.5.

WP-ShowHide Description

Allows you to embed content within your blog post via WordPress ShortCode API and toggling the visibility of the cotent via a link. By default the content is hidden and user will have to click on the “Show Content” link to toggle it. Similar to what Engadget is doing for their press releases.

Example usage: [ showhide type="pressrelease" ]Press Release goes in here.[ /showhide ] (Remove the spaces before and after the square brackets [].)

Download: WP-ShowHide 1.00
Documentation: WP-ShowHide

Demostration/Example Usage
Remove the spaces before and after the square brackets [].

Tag: [ showhide ][ /showhide ]

Tag: [ showhide type="links" more_text="Show Links (%s More Words)" less_text="Hide Links (%s More Words)" ][ /showhide ]

Tag: [ showhide type="visibility" hidden="no" more_text="Show Visibility Content (%s More Words)" less_text="Hide Visibility Content (%s More Words)" ][ /showhide ]


The visibility of this content is set to display by default instead of hidden.

1 Star2 Stars3 Stars4 Stars5 Stars (77 votes, average: 4.14 out of 5)

WordPress 3.1.2

WordPress 3.1.2 has been released and is a security release for all previous WordPress versions.

This release addresses a vulnerability that allowed Contributor-level users to improperly publish posts.

We suggest you update to 3.1.2 promptly, especially if you allow users to register as contributors or if you have untrusted users. This release also fixes a few bugs that missed the boat for version 3.1.1.

Changelog: WordPress 3.1.2
Download: WordPress 3.1.2
Download: Modified files since WordPress 3.1.1

1 Star2 Stars3 Stars4 Stars5 Stars (41 votes, average: 4.02 out of 5)

WordPress 3.1.1

WordPress 3.1.1 has been released.

This maintenance and security release fixes almost thirty issues in 3.1, including:

  • Some security hardening to media uploads
  • Performance improvements
  • Fixes for IIS6 support
  • Fixes for taxonomy and PATHINFO (/index.php/) permalinks
  • Fixes for various query and taxonomy edge cases that caused some plugin compatibility issues

Version 3.1.1 also addresses three security issues discovered by WordPress core developers Jon Cave and Peter Westwood, of our security team. The first hardens CSRF prevention in the media uploader. The second avoids a PHP crash in certain environments when handling devilishly devised links in comments, and the third addresses an XSS flaw.

We suggest you update to 3.1.1 promptly. Download 3.1.1 or update automatically from the Dashboard ? Updates menu in your site’s admin area.

Changelog: WordPress 3.1.1
Download: WordPress 3.1.1
Download: Modified files since WordPress 3.1

1 Star2 Stars3 Stars4 Stars5 Stars (151 votes, average: 3.93 out of 5)