WordPress 2.3.2

WordPress 2.3.2 has been released and this release includes a number of changes including one security fix.

  • Performance improvements for post sanitization when raw content is required.
  • Changes to is_admin() to ensure that it is only true for admin pages thereby protecting against exposing draft posts.
  • Suppression of database errors unless WP_DEBUG is true.
  • Check for valid database connection information during install and display and error if the install fails due to database rights.
  • Support for a custom database down page to be displayed on database connection errors.
  • Changes to make sure we are more selective in what we make clickable, this introduces different rules for different uri types.
  • Changes to wp-mail.php to escape the error messages when displaying them to avoid a possible XSS attack.
  • Changes to ensure that the post password is only exposed by the xmlrpc method metaWeblog.getRecentPosts to users with rights to edit a post.
  • Changes to the information exposed the wp.getAuthors xmlrpc method to reduce the information exposed and add a capabilites check.
  • Addition of extra capabilites checks to xmlrpc methods.
  • Addition of extra capabilites checks to APP server.
  • Changes to validate_file() to improve its traversal attempt detection when running on windows.

Get yours today.

1 Star2 Stars3 Stars4 Stars5 Stars (138 votes, average: 3.46 out of 5)

Mentioned By Jane Wells in WordPress.Org Blog

Woot! I was mentioned by Jane Wells in the latest blog entry on WordPress.org blog entitled A Little Support?

Here is the part where I was mentioned:

And an additional shoutout to plugin authors who take an active role in moderating threads regarding their plugins, again nominated by official moderators for recognition:

scribu, GDragoN, sivel, MikeChallis, GamerZ, alexrabe, arnee, sociable, takayukister, hallsofmontezuma, joostdevalk, filosofo, roytanck, donncha, Hiroaki Miyashita, manojtd, froman118, error, Viper007Bond, alexkingorg, cavemonkey50, azaozz, aaroncampbell, isa.goksu, flipper, joedolson, redwallhp, eight7teen, orenshmu, WebGeek, Otto42, toddiceton, the_dead_one, mywpplugin, MattyRob, markjaquith, TobiasBg, Txanny, elfin, jolley_small, stastoc, anmari, micropat, frekel.

I first joined the WordPress.org forums on 18th September 2003! Time flies, it has been 6 years!

1 Star2 Stars3 Stars4 Stars5 Stars (98 votes, average: 3.46 out of 5)

Plugins Structure Changes

All my plugins will undergo a structure change to accommodate the Official WordPress Plugins Repository. This is also a much requested feature for most of my users as they complained that the zip file generated by WordPress Plugins Repository was 2 level deep and they got some issues when installing the plugin and the official plugin update notification will not work.

As posted in WordPress Ideas:

Some of us the older plugin authors are facing problem/hassle of restructuring the our plugin structure as our plugin name need not necessary follow the official plugin name folder naming convention.

And when user download the file from the repository, it will be the <official plugin name>\<plugin name>\<plugin>.php

As this is a major change, things will break, so I need you guys help to help me test it. The first plugin that rolls out this structure update will be WP-Polls.

The structure change for wp-polls involves:

  1. Using /wp-polls/ folder instead of /polls/
  2. Using wp-polls.php instead of polls.php
  3. Using wp-polls-widget.php instead of polls-widget.php
  4. Replacing all the old references with the new references stated above

Please kindly post any bugs found in WP-Polls Support Forum. Thank You.

I will roll out this updates to the rest of the plugins in December 2007/January 2008.

1 Star2 Stars3 Stars4 Stars5 Stars (54 votes, average: 3.46 out of 5)

Dashboard Widget (Without Controls) Sample Plugin

WordPress 2.5 has the ability to customize your administration dashboard with the help of widgets.

After poking around WordPress 2.5 codes, I have come out with this Dashboard Widget Sample Plugin. BUT do note that this plugin does not include Dashboard Widget Controls. If I have the time, I will add that in or perhaps I will create another plugin called “Dashboard Widget (With Controls) Sample Plugin”.

To get a clearer picture of what this sample plugin does, here is a screenshot of the Dashboard Widget (Without Controls) Sample in action.

Here comes the code:

 'Full URL For "See All" link', // Example: 'index.php?page=wp-useronline/wp-useronline.php'
		'feed_link' => 'Full URL For "RSS" link', // Example: 'index.php?page=wp-useronline/wp-useronline-rss.php'
		'width' => 'half', // OR 'fourth', 'third', 'half', 'full' (Default: 'half')
		'height' => 'single', // OR 'single', 'double' (Default: 'single')
		)
	);
}

### Function: Add Dashboard Widget
add_filter('wp_dashboard_widgets', 'PLUGINNAME_add_dashboard_widget');
function PLUGINNAME_add_dashboard_widget($widgets) {
	global $wp_registered_widgets;
	if (!isset($wp_registered_widgets['dashboard_PLUGINNAME'])) {
		return $widgets;
	}
	array_splice($widgets, sizeof($widgets)-1, 0, 'dashboard_PLUGINNAME');
	return $widgets;
}

### Function: Print Dashboard Widget
function dashboard_PLUGINNAME($sidebar_args) {
	global $wpdb;
	extract($sidebar_args, EXTR_SKIP);
	echo $before_widget;
	echo $before_title;
	echo $widget_name;
	echo $after_title;
	echo 'YOUR CONTENT GOES IN HERE';
	echo $after_widget;
}
?>

Hope this helps some of you guys. =)

1 Star2 Stars3 Stars4 Stars5 Stars (39 votes, average: 3.46 out of 5)

WordPress App For iPhone/iPod Touch

WordPress App for iPhone and iPod Touch has been officially release. At the moment, it is only available in the US iTunes Store, give it some time for it to propagate to the rest of the iTunes stores.

It is a free app and I recommend everyone who is using WordPress and has a iPhone or iPod Touch to get it.

Here is what it does (taken from Weblog Tools Collection):

  • Support for WP.com blogs and self-installed blogs version 2.5.1 and higher
  • Embedded Safari for true previews of posts
  • Full tag and category support
  • Photo support for both camera pictures as well as library photos
  • Support for multiple blogs
  • Ability to password protect a post, save as a draft, or mark the post for later review
  • Auto-recovery. This will recover posts which have been interrupted by phone calls

Check out WordPress for iPhone or you can view/download the app in iTunes Store.

1 Star2 Stars3 Stars4 Stars5 Stars (111 votes, average: 3.45 out of 5)