Recently in WordPress Notes Category

It is so happy to know that WordPress 2.8 released tonight.

The most important change is to make WordPress faster. I like it.
Find more information about the release here..

You can download it here for free.

I will find time to upgrade my installation of WordPress.

I saw a very strange comment in this blog, which is hold for review.

Website: ' AND 1=0) UNION SELECT 1 FROM wp_users WHERE user_login='admin' and substring(reverse(lpad(conv(substring(user_pass,8,1), 16, 2),4,'0′)),4,1)='1′ /* (IP: 124.217.250.190 , svservers.com)

URI: http://None

Excerpt: None...

It is same as what is mentioned Attack of the Wordpress-Hacking Spam Trackbacks.

The stupid spammer or hacker try the wrong Blog platform. I am not using Wordpress. It is MovableType.

I have a WordPress blog running on the old version, v2.13.

There are some updates between them.

I upgraded it last week. It is not difficult to upgrade WordPress 2.5.1, but following steps should taken to avoid crash.

1) Backup data: backup database and export everything from WP.

2) De-active all plugins.
I have following plugins.
Akismet, ExtendedLive Archive, Get Recent Comments, Google Site Maps, Sideblog, Simple Tag, and wordpress stats.

3) Backup all physical files.
I SSH the hosting server and tar all files.

To be noticed that WordPress 2.5.1 release. It includes security fix. So I recommend you to upgrade as soon as possible.

* Performance improvements for the Dashboard, Write Post, and Edit Comments pages.
* Better performance for those who have many categories
* Media Uploader fixes
* An upgrade to TinyMCE 3.0.7
* Widget Administration fixes
* Various usability improvements
* Layout fixes for IE

2.5.1 has over 70 fixes. Don't waste your time and put your Blog under security shadow. Download it now and upgrade it.

It is a big news in WordPress user group. WordPress 2.5 released.

To upgrade you previous version, you have to follow the upgrade guide here.

If you are same as me, have a WordPress installation on Dreamhost, it will be very easy to upgarde. Just One-Click.

Let me go through the some new features in WordPress 2.5.
User Features

• Cleaner, faster, less cluttered dashboard


• Dashboard Widgets


• Multi-file upload with progress bar


• Bonus: EXIF extraction


• Search posts and pages


• Tag management


• Password strength meter


• Concurrent editing protection


• Few-click plugin upgrades


• Friendlier visual post editor


• Built-in galleries

Dreamhost's Newsletter mentioned that the One-Click feature is improved.
WordPress One-Click is easier.

I do not try the brand new easy install. I just use it upgrade feature.

It is very fast and easy. Just click the Upgrade to 2.3.3. The plugins are still OK.
No other operation needed.

Use Saving code G2SAVING when sign up Dreamhost, you can save $50 and get 1 extra FREE lifetime domain registration.

Another security upgrade is out for WordPress. This one is fairly urgent, as it allows other members of your blog to "hijack" posts not written by them.

From WordPress Development Blog.

WordPress 2.3.3 is an urgent security release. If you have registration enabled a flaw was found in the XML-RPC implementation such that a specially crafted request would allow a user to edit posts of other users on that blog. In addition to fixing this security flaw, 2.3.3 fixes a few minor bugs. If you are interested only in the security fix, download the fixed version of xmlrpc.php and copy it over your existing xmlrpc.php. Otherwise, you can get the entire release here.

Please upgrade to the latest version as soon as possible.

I have an installation of WordPress for one of my Blog. It is running over one year.
For WordPress, I have something to record related to the tag, the most important feature of Web2.0 or Blog.

As every WP fans know, WordPress is V2.3.1 now. It is free for download, and Open Sourced.

The embedded tag system of WP 2.3.1 is still not good enough. So I try to find a better one, not the best one.

Simple Tags is popped up into my eye. The latest version is 1.2, works on Wordpress 2.3.x. That means it is WordPress 2.3.x native plugin.

To install it is very simply, I don't want to repeat the readme file of the download package. You can find it.

To use it, is also very easy.
I'd like to list some feature I do like.

1) Suggested tags
2) Mass Edit Tags
3) Related posts
4) Tag cloud
5) Post without tags

At the end of this post, the site I mentioned in the beginning is Self-Study Resource.

Now I want to upgrade Dreamer's blog to WordPress 2.2.1 from 2.2.0.
This blog is hosted on Dreamhost.

I'd like to keep the record of upgrade.

1) Backup your database.
Dreamhost backup the MySQL database every day. So if you have no post in the past 24 hours, you don't need to do a manual backup through PHPmyAdmin.

2) Backup ALL your WordPress files in your WordPress directory.
Just ssh to the server, and run the command to backup all files.

tar -cvzf dreamer-2.2.0 dreamer.g2soft.net

3) Deactivate ALL your Plugins.
I sign in as administrator, and deactivate all plugins.

4) Download and extract the WordPress package from http://wordpress.org/download/.
Download the 2.2.1 package, I downloaded zip file and uncompressed it.

5) Upload all filles to the Server

6) Run upgrade.
http://www.mydomain.com/wp-admin/upgrade.php
There is no database update needed.

7) Activate the Plugins I used before.

Done.

It is a bug fix release for the 2.2 series. Just released this morning.
There is a long list of bugs fixed.

Some highlights are shown below:
# Atom feed validation fixes
# XML-RPC fixes
# Widget backward compatibility fixes
# Widget layout fixes for IE7
# Page and Text Widget improvements

And WordPress 2.2.1 is not just a bug fix release. It improve the security protect with following items.
* Remote shell injection in PHPMailer
* Remote SQL injection in XML-RPC Discovered by Alexander Concha.
* Unescaped attribute in default theme

The Upgrade steps are same as before. And I may make another post about it.

Some time we want to put video on our blog. The code to embeded it is very complicated, because so many different video types.

Today I tried Embedded Video with Link. It makes it simple and easy to finish this step.

I just download it from the link above. Installed it as the regular plugin.

The option>Embedded Video, I can setup the Video object width between 250-800 to fit in the width of Blog layout.

It supports following video portal:
YouTube, Google Video, dailymotion, MyVideo, Clipfish, Sevenload, Revver, Metacafé, Yahoo! Video, ifilm, MySpace Video, Brightcove, aniBOOM, vimeo, GUBA, Garage TV, GameVideos, vSocial

So after install this plugin, to embed the video is much easy.
1) Prepare Video file.
2) Upload it to Video host site, such as YouTube.
3) Get video ID.
4) When write a new post, click the Icon
5) Pick the YouTube and enter the video ID.
6) Click Insert button.
7) Finish the post and click Publish.

Done.

That's a painless publish withou touch the html code.
Here is a sample.

I put some social network button on site. The Html Validator always tell me some URL is not correct.

Ok.

I have to code it my self to replace the original code.
Original code is as shown below:
<!-- del.icio.us -->
<a href="http://del.icio.us/post?url=<?php the_permalink() ?>&title=<?php the_title ?>" title="Add to del.icio.us">Del.icio.us</a>
<!-- /del.icio.us -->

I change it to:
<?php
$title = wp_title('',FALSE);
$tt = urlencode($title);
$tt = substr($tt,2);
?>
<!-- del.icio.us -->
<a href="http://del.icio.us/post?url=<?php the_permalink() ?>&amp;title=<?php echo $tt; ?>" title="Add to del.icio.us">Del.icio.us</a>
<!-- /del.icio.us -->

Now the link is perfect, without warning from HTML Validator.
Perfect code.