on the default page. 2. Is the #respond part of the replytocom link necessary? Thanks, Harish From alan at verselogic.net Sat Sep 5 19:53:00 2009 From: alan at verselogic.net (Alan Castonguay) Date: Sat, 5 Sep 2009 15:53:00 -0400 Subject: [wp-hackers] Strange errors with the link checker In-Reply-To: <4AA28AC4.9010005@gmail.com> References: <4AA28AC4.9010005@gmail.com> Message-ID: <879AFB9A-AB93-4B5D-81D6-251FE91AD275@verselogic.net> Browsers seem to honor a name= fragments and whatever id= the same way. I don't think the w3 checker likes the latter. The fragment is only to scroll down the page to the comment box, and that behavior is not strictly required. Alan J Castonguay Sent from my iPhone On Sep 5, 2009, at 11:59 AM, Harish Narayanan wrote: > By default, WordPress generates something like the following URI to > reply to specific comments: > > http://foo.org/blog/post/?replytocom=123456#respond > > When I pass a page with comments through the W3C link checker, I see > errors like the following for each comment: > > Some of the links to this resource point to broken URI fragments (such > as index.html#fragment). > > > 1. Does anyone see why this happens? There is a

on > the default page. > 2. Is the #respond part of the replytocom link necessary? > > Thanks, > Harish > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers From johnbillion+wp at gmail.com Sat Sep 5 20:30:50 2009 From: johnbillion+wp at gmail.com (John Blackbourn) Date: Sat, 5 Sep 2009 21:30:50 +0100 Subject: [wp-hackers] Strange errors with the link checker In-Reply-To: <879AFB9A-AB93-4B5D-81D6-251FE91AD275@verselogic.net> References: <4AA28AC4.9010005@gmail.com> <879AFB9A-AB93-4B5D-81D6-251FE91AD275@verselogic.net> Message-ID: <1fa535a70909051330s6a3ab672rb80ea6a82a401005@mail.gmail.com> I'd say that providing the user with the convenience of having the page scroll down is better than your page being 100% W3C valid. 2009/9/5 Alan Castonguay : > Browsers seem to honor a name= fragments and whatever id= the same way. I > don't think the w3 checker likes the latter. The fragment is only to scroll > down the page to the comment box, and that behavior is not strictly > required. > > Alan J Castonguay > > Sent from my iPhone > > On Sep 5, 2009, at 11:59 AM, Harish Narayanan > wrote: > >> By default, WordPress generates something like the following URI to >> reply to specific comments: >> >> http://foo.org/blog/post/?replytocom=123456#respond >> >> When I pass a page with comments through the W3C link checker, I see >> errors like the following for each comment: >> >> Some of the links to this resource point to broken URI fragments (such >> as index.html#fragment). >> >> >> 1. Does anyone see why this happens? There is a

on >> the default page. >> 2. Is the #respond part of the replytocom link necessary? >> >> Thanks, >> Harish >> _______________________________________________ >> wp-hackers mailing list >> wp-hackers at lists.automattic.com >> http://lists.automattic.com/mailman/listinfo/wp-hackers > > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > From sojweb at indiana.edu Sat Sep 5 20:47:00 2009 From: sojweb at indiana.edu (SoJ Web) Date: Sat, 5 Sep 2009 16:47:00 -0400 Subject: [wp-hackers] Strange errors with the link checker In-Reply-To: <1fa535a70909051330s6a3ab672rb80ea6a82a401005@mail.gmail.com> References: <4AA28AC4.9010005@gmail.com> <879AFB9A-AB93-4B5D-81D6-251FE91AD275@verselogic.net> <1fa535a70909051330s6a3ab672rb80ea6a82a401005@mail.gmail.com> Message-ID: <14D39749-5234-403B-8050-84677298FEF5@indiana.edu> That's a valid use. See: http://www.w3.org/TR/html401/struct/links.html#h-12.2.3 http://www.w3.org/TR/xhtml-media-types/#C_8 It is supposed to be case-sensitive... maybe there's mismatch in case between fragment identifier and ID that the browser ignores, but the validator catches? Or maybe the validator itself has a bug. Either way, it's valid. -Jeff On Sep 5, 2009, at 4:30 PM, John Blackbourn wrote: > I'd say that providing the user with the convenience of having the > page scroll down is better than your page being 100% W3C valid. > > 2009/9/5 Alan Castonguay : >> Browsers seem to honor a name= fragments and whatever id= the same >> way. I >> don't think the w3 checker likes the latter. The fragment is only >> to scroll >> down the page to the comment box, and that behavior is not strictly >> required. >> >> Alan J Castonguay >> >> Sent from my iPhone >> >> On Sep 5, 2009, at 11:59 AM, Harish Narayanan > > >> wrote: >> >>> By default, WordPress generates something like the following URI to >>> reply to specific comments: >>> >>> http://foo.org/blog/post/?replytocom=123456#respond >>> >>> When I pass a page with comments through the W3C link checker, I see >>> errors like the following for each comment: >>> >>> Some of the links to this resource point to broken URI fragments >>> (such >>> as index.html#fragment). >>> >>> >>> 1. Does anyone see why this happens? There is a

>>> on >>> the default page. >>> 2. Is the #respond part of the replytocom link necessary? >>> >>> Thanks, >>> Harish >>> _______________________________________________ >>> wp-hackers mailing list >>> wp-hackers at lists.automattic.com >>> http://lists.automattic.com/mailman/listinfo/wp-hackers >> >> _______________________________________________ >> wp-hackers mailing list >> wp-hackers at lists.automattic.com >> http://lists.automattic.com/mailman/listinfo/wp-hackers >> > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers From steve at sltaylor.co.uk Sun Sep 6 01:43:57 2009 From: steve at sltaylor.co.uk (Steve Taylor) Date: Sun, 6 Sep 2009 02:43:57 +0100 Subject: [wp-hackers] cron overload - help! Message-ID: I experimented with wp_schedule_event() on a site a short while ago, without luck. I found another solution, but recently I noticed that my Media Temple GPU usage has flagged the wp-cron.php on that site as taking up about 25% of the total processing time for all my sites. I used http://wordpress.org/extend/plugins/cron-view/, and sure enough, my experiment has inadvertantly left a HUGE number of scheduled events for that hook. When I try to run wp_clear_scheduled_hook( 'my_hook' ), the page doesn't seem to load. The site's running OK, but I really need a way of clearing all these events out. I'm not sure if wp_unschedule_event() is viable - and I've heard that wp_clear_scheduled_hook() is just a wrapper for this anyway. Thanks for any tips... From johnbillion+wp at gmail.com Sun Sep 6 02:01:21 2009 From: johnbillion+wp at gmail.com (John Blackbourn) Date: Sun, 6 Sep 2009 03:01:21 +0100 Subject: [wp-hackers] cron overload - help! In-Reply-To: References: Message-ID: <1fa535a70909051901l6649ecd8h5987f56655ab92e5@mail.gmail.com> Are you passing an $args parameter with wp_clear_scheduled_hook()? There's an outstanding bug that means hooks with parameters aren't cleared with wp_clear_scheduled_hook(). See http://core.trac.wordpress.org/ticket/10468 . 2009/9/6 Steve Taylor : > I experimented with wp_schedule_event() on a site a short while ago, > without luck. I found another solution, but recently I noticed that my > Media Temple GPU usage has flagged the wp-cron.php on that site as > taking up about 25% of the total processing time for all my sites. > > I used http://wordpress.org/extend/plugins/cron-view/, and sure > enough, my experiment has inadvertantly left a HUGE number of > scheduled events for that hook. > > When I try to run wp_clear_scheduled_hook( 'my_hook' ), the page > doesn't seem to load. The site's running OK, but I really need a way > of clearing all these events out. I'm not sure if > wp_unschedule_event() is viable - and I've heard that > wp_clear_scheduled_hook() is just a wrapper for this anyway. > > Thanks for any tips... > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > From steve at sltaylor.co.uk Sun Sep 6 02:09:36 2009 From: steve at sltaylor.co.uk (Steve Taylor) Date: Sun, 6 Sep 2009 03:09:36 +0100 Subject: [wp-hackers] cron overload - help! In-Reply-To: <1fa535a70909051901l6649ecd8h5987f56655ab92e5@mail.gmail.com> References: <1fa535a70909051901l6649ecd8h5987f56655ab92e5@mail.gmail.com> Message-ID: My hook never took a parameter. Do I need to pass an empty $args array or something? 2009/9/6 John Blackbourn : > Are you passing an $args parameter with wp_clear_scheduled_hook()? > There's an outstanding bug that means hooks with parameters aren't > cleared with wp_clear_scheduled_hook(). See > http://core.trac.wordpress.org/ticket/10468 . > > 2009/9/6 Steve Taylor : >> I experimented with wp_schedule_event() on a site a short while ago, >> without luck. I found another solution, but recently I noticed that my >> Media Temple GPU usage has flagged the wp-cron.php on that site as >> taking up about 25% of the total processing time for all my sites. >> >> I used http://wordpress.org/extend/plugins/cron-view/, and sure >> enough, my experiment has inadvertantly left a HUGE number of >> scheduled events for that hook. >> >> When I try to run wp_clear_scheduled_hook( 'my_hook' ), the page >> doesn't seem to load. The site's running OK, but I really need a way >> of clearing all these events out. I'm not sure if >> wp_unschedule_event() is viable - and I've heard that >> wp_clear_scheduled_hook() is just a wrapper for this anyway. >> >> Thanks for any tips... >> _______________________________________________ >> wp-hackers mailing list >> wp-hackers at lists.automattic.com >> http://lists.automattic.com/mailman/listinfo/wp-hackers >> > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > From johnbillion+wp at gmail.com Sun Sep 6 02:29:06 2009 From: johnbillion+wp at gmail.com (John Blackbourn) Date: Sun, 6 Sep 2009 03:29:06 +0100 Subject: [wp-hackers] cron overload - help! In-Reply-To: References: <1fa535a70909051901l6649ecd8h5987f56655ab92e5@mail.gmail.com> Message-ID: <1fa535a70909051929r426d514vef02a8a9f1374b58@mail.gmail.com> You shouldn't have to, no. It looks like you've got so many events scheduled for that hook that wp_clear_scheduled_hook() can't handle it and that's why your page isn't loading. If you really have got a giant number of events scheduled then your only option might be to clear the 'cron' row from the wp_options table in the database. 2009/9/6 Steve Taylor : > My hook never took a parameter. Do I need to pass an empty $args array > or something? > > > 2009/9/6 John Blackbourn : >> Are you passing an $args parameter with wp_clear_scheduled_hook()? >> There's an outstanding bug that means hooks with parameters aren't >> cleared with wp_clear_scheduled_hook(). See >> http://core.trac.wordpress.org/ticket/10468 . >> >> 2009/9/6 Steve Taylor : >>> I experimented with wp_schedule_event() on a site a short while ago, >>> without luck. I found another solution, but recently I noticed that my >>> Media Temple GPU usage has flagged the wp-cron.php on that site as >>> taking up about 25% of the total processing time for all my sites. >>> >>> I used http://wordpress.org/extend/plugins/cron-view/, and sure >>> enough, my experiment has inadvertantly left a HUGE number of >>> scheduled events for that hook. >>> >>> When I try to run wp_clear_scheduled_hook( 'my_hook' ), the page >>> doesn't seem to load. The site's running OK, but I really need a way >>> of clearing all these events out. I'm not sure if >>> wp_unschedule_event() is viable - and I've heard that >>> wp_clear_scheduled_hook() is just a wrapper for this anyway. >>> >>> Thanks for any tips... >>> _______________________________________________ >>> wp-hackers mailing list >>> wp-hackers at lists.automattic.com >>> http://lists.automattic.com/mailman/listinfo/wp-hackers >>> >> _______________________________________________ >> wp-hackers mailing list >> wp-hackers at lists.automattic.com >> http://lists.automattic.com/mailman/listinfo/wp-hackers >> > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > From casey.bisson at gmail.com Sun Sep 6 02:29:56 2009 From: casey.bisson at gmail.com (Casey Bisson) Date: Sat, 5 Sep 2009 22:29:56 -0400 Subject: [wp-hackers] cron overload - help! In-Reply-To: References: Message-ID: Assuming you're not worried about other scheduled tasks[1], you can simply delete the row in your wp_options table with the meta_key = cron. --Casey http://MaisonBisson.com On Sep 5, 2009, at 9:43 PM, Steve Taylor wrote: > I experimented with wp_schedule_event() on a site a short while ago, > without luck. I found another solution, but recently I noticed that my > Media Temple GPU usage has flagged the wp-cron.php on that site as > taking up about 25% of the total processing time for all my sites. > > I used http://wordpress.org/extend/plugins/cron-view/, and sure > enough, my experiment has inadvertantly left a HUGE number of > scheduled events for that hook. > > When I try to run wp_clear_scheduled_hook( 'my_hook' ), the page > doesn't seem to load. The site's running OK, but I really need a way > of clearing all these events out. I'm not sure if > wp_unschedule_event() is viable - and I've heard that > wp_clear_scheduled_hook() is just a wrapper for this anyway. > > Thanks for any tips... > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers From steve at sltaylor.co.uk Sun Sep 6 09:59:21 2009 From: steve at sltaylor.co.uk (Steve Taylor) Date: Sun, 6 Sep 2009 10:59:21 +0100 Subject: [wp-hackers] cron overload - help! In-Reply-To: References:

Message-ID: Thanks, that's what it needed! The default tasks popped back in fine. 2009/9/6 Casey Bisson : > > Assuming you're not worried about other scheduled tasks[1], you can simply > delete the row in your wp_options table with the meta_key = cron. > > --Casey > > http://MaisonBisson.com > > On Sep 5, 2009, at 9:43 PM, Steve Taylor wrote: > >> I experimented with wp_schedule_event() on a site a short while ago, >> without luck. I found another solution, but recently I noticed that my >> Media Temple GPU usage has flagged the wp-cron.php on that site as >> taking up about 25% of the total processing time for all my sites. >> >> I used http://wordpress.org/extend/plugins/cron-view/, and sure >> enough, my experiment has inadvertantly left a HUGE number of >> scheduled events for that hook. >> >> When I try to run wp_clear_scheduled_hook( 'my_hook' ), the page >> doesn't seem to load. The site's running OK, but I really need a way >> of clearing all these events out. I'm not sure if >> wp_unschedule_event() is viable - and I've heard that >> wp_clear_scheduled_hook() is just a wrapper for this anyway. >> >> Thanks for any tips... >> _______________________________________________ >> wp-hackers mailing list >> wp-hackers at lists.automattic.com >> http://lists.automattic.com/mailman/listinfo/wp-hackers > > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > From hal at burgiss.net Sun Sep 6 14:19:10 2009 From: hal at burgiss.net (Hal Burgiss) Date: Sun, 6 Sep 2009 10:19:10 -0400 Subject: [wp-hackers] Security Message-ID: <20090906141910.GD24777@honey.burgiss.net> Hello, This probably is not the right list for this question, but its the best place I can find to ask it at the moment. I see on slashdot today an announcement of a new worm effecting most previous versions of Wordpress. I maintain many Wordpress sites, most of which will be potentially impacted. Most of these will not be easy upgrade candidates for a variety of reasons. I am left to attempt to secure them without an easy upgrade path. Now I just spent maybe 45 minutes trying to find out the technical details of how this worm worms its way into WP so I can find an alternative solution (hopefully). Well, I still don't know how it does what it does. I haven't a clue. The only thing I find on wordress.org describes the situation in a general way, and the only provided solution is to upgrade. Most of the sites I manage have strict .htaccess rules protecting wp-login and wp-admin. Am I safe in these situations, I wonder? Maybe. Maybe not. So I look to the wp.org security blog in hopes of details. I find 9 total posts over a 4 year period. Not particularly inspiring. Obviously, the level of detail I am looking for does not exist on wordpress.org. Or does it? Is there a better place, a mailing list somewhere? RSS feed? Another blog? I love a lot of things about Wordpress, but an easy/fast way to get detailed security information, at least more than "upgrade now", seems overly difficult. Thx. -- Hal From scribu at gmail.com Sun Sep 6 14:36:14 2009 From: scribu at gmail.com (scribu) Date: Sun, 6 Sep 2009 17:36:14 +0300 Subject: [wp-hackers] Security In-Reply-To: <20090906141910.GD24777@honey.burgiss.net> References: <20090906141910.GD24777@honey.burgiss.net> Message-ID: <349fe48b0909060736j5467cc7bmce5916c9378ea73@mail.gmail.com> It seems obvious why you wouldn't get critical details for an unfixed vulnerabillity like this. If there was a security patch available, you would get that, instead of "Upgrade now". -- http://scribu.net From hal at burgiss.net Sun Sep 6 14:53:12 2009 From: hal at burgiss.net (Hal Burgiss) Date: Sun, 6 Sep 2009 10:53:12 -0400 Subject: [wp-hackers] Security In-Reply-To: <349fe48b0909060736j5467cc7bmce5916c9378ea73@mail.gmail.com> References: <20090906141910.GD24777@honey.burgiss.net> <349fe48b0909060736j5467cc7bmce5916c9378ea73@mail.gmail.com> Message-ID: <20090906145312.GE24777@honey.burgiss.net> On Sun, Sep 06, 2009 at 05:36:14PM +0300, scribu wrote: > It seems obvious why you wouldn't get critical details for an unfixed > vulnerabillity like this. > > If there was a security patch available, you would get that, instead of > "Upgrade now". I never asked for, or expected a patch. What I am looking for, is details. If no one knows how this thing works, that level of detail will have to suffice. If they do know, then that information would be really useful. "Upgrade now" is not helpful (to me, at least in some situations). And I don't expect people on this list to have the answers handy, but thought someone here might be able to point me in the right direction. Do you write the wp.org security blog by any chance? -- Hal From kparsell-wp at kpdesign.net Sun Sep 6 15:07:44 2009 From: kparsell-wp at kpdesign.net (Kim Parsell) Date: Sun, 06 Sep 2009 11:07:44 -0400 Subject: [wp-hackers] Security In-Reply-To: <20090906145312.GE24777@honey.burgiss.net> References: <20090906141910.GD24777@honey.burgiss.net> <349fe48b0909060736j5467cc7bmce5916c9378ea73@mail.gmail.com> <20090906145312.GE24777@honey.burgiss.net> Message-ID: <4AA3D040.8090602@kpdesign.net> Read this post from Matt Mullenweg on the wordpress.org blog about the worm - 2nd paragraph tells you how it works: http://wordpress.org/development/2009/09/keep-wordpress-secure/ Kim --------------------------------- Hal Burgiss wrote: > On Sun, Sep 06, 2009 at 05:36:14PM +0300, scribu wrote: > >> It seems obvious why you wouldn't get critical details for an unfixed >> vulnerabillity like this. >> >> If there was a security patch available, you would get that, instead of >> "Upgrade now". >> > > I never asked for, or expected a patch. What I am looking for, is details. If > no one knows how this thing works, that level of detail will have to suffice. > If they do know, then that information would be really useful. "Upgrade now" > is not helpful (to me, at least in some situations). And I don't expect people > on this list to have the answers handy, but thought someone here might be > able to point me in the right direction. > > Do you write the wp.org security blog by any chance? > > From info at toscho.de Sun Sep 6 15:48:24 2009 From: info at toscho.de (Thomas Scholz) Date: Sun, 06 Sep 2009 17:48:24 +0200 Subject: [wp-hackers] Security In-Reply-To: <349fe48b0909060736j5467cc7bmce5916c9378ea73@mail.gmail.com> References: <20090906141910.GD24777@honey.burgiss.net> <349fe48b0909060736j5467cc7bmce5916c9378ea73@mail.gmail.com> Message-ID: scribu: > It seems obvious why you wouldn't get critical details for an unfixed > vulnerabillity like this. This bug was fixed in v2.8.3, and the new code of this version gives all the details anyone wants to know. Nothing to hide anymore. > If there was a security patch available, you would get that, instead of > "Upgrade now". The main problem was: Registered users without any privileges could just add double slashes (//) into an URL to get some admin privileges (install plugins, mess up the database etc.). So you have to forbid double slashes in all URLs. The .htaccess way would be: RewriteEngine On RewriteBase / RewriteCond %{THE_REQUEST} ^[A-Z]+\ /(([^/\ ]+/)*)/+([^\ ]*) RewriteRule ^ /%1%3 [L,R=301] But if you have neither Apache nor mod_rewrite, you may use a little plugin I wrote: http://f.toscho.de/SingleSlash.zip I described the problem en detail (and in German) here: http://toscho.de/2009/wordpress-2-8-3-das-doppelslash-problem/ Be aware! This fixes really just the double slashes. I can?t and won?t guarantee that you?re secure with it. Make the upgrades nevertheless. Thomas -- Redaktion, Druck- und Webdesign http://toscho.de ? 0160/1764727 Twitter: @toscho From hal at burgiss.net Mon Sep 7 13:05:18 2009 From: hal at burgiss.net (Hal Burgiss) Date: Mon, 7 Sep 2009 09:05:18 -0400 Subject: [wp-hackers] Security In-Reply-To: References: <20090906141910.GD24777@honey.burgiss.net> <349fe48b0909060736j5467cc7bmce5916c9378ea73@mail.gmail.com> Message-ID: <20090907130518.GA6541@honey.burgiss.net> On Sun, Sep 06, 2009 at 05:48:24PM +0200, Thomas Scholz wrote: > The main problem was: Registered users without any privileges could just > add double slashes (//) into an URL to get some admin privileges (install > plugins, mess up the database etc.). > > So you have to forbid double slashes in all URLs. The .htaccess way would > be: > > RewriteEngine On > RewriteBase / > RewriteCond %{THE_REQUEST} ^[A-Z]+\ /(([^/\ ]+/)*)/+([^\ ]*) > RewriteRule ^ /%1%3 [L,R=301] Thanks Thomas! Very helpful. -- Hal From brentswordpresslists at gmail.com Mon Sep 7 16:34:09 2009 From: brentswordpresslists at gmail.com (Brent Shepherd) Date: Mon, 7 Sep 2009 18:34:09 +0200 Subject: [wp-hackers] cron overload - help! In-Reply-To: <1fa535a70909051901l6649ecd8h5987f56655ab92e5@mail.gmail.com> References: <1fa535a70909051901l6649ecd8h5987f56655ab92e5@mail.gmail.com> Message-ID: John, thanks so much for pasting the link to this ticket! I lost a good few hours the other night trying to figure out why when i used an $args array with multiple values, only the first value was being passed to functions hooked onto the wp-cron event. On Sun, Sep 6, 2009 at 4:01 AM, John Blackbourn > wrote: > Are you passing an $args parameter with wp_clear_scheduled_hook()? > There's an outstanding bug that means hooks with parameters aren't > cleared with wp_clear_scheduled_hook(). See > http://core.trac.wordpress.org/ticket/10468 . > > 2009/9/6 Steve Taylor : > > I experimented with wp_schedule_event() on a site a short while ago, > > without luck. I found another solution, but recently I noticed that my > > Media Temple GPU usage has flagged the wp-cron.php on that site as > > taking up about 25% of the total processing time for all my sites. > > > > I used http://wordpress.org/extend/plugins/cron-view/, and sure > > enough, my experiment has inadvertantly left a HUGE number of > > scheduled events for that hook. > > > > When I try to run wp_clear_scheduled_hook( 'my_hook' ), the page > > doesn't seem to load. The site's running OK, but I really need a way > > of clearing all these events out. I'm not sure if > > wp_unschedule_event() is viable - and I've heard that > > wp_clear_scheduled_hook() is just a wrapper for this anyway. > > > > Thanks for any tips... > > _______________________________________________ > > wp-hackers mailing list > > wp-hackers at lists.automattic.com > > http://lists.automattic.com/mailman/listinfo/wp-hackers > > > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > From steagl4ml at gmail.com Mon Sep 7 18:25:45 2009 From: steagl4ml at gmail.com (Stefano Aglietti) Date: Mon, 07 Sep 2009 20:25:45 +0200 Subject: [wp-hackers] Force login Message-ID: <7pjaa5h6bd8lq7tf6fca63s1fb22o2tg5k@4ax.com> I wanna force WP login fron another DB, i use the externa DB authentication plugin and this works smootly, but i wanna d one more step, the blog header is coming from another system and there i get the info if the user is logged to the other system, if so i wanna foce the login letting the extern DB auth plugin check if the the user exist in WP DB or copyng it locally. This works if users log using WP login screen, i tried to use wp_authentication command with login e password for externa authentication btut looks like it doens't works. Any idea how to foce login to WP passing loginn and password (and letting the plugin intercep wp_authentication function that it plug with tit's function) in a simple way? -- Stefano Aglietti - StallonIt on IRCnet - ICQ#: 2078431 Email: steve at 40annibuttati.it steagl at people.it Sites: http://www.40annibuttati.it (personal blog) http://www.wordpress-it.it (WordPress Italia) From supporto at pixline.net Tue Sep 8 16:15:28 2009 From: supporto at pixline.net (=?WINDOWS-1252?Q?Pixline_=9B_Paolo_Tresso?=) Date: Tue, 8 Sep 2009 18:15:28 +0200 Subject: [wp-hackers] Force login In-Reply-To: <7pjaa5h6bd8lq7tf6fca63s1fb22o2tg5k@4ax.com> References: <7pjaa5h6bd8lq7tf6fca63s1fb22o2tg5k@4ax.com> Message-ID: <5142A84C-BE38-4CD2-8C11-8348FCC3D17E@pixline.net> wp-includes/pluggable.php should answer to it all. overwrite some of that function with yours, and deal with your master auth system. bye Paolo / pixline Il giorno 07/set/09, alle ore 20:25, Stefano Aglietti ha scritto: > [...] Any idea how to foce login to WP passing loginn and password > (and > letting the plugin intercep wp_authentication function that it plug > with tit's function) in a simple way? From dougal at gunters.org Tue Sep 8 20:03:36 2009 From: dougal at gunters.org (Dougal Campbell) Date: Tue, 08 Sep 2009 16:03:36 -0400 Subject: [wp-hackers] Making Updates Friendlier? Message-ID: <4AA6B898.6030309@gunters.org> In the aftermath of the recent WP worm, there has been the usual raft of FUD flying about. I won't bother pointing out any particular sources -- suffice to say that some of the recent posts about "WordPress Security" were reasonable, and many were not. It seems like every time there is some sort of security issue related to WordPress, regardless of the scope, it becomes a PR nightmare of sorts. Primarily, I think that it goes hand-in-hand with the popularity of WordPress: we are popular, therefore we are a high-profile target, and therefore when something goes wrong, it affects a lot of users, and therefore it gets a lot of attention. It's the nature of celebrity. As has been pointed out time and time again, WordPress is easier than ever to keep updated. When a new version is released, a nag appears in the Dashboard. From there, it's just a couple of clicks to upgrade. And yet, people *still* lag behind. The reasons are varied, and _mostly_ invalid (depending on your perspective). Some of it is simply "fear of breaking something". Some of it is just simple stubbornness ("I just upgraded, I don't want to do it again so soon!"). Some of it might be ignorance and laziness (they see the nag, but don't look at the WordPress News blocks in the Dashboard, or go to the main site to read about it). So, what more can we do? Not a *whole* lot, but I do have a suggestion: In order to express the relative urgency of upgrade notices, I propose that we categorize upgrades into four priority levels: 1. Minor Bugfixes 2. Major Bugfixes 3. New Feature Release 4. Security Update Each version release could be tagged accordingly, along with a brief description of the changes and/or impact. These priority levels could be used to style the update nag messages, and provide a sense of their relative importance (e.g. 1 = yellow, 2 = orange, 3 = green, 4 = REDOMGWTFBBQ). For bugfix releases, a brief, friendly message can be presented along the lines of "To find out if these issues might affect your site, visit [URL] for more details." This information could be stored on the wordpress.org side, with a simple API update in the current version check functions. Other notes: for a long time, people have requested the presentation of "patch releases" which only contain files which changed, rather than a full reinstall package. Personally, I don't mind the extra safety given by a full update, because it ensures that if any of my local files were modified without my knowledge, those changes would get overwritten. But then again, I update my site from the current svn branch nightly anyways. I did see one comment over on WP Tavern which mentioned a pretty valid problem with updates[1]: In some corporate environments, all changes have to go through a multi-stage vetting process before being pushed out to production. Changes are put through testing/QA, and often maintained in a local source control system. Large-scale changes are *much* harder to push through such a system than small ones. It would be easy to point fingers and just say "your process is broken", but that isn't helpful. Providing an official "changes only" patchset *would* be helpful to such users, because the code which needed review would be more isolated. (Yes, they could go to Trac to see changes. Yes they should be able to diff against their local source control system. Yes, yes, yes. But I'm simplifying, and remember (to paraphrase) - individuals are smart, groups are dumb). On a tangential note, a lot of people complain that occassionally WordPress upgrades "break plugins". I've pointed out before that typically, this is because the plugin author has taken a shortcut somewhere, and is mucking around with WP internals, instead of using an established API function which insulates them from changes in the guts of WP. But it's hard to get end-users to see it that way. From their perspective, it's simple: the plugin worked before the upgrade, and it was broken after. Therefore, the WP upgrade "broke" the plugin. You'll probably never convince them to look at it any other way. But I have to wonder if we can't try...something. I'm not sure what. But since this seems to be a large source of the FUD concerning upgrades, it certainly seems worth discussing it and kicking around some ideas on how to address it. [1] http://www.wptavern.com/security-this-security-that#comment-3613 -- Dougal Campbell http://dougal.gunters.org/ http://twitter.com/dougal http://twitual.com/ From tim at silentgap.com Tue Sep 8 20:31:52 2009 From: tim at silentgap.com (Tim Schoffelman) Date: Tue, 8 Sep 2009 15:31:52 -0500 Subject: [wp-hackers] Making Updates Friendlier? In-Reply-To: <4AA6B898.6030309@gunters.org> References: <4AA6B898.6030309@gunters.org> Message-ID: <5b1aecc0909081331o202f5e03l96bd5c16a5800a04@mail.gmail.com> I like the idea of color coding the upgrading nag & I would also have to second Dougal's paragraph on cooperate environments, of which we're running to a scenario that's pretty close to the one he listed - having something that would smooth the process out a little more than looking at Trac or looking at the diff between files/folders would be nice (still thinking about what a good solution would be though). ~tim On Tue, Sep 8, 2009 at 3:03 PM, Dougal Campbell wrote: > In the aftermath of the recent WP worm, there has been the usual raft of > FUD flying about. I won't bother pointing out any particular sources -- > suffice to say that some of the recent posts about "WordPress Security" were > reasonable, and many were not. It seems like every time there is some sort > of security issue related to WordPress, regardless of the scope, it becomes > a PR nightmare of sorts. Primarily, I think that it goes hand-in-hand with > the popularity of WordPress: we are popular, therefore we are a high-profile > target, and therefore when something goes wrong, it affects a lot of users, > and therefore it gets a lot of attention. It's the nature of celebrity. > > As has been pointed out time and time again, WordPress is easier than ever > to keep updated. When a new version is released, a nag appears in the > Dashboard. From there, it's just a couple of clicks to upgrade. And yet, > people *still* lag behind. The reasons are varied, and _mostly_ invalid > (depending on your perspective). Some of it is simply "fear of breaking > something". Some of it is just simple stubbornness ("I just upgraded, I > don't want to do it again so soon!"). Some of it might be ignorance and > laziness (they see the nag, but don't look at the WordPress News blocks in > the Dashboard, or go to the main site to read about it). > > So, what more can we do? Not a *whole* lot, but I do have a suggestion: > > In order to express the relative urgency of upgrade notices, I propose that > we categorize upgrades into four priority levels: > > 1. Minor Bugfixes > 2. Major Bugfixes > 3. New Feature Release > 4. Security Update > > Each version release could be tagged accordingly, along with a brief > description of the changes and/or impact. These priority levels could be > used to style the update nag messages, and provide a sense of their relative > importance (e.g. 1 = yellow, 2 = orange, 3 = green, 4 = REDOMGWTFBBQ). For > bugfix releases, a brief, friendly message can be presented along the lines > of "To find out if these issues might affect your site, visit [URL] for more > details." > > This information could be stored on the wordpress.org side, with a simple > API update in the current version check functions. > > Other notes: for a long time, people have requested the presentation of > "patch releases" which only contain files which changed, rather than a full > reinstall package. Personally, I don't mind the extra safety given by a full > update, because it ensures that if any of my local files were modified > without my knowledge, those changes would get overwritten. But then again, I > update my site from the current svn branch nightly anyways. > > I did see one comment over on WP Tavern which mentioned a pretty valid > problem with updates[1]: In some corporate environments, all changes have to > go through a multi-stage vetting process before being pushed out to > production. Changes are put through testing/QA, and often maintained in a > local source control system. Large-scale changes are *much* harder to push > through such a system than small ones. It would be easy to point fingers and > just say "your process is broken", but that isn't helpful. Providing an > official "changes only" patchset *would* be helpful to such users, because > the code which needed review would be more isolated. (Yes, they could go to > Trac to see changes. Yes they should be able to diff against their local > source control system. Yes, yes, yes. But I'm simplifying, and remember (to > paraphrase) - individuals are smart, groups are dumb). > > On a tangential note, a lot of people complain that occassionally WordPress > upgrades "break plugins". I've pointed out before that typically, this is > because the plugin author has taken a shortcut somewhere, and is mucking > around with WP internals, instead of using an established API function which > insulates them from changes in the guts of WP. But it's hard to get > end-users to see it that way. From their perspective, it's simple: the > plugin worked before the upgrade, and it was broken after. Therefore, the WP > upgrade "broke" the plugin. You'll probably never convince them to look at > it any other way. But I have to wonder if we can't try...something. I'm not > sure what. But since this seems to be a large source of the FUD concerning > upgrades, it certainly seems worth discussing it and kicking around some > ideas on how to address it. > > > [1] http://www.wptavern.com/security-this-security-that#comment-3613 > > -- > Dougal Campbell > http://dougal.gunters.org/ > http://twitter.com/dougal > http://twitual.com/ > > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > From lists at mediachrome.com Tue Sep 8 21:07:46 2009 From: lists at mediachrome.com (James Bisset) Date: Tue, 8 Sep 2009 22:07:46 +0100 Subject: [wp-hackers] Making Updates Friendlier? In-Reply-To: <4AA6B898.6030309@gunters.org> References: <4AA6B898.6030309@gunters.org> Message-ID: <67B783D9-3565-4C31-A9A0-AFA3EF97DDF1@mediachrome.com> All my Wordpress installs now use this directory structure: /index.php /cms/wordpress/ /cms/wp-config.php /cms/wp-content/ This makes updates and backups on shared hosting a doddle, including systems with no SSH access, no CP, or reduced PHP privileges blocking auto-updates. But I can guarantee that I'll have at least two plugins in each install which have had to be hacked to understand the 'unconventional' directory structure, although it is legitimate and supported by Wordpress. So I update Wordpress core, but now I need to update the plugins. Do I need to hack the plugins all over again? Which ones did I hack? How many lines did I change?* What's different in the new plugin? And some plugins will have a style dir or other custom content inside the plugin dir, and suddenly my pain free upgrade for multiple sites isn't looking so straightforward. So, for me, good documentation for plugin developers on how to address wp-content and wp-config.php - wherever they are - including sample code or drop-in function is essential. You wouldn't believe the variety of startling solutions folks are coming up with in its absence. Oh, and some strongly worded advice about the benefits of storing custom plugin data outside the plugin dir too. *Yes, I realise I ought to keep changelogs of my own for every site - I'm trying. On 8 Sep 2009, at 21:03, Dougal Campbell wrote: > > > On a tangential note, a lot of people complain that occassionally > WordPress upgrades "break plugins". I've pointed out before that > typically, this is because the plugin author has taken a shortcut > somewhere, and is mucking around with WP internals, instead of using > an established API function which insulates them from changes in the > guts of WP. But it's hard to get end-users to see it that way. From > their perspective, it's simple: the plugin worked before the > upgrade, and it was broken after. Therefore, the WP upgrade "broke" > the plugin. You'll probably never convince them to look at it any > other way. But I have to wonder if we can't try...something. I'm not > sure what. But since this seems to be a large source of the FUD > concerning upgrades, it certainly seems worth discussing it and > kicking around some ideas on how to address it. > > > [1] http://www.wptavern.com/security-this-security-that#comment-3613 > > -- > Dougal Campbell > http://dougal.gunters.org/ > http://twitter.com/dougal > http://twitual.com/ > > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers From skeltoac at gmail.com Tue Sep 8 21:24:21 2009 From: skeltoac at gmail.com (Andy Skelton) Date: Tue, 8 Sep 2009 16:24:21 -0500 Subject: [wp-hackers] Making Updates Friendlier? In-Reply-To: <4AA6B898.6030309@gunters.org> References: <4AA6B898.6030309@gunters.org> Message-ID: On Tue, Sep 8, 2009 at 3:03 PM, Dougal Campbell wrote: > From their perspective, it's simple: the > plugin worked before the upgrade, and it was broken after. Therefore, the WP > upgrade "broke" the plugin. You'll probably never convince them to look at > it any other way. But I have to wonder if we can't try...something. I'm not > sure what. But since this seems to be a large source of the FUD concerning > upgrades, it certainly seems worth discussing it and kicking around some > ideas on how to address it. I had a thought. The only way to save the user from himself--short of educating him--is to automate. Automating a safe upgrade begins with knowing how to do it manually. Before upgrading a site you must see that it works as-is. Then you must upgrade the site (preferably a copy) and see whether it works. The baseline for what's working is whatever passes your test. Or a test suite. Uh oh, unit tests. So if you are to really fix the problem of broken-after-upgrade you must have tests to run and compare before and after, a copy of the site, and something smart to do when a test fails. Code not covered by tests (plugins and themes) would be troublesome but not fatal; process of elimination is valid intelligence gathering. Tests for plugins and themes should be supplied by their authors, which is a cultural shift that will meet resistance proportional to the size of the Extend repositories. The size of the WordPress repository is also daunting but it needn't all have test cases from the start. It could be begun with just one simple test case and grow from there: does index.php produce 200 OK...? The other way would be to toss the old plugin and theme systems and write new ones that encapsulated non-core code and enforced nice play. That would be great for the ivory tower set but not so much for folks entrenched like most of us are. Andy From ravi-lists at g8o.net Tue Sep 8 21:28:36 2009 From: ravi-lists at g8o.net ( ravi ) Date: Tue, 8 Sep 2009 17:28:36 -0400 Subject: [wp-hackers] shortcodes, BR tags and feed/XML-RPC interfaces In-Reply-To: References: Message-ID: On Sep 4, 2009, at 11:40 PM, Joseph Scott wrote: > I would say that the feed should contain the expanded HTML of the > short code and not the raw short code itself. For XML-RPC though the > raw short code should be returned, not the expanded HTML. > My bad. The behaviour is indeed as above, on second look i.e., feed has shortcodes expanded and XML-RPC does not. Which I agree is the way it should be. Back to my other two issues: a) Why a
tag at the end of lines within the shortcode? Is this wpautop() doing this? Is that a bug? b) Any suggestions on how I might be able to retain the shortcode in the text (in the DB, so that the shortcode content can be edited later) but have it expanded in the XML-RPC interface? I suppose I would need to use actions in a plug-in (not my theme) to accomplish this, if at all. Any pointers on the actions/filters I should be looking at? Thank you, --ravi > On Fri, Sep 4, 2009 at 9:27 AM, // ravi wrote: >> Also, one shortcoming of my quick and dirty trick seems to be that >> though my >> splendid FancyBox gallery is rendered correctly in the browser, >> when the >> content is pulled via the feed or XML-RPC the shortcode is left as- >> is -- >> which is understandable I guess since the theme only applies to >> browser >> rendering. Is this correct? i.e., there is no way for me, in my >> theme code, >> to enable shortcode expansion for post content for feeds and XML-RPC? >> >> One way to overcome this may be to add an action or filter, which >> would >> entail (if I am getting it right) the creation of a plugin. I do >> not want >> the plugin to modify the content as it is saved i.e., I do not want >> it to >> hook into the post editing function. That would cause the shortcode >> to be >> expanded/replaced on saving, preventing future edits. I could >> instead, I >> hope, add a filter that would kick in when the content is accessed >> (irrespective of the reason/means of access, whether it be for >> rendering in >> browser, or for feed or XML-RPC). >> >> Any suggestions, comments or advice would be great. Thank you, > From peter.westwood at ftwr.co.uk Tue Sep 8 21:29:51 2009 From: peter.westwood at ftwr.co.uk (Peter Westwood) Date: Tue, 8 Sep 2009 22:29:51 +0100 Subject: [wp-hackers] Making Updates Friendlier? In-Reply-To: References: <4AA6B898.6030309@gunters.org> Message-ID: On 8 Sep 2009, at 22:24, Andy Skelton wrote: > On Tue, Sep 8, 2009 at 3:03 PM, Dougal Campbell > wrote: >> From their perspective, it's simple: the >> plugin worked before the upgrade, and it was broken after. >> Therefore, the WP >> upgrade "broke" the plugin. You'll probably never convince them to >> look at >> it any other way. But I have to wonder if we can't try...something. >> I'm not >> sure what. But since this seems to be a large source of the FUD >> concerning >> upgrades, it certainly seems worth discussing it and kicking around >> some >> ideas on how to address it. > > I had a thought. The only way to save the user from himself--short of > educating him--is to automate. Automating a safe upgrade begins with > knowing how to do it manually. Before upgrading a site you must see > that it works as-is. Then you must upgrade the site (preferably a > copy) and see whether it works. The baseline for what's working is > whatever passes your test. Or a test suite. Uh oh, unit tests. > > So if you are to really fix the problem of broken-after-upgrade you > must have tests to run and compare before and after, a copy of the > site, and something smart to do when a test fails. Code not covered by > tests (plugins and themes) would be troublesome but not fatal; process > of elimination is valid intelligence gathering. Tests for plugins and > themes should be supplied by their authors, which is a cultural shift > that will meet resistance proportional to the size of the Extend > repositories. > > The size of the WordPress repository is also daunting but it needn't > all have test cases from the start. It could be begun with just one > simple test case and grow from there: does index.php produce 200 > OK...? > > The other way would be to toss the old plugin and theme systems and > write new ones that encapsulated non-core code and enforced nice play. > That would be great for the ivory tower set but not so much for folks > entrenched like most of us are. > Another thought that has been discussed is: Make the update process safe and reversible. Provide the user with the tools to upgrade and downgrade the site at will so they can go back if something is broken. This includes db and plugin up/downgrading. Also integrate information into the pre-upgrade step to check for plugin compatibility based on crowd-sourced data - i.e. not just rely on plugin authors marking a version as supported but let the community provide that information. Peter -- Peter Westwood http://blog.ftwr.co.uk | http://westi.wordpress.com C53C F8FC 8796 8508 88D6 C950 54F4 5DCD A834 01C5 From zamoose at gmail.com Tue Sep 8 21:39:17 2009 From: zamoose at gmail.com (Doug Stewart) Date: Tue, 8 Sep 2009 17:39:17 -0400 Subject: [wp-hackers] Making Updates Friendlier? In-Reply-To: References: <4AA6B898.6030309@gunters.org> Message-ID: <71ddd7490909081439n45c27199s6453e196cbdc6f44@mail.gmail.com> Sorry for the top post -- iPhone makes bottom-posting a real pain. How about building an easy "back out" procedure into the core upgrade? Back up the db, copy all core files to a safe tmp and then upgrade. Things not working? Create a dialog like Apple's crash reporter and have the users send feedback to WP along with a generated list of plugins and their versions. Maybe even have the crash receiver be able to respond with "version 3.14 of Plugin X us known not to work with the newest WP. Please contact the author (insert author contact from plugin description here)." Remove as many speesbumps as possible. And yes, absolutely color code the alerts. *grin* -Doug On Tuesday, September 8, 2009, Andy Skelton wrote: > On Tue, Sep 8, 2009 at 3:03 PM, Dougal Campbell wrote: >> From their perspective, it's simple: the >> plugin worked before the upgrade, and it was broken after. Therefore, the WP >> upgrade "broke" the plugin. You'll probably never convince them to look at >> it any other way. But I have to wonder if we can't try...something. I'm not >> sure what. But since this seems to be a large source of the FUD concerning >> upgrades, it certainly seems worth discussing it and kicking around some >> ideas on how to address it. > > I had a thought. The only way to save the user from himself--short of > educating him--is to automate. Automating a safe upgrade begins with > knowing how to do it manually. Before upgrading a site you must see > that it works as-is. Then you must upgrade the site (preferably a > copy) and see whether it works. The baseline for what's working is > whatever passes your test. Or a test suite. Uh oh, unit tests. > > So if you are to really fix the problem of broken-after-upgrade you > must have tests to run and compare before and after, a copy of the > site, and something smart to do when a test fails. Code not covered by > tests (plugins and themes) would be troublesome but not fatal; process > of elimination is valid intelligence gathering. Tests for plugins and > themes should be supplied by their authors, which is a cultural shift > that will meet resistance proportional to the size of the Extend > repositories. > > The size of the WordPress repository is also daunting but it needn't > all have test cases from the start. It could be begun with just one > simple test case and grow from there: does index.php produce 200 > OK...? > > The other way would be to toss the old plugin and theme systems and > write new ones that encapsulated non-core code and enforced nice play. > That would be great for the ivory tower set but not so much for folks > entrenched like most of us are. > > Andy > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > -- -Doug From zamoose at gmail.com Tue Sep 8 21:40:50 2009 From: zamoose at gmail.com (Doug Stewart) Date: Tue, 8 Sep 2009 17:40:50 -0400 Subject: [wp-hackers] Making Updates Friendlier? In-Reply-To: References: <4AA6B898.6030309@gunters.org>

Message-ID: <71ddd7490909081440l22b0ff19s788b23e15a2aefdd@mail.gmail.com> Peter: You beat me to it! Heh. -Doug -- -Doug From ozh at planetozh.com Wed Sep 9 07:55:53 2009 From: ozh at planetozh.com (Ozh) Date: Wed, 9 Sep 2009 09:55:53 +0200 Subject: [wp-hackers] Making Updates Friendlier? In-Reply-To: <4AA6B898.6030309@gunters.org> Message-ID: A few ideas as well. I think the current "there's a new WP version out" nag is not big enough. I've seen it real life: it doesn't pass the wife test, she simply does not pay attention to it, and when asked about it, she goes "oh yeah, didn't see it, thanks!" Why not make it bigger? Something like a once per day lightbox popup, with "Close, thanks, I'll see later" and "Please upgrade now" buttons. On the "WP upgrade broke my site", it's obviously 98% FUD and 0.5% of people who indeed experienced problems. Since there have been a few of them lately, why not make a poll about upgrading and let people express themselves? How many people upgrade with absolutely no fear? How many are a bit shaky but eventually it all goes fine? How many really had troubles with the recent releases?* Cheers Ozh [*] such a poll should imo let 2.3 out of the scope because this release did break a number of themes because of the new DB schema & taxonomy functions. From dc153464a11bcf5aeb18180db28017fb.wp-hackers at planetmike.com Wed Sep 9 11:29:44 2009 From: dc153464a11bcf5aeb18180db28017fb.wp-hackers at planetmike.com (Michael Clark) Date: Wed, 9 Sep 2009 07:29:44 -0400 Subject: [wp-hackers] Making Updates Friendlier? In-Reply-To: References: Message-ID: Monday morning I blogged two suggestions: 1) Have WordPress send an email to the blog's admin users once a day when there is an update available. 2) Have WordPress slowly deactivate itself over time as the version gets older and older. From http://www.planetmike.com/goto/874: >My first suggestion: The administrators of a WordPress blog should >be sent an email once a new release has occurred. Unfortunately, I >believe the "update release check" only occurs when someone is >looking at the admin pages. Perhaps a hook can be added that once a >day if the public site is accessed, the version check will be done. >If a new version has been released, an email message is sent to the >administrators. > >My second suggestion: Have WordPress expire after a fixed amount of >time. For example, let's say one year after a version is released, >it will lock itself down. At that point it will not allow new >comments, posts or pages. Then six months after that, edits can no >longer be made to existing pages or posts. Then 6 months after that, >a full two years after a new release has been issued, posts, pages >and comments will no longer even appear on the site. They'll still >be in the database, but they won't be displayed at all. > >Radical? Absolutely! But I think this would be a prudent way to >minimize future problems, as well as forcing (encouraging) people to >keep their WordPress installation up to date. -- Michael Clark http://www.PlanetMike.com "Injustice anywhere is a threat to justice everywhere." - Martin Luther King Jr. From kkarpieszuk at gmail.com Wed Sep 9 11:35:21 2009 From: kkarpieszuk at gmail.com (Konrad Karpieszuk) Date: Wed, 9 Sep 2009 13:35:21 +0200 Subject: [wp-hackers] Making Updates Friendlier? In-Reply-To: References: Message-ID: <67dfa4090909090435n237659a8q16982a9e96bf8085@mail.gmail.com> On Wed, Sep 9, 2009 at 1:29 PM, Michael Clark < dc153464a11bcf5aeb18180db28017fb.wp-hackers at planetmike.com> wrote: > Monday morning I blogged two suggestions: > > 1) Have WordPress send an email to the blog's admin users once a day when > there is an update available. > is this suggestion caused by new addded plugin? ;) http://wordpress.org/extend/plugins/upgrade-notification-by-email/ -- (en) regards / (pl) pozdrawiam Konrad Karpieszuk http://konradjestwrwandzie.wordpress.com/ From wordpress at dd32.id.au Wed Sep 9 11:37:43 2009 From: wordpress at dd32.id.au (Dion Hulse (dd32)) Date: Wed, 09 Sep 2009 21:37:43 +1000 Subject: [wp-hackers] Making Updates Friendlier? In-Reply-To: References: Message-ID: Hah. Good luck with suggestion #2. However, Emailing when a Plugin/Core/Theme upgrade becomes available is something I do agree would be good. I think theres a plugin which does exactly this. http://wordpress.org/extend/plugins/zes-admin-update-notification/ is the first one i found, But i'm certain theres others (And someone else just mailed saying they made one a few days ago.. ) I also noticed on a download site for a application the other day "Enter your email here and click Download to register for security-update emails".. Seemed like a good way of telling users that updates were available to me. (However, Wouldnt really fit WordPress i dont think, Feels too spammy, Better the blog doing it) On Wed, 09 Sep 2009 21:29:44 +1000, Michael Clark wrote: > Monday morning I blogged two suggestions: > > 1) Have WordPress send an email to the blog's admin users once a day > when there is an update available. > > 2) Have WordPress slowly deactivate itself over time as the version > gets older and older. > > From http://www.planetmike.com/goto/874: >> My first suggestion: The administrators of a WordPress blog should >> be sent an email once a new release has occurred. Unfortunately, I >> believe the "update release check" only occurs when someone is >> looking at the admin pages. Perhaps a hook can be added that once a >> day if the public site is accessed, the version check will be done. >> If a new version has been released, an email message is sent to the >> administrators. >> >> My second suggestion: Have WordPress expire after a fixed amount of >> time. For example, let's say one year after a version is released, >> it will lock itself down. At that point it will not allow new >> comments, posts or pages. Then six months after that, edits can no >> longer be made to existing pages or posts. Then 6 months after that, >> a full two years after a new release has been issued, posts, pages >> and comments will no longer even appear on the site. They'll still >> be in the database, but they won't be displayed at all. >> >> Radical? Absolutely! But I think this would be a prudent way to >> minimize future problems, as well as forcing (encouraging) people to >> keep their WordPress installation up to date. > > > > > -- -- Dion Hulse e: contact at dd32.id.au w: http://dd32.id.au/ m: 04 6621 9112 (+614 6621 9112) WordPressQI: http://wordpressqi.com/ From scribu at gmail.com Wed Sep 9 12:02:13 2009 From: scribu at gmail.com (scribu) Date: Wed, 9 Sep 2009 15:02:13 +0300 Subject: [wp-hackers] Extend / Plugins pwned Message-ID: <349fe48b0909090502t60273bd3mdf8facec16970b35@mail.gmail.com> If you go to http://wordpress.org/extend/plugins/ you'll see that the most popular plugin is xpress . It seems like the sorting algorhythm doesn't take ratings into account. -- http://scribu.net From wordpress at dd32.id.au Wed Sep 9 12:21:34 2009 From: wordpress at dd32.id.au (Dion Hulse (dd32)) Date: Wed, 09 Sep 2009 22:21:34 +1000 Subject: [wp-hackers] Extend / Plugins pwned In-Reply-To: <349fe48b0909090502t60273bd3mdf8facec16970b35@mail.gmail.com> References: <349fe48b0909090502t60273bd3mdf8facec16970b35@mail.gmail.com> Message-ID: I've seen that mentioned twice so far... ...Except that i cant see xpress mentioned on either the Extend homepage, or the first handful of Popular pages... What am i missing? On Wed, 09 Sep 2009 22:02:13 +1000, scribu wrote: > If you go to http://wordpress.org/extend/plugins/ you'll see that the > most > popular plugin is xpress . > > It seems like the sorting algorhythm doesn't take ratings into account. > > -- -- Dion Hulse e: contact at dd32.id.au w: http://dd32.id.au/ m: 04 6621 9112 (+614 6621 9112) From zamoose at gmail.com Wed Sep 9 12:21:58 2009 From: zamoose at gmail.com (Doug Stewart) Date: Wed, 9 Sep 2009 08:21:58 -0400 Subject: [wp-hackers] Extend / Plugins pwned In-Reply-To: <349fe48b0909090502t60273bd3mdf8facec16970b35@mail.gmail.com> References: <349fe48b0909090502t60273bd3mdf8facec16970b35@mail.gmail.com> Message-ID: <71ddd7490909090521p345f465i5fef7d61369b0092@mail.gmail.com> On Wed, Sep 9, 2009 at 8:02 AM, scribu wrote: > If you go to http://wordpress.org/extend/plugins/ you'll see that the most > popular plugin is xpress . > > It seems like the sorting algorhythm doesn't take ratings into account. > > 404'd!!!! Looks like it's already been done did. *grin* -- -Doug From wordpress at dd32.id.au Wed Sep 9 12:28:57 2009 From: wordpress at dd32.id.au (Dion Hulse (dd32)) Date: Wed, 09 Sep 2009 22:28:57 +1000 Subject: [wp-hackers] Extend / Plugins pwned In-Reply-To: <71ddd7490909090521p345f465i5fef7d61369b0092@mail.gmail.com> References: <349fe48b0909090502t60273bd3mdf8facec16970b35@mail.gmail.com> <71ddd7490909090521p345f465i5fef7d61369b0092@mail.gmail.com> Message-ID: My other email still stands.. I couldnt see it last time either.. Strange that its been removed though.. I've seen that plugin plenty of times, and was nothing dodgy :) (Other than supporting a lot of porn site embeds..) - Unless something dodgy was really happening! On Wed, 09 Sep 2009 22:21:58 +1000, Doug Stewart wrote: > On Wed, Sep 9, 2009 at 8:02 AM, scribu wrote: > >> If you go to http://wordpress.org/extend/plugins/ you'll see that the >> most >> popular plugin is xpress . >> >> It seems like the sorting algorhythm doesn't take ratings into account. >> >> > > 404'd!!!! > > Looks like it's already been done did. *grin* > > -- -- Dion Hulse e: contact at dd32.id.au w: http://dd32.id.au/ m: 04 6621 9112 (+614 6621 9112) WordPressQI: http://wordpressqi.com/ From jayarjo at gmail.com Wed Sep 9 13:01:13 2009 From: jayarjo at gmail.com (Davit Barbakadze) Date: Wed, 9 Sep 2009 17:01:13 +0400 Subject: [wp-hackers] Making Updates Friendlier? In-Reply-To: References:

Message-ID: <9aa12a490909090601n55ba1f87ud3ae7df946ac9d19@mail.gmail.com> I've self-witnessed real problems that really occured after upgrading from 2.7.1 to 2.8. It included broken interface features all over the backend and multitude of malfunctioning plugins. Owner of the blog - regular user, being very far from IT in general, was feeling stressed and depressed all day long while reasons of malfunctioning were tracked and corrected. I should say that it never resolved properly, so the only solution to that problem was degrading back to 2.7.1. Which we did together. But now, after all security issues, that is not an alternative anymore. That arises another question by the way. Why there shouldn't be a way to easily patch 2.7.1 (on ordinary users level), since most part of bug fixes are pretty compatible with it? So I vote for "upgrade" categorization and more flexible upgrade process (abillity to roll back easily for example). -- Davit Barbakadze From otto at ottodestruct.com Wed Sep 9 13:31:50 2009 From: otto at ottodestruct.com (Otto) Date: Wed, 9 Sep 2009 08:31:50 -0500 Subject: [wp-hackers] Extend / Plugins pwned In-Reply-To: References: <349fe48b0909090502t60273bd3mdf8facec16970b35@mail.gmail.com> <71ddd7490909090521p345f465i5fef7d61369b0092@mail.gmail.com> Message-ID: <161617690909090631ye9e71deoe23d8e2467bfc317@mail.gmail.com> Something dodgy was happening. We noticed it at the top of the plugin listings yesterday, with 175,000+ downloads in 1 day (from a previous 60-70 or so day before). Either the download counter was wacked or somebody was gaming the listings. -Otto On Wed, Sep 9, 2009 at 7:28 AM, Dion Hulse (dd32) wrote: > My other email still stands.. I couldnt see it last time either.. > > Strange that its been removed though.. I've seen that plugin plenty of > times, and was nothing dodgy :) (Other than supporting a lot of porn site > embeds..) - Unless something dodgy was really happening! > > On Wed, 09 Sep 2009 22:21:58 +1000, Doug Stewart wrote: > >> On Wed, Sep 9, 2009 at 8:02 AM, scribu wrote: >> >>> If you go to http://wordpress.org/extend/plugins/ you'll see that the >>> most >>> popular plugin is xpress . >>> >>> It seems like the sorting algorhythm doesn't take ratings into account. >>> >>> >> >> 404'd!!!! >> >> Looks like it's already been done did. *grin* >> >> > > > -- > -- > Dion Hulse > e: contact at dd32.id.au > w: http://dd32.id.au/ > m: 04 6621 9112 (+614 6621 9112) > WordPressQI: http://wordpressqi.com/ > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > From wordpress at dd32.id.au Wed Sep 9 13:37:04 2009 From: wordpress at dd32.id.au (Dion Hulse (dd32)) Date: Wed, 09 Sep 2009 23:37:04 +1000 Subject: [wp-hackers] Extend / Plugins pwned In-Reply-To: <161617690909090631ye9e71deoe23d8e2467bfc317@mail.gmail.com> References: <349fe48b0909090502t60273bd3mdf8facec16970b35@mail.gmail.com> <71ddd7490909090521p345f465i5fef7d61369b0092@mail.gmail.com> <161617690909090631ye9e71deoe23d8e2467bfc317@mail.gmail.com> Message-ID: Ahhhhhh That explains it now. Thanks Otto :) On Wed, 09 Sep 2009 23:31:50 +1000, Otto wrote: > Something dodgy was happening. We noticed it at the top of the plugin > listings yesterday, with 175,000+ downloads in 1 day (from a previous > 60-70 or so day before). Either the download counter was wacked or > somebody was gaming the listings. From shacker at birdhouse.org Wed Sep 9 14:56:11 2009 From: shacker at birdhouse.org (Hacker Scot) Date: Wed, 9 Sep 2009 07:56:11 -0700 Subject: [wp-hackers] Making Updates Friendlier? In-Reply-To: References: Message-ID: <781D18DD-84E2-4637-BA9F-5E9A0C22BE32@birdhouse.org> On Sep 9, 2009, at 5:00 AM, wp-hackers-request at lists.automattic.com wrote: > I also noticed on a download site for a application the other day > "Enter > your email here and click Download to register for security-update > emails".. Seemed like a good way of telling users that updates were > available to me. (However, Wouldnt really fit WordPress i dont think, > Feels too spammy, Better the blog doing it) This is something the Drupal world gets right, IMO. Lots of security information consolidated here: http://drupal.org/security also available as RSS feeds and ALSO available as email. I subscribed to the emails for a while and was really impressed that they covered not just core but issues with 3rd party Drupal modules as well. This kind of thing could have a huge security benefit for WP. ./s From jer at simianuprising.com Wed Sep 9 17:05:34 2009 From: jer at simianuprising.com (Jeremy Clarke) Date: Wed, 9 Sep 2009 13:05:34 -0400 Subject: [wp-hackers] Making Updates Friendlier? In-Reply-To: <781D18DD-84E2-4637-BA9F-5E9A0C22BE32@birdhouse.org> References: <781D18DD-84E2-4637-BA9F-5E9A0C22BE32@birdhouse.org> Message-ID: On Wed, Sep 9, 2009 at 10:56 AM, Hacker Scot wrote: > On Sep 9, 2009, at 5:00 AM, wp-hackers-request at lists.automattic.com wrote: > This is something the Drupal world gets right, IMO. Lots of security > information consolidated here: http://drupal.org/security also available as > RSS feeds and ALSO available as email. I subscribed to the emails for a > while and was really impressed that they covered not just core but issues > with 3rd party Drupal modules as well. ?This kind of thing could have a huge > security benefit for WP. Not sure who's in charge of it but WP's updates email list is completely desolate most of the time. It should have strongly worded terrifying emails when there are security updates. As it is its pretty neglected, and IMHO the dashboard feed just doesn't replace it. Lots of people use WP casually, and the once or twice a month they log in they don't have time to read everything on the dashboard. IMHO telling people to sign up when downloading is not too spammy, its realistic. The fact is that when you get entangled with WP you are signing up for a security problem, and telling people to sign up to a list about security updates is a good way to let them know that they NEED security updates. Giving out wordpress without telling people there's a security risk is like giving out Windows without any anti-virus software: very misleading and dangerous. -- Jeremy Clarke | http://jeremyclarke.org Code and Design | http://globalvoicesonline.org From dougal at gunters.org Wed Sep 9 18:38:14 2009 From: dougal at gunters.org (Dougal Campbell) Date: Wed, 09 Sep 2009 14:38:14 -0400 Subject: [wp-hackers] Making Updates Friendlier? In-Reply-To: References: <781D18DD-84E2-4637-BA9F-5E9A0C22BE32@birdhouse.org> Message-ID: <4AA7F616.5070703@gunters.org> On Sep 9 2009 1:05 PM, Jeremy Clarke wrote: > On Wed, Sep 9, 2009 at 10:56 AM, Hacker Scot wrote: > >> On Sep 9, 2009, at 5:00 AM, wp-hackers-request at lists.automattic.com wrote: >> This is something the Drupal world gets right, IMO. Lots of security >> information consolidated here: http://drupal.org/security also available as >> RSS feeds and ALSO available as email. I subscribed to the emails for a >> while and was really impressed that they covered not just core but issues >> with 3rd party Drupal modules as well. This kind of thing could have a huge >> security benefit for WP. >> > Not sure who's in charge of it but WP's updates email list is > completely desolate most of the time. It should have strongly worded > terrifying emails when there are security updates. As it is its pretty > neglected, and IMHO the dashboard feed just doesn't replace it. Lots > of people use WP casually, and the once or twice a month they log in > they don't have time to read everything on the dashboard. > This is a good point. When was the last time that the 'wp-announce' mailing list was actually used to notify people of a new WP version? I can't find the archives, and I sure can't remember it happening anytime recently. I vaguely recall Matt sending *something* to the announce list a few versions back, but I'd probably have to grep through a few gigabytes of old emails to find it. I think it would be great if part of the installation procedure for a new WordPress site was to add a checkbox (checked by default) prompting the user to opt-in to the wp-announce mailing list. This would be on the same screen that asks for the initial administrator email address. It could give a short message explaining that the mailing list is very low volume (typically less than one message per month), it will only be used to send important update information, and that the email address will not be shared with third-parties (etc.). Then (and this is the key), actually USE the wp-announce mailing list for what it's there for. Make it part of the standard procedure checklist for new releases. In fact, there should probably be an announcement at the first Beta and Release Candidate milestones, as well (not every interim beta and rc, just the initial "hey, we're beta testing, you might want to start your own tests to get ready for the new version", and "hey, we've reached release candidate stage, things should be pretty stable, and we're trying to knock out the last few bugs before official release"). AND, when a security issue becomes known, an announcement should be made, as well. I know that opinions vary on exactly *when* security issues should be announced: as soon as known -- even before a patch is available, or only after a patch is ready for the public? I don't think this is the time or place for that discussion, but I think making the announcements by email as well as via the dev blog (and thus the dashboard news) is important. I think there are more people than we might think who hardly glance at the dashboard. Maybe the news blocks in their dashboard are just "below the fold" and they don't see it. Maybe they actively ignore it (do a search for "dashboard" in the plugin repository and take note of how many mention turning off the news feeds). Maybe they're just old-school and prefer email, and miss the days of Usenet. Whatever the case, I think that adding email announcements has got to be a Good Thing. And it could pretty easily be automated. Just set up the Dev Blog to relay any posts made in the "Announcements" category, or something like that. (And BTW, I think there are a lot of things that the WordPress and Drupal communities can learn from each other. Both have a lot of good points to them that the other could borrow. I might have a blog post about that later, if I can find the time.) -- Dougal Campbell http://dougal.gunters.org/ http://twitter.com/dougal http://twitual.com/ From foolistbar at googlemail.com Wed Sep 9 20:38:47 2009 From: foolistbar at googlemail.com (Geoffrey Sneddon) Date: Wed, 9 Sep 2009 21:38:47 +0100 Subject: [wp-hackers] WXR format documentation In-Reply-To: <4A9EA36F.2080208@gunters.org> References: <4A9D3F9A.5080006@gmail.com> <1251885520.12909.2.camel@rillian.narnia.sunriseroad.net> <4A9E58AB.8050204@gmail.com> <4A9EA36F.2080208@gunters.org> Message-ID: On 2 Sep 2009, at 17:55, Dougal Campbell wrote: > On Sep 2 2009 7:36 AM, Harish Narayanan wrote: >> Hmm. Perhaps I will try this. I have been googling for reference >> documentation on WXR for a couple of days and I haven't stumbled upon >> anything. >> > > As far as I know, nobody has created any reference documentation for > WXR. The best reference is really the PHP source for the importer > and exporter in WordPress itself. As the name (WordPress eXtended > RSS) implies, it's basically RSS with some extra WP-specific > elements added in. Note that if you want to stay compatible with exports from WordPress you can't use an XML (and hence RSS) parser, as some exports from WP are not well-formed XML. -- Geoffrey Sneddon From SuperMoonMan at gmail.com Wed Sep 9 20:53:13 2009 From: SuperMoonMan at gmail.com (Steven Rossi) Date: Wed, 9 Sep 2009 15:53:13 -0500 Subject: [wp-hackers] Making Updates Friendlier? In-Reply-To: <4AA7F616.5070703@gunters.org> References: <781D18DD-84E2-4637-BA9F-5E9A0C22BE32@birdhouse.org> <4AA7F616.5070703@gunters.org> Message-ID: <474320ee0909091353x12888c84yd001c2795ea0a01d@mail.gmail.com> I tried to read past discussions on this to make sure that I wasn't repeating anything that has already been said. That said, I'm thinking that the wp-announce mailing list might not be the best way to do this, at least not in a format similar to the wp-hackers/wp-docs mailing lists. I'd like to see something clean and presentable to the public, more "newsletter" than "mailing list," if that distinction makes sense. I'm thinking of Apple's product announcement emails and how they're short and to the point but also informative. Something like that might benefit the average user of Wordpress (I'm assuming here that the average user is the real target since the more advanced user will likely have already heard about and applied the update). I'm in favor, therefore, of the option during installation to sign up to receive updates of new releases. I also agree with Dougal that it should be opt-out rather than opt-in, increasing the likelihood that novice users will check to receive updates. Also (and now we're getting more complex), I'm wondering if there shouldn't be some sort of check after an arbitrary number of days/weeks to make sure that the Wordpress administrator has in fact installed the latest version. I'm thinking that in addition to that (somewhat useless) bar on the top of the admin screen, WP should check 2 weeks after any release to see if the latest version is being used. If it's not, the administrator would receive an email saying something to the effect of, "You still haven't updated!" You get my drift. Just some thoughts I'm throwing out there. Steven Rossi http://www.letsmovetothemoon.com http://www.stevenjrossi.com http://www.twitter.com/SuperMoonMan On Wed, Sep 9, 2009 at 1:38 PM, Dougal Campbell wrote: > On Sep 9 2009 1:05 PM, Jeremy Clarke wrote: > >> On Wed, Sep 9, 2009 at 10:56 AM, Hacker Scot >> wrote: >> >> >>> On Sep 9, 2009, at 5:00 AM, wp-hackers-request at lists.automattic.comwrote: >>> This is something the Drupal world gets right, IMO. Lots of security >>> information consolidated here: http://drupal.org/security also available >>> as >>> RSS feeds and ALSO available as email. I subscribed to the emails for a >>> while and was really impressed that they covered not just core but issues >>> with 3rd party Drupal modules as well. This kind of thing could have a >>> huge >>> security benefit for WP. >>> >>> >> Not sure who's in charge of it but WP's updates email list is >> completely desolate most of the time. It should have strongly worded >> terrifying emails when there are security updates. As it is its pretty >> neglected, and IMHO the dashboard feed just doesn't replace it. Lots >> of people use WP casually, and the once or twice a month they log in >> they don't have time to read everything on the dashboard. >> >> > > This is a good point. When was the last time that the 'wp-announce' mailing > list was actually used to notify people of a new WP version? I can't find > the archives, and I sure can't remember it happening anytime recently. I > vaguely recall Matt sending *something* to the announce list a few versions > back, but I'd probably have to grep through a few gigabytes of old emails to > find it. > > I think it would be great if part of the installation procedure for a new > WordPress site was to add a checkbox (checked by default) prompting the user > to opt-in to the wp-announce mailing list. This would be on the same screen > that asks for the initial administrator email address. It could give a short > message explaining that the mailing list is very low volume (typically less > than one message per month), it will only be used to send important update > information, and that the email address will not be shared with > third-parties (etc.). > > Then (and this is the key), actually USE the wp-announce mailing list for > what it's there for. Make it part of the standard procedure checklist for > new releases. In fact, there should probably be an announcement at the first > Beta and Release Candidate milestones, as well (not every interim beta and > rc, just the initial "hey, we're beta testing, you might want to start your > own tests to get ready for the new version", and "hey, we've reached release > candidate stage, things should be pretty stable, and we're trying to knock > out the last few bugs before official release"). > > AND, when a security issue becomes known, an announcement should be made, > as well. I know that opinions vary on exactly *when* security issues should > be announced: as soon as known -- even before a patch is available, or only > after a patch is ready for the public? I don't think this is the time or > place for that discussion, but I think making the announcements by email as > well as via the dev blog (and thus the dashboard news) is important. I think > there are more people than we might think who hardly glance at the > dashboard. Maybe the news blocks in their dashboard are just "below the > fold" and they don't see it. Maybe they actively ignore it (do a search for > "dashboard" in the plugin repository and take note of how many mention > turning off the news feeds). Maybe they're just old-school and prefer email, > and miss the days of Usenet. Whatever the case, I think that adding email > announcements has got to be a Good Thing. And it could pretty easily be > automated. Just set up the Dev Blog to relay any posts made in the > "Announcements" category, or something like that. > > (And BTW, I think there are a lot of things that the WordPress and Drupal > communities can learn from each other. Both have a lot of good points to > them that the other could borrow. I might have a blog post about that later, > if I can find the time.) > > -- > Dougal Campbell > http://dougal.gunters.org/ > http://twitter.com/dougal > http://twitual.com/ > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > From wp-hackers at striderweb.com Wed Sep 9 21:35:20 2009 From: wp-hackers at striderweb.com (Stephen Rider) Date: Wed, 9 Sep 2009 16:35:20 -0500 Subject: [wp-hackers] wp-config.php, wp-load.php, and ABSPATH Message-ID: <878933FE-8C92-4D22-82A2-7DECEFE0CFA7@striderweb.com> Hackers -- As of WP 2.6, users have been able to move the wp-config.php file up on directory if they choose. In my opinion this was an excellent change, because it is the final piece in allowing users to completely remove customizations from within the WordPress directory. (Allowing moving wp-config being a significant piece of the same process). There is a remnant of the old system still in wp-config.php, the directive to create ABSPATH if it does not exist. I'm not sure why this is there -- perhaps it is a holdover of a much older version of WP. But if wp-config.php is movable, then this code is no longer stable, and it's *existence* has encouraged a poor coding practice among plugin authors. A problem that arises is plugins that do sort of "stand alone" things but want to access the database -- a common thing to do is to call wp- config.php directly to get the login info, rather than wp-load.php. Again, this is unstable because wp-config.php may have moved, and even if the plugin correctly knows to look up a directory, it will get tripped up if it then tries to call another file and bases the path off of ABSPATH. While plugin authors *can* just call wp-load.php, which is safer and more stable, it appears to be quite common to do it the other way. Here is my proposal: We should assert, in documentation and in code, that any time a plugin or process wants to access parts of WP (including the database), it should call wp-load.php. We should do this via changes within the Codex, and inline documentation, and we should also do this by eliminating the ABSPATH define() in wp- config.php. At the very least, we should put a "deprecated" call with the define() in wp-config, so that if it does happen, there is a notice to the log that "You should not call wp-config.php directly. Call wp-load.php instead." Then a version or two down the road we can get rid of the troublesome define. What think ye? Stephen P.S. -- Why yes, I do get troubleshooting questions about this. Why do you ask? -- Stephen Rider http://striderweb.com/ From wp-hackers at striderweb.com Wed Sep 9 21:40:47 2009 From: wp-hackers at striderweb.com (Stephen Rider) Date: Wed, 9 Sep 2009 16:40:47 -0500 Subject: [wp-hackers] wp-config.php, wp-load.php, and ABSPATH In-Reply-To: <878933FE-8C92-4D22-82A2-7DECEFE0CFA7@striderweb.com> References: <878933FE-8C92-4D22-82A2-7DECEFE0CFA7@striderweb.com> Message-ID: Heh. Why yes, that email was written *without* knowledge of the "Make Updates Friendlier?" thread. But boy does it relate! :) Stephen From scribu at gmail.com Wed Sep 9 23:31:01 2009 From: scribu at gmail.com (scribu) Date: Thu, 10 Sep 2009 02:31:01 +0300 Subject: [wp-hackers] Inline styles and TinyMCE Message-ID: <349fe48b0909091631l7f31f22dr6cd95e489ddcc57e@mail.gmail.com> A new ticket on trac contends that TinyMCE should use predefined classes instead of inline styles: #10753 The main drawback is that it would require themes to add these predefined styles to their stylesheet, beside the classical .alignleft, .aligncenter and .alignright This is my proposed solution: Instead of relying on each theme developer, make a default.css file and add it through 'wp_head'. - fixes the inline styles in TinyMCE - potentially fixes inline styles generated by [gallery] - themers can disable it if they wish What do you think? -- http://scribu.net From ncrice at gmail.com Thu Sep 10 01:00:09 2009 From: ncrice at gmail.com (Nathan Rice) Date: Wed, 9 Sep 2009 21:00:09 -0400 Subject: [wp-hackers] Inline styles and TinyMCE In-Reply-To: <349fe48b0909091631l7f31f22dr6cd95e489ddcc57e@mail.gmail.com> References: <349fe48b0909091631l7f31f22dr6cd95e489ddcc57e@mail.gmail.com> Message-ID: <862d087f0909091800n598239ffrd2686788c56f32d2@mail.gmail.com> +1 for me, as a theme designer. This would definitely be more convenient than the alternatives that are being used now. Personally, I'd disable it, then call it using @import from the style.css file, but just having it available would be killer, regardless of how I chose to call it. And having it get called by default solves a lot of issues like the one you mentioned. On Wed, Sep 9, 2009 at 7:31 PM, scribu wrote: > A new ticket on trac contends that TinyMCE should use predefined classes > instead of inline styles: #10753< > http://core.trac.wordpress.org/ticket/10753> > > The main drawback is that it would require themes to add these predefined > styles to their stylesheet, beside the classical .alignleft, .aligncenter > and .alignright > > This is my proposed solution: > > Instead of relying on each theme developer, make a default.css file and add > it through 'wp_head'. > > - fixes the inline styles in TinyMCE > - potentially fixes inline styles generated by [gallery] > - themers can disable it if they wish > > What do you think? > > > -- > http://scribu.net > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > From wp-hackers at striderweb.com Thu Sep 10 03:40:16 2009 From: wp-hackers at striderweb.com (Stephen Rider) Date: Wed, 9 Sep 2009 22:40:16 -0500 Subject: [wp-hackers] Inline styles and TinyMCE In-Reply-To: <862d087f0909091800n598239ffrd2686788c56f32d2@mail.gmail.com> References: <349fe48b0909091631l7f31f22dr6cd95e489ddcc57e@mail.gmail.com> <862d087f0909091800n598239ffrd2686788c56f32d2@mail.gmail.com> Message-ID: On Sep 9, 2009, at 8:00 PM, Nathan Rice wrote: > Personally, I'd disable it, then call it using @import from the > style.css > file This is not backwards compatible though. Existing themes would suddenly not look right. +1 for a default CSS hooked through wp-head Stephen -- Stephen Rider http://striderweb.com/ From wp-hackers at striderweb.com Thu Sep 10 03:49:50 2009 From: wp-hackers at striderweb.com (Stephen Rider) Date: Wed, 9 Sep 2009 22:49:50 -0500 Subject: [wp-hackers] Inline styles and TinyMCE In-Reply-To: References: <349fe48b0909091631l7f31f22dr6cd95e489ddcc57e@mail.gmail.com> <862d087f0909091800n598239ffrd2686788c56f32d2@mail.gmail.com> Message-ID: On Sep 9, 2009, at 10:40 PM, Stephen Rider wrote: > > On Sep 9, 2009, at 8:00 PM, Nathan Rice wrote: > >> Personally, I'd disable it, then call it using @import from the >> style.css >> file > > This is not backwards compatible though. Existing themes would > suddenly not look right. Nevermind. I got it.... :-\ From lynne.pope at gmail.com Thu Sep 10 04:02:24 2009 From: lynne.pope at gmail.com (Lynne Pope) Date: Thu, 10 Sep 2009 16:02:24 +1200 Subject: [wp-hackers] Inline styles and TinyMCE In-Reply-To: <349fe48b0909091631l7f31f22dr6cd95e489ddcc57e@mail.gmail.com> References: <349fe48b0909091631l7f31f22dr6cd95e489ddcc57e@mail.gmail.com> Message-ID: <427667db0909092102y6b3cc222ye43dcc68afdd2805@mail.gmail.com> 2009/9/10 scribu > A new ticket on trac contends that TinyMCE should use predefined classes > instead of inline styles: #10753< > http://core.trac.wordpress.org/ticket/10753> > > The main drawback is that it would require themes to add these predefined > styles to their stylesheet, beside the classical .alignleft, .aligncenter > and .alignright > > This is my proposed solution: > > Instead of relying on each theme developer, make a default.css file and add > it through 'wp_head'. > > - fixes the inline styles in TinyMCE > - potentially fixes inline styles generated by [gallery] > - themers can disable it if they wish > > What do you think? > +1 for this - good idea! In my theme development I'd disable it in wp_head and either import it in styles.css or include the necessary styling directly with the rest of the styling. The ability to easily remove it from wp_head is important. Lynne From jason at findingsimple.com Thu Sep 10 04:42:41 2009 From: jason at findingsimple.com (Jason) Date: Thu, 10 Sep 2009 14:42:41 +1000 Subject: [wp-hackers] wp_list_pages() weirdness Message-ID: Does anyone have any ideas why when I output two page lists on the same page (as in the attached text file) one list is hierarchical (the left one) and the other is not (the right one)? I can swap the meta_values over (i.e. left to right and vice versa) and it still does the same thing - the left side is hierarchical and the right side is not - it doesn't matter what the content is. Its not a CSS issue either. It has me stumped. From jason at findingsimple.com Thu Sep 10 04:43:34 2009 From: jason at findingsimple.com (Jason) Date: Thu, 10 Sep 2009 14:43:34 +1000 Subject: [wp-hackers] wp_list_pages() weirdness In-Reply-To: References: Message-ID: Sorry forgot to attach the code On Thu, Sep 10, 2009 at 2:42 PM, Jason wrote: > Does anyone have any ideas why when I output two page lists on the same > page (as in the attached text file) one list is hierarchical (the left one) > and the other is not (the right one)? > > I can swap the meta_values over (i.e. left to right and vice versa) and it > still does the same thing - the left side is hierarchical and the right side > is not - it doesn't matter what the content is. > > Its not a CSS issue either. It has me stumped. > From johnbillion+wp at gmail.com Thu Sep 10 06:13:51 2009 From: johnbillion+wp at gmail.com (John Blackbourn) Date: Thu, 10 Sep 2009 07:13:51 +0100 Subject: [wp-hackers] wp_list_pages() weirdness In-Reply-To: References: Message-ID: <1fa535a70909092313x6a4ad399p66abe16bcefbdf13@mail.gmail.com> Got a link Jason? The list removes attachments. 2009/9/10 Jason : > Sorry forgot to attach the code > > > > On Thu, Sep 10, 2009 at 2:42 PM, Jason wrote: > >> Does anyone have any ideas why when I output two page lists on the same >> page (as in the attached text file) one list is hierarchical (the left one) >> and the other is not (the right one)? >> >> I can swap the meta_values over (i.e. left to right and vice versa) and it >> still does the same thing - the left side is hierarchical and the right side >> is not - it doesn't matter what the content is. >> >> Its not a CSS issue either. It has me stumped. >> > > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > > From jason at findingsimple.com Thu Sep 10 07:44:32 2009 From: jason at findingsimple.com (Jason) Date: Thu, 10 Sep 2009 17:44:32 +1000 Subject: [wp-hackers] wp_list_pages() weirdness In-Reply-To: <1fa535a70909092313x6a4ad399p66abe16bcefbdf13@mail.gmail.com> References: <1fa535a70909092313x6a4ad399p66abe16bcefbdf13@mail.gmail.com> Message-ID: Yep - link to code http://findingsimple.com/dev/code.txt Site is running locally at the moment Using 2.8.4 Thanks! On Thu, Sep 10, 2009 at 4:13 PM, John Blackbourn > wrote: > Got a link Jason? The list removes attachments. > > 2009/9/10 Jason : > > Sorry forgot to attach the code > > > > > > > > On Thu, Sep 10, 2009 at 2:42 PM, Jason wrote: > > > >> Does anyone have any ideas why when I output two page lists on the same > >> page (as in the attached text file) one list is hierarchical (the left > one) > >> and the other is not (the right one)? > >> > >> I can swap the meta_values over (i.e. left to right and vice versa) and > it > >> still does the same thing - the left side is hierarchical and the right > side > >> is not - it doesn't matter what the content is. > >> > >> Its not a CSS issue either. It has me stumped. > >> > > > > _______________________________________________ > > wp-hackers mailing list > > wp-hackers at lists.automattic.com > > http://lists.automattic.com/mailman/listinfo/wp-hackers > > > > > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > From wordpress at redfootwebdesign.com Thu Sep 10 12:15:42 2009 From: wordpress at redfootwebdesign.com (Red Foot Web Design Wordpress) Date: Thu, 10 Sep 2009 08:15:42 -0400 Subject: [wp-hackers] wp_list_pages() weirdness In-Reply-To: References: <1fa535a70909092313x6a4ad399p66abe16bcefbdf13@mail.gmail.com> Message-ID: <160203ed0909100515x69cd7e58wc7660f63080bd9ed@mail.gmail.com> Can you link to a screen shot of the output? Thanks, Lew On Thu, Sep 10, 2009 at 3:44 AM, Jason wrote: > Yep - link to code http://findingsimple.com/dev/code.txt > > Site is running locally at the moment > > Using 2.8.4 > > Thanks! > > > > On Thu, Sep 10, 2009 at 4:13 PM, John Blackbourn > < > johnbillion%2Bwp at gmail.com > > > wrote: > > > Got a link Jason? The list removes attachments. > > > > 2009/9/10 Jason : > > > Sorry forgot to attach the code > > > > > > > > > > > > On Thu, Sep 10, 2009 at 2:42 PM, Jason > wrote: > > > > > >> Does anyone have any ideas why when I output two page lists on the > same > > >> page (as in the attached text file) one list is hierarchical (the left > > one) > > >> and the other is not (the right one)? > > >> > > >> I can swap the meta_values over (i.e. left to right and vice versa) > and > > it > > >> still does the same thing - the left side is hierarchical and the > right > > side > > >> is not - it doesn't matter what the content is. > > >> > > >> Its not a CSS issue either. It has me stumped. > > >> > > > > > > _______________________________________________ > > > wp-hackers mailing list > > > wp-hackers at lists.automattic.com > > > http://lists.automattic.com/mailman/listinfo/wp-hackers > > > > > > > > _______________________________________________ > > wp-hackers mailing list > > wp-hackers at lists.automattic.com > > http://lists.automattic.com/mailman/listinfo/wp-hackers > > > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > From jason at findingsimple.com Thu Sep 10 12:30:51 2009 From: jason at findingsimple.com (Jason) Date: Thu, 10 Sep 2009 22:30:51 +1000 Subject: [wp-hackers] wp_list_pages() weirdness In-Reply-To: <160203ed0909100515x69cd7e58wc7660f63080bd9ed@mail.gmail.com> References: <1fa535a70909092313x6a4ad399p66abe16bcefbdf13@mail.gmail.com> <160203ed0909100515x69cd7e58wc7660f63080bd9ed@mail.gmail.com> Message-ID: Sure. The hierarchy is supposed to be: Childre / Parenting -> Custody / Visitation -> Paternity When I set the above pages to be "left" they look fine ( http://findingsimple.com/dev/picture-3.png) but when I set them to the right they lose the hierarchy :-S (http://findingsimple.com/dev/picture-5.png) Regards, Jason p. +61 403 864 202 e. jason at findingsimple.com w. www.findingsimple.com t. @findingsimple s. conroy.jason On Thu, Sep 10, 2009 at 10:15 PM, Red Foot Web Design Wordpress < wordpress at redfootwebdesign.com> wrote: > Can you link to a screen shot of the output? > > Thanks, > Lew > > On Thu, Sep 10, 2009 at 3:44 AM, Jason wrote: > > > Yep - link to code http://findingsimple.com/dev/code.txt > > > > Site is running locally at the moment > > > > Using 2.8.4 > > > > Thanks! > > > > > > > > On Thu, Sep 10, 2009 at 4:13 PM, John Blackbourn > > < > johnbillion%2Bwp at gmail.com >< > > johnbillion%2Bwp at gmail.com < > johnbillion%252Bwp at gmail.com >> > > > wrote: > > > > > Got a link Jason? The list removes attachments. > > > > > > 2009/9/10 Jason : > > > > Sorry forgot to attach the code > > > > > > > > > > > > > > > > On Thu, Sep 10, 2009 at 2:42 PM, Jason > > wrote: > > > > > > > >> Does anyone have any ideas why when I output two page lists on the > > same > > > >> page (as in the attached text file) one list is hierarchical (the > left > > > one) > > > >> and the other is not (the right one)? > > > >> > > > >> I can swap the meta_values over (i.e. left to right and vice versa) > > and > > > it > > > >> still does the same thing - the left side is hierarchical and the > > right > > > side > > > >> is not - it doesn't matter what the content is. > > > >> > > > >> Its not a CSS issue either. It has me stumped. > > > >> > > > > > > > > _______________________________________________ > > > > wp-hackers mailing list > > > > wp-hackers at lists.automattic.com > > > > http://lists.automattic.com/mailman/listinfo/wp-hackers > > > > > > > > > > > _______________________________________________ > > > wp-hackers mailing list > > > wp-hackers at lists.automattic.com > > > http://lists.automattic.com/mailman/listinfo/wp-hackers > > > > > _______________________________________________ > > wp-hackers mailing list > > wp-hackers at lists.automattic.com > > http://lists.automattic.com/mailman/listinfo/wp-hackers > > > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > From kkarpieszuk at gmail.com Thu Sep 10 13:17:54 2009 From: kkarpieszuk at gmail.com (Konrad Karpieszuk) Date: Thu, 10 Sep 2009 15:17:54 +0200 Subject: [wp-hackers] how to append some tag to post automatically, when it is published? Message-ID: <67dfa4090909100617h5a573ba1y5f4eab395019aa9a@mail.gmail.com> hi :) Sometimes on my blog someone will publish post with Custom field name = "video" and value = [url to video at YT] I want that thos post will have added automatically blog tag 'video' How to do this? I just know that i need to add action hook for 'publish_post'. but what should be in function? does wp has some function to add tag to post (i belive yes, but i don't know which one)? -- (en) regards / (pl) pozdrawiam Konrad Karpieszuk http://konradjestwrwandzie.wordpress.com/ From otto at ottodestruct.com Thu Sep 10 13:58:26 2009 From: otto at ottodestruct.com (Otto) Date: Thu, 10 Sep 2009 08:58:26 -0500 Subject: [wp-hackers] wp-config.php, wp-load.php, and ABSPATH In-Reply-To: <878933FE-8C92-4D22-82A2-7DECEFE0CFA7@striderweb.com> References: <878933FE-8C92-4D22-82A2-7DECEFE0CFA7@striderweb.com> Message-ID: <161617690909100658n69d4ccb2ne763f50e10d850a0@mail.gmail.com> On Wed, Sep 9, 2009 at 4:35 PM, Stephen Rider wrote: > A problem that arises is plugins that do sort of "stand alone" things but > want to access the database -- a common thing to do is to call wp-config.php > directly to get the login info, rather than wp-load.php. ?Again, this is > unstable because wp-config.php may have moved, and even if the plugin > correctly knows to look up a directory, it will get tripped up if it then > tries to call another file and bases the path off of ABSPATH. > > While plugin authors *can* just call wp-load.php, which is safer and more > stable, it appears to be quite common to do it the other way. We'd had this basic discussion before. Short answer is that plugins should not do that. Long answer is that plugins that want to do "stand alone" sort of things need to stop thinking they are stand alone and work within the WordPress framework. We have hooks for most types of things (AJAX calls and such) and we have methods to do other types of things (template overload hooks), and those methods all work through the framework. Thus, they have WordPress loaded, and you don't need to include squat. In conclusion, if you make your output directly call a separate file in your plugin, and that file needs access to the database, then *you're doing it wrong*. You can do it within the framework, and it's generally much easier. Give me a specific example, and I'll be glad to tell you the "right" way that example should work. :) -Otto Sent from Memphis, TN, United States From wp-hackers at striderweb.com Thu Sep 10 14:20:18 2009 From: wp-hackers at striderweb.com (Stephen Rider) Date: Thu, 10 Sep 2009 09:20:18 -0500 Subject: [wp-hackers] wp-config.php, wp-load.php, and ABSPATH In-Reply-To: <161617690909100658n69d4ccb2ne763f50e10d850a0@mail.gmail.com> References: <878933FE-8C92-4D22-82A2-7DECEFE0CFA7@striderweb.com> <161617690909100658n69d4ccb2ne763f50e10d850a0@mail.gmail.com> Message-ID: <288AD088-56FE-4E5E-BED0-3A2C9CDB9C50@striderweb.com> On Sep 10, 2009, at 8:58 AM, Otto wrote: > On Wed, Sep 9, 2009 at 4:35 PM, Stephen Rider > wrote: >> A problem that arises is plugins that do sort of "stand alone" >> things but >> want to access the database -- a common thing to do is to call wp- >> config.php >> directly to get the login info, rather than wp-load.php. Again, >> this is >> unstable because wp-config.php may have moved, and even if the plugin >> correctly knows to look up a directory, it will get tripped up if >> it then >> tries to call another file and bases the path off of ABSPATH. >> >> While plugin authors *can* just call wp-load.php, which is safer >> and more >> stable, it appears to be quite common to do it the other way. > > Short answer is that plugins should not do that. > > Long answer is that plugins that want to do "stand alone" sort of > things need to stop thinking they are stand alone and work within the > WordPress framework. > if you make your output directly call a separate file > in your plugin, and that file needs access to the database, then > *you're doing it wrong*. You can do it within the framework, and it's > generally much easier. > > Give me a specific example, and I'll be glad to tell you the "right" > way that example should work. :) Hi Otto -- You're missing the point. All I'm trying to do is get the ABSPATH define removed from wp-config.php. Reasons are: a) it's obsolete b) it encourages plugin coders to do it wrong (by your own definition). Okay, I was citing loading wp-load.php as "better", but I agree that they're both *wrong*. So do you concur that it would be a good idea to get rid of the ABSPATH define() in wp-config.php ? :-) Stephen -- Stephen Rider http://striderweb.com/ From otto at ottodestruct.com Thu Sep 10 14:23:12 2009 From: otto at ottodestruct.com (Otto) Date: Thu, 10 Sep 2009 09:23:12 -0500 Subject: [wp-hackers] how to append some tag to post automatically, when it is published? In-Reply-To: <67dfa4090909100617h5a573ba1y5f4eab395019aa9a@mail.gmail.com> References: <67dfa4090909100617h5a573ba1y5f4eab395019aa9a@mail.gmail.com> Message-ID: <161617690909100723r62324ea3q5a11c22c1e220c5d@mail.gmail.com> wp_add_post_tags($post_id = 0, $tags = '') Example: wp_add_post_tags(12345, 'video, another-tag, whatever'); -Otto On Thu, Sep 10, 2009 at 8:17 AM, Konrad Karpieszuk wrote: > hi :) > Sometimes on my blog someone will publish post with Custom field name = > "video" and value = [url to video at YT] > > I want that thos post will have added automatically blog tag 'video' > > How to do this? > > I just know that i need to add action hook for 'publish_post'. but what > should be in function? does wp has some function to add tag to post (i > belive yes, but i don't know which one)? > > -- > (en) regards / (pl) pozdrawiam > Konrad Karpieszuk > http://konradjestwrwandzie.wordpress.com/ > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > From ozh at planetozh.com Thu Sep 10 14:24:05 2009 From: ozh at planetozh.com (Ozh) Date: Thu, 10 Sep 2009 16:24:05 +0200 Subject: [wp-hackers] wp-config.php, wp-load.php, and ABSPATH In-Reply-To: <288AD088-56FE-4E5E-BED0-3A2C9CDB9C50@striderweb.com> Message-ID: > So do you concur that it would be a good idea to get rid of the > ABSPATH define() in wp-config.php ? :-) > No. It's going to break a lot of plugins and add some fuel to the "WP upgrade broke my site" debate From otto at ottodestruct.com Thu Sep 10 14:25:39 2009 From: otto at ottodestruct.com (Otto) Date: Thu, 10 Sep 2009 09:25:39 -0500 Subject: [wp-hackers] wp-config.php, wp-load.php, and ABSPATH In-Reply-To: <288AD088-56FE-4E5E-BED0-3A2C9CDB9C50@striderweb.com> References: <878933FE-8C92-4D22-82A2-7DECEFE0CFA7@striderweb.com> <161617690909100658n69d4ccb2ne763f50e10d850a0@mail.gmail.com> <288AD088-56FE-4E5E-BED0-3A2C9CDB9C50@striderweb.com> Message-ID: <161617690909100725t2078f6e8o740971ea7c895ee@mail.gmail.com> On Thu, Sep 10, 2009 at 9:20 AM, Stephen Rider wrote: > Hi Otto -- > > You're missing the point. ?All I'm trying to do is get the ABSPATH define > removed from wp-config.php. ?Reasons are: > > a) it's obsolete > b) it encourages plugin coders to do it wrong (by your own definition). > > Okay, I was citing loading wp-load.php as "better", but I agree that they're > both *wrong*. > > So do you concur that it would be a good idea to get rid of the ABSPATH > define() in wp-config.php ? ?:-) So, you're asking if we should instantly and intentionally break every plugin that includes wp-config.php? Yeah, I'm fine with it. ;) -Otto Sent from Memphis, TN, United States From kkarpieszuk at gmail.com Thu Sep 10 14:34:53 2009 From: kkarpieszuk at gmail.com (Konrad Karpieszuk) Date: Thu, 10 Sep 2009 16:34:53 +0200 Subject: [wp-hackers] how to append some tag to post automatically, when it is published? In-Reply-To: <161617690909100723r62324ea3q5a11c22c1e220c5d@mail.gmail.com> References: <67dfa4090909100617h5a573ba1y5f4eab395019aa9a@mail.gmail.com> <161617690909100723r62324ea3q5a11c22c1e220c5d@mail.gmail.com> Message-ID: <67dfa4090909100734j2ad18bbej2621976c69ceec80@mail.gmail.com> thank you very much :) btw. is it a right place for this kind of questions? i asked this yesterday at forum but nobody answered, so i tried here ;) but when i look at your discussions i am not sure if it is good place to ask :) On Thu, Sep 10, 2009 at 4:23 PM, Otto wrote: > wp_add_post_tags($post_id = 0, $tags = '') > > Example: > wp_add_post_tags(12345, 'video, another-tag, whatever'); > > -Otto > > > > On Thu, Sep 10, 2009 at 8:17 AM, Konrad Karpieszuk > wrote: > > hi :) > > Sometimes on my blog someone will publish post with Custom field name = > > "video" and value = [url to video at YT] > > > > I want that thos post will have added automatically blog tag 'video' > > > > How to do this? > > > > I just know that i need to add action hook for 'publish_post'. but what > > should be in function? does wp has some function to add tag to post (i > > belive yes, but i don't know which one)? > > > > -- > > (en) regards / (pl) pozdrawiam > > Konrad Karpieszuk > > http://konradjestwrwandzie.wordpress.com/ > > _______________________________________________ > > wp-hackers mailing list > > wp-hackers at lists.automattic.com > > http://lists.automattic.com/mailman/listinfo/wp-hackers > > > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > -- (en) regards / (pl) pozdrawiam Konrad Karpieszuk http://konradjestwrwandzie.wordpress.com/ From john.ivar.myrstad at gmail.com Thu Sep 10 14:55:14 2009 From: john.ivar.myrstad at gmail.com (John Myrstad) Date: Thu, 10 Sep 2009 16:55:14 +0200 Subject: [wp-hackers] Inline styles and TinyMCE In-Reply-To: <427667db0909092102y6b3cc222ye43dcc68afdd2805@mail.gmail.com> References: <349fe48b0909091631l7f31f22dr6cd95e489ddcc57e@mail.gmail.com> <427667db0909092102y6b3cc222ye43dcc68afdd2805@mail.gmail.com> Message-ID: I like the idea. Its long overdue to fix this as well: > - potentially fixes inline styles generated by [gallery] From jess at funroe.net Thu Sep 10 15:15:34 2009 From: jess at funroe.net (Jess Planck) Date: Thu, 10 Sep 2009 10:15:34 -0500 Subject: [wp-hackers] Inline styles and TinyMCE In-Reply-To: <349fe48b0909091631l7f31f22dr6cd95e489ddcc57e@mail.gmail.com> References: <349fe48b0909091631l7f31f22dr6cd95e489ddcc57e@mail.gmail.com> Message-ID: I made a comment to that ticket, but I thought I would make it here as well. It's a great idea, but before it gets set in stone I would really like to see some better CSS naming conventions for the HTML objects WordPress creates. There is no coding standard for CSS like there is for PHP in WordPress, so here's the type of things we get: For an attachment starting div id is attachment_13 with classes wp- caption and alignleft wrapped around an img with classes size-medium wp-image-13 and a p with class wp-caption-text. It's not bad but there are dashes, underscores, compounded words, and very little to help you predict the sort of CSS that WordPress is going to spit out. Of course object oriented CSS approaches were the techniques aren't being used. It's getting better, but don't go look at the some of the buddypress CSS names (it burns!). If WordPress adds some removable default css for these objects then some better naming conventions for the CSS classes and ids would really help. Especially some prefix that says "This came from WordPress" like a wp-gallery, wp-attachment, or something else parse- able used in CSS ids and classes. Jess [ :P ] jess planck - http://funroe.net On Sep 9, 2009, at 6:31 PM, scribu wrote: > A new ticket on trac contends that TinyMCE should use predefined > classes > instead of inline styles: #10753 > > > The main drawback is that it would require themes to add these > predefined > styles to their stylesheet, beside the > classical .alignleft, .aligncenter > and .alignright > > This is my proposed solution: > > Instead of relying on each theme developer, make a default.css file > and add > it through 'wp_head'. > > - fixes the inline styles in TinyMCE > - potentially fixes inline styles generated by [gallery] > - themers can disable it if they wish > > What do you think? > > > -- > http://scribu.net > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers From johnbillion+wp at gmail.com Thu Sep 10 16:04:47 2009 From: johnbillion+wp at gmail.com (John Blackbourn) Date: Thu, 10 Sep 2009 17:04:47 +0100 Subject: [wp-hackers] wp_list_pages() weirdness In-Reply-To: References: <1fa535a70909092313x6a4ad399p66abe16bcefbdf13@mail.gmail.com> <160203ed0909100515x69cd7e58wc7660f63080bd9ed@mail.gmail.com> Message-ID: <1fa535a70909100904l9d00a26l69bea39f1a466d44@mail.gmail.com> Is your code missing an outer

and on the right hand side? I couldn't reproduce your problem and without an outer unordered list it'd probably look like that. 2009/9/10 Jason : > Sure. > > The hierarchy is supposed to be: > > Childre / Parenting > -> Custody / Visitation > -> Paternity > > When I set the above pages to be "left" they look fine ( > http://findingsimple.com/dev/picture-3.png) but when I set them to the right > they lose the hierarchy :-S (http://findingsimple.com/dev/picture-5.png) > > Regards, > Jason > > p. +61 403 864 202 > e. jason at findingsimple.com > w. www.findingsimple.com > t. @findingsimple > s. conroy.jason > > > On Thu, Sep 10, 2009 at 10:15 PM, Red Foot Web Design Wordpress < > wordpress at redfootwebdesign.com> wrote: > >> Can you link to a screen shot of the output? >> >> Thanks, >> Lew >> >> On Thu, Sep 10, 2009 at 3:44 AM, Jason wrote: >> >> > Yep - link to code http://findingsimple.com/dev/code.txt >> > >> > Site is running locally at the moment >> > >> > Using 2.8.4 >> > >> > Thanks! >> > >> > >> > >> > On Thu, Sep 10, 2009 at 4:13 PM, John Blackbourn >> > < >> johnbillion%2Bwp at gmail.com >< >> > johnbillion%2Bwp at gmail.com < >> johnbillion%252Bwp at gmail.com >> >> > > wrote: >> > >> > > Got a link Jason? The list removes attachments. >> > > >> > > 2009/9/10 Jason : >> > > > Sorry forgot to attach the code >> > > > >> > > > >> > > > >> > > > On Thu, Sep 10, 2009 at 2:42 PM, Jason >> > wrote: >> > > > >> > > >> Does anyone have any ideas why when I output two page lists on the >> > same >> > > >> page (as in the attached text file) one list is hierarchical (the >> left >> > > one) >> > > >> and the other is not (the right one)? >> > > >> >> > > >> I can swap the meta_values over (i.e. left to right and vice versa) >> > and >> > > it >> > > >> still does the same thing - the left side is hierarchical and the >> > right >> > > side >> > > >> is not - it doesn't matter what the content is. >> > > >> >> > > >> Its not a CSS issue either. It has me stumped. >> > > >> >> > > > >> > > > _______________________________________________ >> > > > wp-hackers mailing list >> > > > wp-hackers at lists.automattic.com >> > > > http://lists.automattic.com/mailman/listinfo/wp-hackers >> > > > >> > > > >> > > _______________________________________________ >> > > wp-hackers mailing list >> > > wp-hackers at lists.automattic.com >> > > http://lists.automattic.com/mailman/listinfo/wp-hackers >> > > >> > _______________________________________________ >> > wp-hackers mailing list >> > wp-hackers at lists.automattic.com >> > http://lists.automattic.com/mailman/listinfo/wp-hackers >> > >> _______________________________________________ >> wp-hackers mailing list >> wp-hackers at lists.automattic.com >> http://lists.automattic.com/mailman/listinfo/wp-hackers >> > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > From wordpress at redfootwebdesign.com Thu Sep 10 17:15:44 2009 From: wordpress at redfootwebdesign.com (Red Foot Web Design Wordpress) Date: Thu, 10 Sep 2009 13:15:44 -0400 Subject: [wp-hackers] wp_list_pages() weirdness In-Reply-To: <1fa535a70909100904l9d00a26l69bea39f1a466d44@mail.gmail.com> References: <1fa535a70909092313x6a4ad399p66abe16bcefbdf13@mail.gmail.com> <160203ed0909100515x69cd7e58wc7660f63080bd9ed@mail.gmail.com> <1fa535a70909100904l9d00a26l69bea39f1a466d44@mail.gmail.com> Message-ID: <160203ed0909101015g43813d6cu167b3e52f8b17ab9@mail.gmail.com> Is the CSS the same for the classes library-list-left and library-list-right? Also, what does the HTML look like in the output? I am unable to reproduce as well. Lew On Thu, Sep 10, 2009 at 12:04 PM, John Blackbourn > wrote: > Is your code missing an outer

and on the right hand side? I > couldn't reproduce your problem and without an outer unordered list > it'd probably look like that. > > 2009/9/10 Jason : > > Sure. > > > > The hierarchy is supposed to be: > > > > Childre / Parenting > > -> Custody / Visitation > > -> Paternity > > > > When I set the above pages to be "left" they look fine ( > > http://findingsimple.com/dev/picture-3.png) but when I set them to the > right > > they lose the hierarchy :-S (http://findingsimple.com/dev/picture-5.png) > > > > Regards, > > Jason > > > > p. +61 403 864 202 > > e. jason at findingsimple.com > > w. www.findingsimple.com > > t. @findingsimple > > s. conroy.jason > > > > > > On Thu, Sep 10, 2009 at 10:15 PM, Red Foot Web Design Wordpress < > > wordpress at redfootwebdesign.com> wrote: > > > >> Can you link to a screen shot of the output? > >> > >> Thanks, > >> Lew > >> > >> On Thu, Sep 10, 2009 at 3:44 AM, Jason wrote: > >> > >> > Yep - link to code http://findingsimple.com/dev/code.txt > >> > > >> > Site is running locally at the moment > >> > > >> > Using 2.8.4 > >> > > >> > Thanks! > >> > > >> > > >> > > >> > On Thu, Sep 10, 2009 at 4:13 PM, John Blackbourn > >> > < > johnbillion%2Bwp at gmail.com > < > >> johnbillion%2Bwp at gmail.com < > johnbillion%252Bwp at gmail.com >>< > >> > johnbillion%2Bwp at gmail.com < > johnbillion%252Bwp at gmail.com > < > >> johnbillion%252Bwp at gmail.com < > johnbillion%25252Bwp at gmail.com >>> > >> > > wrote: > >> > > >> > > Got a link Jason? The list removes attachments. > >> > > > >> > > 2009/9/10 Jason : > >> > > > Sorry forgot to attach the code > >> > > > > >> > > > > >> > > > > >> > > > On Thu, Sep 10, 2009 at 2:42 PM, Jason > >> > wrote: > >> > > > > >> > > >> Does anyone have any ideas why when I output two page lists on > the > >> > same > >> > > >> page (as in the attached text file) one list is hierarchical (the > >> left > >> > > one) > >> > > >> and the other is not (the right one)? > >> > > >> > >> > > >> I can swap the meta_values over (i.e. left to right and vice > versa) > >> > and > >> > > it > >> > > >> still does the same thing - the left side is hierarchical and the > >> > right > >> > > side > >> > > >> is not - it doesn't matter what the content is. > >> > > >> > >> > > >> Its not a CSS issue either. It has me stumped. > >> > > >> > >> > > > > >> > > > _______________________________________________ > >> > > > wp-hackers mailing list > >> > > > wp-hackers at lists.automattic.com > >> > > > http://lists.automattic.com/mailman/listinfo/wp-hackers > >> > > > > >> > > > > >> > > _______________________________________________ > >> > > wp-hackers mailing list > >> > > wp-hackers at lists.automattic.com > >> > > http://lists.automattic.com/mailman/listinfo/wp-hackers > >> > > > >> > _______________________________________________ > >> > wp-hackers mailing list > >> > wp-hackers at lists.automattic.com > >> > http://lists.automattic.com/mailman/listinfo/wp-hackers > >> > > >> _______________________________________________ > >> wp-hackers mailing list > >> wp-hackers at lists.automattic.com > >> http://lists.automattic.com/mailman/listinfo/wp-hackers > >> > > _______________________________________________ > > wp-hackers mailing list > > wp-hackers at lists.automattic.com > > http://lists.automattic.com/mailman/listinfo/wp-hackers > > > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > From otto at ottodestruct.com Thu Sep 10 17:39:37 2009 From: otto at ottodestruct.com (Otto) Date: Thu, 10 Sep 2009 12:39:37 -0500 Subject: [wp-hackers] Inline styles and TinyMCE In-Reply-To: References: <349fe48b0909091631l7f31f22dr6cd95e489ddcc57e@mail.gmail.com> Message-ID: <161617690909101039k239c6f76je443768707df714@mail.gmail.com> I like the idea, but the execution would be painful. Every time we try to standardize something in this way, we end up having lots of backward compatibility for several versions, in order to get theme/plugin devs the time to fix their stuff. And then we still end up breaking things. In going forward, lets keep this sort of thing in mind, and make everything start with something obvious, like wp- for classes and such. But the ones we've already got let's just leave alone, for now. Changing them will break sites. Adding new ones to replace them just adds worthless cruft that never gets cleaned up properly, and still will break sites. -Otto Sent from Memphis, TN, United States On Thu, Sep 10, 2009 at 10:15 AM, Jess Planck wrote: > I made a comment to that ticket, but I thought I would make it here as well. > > It's a great idea, but before it gets set in stone I would really like to > see some better CSS naming conventions for the HTML objects WordPress > creates. There is no coding standard for CSS like there is for PHP in > WordPress, so here's the type of things we get: > > For an attachment starting div id is attachment_13 with classes wp-caption > and alignleft wrapped around an img with classes size-medium wp-image-13 and > a p with class wp-caption-text. It's not bad but there are dashes, > underscores, compounded words, and very little to help you predict the sort > of CSS that WordPress is going to spit out. Of course object oriented CSS > approaches were the techniques aren't being used. It's getting better, but > don't go look at the some of the buddypress CSS names (it burns!). > > If WordPress adds some removable default css for these objects then some > better naming conventions for the CSS classes and ids would really help. > Especially some prefix that says "This came from WordPress" like a > wp-gallery, wp-attachment, or something else parse-able used in CSS ids and > classes. From jess at funroe.net Thu Sep 10 17:54:52 2009 From: jess at funroe.net (Jess Planck) Date: Thu, 10 Sep 2009 12:54:52 -0500 Subject: [wp-hackers] Inline styles and TinyMCE In-Reply-To: <161617690909101039k239c6f76je443768707df714@mail.gmail.com> References: <349fe48b0909091631l7f31f22dr6cd95e489ddcc57e@mail.gmail.com> <161617690909101039k239c6f76je443768707df714@mail.gmail.com> Message-ID: Too true. Shame on me (or others :P) for not noticing or thinking about mentioning this sooner. These sort of things can also be corrected when those areas go though major revamps or rewrites that will break stuff anyway. Jess - Too busy pushing that rock uphill to notice the elevator. On Sep 10, 2009, at 12:39 PM, Otto wrote: > In going forward, lets keep this sort of thing in mind, and make > everything start with something obvious, like wp- for classes and > such. > > But the ones we've already got let's just leave alone, for now. > Changing them will break sites. Adding new ones to replace them just > adds worthless cruft that never gets cleaned up properly, and still > will break sites. From jason at findingsimple.com Thu Sep 10 22:05:16 2009 From: jason at findingsimple.com (Jason) Date: Fri, 11 Sep 2009 08:05:16 +1000 Subject: [wp-hackers] wp_list_pages() weirdness In-Reply-To: <160203ed0909101015g43813d6cu167b3e52f8b17ab9@mail.gmail.com> References: <1fa535a70909092313x6a4ad399p66abe16bcefbdf13@mail.gmail.com> <160203ed0909100515x69cd7e58wc7660f63080bd9ed@mail.gmail.com> <1fa535a70909100904l9d00a26l69bea39f1a466d44@mail.gmail.com> <160203ed0909101015g43813d6cu167b3e52f8b17ab9@mail.gmail.com> Message-ID: Html output and code here http://findingsimple.com/dev/code.txt Yeah it has me absolutely stumped. I am using wp_list_page elsewhere on the site and it is working fine. Regards, Jason p. +61 403 864 202 e. jason at findingsimple.com w. www.findingsimple.com t. @findingsimple s. conroy.jason On Fri, Sep 11, 2009 at 3:15 AM, Red Foot Web Design Wordpress < wordpress at redfootwebdesign.com> wrote: > Is the CSS the same for the classes library-list-left and > library-list-right? Also, what does the HTML look like in the output? > > I am unable to reproduce as well. > > Lew > > On Thu, Sep 10, 2009 at 12:04 PM, John Blackbourn > < > johnbillion%2Bwp at gmail.com > > > wrote: > > > Is your code missing an outer

and on the right hand side? I > > couldn't reproduce your problem and without an outer unordered list > > it'd probably look like that. > > > > 2009/9/10 Jason : > > > Sure. > > > > > > The hierarchy is supposed to be: > > > > > > Childre / Parenting > > > -> Custody / Visitation > > > -> Paternity > > > > > > When I set the above pages to be "left" they look fine ( > > > http://findingsimple.com/dev/picture-3.png) but when I set them to the > > right > > > they lose the hierarchy :-S ( > http://findingsimple.com/dev/picture-5.png) > > > > > > Regards, > > > Jason > > > > > > p. +61 403 864 202 > > > e. jason at findingsimple.com > > > w. www.findingsimple.com > > > t. @findingsimple > > > s. conroy.jason > > > > > > > > > On Thu, Sep 10, 2009 at 10:15 PM, Red Foot Web Design Wordpress < > > > wordpress at redfootwebdesign.com> wrote: > > > > > >> Can you link to a screen shot of the output? > > >> > > >> Thanks, > > >> Lew > > >> > > >> On Thu, Sep 10, 2009 at 3:44 AM, Jason > wrote: > > >> > > >> > Yep - link to code http://findingsimple.com/dev/code.txt > > >> > > > >> > Site is running locally at the moment > > >> > > > >> > Using 2.8.4 > > >> > > > >> > Thanks! > > >> > > > >> > > > >> > > > >> > On Thu, Sep 10, 2009 at 4:13 PM, John Blackbourn > > >> > < > johnbillion%2Bwp at gmail.com > < > > johnbillion%2Bwp at gmail.com < > johnbillion%252Bwp at gmail.com >> < > > >> johnbillion%2Bwp at gmail.com < > johnbillion%252Bwp at gmail.com > < > > johnbillion%252Bwp at gmail.com < > johnbillion%25252Bwp at gmail.com >>>< > > >> > johnbillion%2Bwp at gmail.com < > johnbillion%252Bwp at gmail.com > < > > johnbillion%252Bwp at gmail.com < > johnbillion%25252Bwp at gmail.com >> < > > >> johnbillion%252Bwp at gmail.com < > johnbillion%25252Bwp at gmail.com > < > > johnbillion%25252Bwp at gmail.com < > johnbillion%2525252Bwp at gmail.com >>>> > > >> > > wrote: > > >> > > > >> > > Got a link Jason? The list removes attachments. > > >> > > > > >> > > 2009/9/10 Jason : > > >> > > > Sorry forgot to attach the code > > >> > > > > > >> > > > > > >> > > > > > >> > > > On Thu, Sep 10, 2009 at 2:42 PM, Jason > > > >> > wrote: > > >> > > > > > >> > > >> Does anyone have any ideas why when I output two page lists on > > the > > >> > same > > >> > > >> page (as in the attached text file) one list is hierarchical > (the > > >> left > > >> > > one) > > >> > > >> and the other is not (the right one)? > > >> > > >> > > >> > > >> I can swap the meta_values over (i.e. left to right and vice > > versa) > > >> > and > > >> > > it > > >> > > >> still does the same thing - the left side is hierarchical and > the > > >> > right > > >> > > side > > >> > > >> is not - it doesn't matter what the content is. > > >> > > >> > > >> > > >> Its not a CSS issue either. It has me stumped. > > >> > > >> > > >> > > > > > >> > > > _______________________________________________ > > >> > > > wp-hackers mailing list > > >> > > > wp-hackers at lists.automattic.com > > >> > > > http://lists.automattic.com/mailman/listinfo/wp-hackers > > >> > > > > > >> > > > > > >> > > _______________________________________________ > > >> > > wp-hackers mailing list > > >> > > wp-hackers at lists.automattic.com > > >> > > http://lists.automattic.com/mailman/listinfo/wp-hackers > > >> > > > > >> > _______________________________________________ > > >> > wp-hackers mailing list > > >> > wp-hackers at lists.automattic.com > > >> > http://lists.automattic.com/mailman/listinfo/wp-hackers > > >> > > > >> _______________________________________________ > > >> wp-hackers mailing list > > >> wp-hackers at lists.automattic.com > > >> http://lists.automattic.com/mailman/listinfo/wp-hackers > > >> > > > _______________________________________________ > > > wp-hackers mailing list > > > wp-hackers at lists.automattic.com > > > http://lists.automattic.com/mailman/listinfo/wp-hackers > > > > > _______________________________________________ > > wp-hackers mailing list > > wp-hackers at lists.automattic.com > > http://lists.automattic.com/mailman/listinfo/wp-hackers > > > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > From wp-hackers at striderweb.com Fri Sep 11 01:51:06 2009 From: wp-hackers at striderweb.com (Stephen Rider) Date: Thu, 10 Sep 2009 20:51:06 -0500 Subject: [wp-hackers] wp-config.php, wp-load.php, and ABSPATH In-Reply-To: <161617690909100725t2078f6e8o740971ea7c895ee@mail.gmail.com> References: <878933FE-8C92-4D22-82A2-7DECEFE0CFA7@striderweb.com> <161617690909100658n69d4ccb2ne763f50e10d850a0@mail.gmail.com> <288AD088-56FE-4E5E-BED0-3A2C9CDB9C50@striderweb.com> <161617690909100725t2078f6e8o740971ea7c895ee@mail.gmail.com> Message-ID: On Sep 10, 2009, at 9:25 AM, Otto wrote: > So, you're asking if we should instantly and intentionally break every > plugin that includes wp-config.php? > > Yeah, I'm fine with it. ;) Heh. Okay, to rephrase the question (via quoting myself): > Here is my proposal: We should assert, in documentation and in code, > that any time a plugin or process wants to access parts of WP > (including the database), it should call wp-load.php. ... > [W]e should put a "deprecated" call with the define() in wp-config > (inside the "if it doesn't already exist" clause), so that if it > does happen, there is a notice to the log that "You should not call > wp-config.php directly. Call wp-load.php instead." Then somewhere > down the road we can get rid of the troublesome define. From ravi-lists at g8o.net Fri Sep 11 02:30:24 2009 From: ravi-lists at g8o.net ( ravi ) Date: Thu, 10 Sep 2009 22:30:24 -0400 Subject: [wp-hackers] Theme updates and generated files Message-ID: Hello all, please point me elsewhere with suitable derision if this is the wrong forum to ask. Hoping its not: Does WP's new update capability (for plugins and themes) blow away the existing directory before it installs the new version of the plugin or theme? If so, if a theme wants (or more likely it's author wants) to create some files (such as a custom stylesheet), what's a good place to put it so it doesn't get blown away on update? The DB would be a poor place, IMHO. Thank you for any comments, --ravi From if.website at gmail.com Fri Sep 11 02:43:19 2009 From: if.website at gmail.com (Austin Matzko) Date: Thu, 10 Sep 2009 21:43:19 -0500 Subject: [wp-hackers] Theme updates and generated files In-Reply-To: References: Message-ID: <674b4a3b0909101943n258f4eemc077329c3ac81db8@mail.gmail.com> On Thu, Sep 10, 2009 at 9:30 PM, [ ravi ] wrote: > Does WP's new update capability (for plugins and themes) blow away the > existing directory before it installs the new version of the plugin or > theme? Yes. > If so, if a theme wants (or more likely it's author wants) to create > some files (such as a custom stylesheet), what's a good place to put it so > it doesn't get blown away on update? The DB would be a poor place, IMHO. This has been much discussed, without much of a consensus. Please see the thread that starts here: http://lists.automattic.com/pipermail/wp-hackers/2009-February/024728.html In my opinion, your best option currently is to save something like that in the uploads directory. From wp-hackers at striderweb.com Fri Sep 11 06:15:11 2009 From: wp-hackers at striderweb.com (Stephen Rider) Date: Fri, 11 Sep 2009 01:15:11 -0500 Subject: [wp-hackers] Theme updates and generated files In-Reply-To: References: Message-ID: <9C4C305E-D76B-456D-BBD5-C65C12F42001@striderweb.com> On Sep 10, 2009, at 9:30 PM, [ ravi ] wrote: > [I]f a theme wants (or more likely it's author wants) to create some > files (such as a custom stylesheet), what's a good place to put it > so it doesn't get blown away on update? The DB would be a poor > place, IMHO. You could probably just make a "Child Theme". Stephen -- Stephen Rider http://striderweb.com/ From junsuijin at gmail.com Fri Sep 11 14:09:31 2009 From: junsuijin at gmail.com (Tynan Colin Beatty) Date: Fri, 11 Sep 2009 09:09:31 -0500 Subject: [wp-hackers] Theme updates and generated files In-Reply-To: <9C4C305E-D76B-456D-BBD5-C65C12F42001@striderweb.com> References: <9C4C305E-D76B-456D-BBD5-C65C12F42001@striderweb.com> Message-ID: <4f9525dc0909110709i22b4cc0bh76838d689aabb63f@mail.gmail.com> child theme is definitely the way to go. On Fri, Sep 11, 2009 at 1:15 AM, Stephen Rider wrote: > > On Sep 10, 2009, at 9:30 PM, [ ravi ] wrote: > > [I]f a theme wants (or more likely it's author wants) to create some files >> (such as a custom stylesheet), what's a good place to put it so it doesn't >> get blown away on update? The DB would be a poor place, IMHO. >> > > You could probably just make a "Child Theme". > > Stephen > > > -- > Stephen Rider > http://striderweb.com/ > > > > > > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > From wordpress at dd32.id.au Fri Sep 11 14:12:37 2009 From: wordpress at dd32.id.au (Dion Hulse (dd32)) Date: Sat, 12 Sep 2009 00:12:37 +1000 Subject: [wp-hackers] Theme updates and generated files In-Reply-To: <4f9525dc0909110709i22b4cc0bh76838d689aabb63f@mail.gmail.com> References: <9C4C305E-D76B-456D-BBD5-C65C12F42001@striderweb.com> <4f9525dc0909110709i22b4cc0bh76838d689aabb63f@mail.gmail.com> Message-ID: For a user-supplied CSS then a child theme is the way to go, If its however a theme-generated content item, better location is wp-content/ or the uploads folder. The uploads folder is the only location you can trust to be writable really too, the fact that some (if not most) shared hosts allow PHP to write to its current directory cannot be relied upon. On Sat, 12 Sep 2009 00:09:31 +1000, Tynan Colin Beatty wrote: > child theme is definitely the way to go. > > On Fri, Sep 11, 2009 at 1:15 AM, Stephen Rider > wrote: > >> >> On Sep 10, 2009, at 9:30 PM, [ ravi ] wrote: >> >> [I]f a theme wants (or more likely it's author wants) to create some >> files >>> (such as a custom stylesheet), what's a good place to put it so it >>> doesn't >>> get blown away on update? The DB would be a poor place, IMHO. >>> >> >> You could probably just make a "Child Theme". >> >> Stephen >> >> >> -- >> Stephen Rider >> http://striderweb.com/ >> >> >> >> >> >> _______________________________________________ >> wp-hackers mailing list >> wp-hackers at lists.automattic.com >> http://lists.automattic.com/mailman/listinfo/wp-hackers >> > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > -- -- Dion Hulse e: contact at dd32.id.au w: http://dd32.id.au/ m: 04 6621 9112 (+614 6621 9112) WordPressQI: http://wordpressqi.com/ From otto at ottodestruct.com Fri Sep 11 15:43:41 2009 From: otto at ottodestruct.com (Otto) Date: Fri, 11 Sep 2009 10:43:41 -0500 Subject: [wp-hackers] wp-config.php, wp-load.php, and ABSPATH In-Reply-To: References: <878933FE-8C92-4D22-82A2-7DECEFE0CFA7@striderweb.com> <161617690909100658n69d4ccb2ne763f50e10d850a0@mail.gmail.com> <288AD088-56FE-4E5E-BED0-3A2C9CDB9C50@striderweb.com> <161617690909100725t2078f6e8o740971ea7c895ee@mail.gmail.com> Message-ID: <161617690909110843q41ce85efr63b36dbded0f0371@mail.gmail.com> Well, like I said, my problem with that is that you shouldn't do the other one either. If you wanted to put something in there like "you shouldn't include this file directly, go read this documentation for the right way instead" then I'd be more okay with it. -Otto On Thu, Sep 10, 2009 at 8:51 PM, Stephen Rider wrote: > > On Sep 10, 2009, at 9:25 AM, Otto wrote: > >> So, you're asking if we should instantly and intentionally break every >> plugin that includes wp-config.php? >> >> Yeah, I'm fine with it. ;) > > Heh. ?Okay, to rephrase the question (via quoting myself): > >> Here is my proposal: We should assert, in documentation and in code, that >> any time a plugin or process wants to access parts of WP (including the >> database), it should call wp-load.php. > > ... >> >> [W]e should put a "deprecated" call with the define() in wp-config (inside >> the "if it doesn't already exist" clause), so that if it does happen, there >> is a notice to the log that "You should not call wp-config.php directly. >> Call wp-load.php instead." ?Then somewhere down the road we can get rid of >> the troublesome define. > > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > From derek at amphibian.info Fri Sep 11 18:01:28 2009 From: derek at amphibian.info (Derek) Date: Fri, 11 Sep 2009 11:01:28 -0700 (PDT) Subject: [wp-hackers] wp-config.php, wp-load.php, and ABSPATH In-Reply-To: <161617690909110843q41ce85efr63b36dbded0f0371@mail.gmail.com> References: <878933FE-8C92-4D22-82A2-7DECEFE0CFA7@striderweb.com> <161617690909100658n69d4ccb2ne763f50e10d850a0@mail.gmail.com> <288AD088-56FE-4E5E-BED0-3A2C9CDB9C50@striderweb.com> <161617690909100725t2078f6e8o740971ea7c895ee@mail.gmail.com> <161617690909110843q41ce85efr63b36dbded0f0371@mail.gmail.com> Message-ID: <7f250344-e1aa-4cec-931b-ffe326146223@n2g2000vba.googlegroups.com> I'm actually encountering this right now ... I'm making a call to: '../../../../wp-load.php' ... from within a subdirectory of my plugin directory. Obviously, if someone has chosen to move wp-content elsewhere, this breaks. So, here's a specific example Otto. ;) What I'm doing is exporting data from my plugin's DB tables into a CSV file from the admin. I can't have any other output to the browser so I can set proper headers for the file. Any ideas as to how I can achieve this from strictly within the WP framework? Best, Derek On Sep 11, 12:43?pm, Otto wrote: > Well, like I said, my problem with that is that you shouldn't do the > other one either. > > If you wanted to put something in there like "you shouldn't include > this file directly, go read this documentation for the right way > instead" then I'd be more okay with it. > > -Otto > > On Thu, Sep 10, 2009 at 8:51 PM, Stephen Rider > > > > wrote: > > > On Sep 10, 2009, at 9:25 AM, Otto wrote: > > >> So, you're asking if we should instantly and intentionally break every > >> plugin that includes wp-config.php? > > >> Yeah, I'm fine with it. ;) > > > Heh. ?Okay, to rephrase the question (via quoting myself): > > >> Here is my proposal: We should assert, in documentation and in code, that > >> any time a plugin or process wants to access parts of WP (including the > >> database), it should call wp-load.php. > > > ... > > >> [W]e should put a "deprecated" call with the define() in wp-config (inside > >> the "if it doesn't already exist" clause), so that if it does happen, there > >> is a notice to the log that "You should not call wp-config.php directly. > >> Call wp-load.php instead." ?Then somewhere down the road we can get rid of > >> the troublesome define. > > > _______________________________________________ > > wp-hackers mailing list > > wp-hack... at lists.automattic.com > >http://lists.automattic.com/mailman/listinfo/wp-hackers > > _______________________________________________ > wp-hackers mailing list > wp-hack... at lists.automattic.comhttp://lists.automattic.com/mailman/listinfo/wp-hackers From matt at sivel.net Fri Sep 11 18:10:10 2009 From: matt at sivel.net (Matt Martz) Date: Fri, 11 Sep 2009 14:10:10 -0400 Subject: [wp-hackers] wp-config.php, wp-load.php, and ABSPATH In-Reply-To: <7f250344-e1aa-4cec-931b-ffe326146223@n2g2000vba.googlegroups.com> References: <878933FE-8C92-4D22-82A2-7DECEFE0CFA7@striderweb.com> <161617690909100658n69d4ccb2ne763f50e10d850a0@mail.gmail.com> <288AD088-56FE-4E5E-BED0-3A2C9CDB9C50@striderweb.com> <161617690909100725t2078f6e8o740971ea7c895ee@mail.gmail.com> <161617690909110843q41ce85efr63b36dbded0f0371@mail.gmail.com> <7f250344-e1aa-4cec-931b-ffe326146223@n2g2000vba.googlegroups.com> Message-ID: <518fa9630909111110r169cb8bav86f916c7857946b1@mail.gmail.com> On Fri, Sep 11, 2009 at 2:01 PM, Derek wrote: > I'm actually encountering this right now ... I'm making a call to: > > '../../../../wp-load.php' > > ... from within a subdirectory of my plugin directory. ?Obviously, if > someone has chosen to move wp-content elsewhere, this breaks. ?So, > here's a specific example Otto. ?;) > > What I'm doing is exporting data from my plugin's DB tables into a CSV > file from the admin. I can't have any other output to the browser so I > can set proper headers for the file. > > Any ideas as to how I can achieve this from strictly within the WP > framework? > > Best, > Derek Perhaps one of the best solutions is using admin-ajax.php. Take a look at the source, and you will quickly find out how easy it is to use and how to use it. -- Matt Martz matt at sivel.net http://sivel.net/ From sbruner at slipfire.com Fri Sep 11 19:17:48 2009 From: sbruner at slipfire.com (Steve Bruner [SlipFire]) Date: Fri, 11 Sep 2009 15:17:48 -0400 Subject: [wp-hackers] Custom Templates in sub-folder Message-ID: Created a custom template and placed it in a sub-directory of my theme. When I look at the template list on Add New Page, my custom template is listed (only seems to work one folder level back). However, WP uses Page.php (in theme root), instead of my custom template. Is this a bug in WP or am I missing something? Steve From wordpress at dd32.id.au Sat Sep 12 02:04:05 2009 From: wordpress at dd32.id.au (Dion Hulse (dd32)) Date: Sat, 12 Sep 2009 12:04:05 +1000 Subject: [wp-hackers] wp-config.php, wp-load.php, and ABSPATH In-Reply-To: <518fa9630909111110r169cb8bav86f916c7857946b1@mail.gmail.com> References: <878933FE-8C92-4D22-82A2-7DECEFE0CFA7@striderweb.com> <161617690909100658n69d4ccb2ne763f50e10d850a0@mail.gmail.com> <288AD088-56FE-4E5E-BED0-3A2C9CDB9C50@striderweb.com> <161617690909100725t2078f6e8o740971ea7c895ee@mail.gmail.com> <161617690909110843q41ce85efr63b36dbded0f0371@mail.gmail.com> <7f250344-e1aa-4cec-931b-ffe326146223@n2g2000vba.googlegroups.com> <518fa9630909111110r169cb8bav86f916c7857946b1@mail.gmail.com> Message-ID: admin-post.php would be better suited IMO wp-admin/admin-post.php?action=myplugin_export_db add_action('admin_post_myplugin_export_db', 'my_plugin_export_the_db_now'); function my_plugin_export_the_db_now() { echo 'Hello World!'; } If the user isnt logged in, The hook fired is admin_post_nopriv_myplugin_export_db So its possible to differentiate between a logged in user, and one that has either not been logged in, or more likely, who's admin session has expired. Also, Don't forget the nonce proetection on such a URL.. You can use admin-ajax.php, I just prefer to seeadmin-post.php used for everything other than Ajaxy things myself.. On Sat, 12 Sep 2009 04:10:10 +1000, Matt Martz wrote: > On Fri, Sep 11, 2009 at 2:01 PM, Derek wrote: >> I'm actually encountering this right now ... I'm making a call to: >> >> '../../../../wp-load.php' >> >> ... from within a subdirectory of my plugin directory. Obviously, if >> someone has chosen to move wp-content elsewhere, this breaks. So, >> here's a specific example Otto. ;) >> >> What I'm doing is exporting data from my plugin's DB tables into a CSV >> file from the admin. I can't have any other output to the browser so I >> can set proper headers for the file. >> >> Any ideas as to how I can achieve this from strictly within the WP >> framework? >> >> Best, >> Derek > > Perhaps one of the best solutions is using admin-ajax.php. > > Take a look at the source, and you will quickly find out how easy it > is to use and how to use it. > -- -- Dion Hulse e: contact at dd32.id.au w: http://dd32.id.au/ m: 04 6621 9112 (+614 6621 9112) WordPressQI: http://wordpressqi.com/ From sudar at sudarmuthu.com Sat Sep 12 11:55:39 2009 From: sudar at sudarmuthu.com (Sudar Muthu) Date: Sat, 12 Sep 2009 17:25:39 +0530 Subject: [wp-hackers] Retrieving post id based on the page title Message-ID: <485dd1460909120455x2398a728m2616292876aae861@mail.gmail.com> Hello all, I need to know if there is a built-in function (or recommended way) to retrieve the post id of a page/post based on the post title, without querying the database directly. I know it can be done by querying the database, but I prefer to use the build-in function if available. A quick look into WordPress code, didn't reveal any function. Thanks! With Regards, Sudar http://SudarMuthu.com http://twitter.com/sudarmuthu From joost at yoast.com Sat Sep 12 11:59:18 2009 From: joost at yoast.com (Joost de Valk) Date: Sat, 12 Sep 2009 13:59:18 +0200 Subject: [wp-hackers] Retrieving post id based on the page title In-Reply-To: <485dd1460909120455x2398a728m2616292876aae861@mail.gmail.com> References: <485dd1460909120455x2398a728m2616292876aae861@mail.gmail.com> Message-ID: <8EBCA092-5A0A-4EC5-A645-416A198D467D@yoast.com> There's a get_page_by_title, modify it to use with posts, in fact, it should probably be modified within core? http://xref.yoast.com/2.8.4/nav.html?_functions/get_page_by_title.html Cheers, Joost On Sep 12, 2009, at 1:55 PM, Sudar Muthu wrote: > Hello all, > > I need to know if there is a built-in function (or recommended way) to > retrieve the post id of a page/post based on the post title, without > querying the database directly. > > I know it can be done by querying the database, but I prefer to use > the > build-in function if available. A quick look into WordPress code, > didn't > reveal any function. > > Thanks! > > With Regards, > Sudar > > http://SudarMuthu.com > http://twitter.com/sudarmuthu > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers From sudar at sudarmuthu.com Sat Sep 12 12:10:04 2009 From: sudar at sudarmuthu.com (Sudar Muthu) Date: Sat, 12 Sep 2009 17:40:04 +0530 Subject: [wp-hackers] Retrieving post id based on the page title In-Reply-To: <8EBCA092-5A0A-4EC5-A645-416A198D467D@yoast.com> References: <485dd1460909120455x2398a728m2616292876aae861@mail.gmail.com> <8EBCA092-5A0A-4EC5-A645-416A198D467D@yoast.com> Message-ID: <485dd1460909120510ycc88fb4g5482f41cca488326@mail.gmail.com> Joost, Thanks for pointing out this function. (I missed it when I looked into WordPress code) I had a quick look into the function and it is using the following query SELECT ID FROM $wpdb->posts WHERE post_title = %s AND post_type='page'", $page_title ) If post revisions is enabled, and there is a auto-save version available will it not get the id of the revision post row rather than the one which was published? My gut feeling says that we should also include the condition post_status = 'published'. Am I correct or am I missing something? (I will do some test to find out whether my theory works!) With Regards, Sudar http://SudarMuthu.com http://twitter.com/sudarmuthu On Sat, Sep 12, 2009 at 17:29, Joost de Valk wrote: > There's a get_page_by_title, modify it to use with posts, in fact, it > should probably be modified within core? > > http://xref.yoast.com/2.8.4/nav.html?_functions/get_page_by_title.html > > Cheers, > Joost > > > > On Sep 12, 2009, at 1:55 PM, Sudar Muthu wrote: > > Hello all, >> >> I need to know if there is a built-in function (or recommended way) to >> retrieve the post id of a page/post based on the post title, without >> querying the database directly. >> >> I know it can be done by querying the database, but I prefer to use the >> build-in function if available. A quick look into WordPress code, didn't >> reveal any function. >> >> Thanks! >> >> With Regards, >> Sudar >> >> http://SudarMuthu.com >> http://twitter.com/sudarmuthu >> _______________________________________________ >> wp-hackers mailing list >> wp-hackers at lists.automattic.com >> http://lists.automattic.com/mailman/listinfo/wp-hackers >> > > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > From ravi-lists at g8o.net Sat Sep 12 21:23:16 2009 From: ravi-lists at g8o.net ( ravi ) Date: Sat, 12 Sep 2009 17:23:16 -0400 Subject: [wp-hackers] Theme updates and generated files In-Reply-To: References: <9C4C305E-D76B-456D-BBD5-C65C12F42001@striderweb.com> <4f9525dc0909110709i22b4cc0bh76838d689aabb63f@mail.gmail.com> Message-ID: <1C97B300-BE74-4A19-BE2F-3C77089E77BB@g8o.net> All, Thank you for the responses -- I should have checked the archives, since the discussion seems to have been extensive. If indeed the theme directory is to be wiped, then I am leaning towards storing persistent files in wp_contents rather than uploads (despite the caution that only uploads is guaranteed to be writeable). The suggestion of a "child theme" is a valuable one too. Again, thank you, --ravi From derek at amphibian.info Sun Sep 13 12:16:09 2009 From: derek at amphibian.info (Derek) Date: Sun, 13 Sep 2009 05:16:09 -0700 (PDT) Subject: [wp-hackers] wp-config.php, wp-load.php, and ABSPATH In-Reply-To: References: <878933FE-8C92-4D22-82A2-7DECEFE0CFA7@striderweb.com> <161617690909100658n69d4ccb2ne763f50e10d850a0@mail.gmail.com> <288AD088-56FE-4E5E-BED0-3A2C9CDB9C50@striderweb.com> <161617690909100725t2078f6e8o740971ea7c895ee@mail.gmail.com> <161617690909110843q41ce85efr63b36dbded0f0371@mail.gmail.com> <7f250344-e1aa-4cec-931b-ffe326146223@n2g2000vba.googlegroups.com> <518fa9630909111110r169cb8bav86f916c7857946b1@mail.gmail.com> Message-ID: <3f7a85bb-e446-4ba5-af8b-ae56cd401501@w10g2000yqf.googlegroups.com> I'll try admin-post.php, great idea. Thanks. On Sep 11, 11:04?pm, "Dion Hulse (dd32)" wrote: > admin-post.php would be better suited IMO > > wp-admin/admin-post.php?action=myplugin_export_db > > add_action('admin_post_myplugin_export_db', 'my_plugin_export_the_db_now'); > function my_plugin_export_the_db_now() { > ? ? echo 'Hello World!'; > > } > > If the user isnt logged in, The hook fired is > > admin_post_nopriv_myplugin_export_db > > So its possible to differentiate between a logged in user, and one that ? > has either not been logged in, or more likely, who's admin session has ? > expired. > > Also, Don't forget the nonce proetection on such a URL.. > > You can use admin-ajax.php, I just prefer to seeadmin-post.php used for ? > everything other than Ajaxy things myself.. > > > > > > On Sat, 12 Sep 2009 04:10:10 +1000, Matt Martz wrote: > > On Fri, Sep 11, 2009 at 2:01 PM, Derek wrote: > >> I'm actually encountering this right now ... I'm making a call to: > > >> '../../../../wp-load.php' > > >> ... from within a subdirectory of my plugin directory. ?Obviously, if > >> someone has chosen to move wp-content elsewhere, this breaks. ?So, > >> here's a specific example Otto. ?;) > > >> What I'm doing is exporting data from my plugin's DB tables into a CSV > >> file from the admin. I can't have any other output to the browser so I > >> can set proper headers for the file. > > >> Any ideas as to how I can achieve this from strictly within the WP > >> framework? > > >> Best, > >> Derek > > > Perhaps one of the best solutions is using admin-ajax.php. > > > Take a look at the source, and you will quickly find out how easy it > > is to use and how to use it. > > -- > -- > Dion Hulse > e: cont... at dd32.id.au > w:http://dd32.id.au/ > m: 04 6621 9112 (+614 6621 9112) > WordPressQI:http://wordpressqi.com/ > _______________________________________________ > wp-hackers mailing list > wp-hack... at lists.automattic.comhttp://lists.automattic.com/mailman/listinfo/wp-hackers From jeremy at visser.name Mon Sep 14 01:42:15 2009 From: jeremy at visser.name (Jeremy Visser) Date: Mon, 14 Sep 2009 11:42:15 +1000 Subject: [wp-hackers] how to append some tag to post automatically, when it is published? In-Reply-To: <67dfa4090909100734j2ad18bbej2621976c69ceec80@mail.gmail.com> References: <67dfa4090909100617h5a573ba1y5f4eab395019aa9a@mail.gmail.com> <161617690909100723r62324ea3q5a11c22c1e220c5d@mail.gmail.com> <67dfa4090909100734j2ad18bbej2621976c69ceec80@mail.gmail.com> Message-ID: <1252892535.5627.3.camel@rillian.narnia.sunriseroad.net> On Thu, 2009-09-10 at 16:34 +0200, Konrad Karpieszuk wrote: > thank you very much :) > btw. is it a right place for this kind of questions? i asked this yesterday > at forum but nobody answered, so i tried here ;) but when i look at your > discussions i am not sure if it is good place to ask :) Generally it?s preferred you post on the forums first. but for a slightly more technical question, such as yours, you?re more likely to get some sort of answer. This is because if nobody can immediately answer your question in the forums, it unfortunately tends to get ignored, rather than a constructive response. From sudar at sudarmuthu.com Mon Sep 14 14:29:55 2009 From: sudar at sudarmuthu.com (Sudar Muthu) Date: Mon, 14 Sep 2009 19:59:55 +0530 Subject: [wp-hackers] Activation hook exist for themes? In-Reply-To: <4A9C4449.8020708@gmail.com> References: <4A9A6BCB.9090302@gmail.com>

<4A9C4449.8020708@gmail.com> Message-ID: <485dd1460909140729i5bff393dh2008fa7a1feac919@mail.gmail.com> Hi all, (Sorry for digging the old thread) Ozh solution is nice, but it will get triggered every time any theme is activated. I wanted to trigger a function only when my theme is triggered. Is it possible to do that? With Regards, Sudar http://SudarMuthu.com http://twitter.com/sudarmuthu On Tue, Sep 1, 2009 at 03:14, rajasekharan wrote: > I went with Ozh's approach and it worked well. But still, a formal method > for this would be convenient and > give us some peace of mind. Who knows? Something may change in the next > version and this method may break. > Hope the core people are reading this thread. > > Peter Westwood wrote: > >> On 31 Aug 2009, at 00:46, Dion Hulse (dd32) wrote: >> >> Theres a ticket, there was a messy patch from me(IIRC) but i dont think >>> its in core yet. >>> >> >> This is what I was thinking of: >> >> When WordPress switches themes it fires the switch_theme action. >> >> Unfortunately this is run before the theme is active so is really more use >> as a deactivation hook. >> >> Peter >> > > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > From junsuijin at gmail.com Mon Sep 14 14:33:58 2009 From: junsuijin at gmail.com (Tynan Colin Beatty) Date: Mon, 14 Sep 2009 09:33:58 -0500 Subject: [wp-hackers] Activation hook exist for themes? In-Reply-To: <485dd1460909140729i5bff393dh2008fa7a1feac919@mail.gmail.com> References: <4A9A6BCB.9090302@gmail.com>

<4A9C4449.8020708@gmail.com> <485dd1460909140729i5bff393dh2008fa7a1feac919@mail.gmail.com> Message-ID: <4f9525dc0909140733t4d66976avbbf55ec1fa983410@mail.gmail.com> your theme's functions.php will only load when it is the active theme, so Ozh's solution will only trigger when your theme is activated. On Mon, Sep 14, 2009 at 9:29 AM, Sudar Muthu wrote: > Hi all, > > (Sorry for digging the old thread) > > Ozh solution is nice, but it will get triggered every time any theme is > activated. I wanted to trigger a function only when my theme is triggered. > Is it possible to do that? > > With Regards, > Sudar > > http://SudarMuthu.com > http://twitter.com/sudarmuthu > > > On Tue, Sep 1, 2009 at 03:14, rajasekharan wrote: > > > I went with Ozh's approach and it worked well. But still, a formal method > > for this would be convenient and > > give us some peace of mind. Who knows? Something may change in the next > > version and this method may break. > > Hope the core people are reading this thread. > > > > Peter Westwood wrote: > > > >> On 31 Aug 2009, at 00:46, Dion Hulse (dd32) wrote: > >> > >> Theres a ticket, there was a messy patch from me(IIRC) but i dont think > >>> its in core yet. > >>> > >> > >> This is what I was thinking of: > >> > >> When WordPress switches themes it fires the switch_theme action. > >> > >> Unfortunately this is run before the theme is active so is really more > use > >> as a deactivation hook. > >> > >> Peter > >> > > > > _______________________________________________ > > wp-hackers mailing list > > wp-hackers at lists.automattic.com > > http://lists.automattic.com/mailman/listinfo/wp-hackers > > > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > From sudar at sudarmuthu.com Mon Sep 14 15:06:22 2009 From: sudar at sudarmuthu.com (Sudar Muthu) Date: Mon, 14 Sep 2009 20:36:22 +0530 Subject: [wp-hackers] Activation hook exist for themes? In-Reply-To: <4f9525dc0909140733t4d66976avbbf55ec1fa983410@mail.gmail.com> References: <4A9A6BCB.9090302@gmail.com>

<4A9C4449.8020708@gmail.com> <485dd1460909140729i5bff393dh2008fa7a1feac919@mail.gmail.com> <4f9525dc0909140733t4d66976avbbf55ec1fa983410@mail.gmail.com> Message-ID: <485dd1460909140806n2be01b81n994b2827737277c1@mail.gmail.com> Tynan, Thanks for the explanation, now I get it :) With Regards, Sudar http://SudarMuthu.com http://twitter.com/sudarmuthu On Mon, Sep 14, 2009 at 20:03, Tynan Colin Beatty wrote: > your theme's functions.php will only load when it is the active theme, so > Ozh's solution will only trigger when your theme is activated. > > On Mon, Sep 14, 2009 at 9:29 AM, Sudar Muthu wrote: > > > Hi all, > > > > (Sorry for digging the old thread) > > > > Ozh solution is nice, but it will get triggered every time any theme is > > activated. I wanted to trigger a function only when my theme is > triggered. > > Is it possible to do that? > > > > With Regards, > > Sudar > > > > http://SudarMuthu.com > > http://twitter.com/sudarmuthu > > > > > > On Tue, Sep 1, 2009 at 03:14, rajasekharan > wrote: > > > > > I went with Ozh's approach and it worked well. But still, a formal > method > > > for this would be convenient and > > > give us some peace of mind. Who knows? Something may change in the next > > > version and this method may break. > > > Hope the core people are reading this thread. > > > > > > Peter Westwood wrote: > > > > > >> On 31 Aug 2009, at 00:46, Dion Hulse (dd32) wrote: > > >> > > >> Theres a ticket, there was a messy patch from me(IIRC) but i dont > think > > >>> its in core yet. > > >>> > > >> > > >> This is what I was thinking of: > > >> > > >> When WordPress switches themes it fires the switch_theme action. > > >> > > >> Unfortunately this is run before the theme is active so is really more > > use > > >> as a deactivation hook. > > >> > > >> Peter > > >> > > > > > > _______________________________________________ > > > wp-hackers mailing list > > > wp-hackers at lists.automattic.com > > > http://lists.automattic.com/mailman/listinfo/wp-hackers > > > > > _______________________________________________ > > wp-hackers mailing list > > wp-hackers at lists.automattic.com > > http://lists.automattic.com/mailman/listinfo/wp-hackers > > > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > From sudar at sudarmuthu.com Mon Sep 14 17:16:17 2009 From: sudar at sudarmuthu.com (Sudar Muthu) Date: Mon, 14 Sep 2009 22:46:17 +0530 Subject: [wp-hackers] Custom Templates in sub-folder In-Reply-To: References: Message-ID: <485dd1460909141016k107d4145if6bb803c5f3957e4@mail.gmail.com> Hello all, I digged a little deeper into the code and found that there is a discrepancy in the way page templates are handled. (I checked WordPress 2.8.4 code) First in the write page and edit page admin pages, the list of page templates is retrieved using the get_themes() function in wp-include/theme.php file. In this function, we are iterating in the current directory and all sub directory to get template files. So if I place a page-template file inside a sub directory (single level) then it will be displayed in the admin pages. When the page is rendered, locate_template() function again from wp-include/theme.php file is invoked. In this function, we are checking for the page template only from the theme's directory and not in sub-directory. So by default the page.php template will be used. This is surely a bug, but I am not sure where the fix should go. Placing page-template files in a separate directory could be handy. In that case we might have to modify locate_template() function. With Regards, Sudar http://SudarMuthu.com http://twitter.com/sudarmuthu On Sat, Sep 12, 2009 at 00:47, Steve Bruner [SlipFire] wrote: > Created a custom template and placed it in a sub-directory of my theme. > When I look at the template list on Add New Page, my custom template is > listed (only seems to work one folder level back). However, WP uses > Page.php (in theme root), instead of my custom template. > > Is this a bug in WP or am I missing something? > > Steve > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > From matt at sivel.net Mon Sep 14 17:31:02 2009 From: matt at sivel.net (Matt Martz) Date: Mon, 14 Sep 2009 13:31:02 -0400 Subject: [wp-hackers] Custom Templates in sub-folder In-Reply-To: <485dd1460909141016k107d4145if6bb803c5f3957e4@mail.gmail.com> References: <485dd1460909141016k107d4145if6bb803c5f3957e4@mail.gmail.com> Message-ID: <518fa9630909141031v700c06a2r97d55c4107bf8399@mail.gmail.com> On Mon, Sep 14, 2009 at 1:16 PM, Sudar Muthu wrote: > This is surely a bug, but I am not sure where the fix should go. Placing > page-template files in a separate directory could be handy. In that case we > might have to modify locate_template() function. I would think that the meta value inserted in the database should be the path relative to the theme directory. So something like: my-sub-dir/my-page-template.php -- Matt Martz matt at sivel.net http://sivel.net/ From sudar at sudarmuthu.com Mon Sep 14 17:35:10 2009 From: sudar at sudarmuthu.com (Sudar Muthu) Date: Mon, 14 Sep 2009 23:05:10 +0530 Subject: [wp-hackers] Custom Templates in sub-folder In-Reply-To: <518fa9630909141031v700c06a2r97d55c4107bf8399@mail.gmail.com> References: <485dd1460909141016k107d4145if6bb803c5f3957e4@mail.gmail.com> <518fa9630909141031v700c06a2r97d55c4107bf8399@mail.gmail.com> Message-ID: <485dd1460909141035k47530dcbldfc6af5ecb38f6f8@mail.gmail.com> Yeah, if the inserted meta value is my-sub-dir/my-page-template.php then it should solve the problem. If anyone else, (apart from me) is able to replicate the issue, then I will open a ticket. With Regards, Sudar http://SudarMuthu.com http://twitter.com/sudarmuthu On Mon, Sep 14, 2009 at 23:01, Matt Martz wrote: > On Mon, Sep 14, 2009 at 1:16 PM, Sudar Muthu wrote: > > This is surely a bug, but I am not sure where the fix should go. Placing > > page-template files in a separate directory could be handy. In that case > we > > might have to modify locate_template() function. > > I would think that the meta value inserted in the database should be > the path relative to the theme directory. > > So something like: my-sub-dir/my-page-template.php > > -- > Matt Martz > matt at sivel.net > http://sivel.net/ > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > From kkarpieszuk at gmail.com Mon Sep 14 19:30:21 2009 From: kkarpieszuk at gmail.com (Konrad Karpieszuk) Date: Mon, 14 Sep 2009 21:30:21 +0200 Subject: [wp-hackers] how to use wp_version_check() function? Message-ID: <67dfa4090909141230y610a2d3qd1f4ca583e9452@mail.gmail.com> hello :) I am this guy who created few days ago plugin to notify by email if new version of wordpress is available. http://www.muzungu.pl/moje-pluginy-do-wordpressa/upgrade-notification-by-email/ in many places (eg http://www.wptavern.com/upgrade-notifications-by-email ) you suggest me to use function wp_version_check() but i don't know how to do this :( i found its description in update.php file but i still dont know how to use it. i see that i return false or null. ok, but what it returns else? could anyone axplain me how to check if new version of wordpress is available using this function and if it is available perform some action (for example print "is available")? i tried to use this function in template file footer.php. i putted there: and it prints "not ok" at wordpress 2.8.1 and at 2.8.4. so result is thesame on not actual and actual version of wordpress :( -- (en) regards / (pl) pozdrawiam Konrad Karpieszuk http://konradjestwrwandzie.wordpress.com/ From otto at ottodestruct.com Mon Sep 14 19:46:38 2009 From: otto at ottodestruct.com (Otto) Date: Mon, 14 Sep 2009 14:46:38 -0500 Subject: [wp-hackers] how to use wp_version_check() function? In-Reply-To: <67dfa4090909141230y610a2d3qd1f4ca583e9452@mail.gmail.com> References: <67dfa4090909141230y610a2d3qd1f4ca583e9452@mail.gmail.com> Message-ID: <161617690909141246n1752897dqbfb5270cbcd4fcce@mail.gmail.com> wp_version_check() performs the version check, and then sets the update_core transient if there's a new version. It doesn't return anything of value. Basically, WordPress checks for updates all by itself. All you have to do is to do a get_transient( 'update_core' ) and then, when it changes, it'll have information about a new version in it which you can use to send the email. -Otto On Mon, Sep 14, 2009 at 2:30 PM, Konrad Karpieszuk wrote: > hello :) > I am this guy who created few days ago plugin to notify by email if new > version of wordpress is available. > http://www.muzungu.pl/moje-pluginy-do-wordpressa/upgrade-notification-by-email/ > > in many places (eg http://www.wptavern.com/upgrade-notifications-by-email ) > you suggest me to use function wp_version_check() but i don't know how to do > this :( > > i found its description in update.php file but i still dont know how to use > it. i see that i return false or null. ok, but what it returns else? > > could anyone axplain me how to check if new version of wordpress is > available using this function and if it is available perform some action > (for example print "is available")? > > i tried to use this function in template file footer.php. i putted there: > > > > and it prints "not ok" at wordpress 2.8.1 and at 2.8.4. so result is thesame > on not actual and actual version of wordpress :( > > -- > (en) regards / (pl) pozdrawiam > Konrad Karpieszuk > http://konradjestwrwandzie.wordpress.com/ > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > From kkarpieszuk at gmail.com Mon Sep 14 21:09:15 2009 From: kkarpieszuk at gmail.com (Konrad Karpieszuk) Date: Mon, 14 Sep 2009 23:09:15 +0200 Subject: [wp-hackers] how to use wp_version_check() function? In-Reply-To: <161617690909141246n1752897dqbfb5270cbcd4fcce@mail.gmail.com> References: <67dfa4090909141230y610a2d3qd1f4ca583e9452@mail.gmail.com> <161617690909141246n1752897dqbfb5270cbcd4fcce@mail.gmail.com> Message-ID: <67dfa4090909141409t46cc3155iba08da69d0860b7c@mail.gmail.com> ooook :) so now i understand :) so if i want to check which version i have, i need to do this piece of code: // it takes all information: $update_core = get_transient('update_core'); // it takes information sent from wordpress server: $za = $update_core->updates; // it takes information about version with locale same as out (eg pl_PL) $zb = $za[0]; // and it takes info which version we have comparing to server version $zm = $zb->response; // return: "latest" for latest, "upgrade" if we have too old version and "development" if we have for example wordpress 12.4.2 ;) echo $zm; it's not a question :) i checked and it works, but i wrote those obvious things for people who will google this email ;) On Mon, Sep 14, 2009 at 9:46 PM, Otto wrote: > wp_version_check() performs the version check, and then sets the > update_core transient if there's a new version. It doesn't return > anything of value. > > Basically, WordPress checks for updates all by itself. All you have to > do is to do a get_transient( 'update_core' ) and then, when it > changes, it'll have information about a new version in it which you > can use to send the email. > > -Otto > > > > On Mon, Sep 14, 2009 at 2:30 PM, Konrad Karpieszuk > wrote: > > hello :) > > I am this guy who created few days ago plugin to notify by email if new > > version of wordpress is available. > > > http://www.muzungu.pl/moje-pluginy-do-wordpressa/upgrade-notification-by-email/ > > > > in many places (eg > http://www.wptavern.com/upgrade-notifications-by-email ) > > you suggest me to use function wp_version_check() but i don't know how to > do > > this :( > > > > i found its description in update.php file but i still dont know how to > use > > it. i see that i return false or null. ok, but what it returns else? > > > > could anyone axplain me how to check if new version of wordpress is > > available using this function and if it is available perform some action > > (for example print "is available")? > > > > i tried to use this function in template file footer.php. i putted there: > > > > ?> > > > > and it prints "not ok" at wordpress 2.8.1 and at 2.8.4. so result is > thesame > > on not actual and actual version of wordpress :( > > > > -- > > (en) regards / (pl) pozdrawiam > > Konrad Karpieszuk > > http://konradjestwrwandzie.wordpress.com/ > > _______________________________________________ > > wp-hackers mailing list > > wp-hackers at lists.automattic.com > > http://lists.automattic.com/mailman/listinfo/wp-hackers > > > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > -- (en) regards / (pl) pozdrawiam Konrad Karpieszuk http://konradjestwrwandzie.wordpress.com/ From johnbillion+wp at gmail.com Mon Sep 14 23:05:17 2009 From: johnbillion+wp at gmail.com (John Blackbourn) Date: Tue, 15 Sep 2009 00:05:17 +0100 Subject: [wp-hackers] vs Message-ID: <1fa535a70909141605w508db36y7fe3b5dff070597b@mail.gmail.com> I've just noticed that the Strikethrough button in TinyMCE doesn't use the tag as one might expect. It instead uses . However, when using HTML mode in the editor, a tag is used, complete with a datetime attribute. Surely the tag is the more semantic option? Any opinions? Not sure if this is WP-specific or a TinyMCE thing, I've not looked into the code yet. John. From johnbillion+wp at gmail.com Mon Sep 14 23:09:12 2009 From: johnbillion+wp at gmail.com (John Blackbourn) Date: Tue, 15 Sep 2009 00:09:12 +0100 Subject: [wp-hackers] wp-hackers archives missing Message-ID: <1fa535a70909141609g7e5313c0m164379a22eb7abf5@mail.gmail.com> August and September are missing from the wp-hackers archives at http://comox.textdrive.com/pipermail/wp-hackers/ . Has the list moved servers? From matt at sivel.net Mon Sep 14 23:16:00 2009 From: matt at sivel.net (Matt Martz) Date: Mon, 14 Sep 2009 19:16:00 -0400 Subject: [wp-hackers] wp-hackers archives missing In-Reply-To: <1fa535a70909141609g7e5313c0m164379a22eb7abf5@mail.gmail.com> References: <1fa535a70909141609g7e5313c0m164379a22eb7abf5@mail.gmail.com> Message-ID: <518fa9630909141616m760c1d93le0c94b8331541a19@mail.gmail.com> On Mon, Sep 14, 2009 at 7:09 PM, John Blackbourn wrote: > August and September are missing from the wp-hackers archives at > http://comox.textdrive.com/pipermail/wp-hackers/ . Has the list moved > servers? > _______________________________________________ > wp-hackers mailing list > wp-hackers at lists.automattic.com > http://lists.automattic.com/mailman/listinfo/wp-hackers > They have indeed moved. http://lists.automattic.com/pipermail/wp-hackers/ You can always check the email headers as the link is in there or http://lists.automattic.com/ and click on your list and then the archives link. -- Matt Martz matt at sivel.net http://sivel.net/ From scribu at gmail.com Tue Sep 15 00:15:39 2009 From: scribu at gmail.com (scribu) Date: Tue, 15 Sep 2009 03:15:39 +0300 Subject: [wp-hackers] Custom Templates in sub-folder In-Reply-To: <485dd1460909141035k47530dcbldfc6af5ecb38f6f8@mail.gmail.com> References: <485dd1460909141016k107d4145if6bb803c5f3957e4@mail.gmail.com> <518fa9630909141031v700c06a2r97d55c4107bf8399@mail.gmail.com> <485dd1460909141035k47530dcbldfc6af5ecb38f6f8@mail.gmail.com> Message-ID: <349fe48b0909141715w7e75d07bub48e2dabcfd82e8f@mail.gmail.com> On Mon, Sep 14, 2009 at 8:35 PM, Sudar Muthu wrote: > If anyone else, (apart from me) is able to replicate the issue, then I will > open a ticket. > > With Regards, > Sudar > > http://SudarMuthu.com > http://twitter.com/sudarmuthu > Reproduced in trunk. Feel free to open the ticket. -- http://scribu.net From liste at srpski.biz Tue Sep 15 03:37:00 2009 From: liste at srpski.biz (=?UTF-8?B?TWlsYW4gRGluacSH?=) Date: Tue, 15 Sep 2009 05:37:00 +0200 Subject: [wp-hackers] Adding javascript code after script is enqueued Message-ID: <9b6c20460909142037m7d040562uedb905c870da5c7f@mail.gmail.com> Is there way to add javascript code immediately after script is enqueued? I found function wp_localize_script, but it adds code before script enqueuing. I am asking this because of following problem. jQuery file included in WordPress is different from official one in that it has jQuery.noConflict at it end. If we use jQuery from Google AJAX Libraries, there is noconflict so we need to add it. Author of plugin Use Google Libraries (which enables use of files from Google?s servers) solved this by enqueuing file jQnc.js (which whole content is jQuery.noConflict(); ) . It is lightweight but it needs another request and headers could be up to kilobyte. It would be better if noConflict code is added in html of page, it will not increase page size, but it will remove one request. I asked Jason could he enable this but he said that he is not aware of way to do this with WP API. So, does anyone knows solution for this? Thanks From wp-hackers at striderweb.com Tue Sep 15 04:26:23 2009 From: wp-hackers at striderweb.com (Stephen Rider) Date: Mon, 14 Sep 2009 23:26:23 -0500 Subject: [wp-hackers] wp-config.php, wp-load.php, and ABSPATH In-Reply-To: <161617690909110843q41ce85efr63b36dbded0f0371@mail.gmail.com> References: <878933FE-8C92-4D22-82A2-7DECEFE0CFA7@striderweb.com> <161617690909100658n69d4ccb2ne763f50e10d850a0@mail.gmail.com> <288AD088-56FE-4E5E-BED0-3A2C9CDB9C50@striderweb.com> <161617690909100725t2078f6e8o740971ea7c895ee@mail.gmail.com> <161617690909110843q41ce85efr63b36dbded0f0371@mail.gmail.com> Message-ID: <6A8D8FCC-1127-494C-9E3C-AEAC207C546E@striderweb.com> On Sep 11, 2009, at 10:43 AM, Otto wrote: > Well, like I said, my problem with that is that you shouldn't do the > other one either. Okay then, here's an example that probably comes up a lot in plugins. I want to make a CSS file that gets some of its stuff from PHP. So "mystyles.css.php". Most of it is a simple echo, but a few things in the stylesheet are pulled from settings on the wp_settings table in the database. The CSS/PHP file is pulled directly by the browser and is thus not "WP Aware". How would I get that file to access the WP database? Stephen P.S. -- Also, if we're going to encourage coders to do it the right way, examples such as this would be a good idea to put into the Codex. :-) From admin at laptoptips.ca Tue Sep 15 06:13:40 2009 From: admin at laptoptips.ca (Andrew Ozz) Date: Mon, 14 Sep 2009 23:13:40 -0700 Subject: [wp-hackers] wp-config.php, wp-load.php, and ABSPATH In-Reply-To: <6A8D8FCC-1127-494C-9E3C-AEAC207C546E@striderweb.com> References: <878933FE-8C92-4D22-82A2-7DECEFE0CFA7@striderweb.com> <161617690909100658n69d4ccb2ne763f50e10d850a0@mail.gmail.com> <288AD088-56FE-4E5E-BED0-3A2C9CDB9C50@striderweb.com> <161617690909100725t2078f6e8o740971ea7c895ee@mail.gmail.com> <161617690909110843q41ce85efr63b36dbded0f0371@mail.gmail.com> <6A8D8FCC-1127-494C-9E3C-AEAC207C546E@striderweb.com> Message-ID: <4AAF3094.3050905@laptoptips.ca> Stephen Rider wrote: > Okay then, here's an example that probably comes up a lot in plugins. > > I want to make a CSS file that gets some of its stuff from PHP. So > "mystyles.css.php". Most of it is a simple echo, but a few things in > the stylesheet are pulled from settings on the wp_settings table in the > database. > > The CSS/PHP file is pulled directly by the browser and is thus not "WP > Aware". How would I get that file to access the WP database? Short answer: you can't. Best option is to add a normal stylesheet and then output any bits that depend on the db in a '; } Remember, that you can have multiple .class's , ie. style.css: .textColor1 { font-weight: bold; } and the above code, End result is that you get bolded coloured text. The Monotone theme is the first theme which comes to mind which shows that system in use. On Tue, 15 Sep 2009 18:58:48 +1000, J?rn R?der wrote: > Hi, > I think, you can? > > i try this: > - create style.css.php > > -embed new styles > - style.css: > @import url(style.css.php); > > - style.css.php: > > require_once("../../../wp-blog-header.php"); > header("Content-type: text/css"); > ?> > @charset ''; > > #header:after, > .header:after { > content:'' > } > > I don't now if there are any problems with caching, but you can read > this article on smashingmagazine about php and css. Maybee it will > help you. > http://www.smashingmagazine.com/2009/09/10/css-wishlist-new-ideas-debates-and-solutions/ > > > > Am 15.09.2009 um 08:13 schrieb Andrew Ozz: > >> Stephen Rider wrote: >>> Okay then, here's an example that probably comes up a lot in plugins. >>> I want to make a CSS file that gets some of its stuff from PHP. So >>> "mystyles.css.php". Most of it is a simple echo, but a few things >>> in the stylesheet are pulled from settings on the wp_settings table >>> in the database. >>> The CSS/PHP file is pulled directly by the browser and is thus not >>> "WP Aware". How would I get that file to access the WP database? >> >> Short answer: you can't. Best option is to add a normal stylesheet >> and then output any bits that depend on the db in a '; > } > > Remember, that you can have multiple .class's , ie. > style.css: > .textColor1 { > font-weight: bold; > } > > and the above code, End result is that you get bolded coloured text. > > The Monotone theme is the first theme which comes to mind which shows that > system in use. > > > > On Tue, 15 Sep 2009 18:58:48 +1000, J?rn R?der > wrote: > > Hi, >> I think, you can? >> >> i try this: >> - create style.css.php >> >> -embed new styles >> - style.css: >> @import url(style.css.php); >> >> - style.css.php: >> >> > require_once("../../../wp-blog-header.php"); >> header("Content-type: text/css"); >> ?> >> @charset ''; >> >> #header:after, >> .header:after { >> content:'' >> } >> >> I don't now if there are any problems with caching, but you can read >> this article on smashingmagazine about php and css. Maybee it will >> help you. >> >> http://www.smashingmagazine.com/2009/09/10/css-wishlist-new-ideas-debates-and-solutions/ >> >> >> >> Am 15.09.2009 um 08:13 schrieb Andrew Ozz: >> >> Stephen Rider wrote: >>> >>>> Okay then, here's an example that probably comes up a lot in plugins. >>>> I want to make a CSS file that gets some of its stuff from PHP. So >>>> "mystyles.css.php". Most of it is a simple echo, but a few things >>>> in the stylesheet are pulled from settings on the wp_settings table >>>> in the database. >>>> The CSS/PHP file is pulled directly by the browser and is thus not >>>> "WP Aware". How would I get that file to access the WP database? >>>> >>> >>> Short answer: you can't. Best option is to add a normal stylesheet >>> and then output any bits that depend on the db in a