WordPress Wednesday News: Mandatory WordPress Security Release, Sneak Previews of WordPress 2.4, Hoodies, Vote for WordPress, Moving to WordPress, Custom Fields, and More

Filed as Features on January 3, 2008 4:19 am

Mandatory WordPress security release. Upgrade now. WordPress hoodies are everywhere! Vote for WordPress and WordPress SEO Plugins. The debate over Howdy! Combining WordPress and podcast blogs. Considering moving to WordPress? Interesting use of Custom Fields. What do you want to see in WordPress 2.4? Sneak previews are starting to appear all over. Another WordPress blogger’s blog hacked. When will folks get the clue that it’s time to update your blog for your blog’s security and protection? Upgrade now.

WordPress News

Mandatory Security Release WordPress 2.3.2: WordPress 2.3.2 has been released and is a mandatory security upgrade. The full details of the update include an urgent security release to fix a vulnerability in draft posts, suppression of some errors messages that may put your database at risk, and other bug fixes. Upgrade to WordPress 2.3.2 now.

WARNING: I’ve seen many bloggers announce the new WordPress security update, debating publicly about whether or not they should upgrade or wait for the next major version. You’ve just told hackers that your blog is open for hacking. Take care in making your WordPress version public, and opening yourself up blatantly to attacks. If you choose to upgrade or not, that’s up to you, but why advertise your version vulnerabilities?

WordPress 2.4 Administration Panel previewWordPress 2.4 Administration Panel Previews: The buzz around the new backend WordPress Administration Panels for the upcoming January release has arrived. Tubetorial has a “WordPress 2.4 Administration Panel Preview” video which shows just what has been done to date, with a lot more to come. Hyper SVN has a “live” demo of the new WordPress Administration Panels. Expect many of these sneak previews hitting the web as everyone wants to be the first to show it off. Also, expect to see a lot of changes before this release and the next few versions as the Administration Panels get fine tuned.

What Do You Want to See in WordPress 2.4? Andrew Benton has published a list of what he hopes to see in WordPress 2.4 (due the end of January) including improvements in the WYSIWYG Rich Text Editor, improved image handling, better community features, and built-in code formatting for publishing code in your blog posts. What do you want to see in the next version of WordPress?

Installing WordPress On Your Home Computer: Weblog Tools Collection is offering a two part series on installing WordPress locally on your computer so you can play with WordPress Plugins and designs before you release them to the public.

Chart Comparing WordPress and Blogspot: Techbays offers a chart comparing WordPress and Blogspot features, similarities, and differences. Want to move?

The Good, Bad, and Ugly of Moving to WordPress: BlogBloke covers the good, bad, and ugly of moving his blog to WordPress with some great insights and tips on what it takes, that it’s not as hard as many think, and all the gory details.

WordPress on Your Calendar: Are you involved with a WordPress group or club in your area? Make sure you announce meetings on the WordPress Meetup list and let me know so I can help promote your group’s activities. The first Manchester WordPress User Group in England has formed and their first meeting is in January. Maybe it’s time you started a WordPress group in your area?

Here are some WordPress-related dates and events to put on your calendar as found on the WordPress Roadmap and the WordPress Meetup Group Listings (subject to change):

If you are having a WordPress-related event that isn’t on the calendar, post them below or via email.

WordPress 2.4 Digest: This week’s WordPress weekly digest on WordPress 2.4 development include the beginning of the new Administration Panels features, more improvements and fixes in various importers and password security, documentation for more files, security improvements, and more. They’ve introduced a deprecating function and file use tracking functionality for WordPress Theme and Plugin developers to better identify what elements have been deprecated, a frequent complaint with major changes to the database tables and template tags.

WordPress Security News: The latest release of WordPress 2.3.2 is a mandatory security release, fixing some recent vulnerabilities found in WordPress. Arpit Jacob of Clazh joins the club of many WordPress bloggers who haven’t upgraded their WordPress blog and have been hacked. Upgrade WordPress now.

The most recent news on WordPress security includes:

To check your blog’s security, try WPIDS – WordPress Intruder Detection System and WP Scanner WordPress Plugin.

Combining WordPress and Podcast Blogs: I’d Rather Be Writing offers “My Blog and Podcast Site Are Now Merged into One — Steps on How I Did It”, an interesting step-by-step guide on combining two WordPress blogs into one, with tips for combining a podcast blog with a regular WordPress blog.

Vote for WordPress: TechCrunch Crunchies Awards list WordPress among the “Most Likely to Succeed” nominees with an eclectic bunch including Zivity, Slide, Mint, and Kayak, totally unrelated sites. Very odd combination to choose from and no clarification that the vote is for WordPress.com not WordPress overall, but your vote for WordPress is always welcome by the WordPress Community. Automattic CEO, Toni Schneider is nominated for Best start-up CEO, so cast a vote there, too. Can someone tell me why WordPress.com isn’t listed in the Best overall category?

Removing Feeds From Google Search Results: With all of the fuss over WordPress creating duplicate content, Google has announced it’s removing feeds from its search results. For more information, see Google’s topics on Crawling, Indexing and Ranking.

More WordPress Cache: Perishable Press has published “How to Enable the Default WordPress Object Cache”, an indepth look at site performancing issues related to how WordPress handles cache, as well as exploring caching WordPress Plugins, to control and fine tune the traffic load on the site.

Thinking of Using WordPressMU to Run Multiple Blogs? Think Again: Using WordPress MU to Power Multiple Blogs from DevLounge looks at the issues of using for managing multiple blogs, and the conclusion is that while it works, it’s not really recommended for this purpose. WordPressMU is for hosting independent blogs, not managing multiple blogs. To run multiple blogs from one administration panel, try the Manage Multiple Blogs WordPress Plugin and get more information in Multiple Blogs Through Multiple Installs from the , the online manual for WordPress Users.

Tracking Deprecated Functions for WordPress 2.4 – Get Your Plugin and Theme Ready: Peter Westwood covers “WordPress: Tracking Deprecated Functions”, a good look at the changes in WordPress 2.4 and which functions will work, and which won’t, and what’s new. If you are a WordPress Plugin author or WordPress Theme designer, look now at these changes to make sure you release the most updated version of your WordPress Theme in time for the January release of WordPress 2.4.

Howdy! Welcome! Fixed!: Weblog Tools Collection’s “Howdy Stranger” looks at the debate recently among WordPress developers about the use of the word “Howdy” in the WordPress Administration Panels Example of the Howdy in WordPress Administration Panelsas not being appropriately “translatable”. Enter the No Howdy Plugin by Ozh with the fix to the “untranslatable” welcome.

Vote for WordPress Ideas: Want your say in the next version of WordPress? The section on WordPress is an open forum for you to have your say. Why not take advantage of it and add your voice to the vote.

Last Week’s WordPress Wednesday News: Last week’s WordPress Wednesday News report covered WordPress 2007, Nominated for TechCrunch Crunchies, More WordPress Blogs Hacked, WordPress Events in 2008, WordPress.com Blogger Wins, and Snow, if you would like to catch up with the news on WordPress.

WordPress.com News

WordPress.com W logoAdding Avatars and Gravatars to Your WordPress.com Blog: Last week, I gave you tips on adding avatars and Gravatars to your WordPress.com blog, and I’ve expanded these into Adding Avatars and Gravatars to Your WordPress and WordPress.com Blog, with examples of the various sizes an avatar image goes through on a WordPress.com blog, Administration Panels, and throughout the WordPress.com community.

WordPress.com Now 2 Million Strong: WordPress.com counted two million blogs signed up Tuesday. Congrats all!

What’s Hot on WordPress.com? The hottest blogs on WordPress.com were:

The hottest blog posts on WordPress.com were:

New To WordPress.com: If you are new to blogging on WordPress.com, check out this basic guide on What Do I Do With My New WordPress.com Blog?.

WordPress Plugins and Themes News

WordPress Plugins DatabaseThe Worst WordPress Plugins: Full Tilt Blogging offers “15 Worst WordPress Plugins”, a delightful satire on the worst of the worst WordPress Plugins.

Vote for Best Search Engine WordPress Plugins: The Search Blogs Awards of 2007 by Search Engine Journal includes the Best SEO Plugin for WordPress as a new category. Vote for your favorite SEO WordPress Plugin from among:

Using Custom Fields For Post Title Graphics: 5ThirtyOne offers “WordPress Custom Fields: Laying Text Over Your Lead Graphic, an interesting method of using the Write Post Panel’s Custom Fields to add a graphic to your post title with the post title text over the image. There are many methods of using Custom Fields. Aaron Brazell sponsored a “WordPress Custom Fields Contest” and the results give you lots of great ideas for using Custom Fields. See also Using Custom Fields in the WordPress Codex.

ShortStat WordPress Plugin Tip: Perishable Press offers tips for reducing the database table size for the popular ShortStat WordPress Plugin.

Role Manager WordPress Plugin Updated: Role Manager WordPress Plugin has been updated and includes new security improvements.

Akismet Updated: Akismet has been updated to version 2.1.2 and has several new features including filtering by comment type and the addition of Plugin hooks.

Update Subscribe to Comments Plugin: Donncha reports that a bug was found in the popular Subscribe to Comments WordPress Plugin by Mark Jaquith. Please update this Plugin immediately.

Fast Updating: Worried about updating WordPress? The InstantUpgrade WordPress Plugin makes the process simple and easy.

Interesting WordPress Plugins: Some interesting WordPress Plugins I’ve stumbled across recently include:

Finding WordPress Plugins: For more WordPress Plugins see the official WordPress Plugin Directory, the WordPress Plugins Database, and Weblog Tools Collection of WordPress Plugins released daily.

WordPress Techniques and Tips

Here are some featured articles and videos from around the WordPress Community and the , the online manual for WordPress Users, the source to turn to first for your WordPress help.

NOTE: If you would like your WordPress tip and technique included in this list, see Tips For Writing Good WordPress Tips and Writing and Publishing Code In Your WordPress Blog Posts.

WordPress Community News

WordPress Community graphicGet Your Hoodies! WordPress Hoodies are here and will start shipping again January 2nd, so get your warm sweatshirt with a hood now and proudly let the world know you are WordPress-cool this year. Buy an extra for a friend or family member at the WordPress Shop.

WordPress Podcast: A new episode of the WordPress Podcast is out. Episode 32: Automattic Rumors, Lorelle Provides WordPress.com News includes an interview with Jonathan Bailey of Plagiarism Today and the Blog Herald discussing copyright issues and content theft, rumors of Automattic’s financial ventures, the WordPress.com Premium Theme Marketplace, and Lorelle joining as a reporter for news on WordPress.com.

Looking for WordPress Books? WPThemesPlugin offers a summary of the WordPress books published over the past couple years. The list includes my book, Blogging Tips (which is about blogging not WordPress specifically), WordPress 2 Visual QuickStart Guide, WordPress Complete, and the new WordPress For Dummies, among others.

Need Help With WordPressMU? Work is ongoing to improve the WordPressMU documentation on the WordPress Codex. If you need help and information on WordPressMU, start there.

WordPress Installed For Free: If you have problems installing the full version of WordPress, visit Installing WordPress for Free (aka Install4Free WordPress). This free, volunteer-driven service is limited to personal blogs only, and they help only with installations, not upgrades.

Using WordPress in Your Blog’s Name: WordPress is a trademark and you are not allowed to use WordPress in your blog’s name or URL unless you have permission of and . Also, remember, it’s spelled “WordPress” not “WordPress”. Oh, and Plugin is Plugin, not plug-in (what you put into a wall electrical socket).

Looking for a WordPress Expert? WordPress Consultants on is a list of experts you can hire to help you with WordPress Themes, WordPress development, WordPress Plugins, or other WordPress-related expertise. Also see the WordPress Jobs listings, and the WP-Pro mailing list.

If You Are Reading This: If you are reading this blog post NOT on the or from within your feed reader, it is being used against the copyright policy of the copyright owners. Please report it immediately so action may be taken to break some heads and feed scraping blogs.

Even More WordPress News?

Past WordPress Wednesday News Reports

WordPress News Sources


Each Wednesday on is WordPress Wednesday, featuring the news around the WordPress Community. If you have a WordPress news item or tip to suggest, please contact me at this special email address: lorelleonwordpress@gmail.com

Tags:

This post was written by

You can visit the for a short bio, more posts, and other information about the author.


Submissions & Subscriptions

Submit the post to Reddit, StumbleUpon, Digg or Del.icio.us.

Did you like it? Then subscribe to our RSS feed!



  1. By Blog Bloke posted on January 3, 2008 at 6:31 am
    Want an avatar? Get a gravatar! • You can link to this comment

    Thanks for the link Lorelle. It was gory wasn’t it ;-)

    Reply

  2. By Andrew Benton posted on January 3, 2008 at 12:28 pm
    Want an avatar? Get a gravatar! • You can link to this comment

    I appreciate the mention of my site! Nice article by the way, some great stuff here.

    Reply

  3. By Jacob Santos posted on January 4, 2008 at 3:22 am
    Want an avatar? Get a gravatar! • You can link to this comment

    The WordPress Codex offers the WordPress Deprecated Functions Hook for the deprecated function hook API.

    The deprecated function API does not handle all of the WordPress deprecated function list. I think a better term would be obsolete function API, since all of the functions in deprecated.php are marked using the deprecated function.

    The other “deprecated” functions are not marked using the deprecated function and therefore theme and plugin authors will not know what they are, unless they look at the list.

    Overall, while I’m not happy that about the whole deprecated/obsolete, whatever it is good. I think going forward theme and plugin authors can expect that when functions and files should not be used, that there will be notices (quite literally) about their mistakes.

    The deprecated functions have been documented (not sure if all of the documentation has been committed. If someone runs PHPDocumentor on the WordPress source, they will get an extra 4 or 5 functions that won’t pop up notices.

    Yes, that is right, there aren’t that many functions that are deprecated! You would think that people would read deprecated.php every once in a while. Oh yeah, that file has been documented, but since the functions are deprecated no one should be using the documentation anyway. The reason to read it is to get the functions you should be using.

    Reply

  4. By Lorelle VanFossen posted on January 4, 2008 at 3:25 am
    Want an avatar? Get a gravatar! • You can link to this comment

    @Jacob Santos:

    That’s true and thanks for the link. The deprecated.php file hasn’t been around for very long, so many aren’t familiar with it. Thanks for the reminder to all.

    Reply

  5. By Jacob Santos posted on January 6, 2008 at 4:43 am
    Want an avatar? Get a gravatar! • You can link to this comment

    My mistake. All of the deprecated functions are marked thus as deprecated. Only get_link() is not, which the deprecated function has not yet been added to deprecated.php.

    Reply

  6. By Paul Walsh posted on January 7, 2008 at 6:52 pm
    Want an avatar? Get a gravatar! • You can link to this comment

    I would like the ability to explictly set the URL in hyperlinks.

    I find thay when adding a link in wordpress it will append the domain once or twice to the left before the domain i wish to link to.

    For example, say i want to link to http://www.cnn.com
    I write my post as usual, then i highlight the word to link and add in the URL.

    You would expect this would work, but it does not and all links end up like this :

    http://www.mydomain/%20/http://cnn.com

    Even editing it in HTML mode does not help. If you know how to fix it ….do let us know..

    Reply

  7. By Lorelle VanFossen posted on January 7, 2008 at 7:39 pm
    Want an avatar? Get a gravatar! • You can link to this comment

    @Paul Walsh:

    First, you put the link in properly, with the http:// in front, or use the link buttons to add the link to your blog. And most WordPress blogs will convert www leading links into the correct form. If you leave the www off, it can misinterpret, so you have to write it in its right form.

    Actually, “link dumping”, what I call dumping full URLs into blog posts is bad form and ugly. Short ones like http://www.cnn.com isn’t the end of the world, but long ones are. Put them in a proper text form like CNN and you will not have this problem.

    WordPress can’t read your mind and know what you mean when you put in a bad link form. It doesn’t know where the link is to go, within your page or outside.

    Reply

  8. By Is the World Going to End in 2012? posted on November 2, 2010 at 7:58 pm
    Want an avatar? Get a gravatar! • You can link to this comment

    I read through this entire post, only to learn later that it is from 2008. Oops!

    Reply

    Your words are your own, so be nice and helpful if you can. If this is the first time you're posting a comment, it might go into moderation. Don't worry, it's not lost, so there's no need to repost it! We accept clean XHTML in comments, but don't overdo it please.

    Current ye@r *