Congrats to Donncha O Caoimh for releasing version 1.0 of his popular caching plugin, WP Super Cache. The release is an incremental improvement over previous versions but contains a number of bugfixes and new features such as a “Delete Cache” link within the admin bar. Back in 2009 when the plugin was first released, it was THE plugin that everyone suggested using if you wanted to increase performance on your site due to caching. Now a days, it seems as though W3 Total Cache has taken over that position. However, it’s nice to see Donncha still improving the plugin to provide users an alternate choice in caching solutions. ∞
By Jeffro on October 5, 2011
One of the coolest things about BuddyPress is that when it was developed by Andy Peatling, he made sure to put in a considerable amount of effort into creating a BuddyPress Starter theme as well as a BuddyPress starter plugin. Knowing that those two things would be often used as the beginning stages of a plugin or theme, only the best coding practices were used as a means of not only having a blank slate to start from, but also teach developers at the same time. It’s like Hello Dolly! but without the lyrics. Boone Gorges has announced that the tradition has continued with the release of BuddyPress Skeleton Component v1.6. The new release features the following:
- Refactored to use the BuddyPress 1.5′s new
BP_Componentclass, making it dead-simple to register globals, create navigation items, and hook into the BP load order
- File structure reorganized to better reflect BP 1.5′s organization, and to provide more fine-grained access to functions
- Data storage class totally refactored, to use custom post types and WP_Query, instead of custom database tables.
- Added a small guide for creating a top-level component directory (a “root component”), which was missing in earlier versions
- Tons of documentation added and revised
It’s important to know that any plugin built from version 1.6 of the Skeleton Component will be incompatible with BuddyPress versions prior to 1.5. It’s recommended by Boone that you first create the plugin for BuddyPress 1.5 and build in backwards compatibility as an after thought.
By Jeffro on September 5, 2011
Joost de Valk who is pretty popular these days, especially after the release of his Yoast SEO Plugin tells us the story of how one of his sites was hacked because a theme containing the TimThumb vulnerability was not updated. If that were not interesting enough, Joost shares a statistic that doesn’t surprise me one bit. According to Joost, after he releases an update to his plugins, he rarely sees more than 20% of the user base upgrade within the first week.
We, as a community, need to get better at that.
I agree. People such as myself have harped on the fact that people need to start upgrading their WordPress installs sooner rather than later once an update has been released. I don’t have the numbers to back it up but I’m willing to bet that thanks to the easier upgrading processes built into WordPress, there is a larger number of people updating within the first week compared to when users had to manually upload the updated files to the server.
As if keeping abreast of updates for WordPress were not enough, users have to be vigilante on knowing when there are updates for both plugins and themes. Despite WooThemes publishing the information on their website regarding the security flaw and the associated fix, Joost still became a victim one month later. It seems as though KNOWING about the update is at least half the battle. Therefor, what do you think is the best way or ways to keep users abreast of updates for plugins and themes, especially as it relates to security releases? As it stands, the only time I know of when a plugin or theme needs to be updated is when I’m at the dashboard screen and I see the notifications. Should there be a built-in function in WordPress that plugins as well as themes can use to send email notifications to administrators when an update is available? Or, do we rely on plugin and theme authors to individually come up with ways to help their user base keep in touch with updates?
By Jeffro on February 9, 2011
WordPress 3.0.5 was released the other day to address a couple of issues dealing with security and untrusted user accounts. While those issues were addressed, it was soon discovered that one of the security fixes for 3.0.5 created another problem of stripping HTML on display from people with the unfiltered_html capability. Instead of fixing that minor problem and releasing 3.0.6 which would have been embarrassing to say the least, a hot fix was applied to the latest version of Akismet which was also due for an upgrade. This solved the problem for at least a few users but not everyone.
Mark Jaquith then created a plug in which contains the hot-fix but also mentioned that the plug in could be used in the future to fix selected bugs as well. If a number of WordPress powered sites would have this plug in installed, it would be a handy way of pushing out fixes.
I’m not quite sure I understand the reasoning behind this. 3.1 is right around the corner and that branch already has the fix applied while those who know how can simply update their sites via SVN through the nightly builds. In the comments, Ozh also raises a good point in that how do you explain the difference between a hot fix versus an update for WordPress? It’s an unnecessary process that I don’t want to go through. There was also the suggestion of perhaps bundling the Hotfix plug in with WordPress like Hello Dolly or Akismet which is a bad idea. There is a strong contingent of people (I’m one of them) working hard to try and de-couple Hello Dolly and Akismet from the core package of WordPress and the last thing we need is yet another bundled plug in with core.
The best recommendation came from Andrew Nacin in the comments of strengthening the update procedures of WordPress. By the way, one tidbit of information to keep in mind throughout all of this is that somewhere around WordPress 3.2, the goal is to stop updating over the wp-content directory which I know will make some people happy.
By Jeffro on February 2, 2011
Is anyone out there interested in adding Post Format support to the WPTavern theme including the necessary styles to go with them? I’m willing to pay $20.00 to have this done as I’m currently working on some other things and don’t have time to add the support let alone the stylesheet additions. If you’re interested in playing around with the Tavern theme, it’s called Tavern News and can be downloaded from here. Note that it’s a child theme for the Hybrid Theme Framework by Justin Tadlock so you’ll need to have that installed in order for Tavern News to work.
By Jeffro on October 27, 2010
This post is an FYI to plugin developers. According to Scribu who posted on the WordPress development update blog, If you were using register_activation_hook() to also handle updates from older versions of your plugins, you will not be able to do so any more in WP 3.1: The activation hook is now fired only when the user activates the plugin and not when an automatic plugin update occurs. This is consistent with how the deactivation hook works.. There is a proposal for a register_update_hook instead within ticket 14912.
All plugin authors should read the post and the associated tickets to make sure your plugin will check for updates properly after WordPress 3.1 is released.
By Jeffro on September 6, 2010
I don’t know about you, but I have a widescreen monitor and I’ve enjoyed having the WordPress administration menus collapsed versus extended. The extra real estate is nice to have with less for me to look at. However, this collapsed menu comes at a price whereas, this menu option does not allow me to see updates for plugins, themes, nor can I see if any comments are being held in the moderation queue. While I think this is a WordPress shortcoming, Scott Reilly has once again created a simple plugin that solves a simple problem. It’s called Notifications For Collapsed Admin Menu. This plugin shows a visual notification by providing a background color on the comment and plugin icons. As a bonus, if you hover the mouse cursor over the icons, a tooltip will show the number of comments or plugins that need to be taken cared of. The following image provided by Scott is a good explanation as to how this plugin works.
If you choose to use this plugin, keep the following note in mind:
Also refer to the plugin page for directions on how to change the color that is used for the visual notification.
By Jeffro on August 10, 2010
Raphael has released an updated version of the After The Deadline extension for OpenOffice that fixes a bug that prevented OpenOffice from applying AtD to non-English (US) documents. Instead of using en_GB, en_UK was used instead, creating the problem. The new version also cleans up the AtD Service option where trailing slashes from URLs are removed which makes it easier to reset the extension to the default AtD server. If you’re using this extension with OpenOffice, click Tools -> Extension Manager -> Check for Updates to get the latest version.
By Jeffro on January 7, 2010
Scott Reilly, also known as Coffee2Code has been busy as of late churning out plugin updates. This guy some how continues to find a way to maintain about 60 plugins. Some are simple while others provide awesome functionality. To hear more insight in to how Scott does it, check out this interview I did with him back in August of 2009. Also keep an eye on Coffe2Code.com to see if any of the plugins you use by Scott have been updated.
By Jeffro on June 15, 2009
The other day, I noticed I had about 9 plugins that needed to be upgraded. So I browsed to the plugin management page in WordPress 2.8 and noticed the link to view the details regarding the new plugin version as I figure that will tell me why I should upgrade. Once I click on this link, I get a lightbox popup showing me the same view I would see if I were looking at this plugin on the WordPress.org plugin repository. Tabs to see the description, installation, screenshots, Faq and other notes. No Change Log link.
So, I end up clicking on the plugin homepage link which takes me to where ever this plugin calls home on the net which is typically a post on a blog announcing its release or in some instances, a page dedicated to the plugin. Often times though, the plugin homepage link takes me to the root of the site and I end up having to dig around and search until I find a post about the version in question. What an aggravating experience.
I do have a bit of good news though. Some plugin authors actually provide changelogs within the description tab of the plugin. Others provide a direct link to a page which contains the changelog which is better than nothing.
I’m not a plugin developer so I’m not sure if this is possible but, the best solution would be to include a Change Log link along with the other links such as description, installation, etc. I’ll have a hard time believing this doesn’t make any sense but plugins now a days are coming out with new versions where I can’t easily see what has been changed and before you know it, some option has been added and turned on by default without my knowledge.
I’m interested to know what your thoughts are on this issue.