Support » Plugin: Jomres Booking System » Offsite Installation.

  • Avant 5

    (@avant-5)


    Do not install this. It is only a web installer, not the actual plugin. The files are loaded to your server from a remote server, which means they are not under monitoring and control of WordPress.org – you could be loading anything onto your server. Sloppy server security with plugins is the main reason WordPress sites get hacked.

    Why is WP even allowing this in the repository?

Viewing 11 replies - 1 through 11 (of 11 total)
  • Plugin Author jomres

    (@jomres)

    If offsite installation bothers you, you can download the entire system from here https://github.com/WoollyinWalesIT/jomres (releases https://github.com/WoollyinWalesIT/jomres/releases is also an option)

    You’re not forced to use the web installer, but it’s the most convenient method of delivering a large system to your site. The choice is yours, and I always endeavour to be as open and transparent as possible in everything I do.

    Donnacha

    (@donnacha)

    Jomres is a big system, the WordPress plugin acts as the bridge that integrates it into your site. There is nothing sloppy about this, Jomres has been rock solid for over 12 years and this WordPress integration has been available for almost 4 years without any problems.

    @avant-5, looking at your profile, you seem to specialize in hysterical one-star reviews. Jomres is in good company because, in one review, you attack Woo Commerce, the biggest E-commerce product in existence, and had to have a developer patiently explain to you that your issue had nothing to do with Woo Commerce. You still didn’t remove your low rating.

    Then you throw a tantrum about another plugin because their paid version has more features. You seem to have no understanding of the model that allows most of the free plugins and themes here to exist in the first place.

    As a WordPress user, I depend on the star rating system to help me figure out which plugins and themes are worth looking at. Inexperienced users like you distort the system because, like some sort of power-crazed Yelp reviewer, your first reaction to any sort of frustration, due to your own technical ignorance, is to leave a one-star review.

    In the case of Jomres, an incredible feat of Open Source code which allows thousands of businesses to operate independently, you presume that the WordPress plugin review team are somehow not aware of how it works, and that it has somehow remained here, breaking some imagined rule, for almost 4 years because everyone, except you, is an idiot.

    I suspect you might have that backwards.

    • This reply was modified 2 years ago by Donnacha.
    Avant 5

    (@avant-5)

    Ok, Donnacha, I’ll address those points, since you’ve decided to call me an “idiot” and then lie about what I’ve done.

    First, I’m a programmer that started programming in 1982 as a hobby. It’s been my job since 1998. I’ve been coding custom WordPress themes and plugins since 2007. So I think that your assessment of me being “inexperienced” is way off base.

    Second, “biggest” does not equate to quality. McDonald’s is the biggest and most popular restaurant in the world. But very few would argue that this makes it the best food. I would however agree, Woocommerce is the McDonald’s of eCommerce solutions.

    Next up, apparently you didn’t finish reading the discussion on Woocommerce. The developer’s “polite” instruction was that I should use another plugin. If he suggested that Woocommerce wasn’t the problem, he was and IS wrong. If you continued to read the discussion, I fixed the issue by writing my own payment gateway for Paypal. So with my “technical ignorance” I was able to fix the problem that persists now in Woocommerce.

    When I left a 1-star review about a plugin that had “more” features in the pro version, that was because the “free” version has no real-world usability. It is merely a demo version that is a feeder to sell the Envato Marketplace version. I have no problem with people selling their plugins and making a living. But the WordPress Repository is not supposed to be a marketplace, it is supposed to be a repo for open source software.

    WordPress has gotten a bad rep for being insecure because so many WordPress sites get “hacked”. The reality is WordPress is pretty secure in and of itself, it’s flaws in plugins that are the main reason people’s sites get exploited. So yes, when I see a plugin that is backloading from a remote location, it’s a MAJOR red flag for any experienced and security-aware programmer. It’s an important piece of information that people that can’t program and aren’t conscious of the potential issues should be made aware of, and by flagging it with one star people are likely to be aware.

    But you go ahead and try to make it work for you, and feel free to ignore my ‘technically ignorant idiot’ reviews. It’s your wasted time, and I do not care.

    Avant 5

    (@avant-5)

    Since you took the time to research me, I did the same. It looks like you either work for Jomres or you’re getting kickbacks to shill for them. So I find your commentary untrustworthy, like a paid Yelp review, since we’re going down that road.

    You reply to all the negative Jomres reviews with insults and a condescending tone. Clearly you’re involved and biased, as proofed by this snippet from your own website: “and consider it to currently be the most interesting Open Source Software project.” Really? More interesting than all of the open source programming languages, Python, PHP, more interesting than React Native, more interesting than Linux? A WordPress plugin for hotel booking is the most interesting open source software project? I don’t think so.

    And please note THIS Jomres review:
    https://wordpress.org/support/topic/excellent-1369/

    It’s a 5-star review, and entited “Excellent”. But if users read the commentary, they will see that the plugin completely fell apart, the website broke, and turned into a 6-month customer service nightmare. The user went on to amend his “Excellent” to “What an utter and complete disaster!!!!!!”

    “4 MONTHS later the problem is still not resolved. A lot of buck passing between Jomres and OSDCS!”

    “It has been 4 months and does not work – look at the history of the support tickets!”

    “Also had to give the developers the passwords to access WordPress – I now get this error message when login in:- “You do not have sufficient permissions to access this page.” They are blaming the host!” [note: Add this to this developer offloading the plugin from a remote source, that’s a double security red-flag]

    If you hadn’t called my attention back to Jomres, I never would have noticed this review, but for looking at your “helpful” comments to other people’s reviews. It’s shameful that Jomres has someone shilling and inserting bogus information into posts to try to invalidate legitimate information that’s actually useful to users that are concerned about their website security when looking at plugins.

    Given that this 5-star review is broken, and your 5-star review is actually just a shill promotion, that leaves three legit (maybe) 5-star reviews and three 1-star reviews.

    It’s hard to trust the other positive reviews since we now know that Jomres has you doctoring the review information, the other 5-star reviews could be more of the same.

    Plugin Author jomres

    (@jomres)

    Well, that escallated quickly.

    Regarding the ticket in the other thread, I looked it up. I did reply to the user however they never responded, so the allegation of ignoring them is completely unfounded. I’ve not had any other complaints about Jomres/WP/their gateway not working in the three years since so I assumed that OSDCS and the user had resolved the issue.

    Donnacha doesn’t work for me. He is, however, a very enthusiastic user and has been for many years and I now consider him a friend. This is something I always want to do, turn users into friends because that’s how we all move forward. This has come about because I listen to his suggestions and where possible and if appropriate, I will implement them.

    Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    Well, that escallated quickly.

    Yeah, no kidding.

    *Drinks coffee and does the hand time out thing*

    Everyone? Take 5 and try and remove the personal attacks. Really, do that.

    It’s hard to trust the other positive reviews since we now know that Jomres has you doctoring the review information, the other 5-star reviews could be more of the same.

    No, don’t do that. Reviews are taken seriously as user (not customer, I need more coffee) feedback. Do not make accusations like “doctoring the review information” as that’s just not the case.

    Keep this review about this plugin and your experiences here. If people want to to participate here in a positive way, that’s cool. The author has indicated that suggestions to improve the plugin are welcomed. That’s good.

    More name calling or replies of “He started it!” will get red flags tossed and this review closed.

    • This reply was modified 2 years ago by Jan Dembowski. Reason: Fixed "customer"
    Plugin Author jomres

    (@jomres)

    Thanks Jan, I think I’ll join you in that cuppa.

    Donnacha

    (@donnacha)

    I would not say that I “researched” anyone, I did what anyone should do when they see a one-star review: I quickly checked the reviewer’s profile to confirm that he has never had a good word to say about anyone else’s work. When you see exclusively negative reviews, well, that says all you need to know about that person’s sense of entitlement and lack of respect for the hard work of others.

    I make my living from code, so, I am grateful to any developers who produce a product that does what it is meant to do, and who stick with that product for years, allowing me to build my business upon their code.

    In particular, I don’t throw a fit when a free WordPress plugin, providing functionality that I need, happens to have a paid version. I know of no real programmer who would have a problem with the idea of paying some money for code that will save time and allow them to expand what they can offer their clients.

    Just to be clear, the paid version of Pinpoint Booking System, the target of another vile one-star review, costs a mighty $5. Five dollars. Seriously, ponder that, consider how far your sense of reality must extend for a $5 premium version to be worthy of your ego-rage.

    In a bitter, one-star world, it might seem as if five-star reviews are “shilling” but, no, their function is to call attention to good work and let the developers know that it is appreciated.

    I make no secret that I have been using Jomres for almost a decade, and I consider it to be “the most interesting Open Source Software project” because it is a tool that allows almost anyone, with a little determination and patience, to set up a business offering clients booking sites that are immediately valuable to them. That is the sort of niche power than people entering the business today need, there is too much competition to make it as just another Web designer.

    Simply through being a user, I have become friends with the developers and, yes, it angers me when I see people come along and trash their work over something as clueless and trivial as how it is installed. You can be pretty sure the reviewer has not spent 12 years building and evolving a platform, that they don’t get up every morning and spend most of their day patiently providing support.

    I am glad that, ten years ago, I adopted Jomres as one of my most vital tools. I am proud that I was one of the people who encouraged them to integrate it with WordPress. I have enjoyed watching it continually improve, while competing products disappeared after just a year or two. I am amazed by how much easier it is to use today, how new users can get up-and-running with a fully booking site in minutes, and I shake my head in disbelief when I hear people whinge about completely inconsequential issues. Someone hands you 12 years of focused effort and you’re too busy, pumping your ego with your one-star super powers, to recognize the value of that. Pathetic.

    • This reply was modified 2 years ago by Donnacha.
    • This reply was modified 2 years ago by Donnacha.
    Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    Jomres? Coffee is good. 😉

    *Reads more*

    See, that’s really what I meant.

    I would not say that I “researched” anyone, I did what anyone should do when they see a one-star review: I quickly checked the reviewer’s profile to confirm that he has never had a good word to say about anyone else’s work. When you see exclusively negative reviews, well, that says all you need to know about that person’s sense of entitlement and lack of respect for the hard work of others.

    Right. Emphasis added by me and I disagree. Here’s why.

    In a bitter, one-star world, it might seem as if five-star reviews are “shilling” but, no, their function is to call attention to good work and let the developers know that it is appreciated.

    You’re OK with 5 stars but have a problem with someone who leaves 1 stars? That user hasn’t left a lot of reviews. I’ve done that and there’s nothing wrong with that sort of feedback.

    In particular, I don’t throw a fit when a free WordPress plugin

    and

    Someone hands you 12 years of focused effort and you’re too busy, pumping your ego with your one-star super powers, to recognize the value of that. Pathetic.

    You called another user an idiot in these forums. Don’t repeat that again. I’m not the best person to be “growning up” others but name calling gets people into trouble here.

    I’m going to leave this review open but one more negative reply and it’s closed.

    Anyone replying here is either a moderator, the plugin author or the user. Keep the feedback on the plugin only. No one is doing anyone any good by this back and forth.

    Avant 5

    (@avant-5)

    In addition to the off-site downloading, the plugin does not clean up well. After deactivating and selecting to delete, and answering ‘yes’ to the “Are you sure you want to delete Jomres and it’s data” the data persists, which includes a directory – that is not in the plugins directory for some reason – containing 8,064 files, as well as a curious 67 database tables.

    For those less familiar with the data structure in WordPress, WordPress itself only uses 12 tables. Woocommerce which is a massive, feature-rich application with tons of options and parameters as well contingencies for a very broad range of products and variants only has 14 tables. Between them 26 total, compared to the 67 tables Jomres creates.

    I have not had the time – yet – to look over the code to see the hows-n-whys of all of these tables, but I suspect that this would end up creating a great deal of overhead over time on a site that’s marginally busy. Where so many site owners are mired in WordPress performance issues, using CDNs and caching plugins to improve performance, a plugin that adds a great deal of overhead would be a concern for a lot of users. I am not even close to a performance expert, so I will have to have a friend look at it and run benchmarks when he gets free, and then if and when he can help, I will share his findings.

    For the sake of comparison, the booking plugin that I did use, albeit with some customizing “hacks”, adds zero tables to the database, adds a single line in the WP Options table for it’s options, and smartly piggybacks all of its data in the Woocommerce tables with the other product(s) information.

    If the plugin author would like to offer an explanation of the tables as a starting point for my further investigation, I’d welcome the inclusion. It will still be a while, I’m very busy, and 8000 code files is a lot to have to read through, even if my job didn’t have first-dibs on my time.

    • This reply was modified 2 years ago by Avant 5. Reason: Added note on performance issue concerns to site owners
    Plugin Author jomres

    (@jomres)

    I’ll have a look at the delete issue in the morning, it should delete the tables and directory contents.

    As for tables, remember that Jomres is a complete booking portal, not a simple booking engine for a single property. It’s multi-vendor, multi-language and multi-property and it has evolved considerably over the last 13 years, all the while providing a direct update path for older users.

    As it’s cms agnostic, only using the bare minimum of code to hook into either WordPress or Joomla ( codebase works on both CMSs ) so it has to do all of the heavy lifting and can’t rely on the host CMSs or other plugins. In theory Jomres could run on Drupal too, however I’m not that much of a masochist.

    There are about 650k lines of code, including the plugins, as you can guess it’s a lot for two guys to maintain. We work very hard to ensure performance is as good as we can make it however if you should find any bottlenecks we’ll be happy to look into it.

Viewing 11 replies - 1 through 11 (of 11 total)
  • The topic ‘Offsite Installation.’ is closed to new replies.