aberglas
Forum Replies Created
-
Forum: Reviews
In reply to: [bbPress New Topic Notifications] Not what I wantedYes, bbpress-email-notifications looks good.
Updated my review and added a star.
Anthony
Forum: Hacks
In reply to: WordPress Slow Performance (Shared Hosting)One final test, I copied my agregate .php file and made the comment into one huge comment (/*…*/). When cached, the comment reads 0.03 vs 0.21 for the code, the difference would be the teim to parse. When not cached, they both take about the same — 1.7 when the machine is unloaded (more if it is busy).
So the time is not parsing. It is reading the disk.
Forum: Hacks
In reply to: WordPress Slow Performance (Shared Hosting)I’m 95% certain that the problem is the time it takes to read the files, rather than the time it takes to parse them, which is surprising. That’s because the load gets much slower when the system has been left idle for a few minutes, so gone out of cache. And my Burn Cpu test always runs about the same speed, so plenty of CPU available.
So I tried combining all the 30 odd core files in wp-settings into a single file, which came to 1.6 meg of source. The theory is that the O/S will try to put this contingously on disk and so be faster to load. Experiments showed no real improvement.
I did see SHORTINIT in the code, thanks. It would be faster, and may be a part of my solution.
Have not looked at Cloudflare etc. Should not need to. Simple Php programs run blindingly fast, it is just the frameworks that kill it.
The problem is Php and WordPress’s bad architecture. To have to load all that code every time a page is touched. (This will not be an issue on WordPress.org because it all runs from the same code base which will always be in cache.)
I have nw discoverd, too late, the importance of useing a small package if using PHP on a shared host. There are a couple of simple non-database solutions that might have done. But not changing now!
Forum: Hacks
In reply to: WordPress Slow Performance (Shared Hosting)If anyone has experience linking form applications to just the core WordPress libraries please let me know. The current performance overhead of loading all of WordPress’s code is unacceptable.
Forum: Hacks
In reply to: Using wordpress functions outside of wordpressHow do you find performance? I am going to need to do something.
http://wordpress.org/support/topic/wordpress-slow-performance-shared-hosting?replies=1
Anthony
Forum: Hacks
In reply to: Request Forgery SecurityTo develop for WordPress, I did what everyone else does and Googled examples. None of them had this, which is an issue as it encourages insecure style.
I think that an update to WP that simply rejected all posts that do not have a _wpnonce would not be a bad thing.
As to the nonced value, I’m not sure how much additional security is added by using more than just the user name (+salt) as the nonce hash. If an attacker could already log in as the user to obtain the nonce then the game is over anyway. The trade off being that using a standard nonce means that WP can always check its value automatically.
On annoyance is that wp_nonce_field adds the ever growing request field by default. Is it protected by the nonce? Not clear how to utilize it, I just turned it off.
Forum: Hacks
In reply to: Request Forgery SecurityThanks. I have not seen that used on any examples I have come across. I’d be happier if wp_verify_nonce was called by wp itself for Every post, and plugins that do not submit it simply fail to run.
Anthony
I have discovered that multisite is a bit of a beast. The signup for users is quite different and messier. If the sites do not share users, and you only have two, then single sites might be easier.
Alternatively, just tell the French to speak English like everyone else 🙂
Anthony
Forum: Hacks
In reply to: How to manipulate usersHello bcworkz,
Thanks for your pointers. I have now got that working having spent some time in the doc … ie the wordpress source code.
Anthony
Forum: Hacks
In reply to: How to manipulate usersThanks t-p, but I am talking about the internals. Will continue to investigate, the documentation for an open source project is the source code…