angsuman
Forum Replies Created
-
Forum: Requests and Feedback
In reply to: How about patches?<ego>
For the love of God, would people stop calling me Angusman!
It is Angsuman folks!
</ego>And yes a patch from WP 1.5.1.2 to WP 1.5.1.3 is available.
Yes, I too would like it to be made available by Matt’s merry bunch (takes load off me) but that’s open source. The credo of OSS AFAIU is either you make the changes yourself, like I did, or STFU because everyone is “volunteer”, so no responsibility or obligations. In commercial software on the other hand you can literally force the company to provide you with patches.
The way things are going I may not even upgrade WordPress anymore (unless they are security upgrades). I think WP is pretty much where it can go with its architecture. After this you will start seeing more look-and-feel stuff like Ajaxian goodness, draggable menus and other niceties instead of real improvement. Already 1.6 charter reads that way.
Forum: Requests and Feedback
In reply to: Automate upgrade process please !@phonakins
Frankly I too would love to get out of this thankless job. Its really the job of the development team. I maintain multiple blogs, so I used a patch file for my blogs. Then I decided to make it publicly available so others don’t have to go through the same trouble.I would strongly recommend you not to use any file from any source which are not trustworthy in your opinion.
BTW: It is Angsuman not Angusman.
Forum: Fixing WordPress
In reply to: Redirecting Pages> angusman — where can i find that the plugin of yours?
WordPress Plugin for Permanent Redirection of Posts – Angsuman’s Permanent Redirector Plugin
Forum: Fixing WordPress
In reply to: How to disable commentsJust modify the theme file – post.php
Forum: Fixing WordPress
In reply to: PHP Blogging Apps Open to XML-RPC Exploits> do these need to be deleted?
No. But that addresses only one loophole. There are others.There are several security vulnerabilities. IMHO it is strategically important to upgrade to 1.5.1.3.
Forum: Fixing WordPress
In reply to: “Php is vulnerable” or “wordpress is vulnerable”?At the core the problem was the same – not sanitizing the query string parameteres (arguments to xmlrpc.php).
Forum: Fixing WordPress
In reply to: Another pages and permalinks question.Check your .htaccess file to see the rules generated. You will get sufficient ideas from the file itself.
Forum: Fixing WordPress
In reply to: Redirecting PagesMacManx solution is faster and better with one small potential caveat.
If your old blog uses query strings in url this solution will not pass on the query strings to your new blog. You will then have to use mod_rewrite or regular expression based redirects.
In fact the redirector plugin I pointed before does a 302 instead of 301. So I use a custom plugin which does a 301 (permanent redirect).
Forum: Fixing WordPress
In reply to: Deleting multiple Links at one time…I kind of feel the need for it with every new installation 🙂
Forum: Fixing WordPress
In reply to: “Php is vulnerable” or “wordpress is vulnerable”?PHP as a language is not vulnerable. Lots of PHP based blogging and cms software installations are currently vulnerable because they use a widely used phpxmlrpc library which has a remote script execution vulnerability. WP 1.5.1.2 and earlier versions are vulnerable. Additionally WordPress 1.5.1.2 and earlier versions has several other vulnerabilities too like cross-site scripting, sql injection etc.
Forum: Installing WordPress
In reply to: Can I do something like “republish” with WP?> script to sanitize post contents. sounds good to me. anyone?
Most likely there will be one of several thousand volunteers who would jump on the job.
However if that doesn’t work out and neither can you cook up something you can always make me an offer I cannot refuse 🙂
You can find my contact information in my blog, otherwise you can leave a comment on any of my entry (it will remain private).Forum: Installing WordPress
In reply to: Can I do something like “republish” with WP?@naudefj2 aka Frank
> Hiding the truth will not help.
I don’t speak for WordPress developers nor I am part of WP team. In fact there are issues on which I seriously disagree with them including security-by-obscurity principle which they adopt. I have no reason to hide anything.You have not understood. WordPress is architecturally different from Blogger or MT or Thingamablog. They generate static pages whereas WordPress generates them on the fly using php script.
Publishing in WP is different than in MT or Blogger. In WP publishing merely changes a flag in the database (if already saved) or just saves the post with appropriate flag. It doesn’t generate pages. The actual pages are generated on-the-fly from the database.
In his case sanitizing the post content is what he needs, nothing more nothing less.
> Instead, why don’t we identify missing features and ask the developers to add them to WordPress?
It is not a case of missing feature as I am sure you have understood by now. WordPress is architecturally different.
Forum: Installing WordPress
In reply to: Can I do something like “republish” with WP?No.
Republish is used for offline bloggers, software which publish html pages like Blogger or MT or Thingamablog.
WordPress generates pages on the fly.
What you need is a database script to sanitize your post contents.
Forum: Fixing WordPress
In reply to: Redirecting PagesTry http://redalt.com/downloads/ It has a nifty redirector plugin.
Forum: Fixing WordPress
In reply to: PHP Blogging Apps Open to XML-RPC Exploits@kmtcn
MacManX was just trying to be helpful. I think your post was rude and uncalled for. He had no way of knowing your “special” situation. And he doesn’t gain anything by promoting easy installation of WordPress.If you are a “special” user with customizations then you should ideally create a patch from your version to 1.5.1.3 by looking at the change lists and apply it to your sites like the patch I provide for upgrading WordPress from 1.5.1.2 to 1.5.1.3.
In your very special case (no ftp access etc.) use the inbuilt editor to upgrade the relevant files or change your hosting provider as root said.