Eric Murphy
Forum Replies Created
-
Forum: Plugins
In reply to: [StatPress Visitors] WordPress multisiteI have multisite/network.
No problems.
It would be nice to have an option to collect all data from all the blogs = The network admin sees the sum of all visitors of all blogs.
Forum: Plugins
In reply to: [BackWPup – WordPress Backup & Restore Plugin] Error with Backup folderSorry had a typo. I use WP 3.5.1 and BackWPUp 3.0.6 = both the newest.
OK, I have another solution for this security bug.
Make another plugin, exactly like the current one, but without PHP functionality.
That way I could install 2 plugins, one for regular network admins and one for network admins I trust.
I see the following:
“Are you sure you want to do this?
Please try again.”When I switch to another user and then switch back to the previous user (i.e. the one that caused the error/blank page) then it works despite of no working before.
Nope, deletes everything again.
Error #2, right-clicking on pages has this link:
http://(mydomain)/(mysubfolder)/wp-content/plugins/q2w3-inc-manager/q2w3-table/q2w3_get.php?width=640&height=485&action=q2w3_table_wp_page_select&id=inc_pages_select&type=include&wp_nonce=a90da0a49cI downloaded all WordPress files and compared them byte-by-byte to the original WordPress files.
100% match. Both templates and code.
Therefore I suppose it has to be a plugin.
> Are you using a cache plugin? any plugins that have anything to do with comments?
Indeed, that is the best bet. I guess only a cache plugin (I use QuickCache) would be able to expose a previous commentator’s email to a following commentator. Quickcache is the most likely source of this security bug.
Will need to post in the QuickCache support forum.
> If this was reported by people who use the same computers
I know what you mean but this isn’t the case.
The user who saw someone else’s email address isn’t in the same city and their IPs have nothing in common.
Additionally I can confirm this bug, because it happened to me myself: I am a superadmin of the network, but was logged out when it happened. The comment input fields were filled with the name and email address of a completely different user.
And I don’t even live in the same country like that user.
This in no way can be a browser issue. How in the world would the browser know the emails of other commentators.
Unfortunately I cannot reproduce it even with plugins turned on. It’s a very infrequent thing.
It would be better if PHP could be turned on/off on a per-blog basis by the network admin.
Error #3 (when I click “Save Changes”) and “Do you really want to do this?” appears. Here is the requested link
.../wp-content/plugins/q2w3-inc-manager/q2w3-table/q2w3_get.php?width=640&height=485&action=q2w3_table_wp_page_select&id=inc_pages_select&type=include&wp_nonce=09d3a1928aAny chances you fix all the permission errors?
They are getting out of hand. Examples:
ERROR #1
“Code Insert Manager” –> settings –>
“You do not have sufficient permissions to modify unregistered settings for this site.”ERROR #2
When I click on Pages […] nothing appears (i.e. blank).ERROR #3
When I add an insert (with all fields filled out correctly) I get error “Do you really want to do this?”Maybe it has something to do with this plugin:
http://wordpress.org/extend/plugins/user-switching/Are you sure you have updated permission queries to the new WP standard everywhere?
I have 60+ plugins installed. Not one gives me such errors.
I love your plugin. It’s the first one I activate on all blogs. But this a serious error.
Thank you, Mr. Bond, a very nice solution, but that includes also editing of a .php file.
I would prefer it if that plugin could solve it.
I tried this plugin months ago.
I deleted it because of hangs/errors.Now months later on different servers the plugin STILL doesn’t work.
* Creates faulty backups (= tar.gz that cannot be decompressed)
* complains about “Maximum execution time errors”
* reports nonsense like “Running since 453242563 seconds”
* disregards its options (“Max. backup files in folder”, which I set to “0”)This plugin is freeware, OK, but at the same time it is malware, because you think that it does something (= protecting you from data loss), when it doesn’t.
It’s a shame, because it could be one of the best plugins for WordPress IF IT COULD WORK.
And no, the problem is not “misconfigured Servers or Server limitations”. Other backup plugins do work on these servers. The problem is BackWPup itself.
Seems to be fixed now in the new version.
Thanks, coders!