WordPress 2.5 full disclosure on development and release news. Now scheduled for release March 10. WordPress 2.3.3 is a mandatory security release. The battle over www and non-www URLs is now dead. Moving 16,000 blog posts from MT to WordPress. MT does WordPress. Kazakhstan gets WordPressed. WordPress gets mugged. Prologue competition. Talking WordPress. Tons of new and updated WordPress Plugins. And more WordPress news.
Track WordPress 2.5 Development and Release: Ryan Boren announces the WordPress Development Updates site on WordPress.com featuring the new Prologue WordPress Theme that will follow the release of WordPress 2.5 with frequent updates from various WordPress developers as the new version prepares to hit the streets. This will be an interesting way of watching the release proceed and seeing the new Theme in action. You can track the action through the WordPress Development Updates feed.
WordPress 2.5 Frozen: Ryan Boren updated WordPress fans on the new 2.5 Roadmap which mentions that WordPress 2.5 is now in “feature freeze” with no new features added. Beta testing has started and a bug fix is on to fix things up and clean up the new Administration Panels look and design. The new release date is now March 10.
WordPress 2.5 Weekly Digest: This week’s WordPress weekly digest reports that WordPress 2.5 improvements and fixes include filters for
pings_open(), additional key to speed up comment MySQL queries, the introduction of
wp_count_posts(), a more portable and extensible database structure, new redirect filter for canonical redirects to assist Plugins, A new pluggage
get_avatar() function, update to jQuery 1.2.3, a new “meta box API” for adding boxes to write pages, a much requested reversion to full content feeds so the “more” tag will no longer cut off content, removal of the native code>gzip_compression(), and more.
Mandatory Security Upgrade: WordPress 2.3.3 is a mandatory security upgrade covering a vulnerability in xmlrpc.php and includes a few bug fixes. A mandatory security upgrade is not option. It is a required upgrade for the security and safety of your blog.
16,000 Post Migration: Notes on a Massive WordPress Migration by BirdHouse is a very detailed description of a huge Movable Type-to-WordPress move of more than 16,000 posts. Having moved over 1,000 posts from a static HTML site to WordPress via the MT-import, I totally sympathized and wish I’d had their guidance.
WordPress Podcast: The latest episode of the WordPress Podcast is out and includes information on WordPress 2.3.2, the jump to WordPress 2.5, Automattic’s new funding, security issues, free custom-designed WordPress Themes for high PageRank blogs, WordCamp Dallas, new and updated Plugins, and a lot more WordPress news.
www versus non-www: On the WordPress Support Forums, clarification on the issue of www to non-www has been given. WordPress 2.3 offers “canonical URLs” which redirect www to non-www or vice-versa. Go to Options > General and set the URL to whatever you want it to be, with or without the www and WordPress will automatically redirect visitors and search engines to the correct URL and permalink. This was explained in Perishable Press – Comprehensive URL Canonicalization via htaccess for WordPress-Powered Sites”, Weblog Tools Collection – Configuring WP Permalinks, and Mark Jaquith – WordPress 2.3: Canonical URLs.
Podcasting About WordPress: Jeffro2pt0 has started a WordPress weekly podcast with news and interviews on WordPress and WordPress community topics.
WordPress Kazakhstan: Weblog Tools Collections announces the Kazakhstan translation of WordPress.
Yahoo Video Interview with Matt Mullenweg: Yahoo Developer interviewed Matt Mullenweg on video where he shares some insights into the upcoming version of WordPress, news on Automattic, and future development.
MT Does WordPress: WordPress Interface for Movable Type is not a WordPress Plugin but a Movable Type Plugin. It turns the Movable Type interface into the WordPress Administration Panel. Done as a lark, if you are switching from WordPress to MT, this could prevent homesickness.
Last Week’s WordPress Wednesday News: Last week’s WordPress Wednesday News report covered WordPress 2.3.3 Security Must Upgrade, Plugins Vulnerable, Automatic Upgrades, and More, if you would like to catch up with the news on WordPress.
WordPress Security News
The most recent news on general WordPress security issues includes:
- Blog Security reports on a WordPress CSRF vulnerability described as a Cross Site Request Forgery. Investigations are ongoing.
- Blog Security asks if “WordPress is Insecure by Design?”
- Noted web designer, David Airey.com had his blog and email hacked. While WordPress was probably not the issue in this case, some bloggers are getting their WordPress blogs hacked because they continue to not upgrade their version of WordPress. Don’t wait.
- BlogSecurity reports on “Defeating Audio Captcha Systems” which explores how the CAPTCHA system does not work, in any form.
WordPress Plugin Security News: The following is a list of recent announcements about security issues found in WordPress Plugins.
- According to Blog Security, the WP-no-version Plugin has been updated and now will remove the WordPress version information for non-authenticated users only.
- Weblog Tools Collection announces two Plugin security issues with WP-Footnotes and WordSpew AJAX Shoutbox.
- Weblog Tools Collection reports a vulnerability in the WP-Forum WordPress Plugin.
- Blog Security reports the following WordPress Plugins have known security issues: dmsguestbook, WordPress TextLinkAds Plugin, st_newsletter 2.x, WP-footnotes 2.2, and WordSpew WordPress Plugin.
- Weblog Tools Collection reports vulnerabilities in Adserve WordPress Plugin v0.2 and WP-Cal WordPress Plugin.
- Blog Security reports Fredrik Fahlstad Plugins are vulnerable, specifically fGallery 2.4.1 and WP-Cal WordPress Plugin.
- Blog Security reports on a vulnerability in the Democracy WordPress Plugin, the popular polling Plugin.
WordPress on Your Calendar
WordCamp Dallas: The WordPress Podcast has a podcast announcement about Dallas WordCamp in Texas on March 29-30, 2008. Get registered now! If you are a WordPress fan living in Texas, they are looking for volunteers to help spread the world that WordPress is coming to Texas with an exciting line-up of speakers talking blogging and WordPress.
If there is a WordCamp near you, go. If you are interested in setting up a WordCamp, stay tuned for news and information on to bring a WordCamp event near you.
- The New York City WordPress February Meetup – February 16, 2008
- The Nashville WordPress February Meetup – February 23, 2008
- WordPress 2.5 Release – March 10, 2008
- WordCamp Dallas – March 29, 2008 (Registration Required)
- WordPress Denmark Meetup for WordPress 2.5 at Advice – April 6, 2008
- WordPress fans social gathering in Austin, Texas – May 13, 2008
- PodCamp Atlanta 2008 – May 17, 2008
- WordCamp 2008 in San Francisco – July 2008 (should be great)
Tips for Posting Your Blog’s Top Posts: Weird Blog offers “How To Create A Best Of Widget From Your All Time Top Posts On WordPress”, a tutorial on how the WordPress.com blogger manually creates a list of the blog’s top posts using the text Widget and WordPress.com blog statistics.
Summarize More Stats: WordPress.com adds more statistics features for tracking your blog stats. You can now see summarized stats for referrers, search terms, and clicks in addition to blog posts.
Is Your Blog Type Permitted? WordPress.com lists the types of blogs permitted on WordPress.com in accordance with its Terms of Service. Before getting a WordPress.com blog, check these out thoroughly to make sure your blog complies and you don’t risk deletion.
Content Theft and WordPress and WordPress.com: Content Theft and WordPress clears up the confusion over which WordPress is responsible for copyright violations on WordPress blogs.
Three Gigabytes of Free Storage on WordPress.com: The WordPress.com blog has announced all bloggers on WordPress.com is now entitled to 3 gigs of free storage, a six-fold increase. This will allow users to upload podcasts and video without much distress. If you need more, the paid storage is now increased from one gig to five gigs.
New To WordPress.com: If you are new to blogging on WordPress.com, check out this basic guide on What Do I Do With My New WordPress.com Blog?.
WordPress Plugins and Themes News
Smart Update Pinger: Smart Update Pinger WordPress Plugin is an update of the original pinging Plugin by Christian Davén now in the hands of Roel Van de Paar. The Plugin works for all WordPress 2x versions and has some great new features including future posts pinged when they appear on your blog, reverse logging, detailed ping and error logging, auto-selects extended or normal ping depending upon server capability, and offers extended pings, using new URL instead of just the homepage URL in the ping which results in a higher quality ping.
WordPress Code Snippets: Planet Ozh offers “WordPress Snippets”, new category of posts featuring bits of WordPress code the author finds in and around the WordPress development and hacking mailing lists and forums. The first example, Complete List of Posts, is a brilliantly simple code that lists a chronological site map of all your blog posts.
Perfect Excerpts: Thin Light offers a tutorial on creating the “perfect” WordPress excerpt, one that does what you want without removing all the styles and tags.
WordPress Contact Manager Theme: WP Contact Manager WordPress Theme includes the ability to use WordPress as a searchable and taggable content manager for a Members Only blog. It requires special WordPress Plugins in order to work fully.
WordPress Does Facebook: Foxinni announces their Facebook WordPress Theme which emulates Facebook.
Theme Stylesheets for Handhelds: Mowser offers “Handheld Stylesheets for WordPress Themes”, which is a Wiki for WordPress Theme stylesheets that work for handheld computers and cell phones. The author has started the list with some of the most popular WordPress Themes converted to handheld and mobile versions and requests volunteers and WordPress Theme designers add their own versions if they don’t offer them included with their WordPress Theme.
Chronological Archive Page: Z-oc offers an interesting method of displaying an archive Page on a WordPress blog using variables. The order is chronological, which is fine for blogs with a few posts, though not helpful to those with many posts which requires category sorting. I’m still looking for a good site map/archive code, template, or WordPress Plugin that sorts blog posts by category. Know of any?
Single Click Plugin Updater WordPress Plugin works with the update notification feature in the latest versions of WordPress to extend its capabilities by adding an automatic update link to the Plugins panel.
WordPress Hooks Extraordinarie: Adam Brown has put together WordPress Hooks Database, an amazing page of resources on the various WordPress hooks across all the different versions. He includes a listing of all hooks in WP 2.3.3, new hooks in WP 2.3.3, and deprecated (deleted) hooks in WP 2.3.3, an invaluable resource for WordPress Plugin and Theme authors.
New Quotes Plugin: Shantz QOTD WordPress Plugin in a quote Plugin that adds random quotes to your posts and sidebar with many options for customization including adding quotes to posts automatically, Widget support, styling quotes with HTML and CSS, support for multiple sources, various patterns for different types of quotes throughout your blog, and more.
Learn to Write a WordPress Plugin: 10xCode – One Man’s Portal offers “How to create a WordPress Plugin? – a step by step tutorial”, a very simple guide to help you to learn to write your own WordPress Plugin.
Reset Query in WordPress Themes and Plugins: Nerdaphernalia discusses automated indexes and wp_reset_query() and how WordPress Theme and Plugin authors should take advantage of the
wp_reset_query() to the WordPress Loop to avoid conflicts with other code running in your templates.
Tracking WordPress Compatibility: It’s often difficult to track what Plugin and Theme is compatible with which WordPress version. In the WordPress Codex are two “master” pages that list all the various compatibilities: WordPress Theme Compatibilities and WordPress Plugin Compatibilities. No matter which version you are using, and in preparation for the next version of WordPress, add these to your WordPress resource list to check before you upgrade.
Separating Trackbacks and Comments: WP-Candy offers “Separating Comments and Trackbacks”, a subject near and dear to many WordPress Theme designers’ hearts, including mine.
Guide to WordPress Theme Offerings: Dawud Miracle offers The Ultimate Resource for Free WordPress Themes, a listing of sources for WordPress Themes that appear to be free of hidden and unwanted code and links.
Interesting WordPress Plugins: I’m constantly amazed at how many creative and useful WordPress Plugins are released each week. Aren’t you?
- Konstruktors Custom Function Widgets is a powerful and extremely useful Plugin as it turns WordPress Plugins without Widget capability into Widgets and allows you to add up to 20 Widgets to your WordPress Theme sidebar. Usage requires some familiarity with template tags and functions, but the guide is very clear for non-technically inclined users.
- Workflow Docs WordPress Plugin allows inclusion of workflow documents into your WordPress blog through the Administration Panels.
- Extended Categories Widget adds a sidebar Widget with options for displaying categories in a list or dropdown, post counts, and sorting options.
- Flexible Upload WordPress Plugin improves the image upload ability of the latest versions of WordPress and includes resizing images on upload, optional thumbnails per image, watermark signatures automatically added, image alignment, adding lightbox Plugins, captions, and support for multiple languages.
Plugin Authors: Use WordPress Plugin Repository: Weblog Tools Collection reports on the WordPress Plugin Repository working in combination with Plugins on the WordPress Plugin Directory, which gives Plugin authors the ability to post and assign bug tickets to their Plugin and have an easier way of reporting and monitoring bug reports.
WordPress Techniques and Tips
Here are some featured articles and videos from around the WordPress Community and the WordPress Codex, the online manual for WordPress Users, the source to turn to first for your WordPress help.
NOTE: If you would like your WordPress tip and technique included in this list, see Tips For Writing Good WordPress Tips and Writing and Publishing Code In Your WordPress Blog Posts.
- WordPress Codex – Adding Asides
- WordPress Codex – Developing a Colour Scheme
- WordPress Codex – Know Your WordPress Sources
- WordPress Codex – Post Status Transitions
- JJ and the Kids Podcast – Episode 7 – Upload the Installation Files
- WordPress Tutorials – How WordPress Themes work
- YouTube Video – Uploading & Adding Graphics in a WordPress Post
- Urban Giraffe – Dissecting a WordPress Theme
WordPress Community News
Automattic Official WordPress “News” Blog: Published by Automattic, the WordPress Publisher Blog showcases sites using WordPress and WordPress.com in ways that push the limits of what WordPress can do, and offers other news and information on using WordPress from WordPress developers.
Vote for WordPress Ideas: There is still time to get your vote in for ideas on upcoming versions of WordPress in the The WordPress Ideas section. Why not take advantage of it and add your voice to the vote.
Using WordPress in Your Blog’s Name: WordPress is a trademark and you are not allowed to use WordPress in your blog’s name or URL unless you have permission of Automattic and WordPress. Also, remember, it’s spelled “WordPress” not “WordPress”. Oh, and Plugin is Plugin, not plug-in (what you put into a wall electrical socket).
WordPress Installed For Free: Installing WordPress for Free (aka Install4Free WordPress) is a free, volunteer-driven service is limited to personal blogs only, and they help only with installations, not upgrades.
If You Are Reading This: If you are reading this blog post NOT on the Blog Herald or from within your feed reader, it is being used against the copyright policy of the copyright owners. Please report it immediately so action may be taken to break some heads and feed scraping blogs.
Even More WordPress News?
Past WordPress Wednesday News Reports
- WordPress Wednesday News: WordPress 2.3.3 Security Must Upgrade, Plugins Vulnerable, Automatic Upgrades, and More
- WordPress Wednesday News: WordCamp Hamburg Success, Automatic Upgrades Coming, $5,000 Bounty, Prologue Theme, and WordPress Wins Again
- WordPress Wednesday News: Happy Birthday WordPress, Automattic Wins and Gets Lots of Money, Security Concerns Over Plugins and Core, WordCamp Hamburg and Hating the Name WordPress.com
WordPress News Sources
- WordPress Planet
- WordPress Development Blog
- WordPress.com Blog
- Weblog Tools Collection
- BloggingPro’s WordPress News and Tips
- The WordPress Podcast
- Lorelle on WordPress
- Planet WordPress from Planet Ozh
Each Wednesday on Blog Herald is WordPress Wednesday, featuring the news around the WordPress Community. If you have a WordPress news item or tip to suggest, please contact me at this special email address: firstname.lastname@example.org