elephantsquared » wordpress

WordPress 2.9 and the global undo feature

George T — Sat, 19 Dec 2009 14:36:00 +0000

Ho ho ho! Christmas came earlier for WordPress this year. WordPress 2.9 is out with features that you are going to love. I think the most handy one is the new global undo/”trash” undo feature. There were times when I wished I could go back in time and prevent me from clicking that “delete” button. Well, that times are over now!

Other than that, there a few other exciting new things that come along with WordPress 2.9. First and foremost, the new built-in image editor which allows you to crop, edit, rotate, flip, and scale your images. I am sure it will come in very handy when you just want to crop or flip an image just after uploading it. There is also this batch plugin update and compatibility checking and this rocking new feature for easier video embeds that allows you to just paste a URL on its own line and..

have it magically turn it into the proper embed code, with Oembed support

Last but not least, another cool new feature that I am definitely going to use is the automatic database optimization support! All you have to do is add a define('WP_ALLOW_REPAIR', true); to your wp-config.php file and your are done!

Read more about the new WordPress 2.9 release here.

UPDATE: Note to self: I just love the new “squareish” buttons

[ photo via c32 ]

WordPress 2.8.5 – The hardening release

George T — Wed, 21 Oct 2009 09:48:09 +0000

Well, well, well… Peter Westwood announced the next version of WordPress. No, its not the much desired 2.9 version. It’s the 2.85 version aka The Hardening Release, that includes a few fixes (mainly for security) like:

A fix for the Trackback Denial-of-Service attack that is currently being seen.
Removal of areas within the code where php code in variables was evaluated.
Switched the file upload functionality to be whitelisted for all users including Admins.
Retiring of the two importers of Tag data from old plugins.

Peter also gave some piece of advice to all those who think their WordPress site has been compromised by an exploit, to check the WordPress Exploit Scanner. A WordPress plugin that searches the files on your website, and the posts and comments tables of your database for anything suspicious. It also examines your list of active plugins for unusual filenames.

Go ahead, give it a try. Upgrade to WordPress 2.8.5 and try out the WordPress Exploit Scanner if you are suspicious about your WordPress installation.

WordPress 2.8.4: Security Release

George T — Wed, 12 Aug 2009 11:00:53 +0000

In case you didn’t notice, WordPress 2.8.4 is out. This security release is supposed to fix a vulnerability that was made public yesterday. It allowed an attacker to bypass a security check to verify a user requested a password reset using a specially crafted URL.

As a result, the first account without a key in the database (usually the admin account) would have its password reset and a new password would be emailed to the account owner. This doesn’t allow remote access, but it is very annoying.

[ via ]