Tocmai ce am upgradat la WordPress 3.0! la prima vedere e mai frumos in dashboard, noul feature de “Updates” pare mai bun decat modul vechi de a updata plugin-uri + versiuni de WordPress.

Happy blogging people… eu fac un backup acum 🙂

* WordPress and WordPress MU have merged, allowing the management of multiple sites.
* New default theme “Twenty Ten” takes full advantage of the current features of WordPress.
* New custom menu management feature, allows creation of custom menus combining posts, pages, categories, tags, and links for use in theme menus or widgets.
* Custom header and background APIs.
* Contextual help text accessed under the Help tab of every screen in the WordPress administration.
* Ability to set the admin username and password during installation.
* Bulk updating of themes with an automatic maintenance mode during the process.
* Support for shortlinks.
* Improved Custom post types and custom taxonomies including hierarchical (category-style) support. (Try the Custom Post Type UI or GD Custom Posts And Taxonomies Tools plugins to see the possibilities.)
* A lighter admin color scheme to increase accessibility and put the focus more squarely on your content.

WordPress 2.8.4: Security Release: Yesterday a vulnerability was discovered: a specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset and a new password would be emailed to the account owner. This doesn’t allow remote access, but it is very annoying. We fixed this problem last night and have been testing the fixes and looking for other problems since then.

Nu am primit pana acum nici un email care sa imi confirme bug-ul de securitate din 2.8.3. Chiar discutam cu Razvan azi de dimineata de releasurile prea dese ale WordPress-ului, dar mai bine mai des daca este vorba de security release. Chiar si piticu a simtit morcovu :)) hacherului dornic sa… profite de o mizerie de bug!

For fuck’s sake! Mai rar nu se poate? Apropos, de ce dracu’ imi cere ftp la automatic update daca nu transfera nimic pe el?

WordPress 2.8.2 fixes an XSS vulnerability. Comment author URLs were not fully sanitized when displayed in the admin. This could be exploited to redirect you away from the admin to another site.  Download 2.8.2 or automatically upgrade from the Tools->Upgrade page of your blog’s admin.

wordpress update

– one click update – a mers ca uns
– probleme – nu am (descoperit inca)
– se merita? – nu stiu, nu vad imbunatatiri la interfata de administrare 😀 (si nici nu am cititit “changes.txt”)

You should do it too 😀

Askimet, sau cum am scapat de spam.


A fost o perioada cand primeam aproximativ 500 de comentarii zilnic – evident spam. Askimet isi facea treaba si le punea in spam, dar ma deranja ca veneau comentarii cu tona la o poza facuta lui Piticu si lui Aura Enache in timp ce duetau la Blog and Roll 2. De cand am postat pozele respective (vezi link-ul cu Blog and Roll 2) am modificat si modul in care se vizualizeaza pozele din galeriile din WordPress asadar… nu mai aveau acea pagina unde puteau comenta individual la poza.

… cum am scapat de acele comentarii? Am redenumit poza, asadar s-a dus si url-ul la care veneau roboteii sa comenteze malitios. Cred ca metoda merge si la alte posturi unde se observa un numar mare de spamuiala. Modifici permalink-ul si gata! Spambotii lu peste prajit ajung in 404, si cum there’s no place like 404 ( era… dar suna bine aici).

PS. Ma gandesc ca au astia ceva cu Piticele sau cu Aura… Pitice, spamuiala matale din WordPress cate comentarii insumeaza zilnic?