WordPress 3.1.4 (and 3.2 Release Candidate 3)

WordPress 3.1.4 is available now and is a maintenance and security update for all previous versions.

This release fixes an issue that could allow a malicious Editor-level user to gain further access to the site. Thanks K. Gudinavicius of SEC Consult for bringing this to our attention. Version 3.1.4 also incorporates several other security fixes and hardening measures thanks to the work of WordPress developers Alexander Concha and Jon Cave of our security team. Consult the change log for more details.

Download WordPress 3.1.4 or update immediately from the Dashboard → Updates menu in your site’s admin area.

Related Posts:

WordPress 3.2-beta2 Released

WordPress 3.2-beta2 was released today. There are few changes that may affect some plugins.

1. The admin UI style was updated. This is mostly a visual update so if your plugin uses the default admin CSS styles on its settings page, it will inherit all seamlessly.

2. The “Favorites” menu (top/right on all admin pages) was removed completely.

3. jQuery was updated to version 1.6.1 and jQuery UI was updated to 1.8.12. We encourage all authors of themes or plugins that use jQuery to test them in 3.2-beta2 as there are a couple of changes that may affect many plugins:

- jQuery 1.5.0 and newer no longer allows selectors of the form [property=value]. These selectors now require quotes: [property="value"].

- jQuery 1.6.0 and newer introduces another method: .prop() that replaces many .attr() calls. This was (partially) reverted in jQuery 1.6.1 but some uses of .attr() are not working any more. For example .attr(‘checked’, ”) doesn’t uncheck checkboxes any more.

Best would be to replace all getting/setting of ‘checked’, ‘selected’ and ‘disabled’ from .attr() to .prop() (using .prop() is also much faster). More information on the jQuery blog: http://blog.jquery.com/2011/05/12/jquery-1-6-1-released/

4. WordPress 3.2 has new minimal requirements: PHP 5.2.4 and MySQL 5.0.15. Most of the PHP 4 compat code was removed except for a few class constructors since many plugins seem to call them directly. If your plugin uses any of the WordPress PHP classes, please test that it calls them properly.

Related Posts:

WordPress 3.1.3 Now Available

WordPress 3.1.3 is now available so remember to update. Please keep your WordPress up to date.

  • Various security hardening by Alexander Concha.
  • Taxonomy query hardening by John Lamansky.
  • Prevent sniffing out user names of non-authors by using canonical redirects. Props Verónica Valeros.
  • Media security fixes by Richard Lundeen of Microsoft, Jesse Ou of Microsoft, and Microsoft Vulnerability Research.
  • Improves file upload security on hosts with dangerous security settings.
  • Cleans up old WordPress import files if the import does not finish.
  • Introduce “clickjacking” protection in modern browsers on admin and login pages.

Related Posts:

  • No Related Posts

WordPress 3.2, Beta 1 Released – IE 6 Dead Dead Dead

WordPress 3.2 beta 1 has been released into the hands of beta testers. The big news is that we are finally on the way to stomping out IE 6, the bane of web developers existence. The millions of wordpress sites will soon prompt your lazy arse users to move to newer versions.

From WordPress.org:

Here’s some of what’s new:

  • Performance improvements like you wouldn’t believe. What’s that mean? Things are faster!
  • Distraction-free Writing. The visual editor’s full-screen composing experience has gotten a major overhaul, and is now available from HTML mode, too. More than ever, WordPress allows you to focus on what matters most — your content.
  • Admin UI Refresh. The last major redesign of the WordPress admin was in 2008. This isn’t a major redesign, just a little facelift to keep us feeling young. WordPress turns 8 later this month, you know.
  • New Default Theme. Introducing Twenty Eleven, based on the popular Duster theme. Rotating header images, post format support, and more.
  • Browse Happy. WordPress is made to work with modern browsers. If you visit your Dashboard using an outdated web browser, we’ll let you know there’s a newer version available.
  • Admin Bar. We’ve added more links to the admin bar to make it even more useful.
Be Aware:
  • WordPress has new minimum system requirements: PHP 5.2.4 and MySQL 5.0.
  • Internet Explorer 6 will no longer be supported.
  • The favorites menu has been removed. If you’ve written any plugins that use this menu, it’s time to switch over to an admin bar placement.

If you want to be a beta tester, you should check out the Codex article on how to report bugs.

Related Posts:

  • No Related Posts

WordPress Camps – June 2011

533985271 1f28804553 Wordpress Camps   June 2011

June 4–5: WordCamp Reno-Lake Tahoe in Reno, NV. Organized by a WordPress core UI group contributor, WordCamp Reno-Lake Tahoe is taking place in Reno and has a packed schedule full of visiting experts.

June 11–12: WordCamp Kansas City in Overland Park, KS. With publisher, designer, and developer tracks, Kansas City’s WordCamp will have a little something for everyone, presented in large part by local speakers.

June 17–19: WordCamp Columbus in Columbus, OH. WordCamp Columbus has a new organizer this year and is bringing the focus more firmly onto WordPress (and less on social media). Their 3-day event includes an entire day for newbies, and another for non-profits, a nice addition to the usual blogger/developer tracks.

July 9–10: WordCamp Montreal in Montreal, Quebec. This group consistently puts on a great every year. If you register now, you can still get a $10 discount and get both days for only $30 (with sessions in both English and French to reflect the bilingual nature of the city). Montreal plays host to a number of festivals throughout the year, and this weekend is no different, including festivals for the arts, comedy, tango, and even circus arts.

July 16: WordCamp San Diego in San Diego, CA. First WordCamp in San Diego! They have talking about this for over a year, and are now starting to really ramp up the planning. They’re finalizing their venue right now, and I would expect a great roster of speakers.

July 16-17: WordCamp Portsmouth in Portsmouth, UK. The annual WordCamp UK that moves from city to city each year alights this year in Portsmouth. This one is notable because Mike Little, co-founder of WordPress, is part of the organizing team.

July 23–24: WordCamp Boston in Boston, MA. Another one just about to lock down some details and get starting with speaker selection, etc. An easy train ride from so many places, and not in the middle of winter this year!

July 30-31: WordCamp Chicago has new organizers and is a new venue this year. A call for speakers, supporters, and volunteers will likely be posted sometime next week.

[Image CC by Titanas]

Related Posts:

WordPress 3.1.2 Update

99849468 27fa4c7c80 Wordpress 3.1.2 Update

WordPress 3.1.2 is now available and is a security release for all previous WordPress versions.

This release addresses a vulnerability that allowed Contributor-level users to improperly publish posts.

The issue was discovered by a member of our security team, WordPress developer Andrew Nacin, with Benjamin Balter.

We suggest you update to 3.1.2 promptly, especially if you allow users to register as contributors or if you have untrusted users. This release also fixes a few bugs that missed the boat for version 3.1.1.

Download 3.1.2 or update automatically from the Dashboard → Updates menu in your site’s admin area.

[Image cc by Mick ㋡rlosky ]

Related Posts:

iPad-afy Your WordPress Blog

PadPressed is the easiest way for WordPress publishers to make their content tablet friendly using their existing theme.

Although not as clean as a native application, it is a quick and convenient way to get your WordPress blog, iPad friendly. You can find more information here.

Related Posts:

Google Maps API Version 3 Primer

I number of people have asked me what is the difference between Version  2 and Version 3 of Google Maps API is.

Well for starters this is what Google says:

The primary motivation behind this new version was speed, especially for rendering maps on mobile browsers. Last year, several of us starting thinking about the possibility of getting the JavaScript Maps API to work on mobile devices. With the advent of powerful, fully functional browsers on devices such as the iPhone and the Android-based G1, why couldn’t we bring the flexibility and reach of modern web development to people who wanted to write maps mashups for mobile phones? While we’ve been able to get the existing v2 API working on mobile browsers, we found we were constrained when trying to reduce latency and we needed a new approach. And thus was born the idea for the next revision of the Maps API.

Aside from speed improvements, there has been a lot of work done to integrate mobile browsers (Phone Safari mobile and Chrome) and move to a Model View Controller (MVC) architecture. Why is this you ask?. Well, it is in recognition that the simple Desktop Browser is no longer the only option for displaying (rendering) output. The key idea is extraction of the execution components from the viewer (viewport), the controller (input management) and model (the process).

Basically this is the preparatory work for a host of new applications and services for the mobile world.

However, please note that Version 2 has not disappear. You can still use that version to test and develop on.

  1. Read the Developer’s Guide.
  2. Follow the V3 Tutorial.
  3. Consult the V3 Reference.

Related Posts:

Embedding Google Maps in 2 Easy Steps

mapper1 Embedding Google Maps in 2 Easy Steps

A common question is asked is how do I embed google maps into your blog posts. There are two answers, the easy answer (which is here) and the hard answer which means you need to be a programmer.

Google has a Mapping API that provides an extremely comprehensive way of embedding and manipulating maps. The book I recommend for this is Beginning Google Maps Applications with PHP and Ajax: From Novice to Professional.

ap google map Embedding Google Maps in 2 Easy Steps

This is probably the most comprehensive but readable primer to developing using the Google Maps API version 2. Version 3 was released late last year and it importantly includes mobile support including getting location information for mobile applications. A new version of the book is due out soon that includes the new version 3.

Until recently, building interactive web-based mapping applications has been a cumbersome affair. This changed when Google released its powerful Maps API. Beginning Google Maps Applications with PHP and Ajax was written to help you take advantage of this technology in your own endeavorswhether you’re an enthusiast playing for fun or a professional building for profit. This book covers version 2 of the API, including Google’s new Geocoding service.

Authors Jeffrey Sambells, Cameron Turner, and Michael Purvis get rolling with examples that require hardly any code at all, but you’ll quickly become acquainted with many facets of the Maps API. They demonstrate powerful methods for simultaneously plotting large data sets, creating your own map overlays, and harvesting and geocoding sets of addresses. You’ll see how to set up alternative tile sets and where to access imagery to use for them. The authors even show you how to build your own geocoder from scratch, for those high-volume batch jobs.

The easy way is to use Google’s built in tools. If you look at the picture above you can see a link on the very right hand side.

So find the location that you want to map, then click on “Link”.

map2 Embedding Google Maps in 2 Easy Steps

This automatically creates the code you need to embed into your post. Either a link or it uses an iframe to embed some HTML into your post. Remember, before you insert switch to HTML mode in the editor.

If you want to customize the layout click on “Customize and preview embedded Map” and modify the settings. Then cut and paste into your post.  That’s it.

map31 Embedding Google Maps in 2 Easy Steps

Related Posts: