Better notification of WordPress updates (actually, probably for plugins too) is definitely on my short list of stuff to get into WP 2.1.What blog data did you lose during the update? That sounds very strange. WordPress shouldn't be doing anything that could cause you to lose posts or comments or anything like that.WordPress now comes bundled with a backup plugin. WordPress 2.1 is getting "pseudo cron" functionality (and the WP-Cron plugin for WordPress 2.0.x works fine) so that you can run this backup nightly. I have it e-mail the database to a special Gmail account every night, so I'm covered.
My biggest concern I have about this release is that they didn't credit me for finding, reporting and providing a patch for an XSS vulnerability I discovered. This is something I would kind of expect from some proparitary software vendors out there, but not one of the better known open source projects. If that doesn't going to change I'll start selling my exploits to the highest bidder.Anyway, I've scheduled release of my original blog entry, which I un-published when asked by the wordpress developers, with exploit code to be released on the 17th March at midnight.[plug type=shameless]You can visit my blog at <a class="user" href="http://proxy.11a.nu">http://proxy.11a.nu</a> and the blog entry in question will show up at <a class="user" href="http://proxy.11a.nu/2006/03/17/xss-in-wordpress-201/">http://proxy.11a.nu/2006/03/17/xss-in-wordpress-201/</a> [/plug]
Closed AccountMar 10, 2006
Wordpress is the best CMS. So easy to use and so userfriendly.Abs<a class="user" href="http://xtaur.us">http://xtaur.us</a>
peorthMar 11, 2006
Why is the parent buried down? It's a known bug, which has been fixed...
markjaquithMar 11, 2006
Better notification of WordPress updates (actually, probably for plugins too) is definitely on my short list of stuff to get into WP 2.1.What blog data did you lose during the update? That sounds very strange. WordPress shouldn't be doing anything that could cause you to lose posts or comments or anything like that.WordPress now comes bundled with a backup plugin. WordPress 2.1 is getting "pseudo cron" functionality (and the WP-Cron plugin for WordPress 2.0.x works fine) so that you can run this backup nightly. I have it e-mail the database to a special Gmail account every night, so I'm covered.
lordatlasMar 11, 2006
Visit the WordPress Wank for the not-so-pleasant side of WP:<a class="user" href="http://wank.wordpress.com">http://wank.wordpress.com</a>For instance, their non-functioning forum search: <a class="user" href="http://wank.wordpress.com/2006/03/07/a-thousand-words/">http://wank.wordpress.com/2006/03/07/a-thousand-words/</a>
mbomanMar 12, 2006
My biggest concern I have about this release is that they didn't credit me for finding, reporting and providing a patch for an XSS vulnerability I discovered. This is something I would kind of expect from some proparitary software vendors out there, but not one of the better known open source projects. If that doesn't going to change I'll start selling my exploits to the highest bidder.Anyway, I've scheduled release of my original blog entry, which I un-published when asked by the wordpress developers, with exploit code to be released on the 17th March at midnight.[plug type=shameless]You can visit my blog at <a class="user" href="http://proxy.11a.nu">http://proxy.11a.nu</a> and the blog entry in question will show up at <a class="user" href="http://proxy.11a.nu/2006/03/17/xss-in-wordpress-201/">http://proxy.11a.nu/2006/03/17/xss-in-wordpress-201/</a> [/plug]
bizbabyMar 13, 2006
Nice to see that they are keeping on their toes with the patches and updates.