"My personal blog powered by WordPress 2.0.1 (latest version) hacked
today! (SQL injection probably) As I was watching the tab of the browser
to loading my blog, a frame appeared in sidebar and mutilated blog design.
This frame added to last category. It was getting from this address:
http:// www. pragma.ru/ ~dch/ inc/
It added to a lot of field such as blog description in options section
and Category name too. I have been looking at it for the last four hour
and still can't understand what it is about? How resolve this bug? All
plugins are secure! "
Re: fwiw: informing a user that a updated plugin is avaiable
That's great Per, I've been trying to come up with a solution to that
I've been toying with using the svn server on wp-plugins.org and
flagging an update when a new tag is created, have it sit
as a plugin itself and have it check once a day for updates. I was
trying to come up with something that would be able to be used by any
plugin author, and wouldn't take much time up. My idea was to have a
plugin that people could install that would work as a plugin update
manager, so all the checking update code could be contained within that
and not have to be done for each plugin. The other alternative I
thought was to have a standard function/method that could be stuck into
a plugin if the author wanted to use the update facility.
Of course for this to work it would require the use of a standard
repository to be used like wp-plugins.org.
It can install and uninstall both plugins and themes directly from their
zip files, via URL or an uploaded file. There are still a few glitches,
but I'm hoping that more people can pester Matt to get them worked out.
Assuming you don't want to bother with creating the XMLRPC service that
the Installer requires to obtain update information, I've created this
Plugin Version Service at RedAlt:
There are more details there, but basically, you create an account and
register whatever plugins you like. You can then use http://redalt.com/ in your plugin header as the Update Server, as needed by Matt's plugin,
and RedAlt will return the required XMLRPC results.
I have implemented this versioning method in the latest iteration of my
Not sure what else to say... Oh! The Ajax editing stuff in the
function reference that I was talking about at the IRC meetup is
accessible if you create a PVS account and log in there. The function
reference stuff is here, in case you weren't at the meetup: