When writing the Simple Facebook Connect plugin, I investigated how the Settings API worked. It’s relatively new to WordPress (introduced in version 2.7), and many things I read said that it was much easier to use.
It is much easier to use in that it makes things nice and secure almost automatically for you. No confusion about nonces or anything along those lines. However, it’s slightly more difficult to use in that there’s very little good documentation for it. Especially for the most common case: Making your own settings page.
Over here, Jorge Escobar is writing about how he got hacked with the latest version of WordPress. After some minor back and forth on FriendFeed, I got him to do a search which found a malicious backdoor he might not otherwise have found.
In so doing, it occurred to me that most people don’t keep up with the world of WordPress in the way I do, and so have not seen nearly as many hack attempts. So I figured I’d post my little contribution, and show people how to find hidden backdoors when cleaning up their hacked sites.
WordPress 2.7 includes a lot of new enhancements, but one of the big ones is the new comment functionality. Comments can be threaded, paged, etc. This is all built in, but unfortunately, your theme must support it. So, for theme authors, I’d suggest getting to work on making your themes compatible right away.
Just rigged up the blog to show whatever I’m posting via Twitter as well. However, what with Twitter being a bit of a lower end sort of one-liner type of thing, I decided to make those posts style slightly differently. So those weird blue things? Those are just my latest Twitter updates.
Thanks to Twitter Tools for making it work properly. Good WordPress plugin, still has a few odd points to it and some kinks to work out though. But it works well enough.
Feel free to respond more directly to anything I have to say on Twitter.
(This post is geared more towards PHP authors and fans of WordPress, so if you’re not into that sort of thing, why not go look at some pictures of cats instead?)
So, I upgraded to the latest 2.7-bleeding edge version of WordPress on my blog today, and discovered a new feature that I had missed in my earlier readings. There was a new menu item on the Plugins menu:
Yes, it appears that WordPress now has plugin installation built into it. Similar to the Plugin Upgrade feature introduced in 2.5, 2.7 will be able to download and install plugins directly from WordPress.org’s plugin directory.
Naturally, I had to try this out, so read on if you want to see what it looks like…