Zum Inhalt springen

Archiv für das Tag "Wordpress"

Webmention Semantic Linkbacks Facepile Display Hickup solved

(or: a hurray for open source)

Wow, what a headline! :-))

There was a tiny issue with the display of "webmention" reactions in my theme that annoyed me a little bit: On older posts, the summary of that post (for example in archive view or search results) would show in the meta-info something like "23 reactions" when this post had received comments or webmentions from other sources, like reposts or likes. but on the detail view, only comments were shown and the ammount of (visible) reactions didn't match the number stated in the meta-info. I have activated a WordPress default feature ...

WordPress Kommentare DSGVO konformer machen

Seit kurzem werden die IP-Adressen, die (m)eine WordPress-Installation standardmässig bei einem Kommentar abspeichert, vorher anonymisiert:

/* ---------------------------------------------------------------------
* IP Adressen anonymisieren in den Kommentaren
* --------------------------------------------------------------------- */
function wbr_anonymize_commentip( $comment_author_ip ) {
// ipv4: 123.234.111.222 => 123.234.xxx.xxx
// ipv6: ?
$out = preg_replace('/^(\d+\.\d+)\.\d+\.\d+$/i','$1.xxx.xxx',$comment_author_ip);
return $out;
}
add_filter( 'pre_comment_user_ip', 'wbr_anonymize_commentip' );

Das ist noch Work In Progress. Wenn man die IP komplett weg haben will, geht auch ein

/* ---------------------------------------------------------------------
* IP Adressen löschen in den Kommentaren
* --------------------------------------------------------------------- */
function wbr_delete_commentip( $comment_author_ip ) {
return '';
}
add_filter( 'pre_comment_user_ip', 'wbr_delete_commentip' );

Zwar habe ich noch ein Plugin am Start, welches die IPs nach einigen Tagen aus der DB löscht, aber ...

Syndicate some Blogposts from WordPress to Kirby with the REST API

New year, old problems, new Website -- this was my reasoning during the christmas holidays, and so I decided to completly wipe my "About me" website, making it a simple hub of my diverse activities and interests instead of the old "hey, look how cool experienced I am, come work with me and give me all your money" thing.
I decided to build the site with Kirby, a lovely file based CMS which I have used in the past (for example to drive our Frankfurt Open Device Lab website). Kirby is very flexible, has a stellar documentation, a nice API, and makes zero assumptions on how you want to build your site, and besides being file based, it offers a very customizable backend, if need be.

Now, one of the things I wanted on the new site was a way to display the latest posts from here, my blog, but only those relating to the topics of Design, Webdevelopment and the like.

With a little bit of diving into the WordPress REST API, this turned out to be a fairly simple task for my Kirby-site. Basically this REST API allows me to "get" the infos needed on various objects of my WordPress site, by calling the API's entry points and telling it what I want.

WordPress 4.9.1 Security Update

WordPress versions 4.9 and earlier are affected by four security issues which could potentially be exploited as part of a multi-vector attack. As part of the core team's ongoing commitment to security hardening, the following fixes have been implemented in 4.9.1:

Use a properly generated hash for the newbloguser key instead of a determinate substring.

Add escaping to the language attributes used on html elements.

Ensure the attributes of enclosures are correctly escaped in RSS and Atom feeds.

Remove the ability to upload JavaScript files for users who do not have the unfiltered_html capability.

(…)
www.wordpress.org

WordPress 4.9 - Tipton

This release features Customizer improvements, including the ability to save customization changes as drafts, schedule them to go live at a certain time, and letting other people preview the changes easier. To improve code editing in the admin we've introduced syntax highlighting and error checking to make things more robust and harder to break.
wordpress.org

WordPress 4.8 "Evans"

Eine neue Version des populären CMS ist erschienen, und kann über den Adminbereich oder manuell per Download installiert werden.

Version 4.8 of WordPress, named “Evans” in honor of jazz pianist and composer William John “Bill” Evans, is available for download or update in your WordPress dashboard. New features in 4.8 add more ways for you to express yourself and represent your brand.
wordpress.org

WordPress 4.7.5 Security and Maintenance Release

WordPress Logo an die VW-Fabrik gephotoshopped

Ladies and Gentlemen, start your update engines:

WordPress versions 4.7.4 and earlier are affected by six security issues:
Insufficient redirect validation in the HTTP class. Reported by Ronni Skansing.
Improper handling of post meta data values in the XML-RPC API. Reported by Sam Thomas.
Lack of capability checks for post meta data in the XML-RPC API. Reported by Ben Bidner of the WordPress Security Team.
A Cross Site Request Forgery (CRSF) vulnerability was discovered in the filesystem credentials dialog. Reported by Yorick Koster.
A cross-site scripting (XSS) vulnerability was discovered when attempting to upload very large files. Reported by Ronni Skansing.
A cross-site scripting

...

WordPress 4.7.4 Maintenance Update

Gestern ist ein Wartungs- und Bugfixupdate von WordPress erschienen.

This release contains 47 maintenance fixes and enhancements, chief among them an incompatibility between the upcoming Chrome version and the visual editor, inconsistencies in media handling, and further improvements to the REST API. For a full list of changes, consult the release notes and the list of changes.wordpress.org

Die Auto-Updates prasseln hier schon bei diversen Installationen rein; wie gewohnt gibt es die neue Version aber auch zum Download auf wordpress.org.

WordPress: nichts für "schnell mal eben" – Christian Fischer

WordPress Logo an die VW-Fabrik gephotoshopped

Nebenan im jawl.net Blog hat Christian einen sehr lesenswerten Artikel dazu geschrieben, warum die Vorstellung, dass man mit der berühmten "Fünf Minuten Installation" von WordPress, ein paar Plugins und einem Theme quasi im Handumdrehen eine Webseite am Start hat, mit Vorsicht zu geniessen ist.

Dieser Artikel ist nicht für Entwickler / Programmiererinnen geschrieben. Ich hoffe eher, dass er von Bloggern oder Bloggerinnen oder welchen, die es werden wollen, gelesen wird. Und von Menschen, denen jemand gesagt hat, man können mit WordPress „mal eben“ eine Website

...