phpbb_recent_topics version 0.4.1

UPDATE: This Plugin has been updated, please download the update from http://wordpress.org/extend/plugins/phpbb-recent-topics/, and please comment on the new post, thanks.

This is a small update, it incorporates the patch submitted by toni to fix the widget, thanks toni

The old information still applies…

phpBB Recent Topics Admin interface in WordPress

Admin GUI

If you’re happy with v0.4 and have it running fine then don’t bother, in fact edit phpbb_recent_topics.php so that WordPress stops complaining about finding a newer version.

Download phpBB_Recent_Topics_0.4.1 from wordpress.org

What’s New?

The widget patch mentioned above!

What’s Old?

Most importantly I have tested this plugin with phpBB3 and WP2.5 so I’ve updated the readme.txt to reflect this.
I finally quashed the install bug where by phpbb-recent-topics was confused with phpbb_recent_topics.
Sidebar Widget, yus for all you non-php people you have a widget to play with.
Edit the Time & Date layout – leave blank to remove it completely

The Installation

Unzip phpbb_recent_topics.tgz in your `/wp-content/plugins/` directory. (You’ll have a new directory, with this plugin in /wp-content/plugins/phpbb_recent_topics)
Activate the plugin through the ‘Plugins’ menu in WordPress
Configure the plugin, you need to tell wordpress about phpbb, this is done in the wordpress menu ‘Settings’ -> ‘phpBB Recent Topics’
The following Settings are required:
- * The name of your phpBB database (e.g phpbb)
- * The name of the table where topics are held (the default is phpbb_topics )
- * The full url of your forum for links (e.g. http://www.mydomain.com/forum)
- * The number of topics to show. (If left blank you get 5)
- * The Date Formatting, i.e. “d/M/y – g:i a” similar to the WordPress “General Settings”
Hit ‘Update Options”
To output the list of topics in a page or post…
- * create a new page/post, type {phpbb_recent_topics} , hit ‘Publish’ or ‘Create new page’
To output the list of topics in your theme sidebar using the widget…
- * click “design” in the dashboard
- * click “widgets”
- * next to phpBB Recent Topics click “add”
- * click “save changes”
To output the list of topics in your theme sidebar using a template tag…
- * edit sidebar.php and inside <div id=”sidebar”> type…
```
<?php
if (function_exists('phpbb_topics')) {
phpbb_topics();
}
?>
```

A bit about Database configuration.
If wordpress & phpBB share a DB already then set $PHPBBDB to DB_NAME and everything will be fine, else you’re going to need to GRANT the wordpress user read access to phpBB.

How to GRANT wordpress read only access to phpBB ?
If you don’t know it already you need to find your wordpress mysql user id, it’ll be in wp-config.php

define('DB_USER', 'wp_user');     // Your MySQL username

and you should have already found your phpbb database & table for the above.
You need to type the following syntax into your mysql database

GRANT SELECT ON phpbb_database.phpbb_topics TO wp_user@localhost;

this can be achieved by logging into phpmyadmin as your phpbb user, selecting SQL and pasting the correct GRANT into the text box.

Frequently Asked Questions

Is phpbb3 supported?
- yes.
Can I output 10 Topics in my Page, and 3 Topics in my Sidebar ?
- Yes ! In the WordPress menu ‘Options’ -> ‘phpBB Recent Topics’, set ‘The number of topics to show’ to 10, and then in your sidebar include…<?php
  if (function_exists(‘phpbb_topics’)) {
  phpbb_topics(3);
  }
  ?>
Can I exclude a certain forum from the list ?
- In this version, the only way to do that is to hack /wp-content/plugins/phpbb_recent_topics/display/display.php, change
```
$results = $wpdb->get_results("SELECT * FROM $TOPIC_TABLE ORDER BY topic_time DESC LIMIT $LIMIT");
```
  to
```
$results = $wpdb->get_results("SELECT * FROM $TOPIC_TABLE WHERE forum_id != 1 ORDER BY topic_time DESC LIMIT $LIMIT");
```
  to exclude forum 1 from the list. I plan to setup a proper solution to this in the next version.
Why is the date config under settings not in the widget configuration?
- The date settings effect both the template tag and the widget

Support
I’ve always been honest about support, there isn’t any. Basically I write this for my own needs and then publish it for you to use for free. You’re more than welcome to post comments here and if you tag wordpress forum posts with “phpbb-recent-topics” I’ll reply to you there, but we all have busy lives and I make no promises on how quickly I’ll reply to you.

Link for posting in the correct phpbb-recent-topics forum

Finally Subversion
You also might be interested to know that I’ve been getting to grips with the wordpress plug-ins svn, so you can get work directly from here; and when wordpress.org re-crawls my readme the latest version will also be available on wordpress.org/extend/plugins/

Delicious’s Bad Behavior

Recently I’ve been having this problem with my WordPress + Bad Behavior + Delicious blog posting combo, in a nut shell, delicious was showing an error:

[10/22/08 05:00:03 AM -0700] Creating blog post at http://correct_url.com/xmlrpc.php ...ERROR: Failed due to General Exception: Curl returned non 200 HTTP code: 417. Response body:

And I couldn’t work out why, after some digging/googling, I thought to look in my bad behaviour logs, and found a match for my apache log…

76.13.6.189 - - [19/Oct/2008:23:00:29 +0100] "POST /xmlrpc.php HTTP/1.1" 417 796 "-" "PEAR_XML_RCP2/0.0.x"

I’ve contacted both yahoo (who now own delicious)

Hello Nick,

Thank you for writing to del.icio.us Customer Care.

I understand that the Delicious blog posting feature is not working
properly for you. I apologize for any inconvenience.

Our engineers are aware of this issue and are investigating possible
solutions, but since this is not and “official” feature, we do not have
any specific time frame when this will be fixed.

Please let me know if you have any further questions or concerns.

Thank you again for contacting del.icio.us Customer Care.

Regards,
Alessandra

and Michael Hampton (Bad Behavior Developer)

Looks like they are sending an unexpected Expect: header and they are
failing to retry the request without Expect:. You should report this to
them so they can fix it.

as you can see they have confirmed that there is indeed a problem ….. But as you may have noticed delicious posted on my blog, no the problem hasn’t been fixed, but there is a work around.

In ~/wp-content/plugins/bad-behavior/bad-behavior/whitelist.inc.php you can add delicious’s IP address, it’s not a perfect solution as it’ll be overwritten everytime BB is updated, but it’ll do for now

UPDATE: I’ve had many requests for this…

OLD: whitelist.inc.php

// IP address ranges use the CIDR format.

        // Includes four examples of whitelisting by IP address and netblock.
        $bb2_whitelist_ip_ranges = array(
                "64.191.203.34",        // Digg whitelisted as of 2.0.12
                "208.67.217.130",       // Digg whitelisted as of 2.0.12
                "10.0.0.0/8",
                "172.16.0.0/12",
                "192.168.0.0/16",
//              "127.0.0.1",
        );

NEW: whitelist.inc.php

// IP address ranges use the CIDR format.

        // Includes four examples of whitelisting by IP address and netblock.
       $bb2_whitelist_ip_ranges = array(
                "64.191.203.34",        // Digg whitelisted as of 2.0.12
                "208.67.217.130",       // Digg whitelisted as of 2.0.12
                "76.13.6.189",          // Delicious
                "10.0.0.0/8",
                "172.16.0.0/12",
                "192.168.0.0/16",
//              "127.0.0.1",
        );

Missing argument 1 for phpbb_topics()

I thought I’d write a post about this error message as it’s pretty much the main reason that I ever receive comments or e-mails from the WordPress community. Sadly the complaints I receive from the community out weigh the complements, but I guess that’s life

Thank you to all those who have downloaded and enjoyed my plug-in and all those who have taken to say something nice.

The problem with this error message Missing argument 1 for phpbb_topics() is that I don’t actually know how to fix it. If you look in the source code you’ll see that I’ve tried to trap “empty variables”…

if (is_null($LIMIT)) {
                $LIMIT = 5;
}

Now this approach seems to work on my server(s), and works for some people, but there are a number of people whom is doesn’t work for; unfortunately the majority of the WP community are no more technical than myself and I have never received any feedback on how to fix this.

I’m not a programmer, I’ve never claimed to be a PHP guru; as I don’t know how to fix this problem in the latest version of phpbb-recent-topics I tried to combat the problem by introducing a widget. The widget it aimed at people who don’t know php, it allows you to “drag” the list of recent topics into your sidebar, but for some reason people still prefer to edit their sidebar.php :confused:

I would to remind all readers that it quite clearly states on my announcement :

Support
I’ve always been honest about support, there isn’t any. Basically I write this for my own needs and then publish it for you to use for free. You’re more than welcome to post comments here and if you tag wordpress forum posts with “phpbb-recent-topics” I’ll reply to you there, but we all have busy lives and I make no promises on how quickly I’ll reply to you.

Currently the only solution I can offer to anyone suffering from this error message is to replace phpbb_topics() with phpbb_topics(”5″), if that doesn’t work then please accept my apologies.

If anyone would like to offer a patch for my plugin I would gladly include it and accredit appropriately.

Thanks for Reading!

k2 for bbPress – Updated v0.02

It’s been a while since I’ve used bbPress, but a major milestone from the automattic guys has pretty much broken the theme.

I’ve done a complete re-write; as before I’m only distributing the style.css (and a screenshot) no template.php files, this ensure that no security issues are associated with my theme.

Download k2 for bbPress

Installation

Create a “my-templates” directory in your bbPress installation directory
Download unzip k2 for bbpress in that directory
Under “design” and “themes” select k2
done

The screenshot has been updated, existing users may find things move a little, this is due to the changes in bbPress, but hopfully it’s all for the better.

md5 of k2_for_bbPres_v0.02.zip: c87eb943165a5d909dced2860021107f

Recent phpBB Topics on WordPress Plugin v0.4

UPDATE: This Plugin has been updated, please download the update from http://wordpress.org/extend/plugins/phpbb-recent-topics/, and please comment on the new post, thanks.

Admin GUI

It’s been a year since the last release so perhaps this version should be called “about time!” v0.4 has primarily been released as a bugfix version, if you’re happy with v0.3 and have it running fine then don’t bother, in fact edit phpbb_recent_topics.php so that WordPress stops complaining about finding a newer version.

Download phpBB_Recent_Topics_0.4 from wordpress.org

What’s New?

Most importantly I have tested this plugin with phpBB3 and WP2.5 so I’ve updated the readme.txt to reflect this.
I finally quashed the install bug where by phpbb-recent-topics was confused with phpbb_recent_topics.
Sidebar Widget, yus for all you non-php people you have a widget to play with.
Edit the Time & Date layout – leave blank to remove it completely

What’s Old? – aka: Installation

Unzip phpbb_recent_topics.tgz in your `/wp-content/plugins/` directory. (You’ll have a new directory, with this plugin in /wp-content/plugins/phpbb_recent_topics)
Activate the plugin through the ‘Plugins’ menu in WordPress
Configure the plugin, you need to tell wordpress about phpbb, this is done in the wordpress menu ‘Settings’ -> ‘phpBB Recent Topics’
The following Settings are required:
- * The name of your phpBB database (e.g phpbb)
- * The name of the table where topics are held (the default is phpbb_topics )
- * The full url of your forum for links (e.g. http://www.mydomain.com/forum)
- * The number of topics to show. (If left blank you get 5)
- * The Date Formatting, i.e. “d/M/y – g:i a” similar to the WordPress “General Settings”
Hit ‘Update Options”
To output the list of topics in a page or post…
- * create a new page/post, type {phpbb_recent_topics} , hit ‘Publish’ or ‘Create new page’
To output the list of topics in your theme sidebar using the widget…
- * click “design” in the dashboard
- * click “widgets”
- * next to phpBB Recent Topics click “add”
- * click “save changes”
To output the list of topics in your theme sidebar using a template tag…
- * edit sidebar.php and inside <div id=”sidebar”> type…
```
<?php
if (function_exists('phpbb_topics')) {
phpbb_topics();
}
?>
```

How to GRANT wordpress read only access to phpBB ?
If you don’t know it already you need to find your wordpress mysql user id, it’ll be in wp-config.php

define('DB_USER', 'wp_user');     // Your MySQL username

and you should have already found your phpbb database & table for the above.
You need to type the following syntax into your mysql database

GRANT SELECT ON phpbb_database.phpbb_topics TO wp_user@localhost;

this can be achieved by logging into phpmyadmin as your phpbb user, selecting SQL and pasting the correct GRANT into the text box.

Frequently Asked Questions

Is phpbb3 supported?
- yes.
Can I output 10 Topics in my Page, and 3 Topics in my Sidebar ?
- Yes ! In the WordPress menu ‘Options’ -> ‘phpBB Recent Topics’, set ‘The number of topics to show’ to 10, and then in your sidebar include…<?php
  if (function_exists(‘phpbb_topics’)) {
  phpbb_topics(3);
  }
  ?>
Can I exclude a certain forum from the list ?
- In this version, the only way to do that is to hack /wp-content/plugins/phpbb_recent_topics/display/display.php, change
```
$results = $wpdb->get_results("SELECT * FROM $TOPIC_TABLE ORDER BY topic_time DESC LIMIT $LIMIT");
```
  to
```
$results = $wpdb->get_results("SELECT * FROM $TOPIC_TABLE WHERE forum_id != 1 ORDER BY topic_time DESC LIMIT $LIMIT");
```
  to exclude forum 1 from the list. I plan to setup a proper solution to this in the next version.
Why is the date config under settings not in the widget configuration?
- The date settings effect both the template tag and the widget

EDIT: Found a link for posting in the correct phpbb-recent-topics forum

Call to undefined function: register_sidebar_widget

So WP2.5 is out, and I figured it was about time I squashed that load bug on phpbb_recent_topics, while I’m at it I figure I’ll wigetize it.

The problem is that the example on the automattic site doesn’t actually work! If you paste…

function widget_myuniquewidget($args) {
    extract($args);
?>
        <?php echo $before_widget; ?>
            <?php echo $before_title
                . 'My Unique Widget'
                . $after_title; ?>
            Hello, World!
        <?php echo $after_widget; ?>
<?php
}
register_sidebar_widget('My Unique Widget','widget_myuniquewidget');

Into a blank plugin you get this in your logs…

PHP Fatal error:  Call to undefined function:  register_sidebar_widget()

Now I’ve not been bothered to dig out the exact reason why yet, something to do with the sidebar loading, but you need to wrap the whole lot up in an init function, so try this instead…

function widget_init_myuniquewidget() {
	// Check for required functions
	if (!function_exists('register_sidebar_widget'))
		return;

	function widget_myuniquewidget($args) {
	    extract($args);
	?>
	        <?php echo $before_widget; ?>
	            <?php echo $before_title
	                . 'My Unique Widget'
	                . $after_title; ?>
	            Hello, World!
	        <?php echo $after_widget; ?>
	<?php
	}
}

// Delay plugin execution until sidebar is loaded
add_action('widgets_init', 'widget_init_myuniquewidget');

I just need to work out now, how to add wiget options to the wp-admin panel and the next verions of my plugin will be done

Twittering with Tools

LINICKX.com is evolving, I’m not sure how yet but I’ve started by introducing twitter tools, google has changed the face of websites, according to google analytics my home page is not longer the top landing page, i.e. most people visiting my site hit the content they want directly and don’t need to navigate through the site… with this in mind I’m thinking about turning linickx.com into a tumblr type thing… twitter tools allows me to post short “thoughts” and “comments” without having to go through the full WordPress write post thing.

I started the idea along time ago when photomatt introduced asides, i.e. I’ve always had categories and different front page presentation styles for blog posts, firefox posts, delicious posts and then everything else… so I’m thinking about taking the idea further by creating individual posts,feeds and styles for delicious links and rss shared items (from google reader).

Since I want to keep my feed clean (it’s imported into many social networks like mugshot & facebook) I’ve used this post to filter out my new “sync” category… sync as in I’m synchronising my web life with my website – Oh Yeah before I foget don’t add the code to functions.php as it creates a php warning, create a wordpress plugin.

My web/work/social life is quite busy – who’s isn’t!… so I’m a little worried about how to style the whole thing I found a nice way of quote text with css, so the tweets look good, but I’m worried that bookmarks and shared posts could make the site look cluttered or confusing, I’ve already had to add a “twitter reply” link to each post since the 1st thing people have asked me is what’s twitter.. doh must be a UK web-ignorance thing.

I guess we’ll just see how this pan’s out, I’ve just renewed this domain, so it’d be nice to finish for the domains birthday

294 Unread Items

It’s taken me a few days to catch up with my x-mas RSS backlog, the below are worth a mention

A WordPress Plugin that removes the version info by BlogSecurity
AirX for the n800 fixed so I play display X apps on my tablet
An interesting GMail Security Article hit digg.
Some nice images (wallpaper) for my n800.
How to Backup your google account.
Cisco VPN Client for n800 ITOS2008 Released.
Some wordpress admin themes.
A Critical WordPress Upgrade 2.3.2 including a custom DB Error Page, which I suggested (believe it or not).
Official Sony Blog posts, DIY PS3 Hard Drive Upgrade.
Preview of new WordPress Admin interface online

CSS Styling Apache Directory Listings.

Before.

As part of my website overhaul, I’ve finally gotten round to styling my /files/ directory. I was surprised at how easy it was actually, and the benefits far out way the time taken to set it up, not only does this part of the site now “fit in”, but I can apply analytics tracking and adsense I’m sure there probably is a wordpress plugin that can achieve the same thing… probably better, but I find my list of plugins ever growing and since I don’t need on for this I figure if Apache can do it, let Apache do it!

The work can be done in one of two ways either by pasting Apache directives into a .htaccess file (in the directory you want to apply conf to), or in your httpd.conf you can wrap it all up in a

<Directory>

tag… something like

<Directory "/var/www/html/files/"> foobar> </Directory>

below is an example of a .htaccess file as that will apply to most people:

        RewriteEngine Off
        AddType text/html .shtml
        AddOutputFilter INCLUDES .shtml
        Options Indexes Includes
        IndexOptions FancyIndexing SuppressHTMLPreamble XHTML IconsAreLinks FoldersFirst SuppressDescription
        HeaderName /files/HEADER.shtml
        ReadmeName /files/README.shtml

Since my site uses wordpress with “pretty permalinks” enabled, the 1st thing I needed to do is disable mod re-write for the directory where I wanted listing enabled. Now if you check my /files/ page you’ll notice that the page title and tag line under “[LINICKX].com” change depending on what directory you are viewing, this is done with “Server Side Includes” (SSI), so the next two options in the above config set that up.

Now to take a look at the actual directory listing setup, it might be worth you taking a look at the Apache documentation for a full description, but the important ones to note are

Options Indexes Includes

to enable directory listing and switch on SSI, then you need

IndexOptions SuppressHTMLPreamble XHTML

to disable the default headers so that we can setup our style sheet and favour xHTML over HTML. Apache 2.2 users also have IndexStyleSheet available, but since I’m using CentOS4 we’ll do it this way. Finally you need the HeaderName, ReadmeName directives to tell Apache which file to look for (by default Apache looks for README.html, but that won’t support SSI)… note how my .shtml files are relative to my web root, these are not absolute paths on the file system, i.e. /files actually maps to /var/www/html/files.

You’re now good to go, HEADER.shtml should contain all the xHTML you want to appear before the directory listing, and README.html is everything after… make sure you include all the correct <html>, <body> and DOCTYPE tags.

Now you’ll want to get working is some dynamic content, for a simple “print current directory” you can use

<!--#echo var="REQUEST_URI"-->

in your html, further documentation on getting more magic is available here & here, I was able to knock up a simple line of code to print the current year at the bottom of the page….

<!--#config timefmt="%Y"-->
<small>Nick Bettison 2005 - <!--#echo var="DATE_LOCAL"--> &amp;copy; </small>;

Cool eh! The trick to watch out for is spaces in the above code, there should be no white space between

<--#echo

or the trailing

-->

After.

The final thing you’ll want to look at is those horible default icons! You have a couple of options: You can either simply replace/over-write the default ones (on my flavour of linux they are in /var/www/icons), or you can add

AddIcon /icons/tar.png .tar

to your htaccess file telling apache to look at tar.png rather than the default tar.gif, I found some deb archives which I extracted with file-roller (rather than trying to install anything) and simply changed the ones I was going to use…. I’m very please with the final result, I think it makes a big difference.

Happy Styling One & All!

Trouble-Shooting the WordPress Security White Paper.

I’ve been following the activity over at blogsecurity, their activities are very interesting and quite commendable. After some shameless delay I decided to read though their WP Security White Paper and apply some of the steps… yes I did say some, harden security folk will insist that you should follow all of the whitepaper to be security, which is probably true, but one should never forget that security is about risk… and in basic terms accessibility vs security, for example I won’t ever lock my wp-admin down to a single IP as I’ve been know to blog at work, home, around my parents place and even moderate comments on the train! Thus my wp-admin isn’t as secure as someone who did lock it down, but this is a risk I’m willing to live with.

One of the area’s that I did like was the tightening up of wp-includes & wp-content, but before you jump in and copy/paste what’s in the pdf into .htaccess, you should be prepared for some work. Basically

Order Allow,Deny Deny from all <Files ~ ".(css|jpe?g|png|gif|js)$"> Allow from all </Files>

when applied stops any file except .css,.jpeg/jpg, .png, .gif & .js from being accessible; now this is great for stopping zero-day remote file includes from php files but it will mean that any php file (even those you may want access to) will be restricted. What I’ve decided to do below is document what changes you need to make to the recommendation to get some popular plugins to work…. This approach will also have a long term impact on the “hardening plug-in” that the blogsecurity team are planning; basically the issue is – the default recommended .htaccess will break plugins, the number of plugins avilable for a wordpress install is unlimited thus they will need to provide a community driven configuration repository that the plugin can draw upon to open things up for specific plugins.

For the purpose of this documentation, I’m going to assume wordpress is installed in /var/www/html so please change appropriately.

For those who use the rich editor and need the spell checker, you’ll need to add this to your /var/www/html/wp-includes/js/tinymce/plugins/spellchecker/.htaccess

# Open up the spellchecker <Files "tinyspell.php"> Allow from all </Files>

To get the popular WP-Cache plugin to work changes are made to:/var/www/html/wp-content/.htaccess
Order Allow,Deny Deny from all <Files ~ ".(css|jpe?g|png|gif|js|html)$"> Allow from all </Files>
This will allow the static html files in the cache to be downloaded, now I didn’t get to the bottom of this, but I believe that the wp-cahe php files might be called directly, so if you are having problems see if this resolves it…
<Files ~ "wp-cache"> Allow from all </Files>
This will open up the wp-cache files as if you hadn’t installed the .htaccess in the 1st place – you have been warned, now you evaluate the risk

If you are using the google site map generator, then you can create a .htaccess file in/var/www/html/wp-content/plugins/google-sitemap-generator to allow the xml style sheet through:
<Files "sitemap.xsl"> Allow from all </Files>

The final one that might interest people is Share This, you’ll need at .htaccess in /var/www/html/wp-content/plugins/share-this with:
<Files "share-this.php"> Allow from all </Files>

As you might have gathered this does involve creating a lot of .htaccess files, which is a bit of a pain, if you’re fortunate enough to run your own web server and have access to your httpd.conf you can actually keep these all in one file, keeping with the last share this example, instead of creating a .htaccess in /var/www/html/wp-content/plugins/share-this you can edit your httpd.conf and just wrap the code in <Directory>, so you could actually paste this:
<Directory "/var/www/html/wp-content/plugins/share-this/">
<Files "share-this.php"> Allow from all </Files> </Directory>
I hope this all makes sense, and is of some use to someone…good luck to the blogsecurity team, if you need any help feel free to shout

Website Changes.

Today has been a busy day for linickx.com the poor server must be tired, I’ve made a whole load of changes today including wordpress upgrades and url moves – I’ve removed the word “blog” from everywhere as it was kinda redundant

Some content still needs to be ported from my custom php to wordpress, but it should all be finished soon. I’ve got the wonderful redirection plug-in taking care of everything, if you experience any problems please let me know !

A Linux / Command line: how to upload to wordpress wp-plugins.org via subversion ( SVN )

Could that title get any longer !

Hopefully you get the point, sometimes you need different tools for different jobs, if you want a full development platform with SVN support I suggest you take a look at eclipse (with subclipse ) but what if you already have done the development and you just want to do a quick upload.

My phpbb_recent_topics plugin is hosted here, and when the nice guys at wordpress gave me an svn account, I just wanted a quick way to upload what I’ve done. Now I must stress this may not be the “proper” way to use svn (there’s a book for that) but it is enough to achieve what we want, a straight forward upload.

I’m using redhat, so the 1st step was to install dag’s subversion rpm , I also needed to setup an “editor” variable for commenting.

SVN_EDITOR=vi
export SVN_EDITOR

Then, I went into a directory onto my server, and downloaded a copy of the existing subversion directory structure.

[nick@SERVER wp_plugins]$ svn checkout https://svn.wp-plugins.org/phpbb-recent-topics/
A    phpbb-recent-topics/trunk
A    phpbb-recent-topics/branches
A    phpbb-recent-topics/tags
Checked out revision 9232.
[nick@SERVER wp_plugins]$

My plugin (at the time) was on version 1, so my 1st steps were to create a version 1 tag, add it to svn, get the stable copy of my plugin, add that to svn.

[nick@SERVER wp_plugins]$ cd phpbb-recent-topics/
[nick@SERVER phpbb-recent-topics]$ ls
branches  tags  trunk
[nick@SERVER phpbb-recent-topics]$ cd tags/
[nick@SERVER tags]$ mkdir 0.1
[nick@SERVER tags]$ cd ..
[nick@SERVER wp_plugins]$ svn add phpbb-recent-topics/tags/*
A         phpbb-recent-topics/tags/0.1
[nick@SERVER wp_plugins]$ cd phpbb-recent-topics/tags/0.1/
[nick@SERVER 0.1]$ wget http://www.linickx.com/files/php/phpbb_recent_topics.txt
[nick@SERVER 0.1]$ mv phpbb_recent_topics.txt phpbb_recent_topics.php
[nick@SERVER 0.1]$ svn add phpbb_recent_topics.php
A         phpbb_recent_topics.php
[nick@SERVER 0.1]$

Finally I updated everything, and uploaded (committed) my files.

[nick@SERVER 0.1]$ cd ../../../
[nick@SERVER wp_plugins]$ svn update phpbb-recent-topics/
At revision 9232.
[nick@SERVER wp_plugins]$ svn --username linickx commit phpbb-recent-topics/
Adding         phpbb-recent-topics/tags/0.1
Adding         phpbb-recent-topics/tags/0.1/phpbb_recent_topics.php
Transmitting file data .......
Committed revision 9233.
[nick@SERVER wp_plugins]$

Remember this doesn’t publish your plugin on wordpress.org, to do that you need a valid readme.txt in the trunk directory, but as you can see once you’ve created all the files on your local box, it’s just a few commands to get your work uploaded.

Did you notice that the wordpress svn supports SSL ?

More WordPress Exploits on Milw0rm

I’ve posted about the popularity or wordpress having a negative effect before. Here I pointed out only days after a security bug being patched by the WP Team, an exploit was freely available….. the up-shot being that we’ve only days to respond and patch our blogs (this could be a real problem should we dare to take a holiday ! )

The thing is, the problem appears to be getting worse, now plug-in exploits [1] [2] [3] are being posted, this is worse because many of us use a lot of plug-ins and without some kind of updating mechanism it’s difficult to stay onto of patching.

There is a plug-in that may help here, I say may, since I didn’t get a lot of joy, it couldn’t detect a load of my plug-ins, and I know the idea has been floated so others obviously share my concern, let’s hope for a main-stream solution soon

WordPress Exploit on Milw0rm.

Following yesterdays security announcement for wordpress, a freely available exploit has been published on milw0rm. What this means is… if you haven’t upgraded DO IT NOW, as the amount of attacks will go up very quickly.

If you look through the exploit you can see that it takes advantage of existing user accounts, so a further security option can be to disable the “anyone can register” option… within wordpress admin, click options -> general and “untick” the box. (If it is on and you don’t need it)

Note the explot mentions that it hasn’t been tested on the 2.0.x series, but bare in mind that the wordpress team updated both trees so the chances are it will work, so both 2.1.x & 2.0.x users should upgrade.