WordPress Weekly Episode 3

This week there is a ton of stuff to talk about. We have the bombshell that was dropped the other day noting that Matt and Toni of Automattic secured a Series B round of funding for $29.5 million dollars. That last part will actually be discussed on Episode 4. Then we have the improvements that have gone into the code for WordPress 2.5. We also dive into the conundrum of what makes a WordPress theme Premium. WordCamp Dallas is right around the corner and we give you the 411 about the event. Saving the best for last is our WordPress Tips of the week.

Panel Members:

Ronald Huereca: Contributing editor for WeblogToolsCollection.com and raproject.com. Author of the WordPress Ajax Edit Comments plugin.

Catch his personal musings at Ronalfy.com

Andrew Rickmann: Long time user of Wordpress who has molded themes, plugins and hacks within the WordPress code. Fun with Wordpress is Andrew’s solution to putting all those thoughts in one place, and giving something back to the community.

Catch his work at FunWithWordPress

David Peralty: Man who seemingly needs no introduction, but I’m going to give him one anyways. David is a very busy man who has love/hate relationships with WordPress. He currently is the marketing guy for SplashPressMedia and has coded over 100 themes for WordPress.

You can catch all of David’s blogging related material here BloggingPro

Show Notes:

WP-Forum SQL Injection Vulnerability – Earlier this week, the websec security team has discovered a vulnerability within this plugin that can be exploited by malicious users to conduct SQL injection attacks

WordPress.com Winners Of The Crunchies - Techcrunch held their little get together called the Crunchies and WordPress.com ended up taking two of the nominated categories. WordPress for Most Likely to Succeed and Toni Schneider for a well-deserved Best Startup CEO.

WordPress.com Storage Goes From 50mb to 3,000mb – Matt Mullenweg announced that because of the optimizations that have taken place in the backend of WordPress.com, they are now able to offer all WordPress.com users 3 gigs of space. Matt also said that those who purchased a 1GB upgrade will automatically be bumped up to 5GB at no additional charge.

WordPress Weekly Digest For January 14th – January 20th – In the latest round of updates to be included in WordPress 2.5 there are a few things that caught my eye.

• Updates to get_sidebar() to allow for multiple named sidebars (#5615).
• Initial migration to TinyMCE v3.0 RC1 (#5674).
• New functionality to allow for editing of post slugs within there permalink context (#5679).
• Changes to the APP implementation to ensure that timestamps can be updated on already published posts (#5680).

Matt Cutts Offers Tips To Secure WordPress – Matt has published an article which highlights three different ways to secure your WordPress installation. The first tip involves locking down your Admin directory. Matt configures his .hatccess file so that only his IP address is allowed to access the WP-Admin directory. For the second tip, you should create a blank index.html file to place into your wp-content/plugins directory. Not doing so allows your plugin folder to be wide open, giving nosy people an idea as to what plugins you have installed.

Matt’s third and final tip involves subscribing to the official WordPress development blog – http://wordpress.org/development/feed/ As we should all know by now, this is the best way to stay up to date.

Matt also offers a bonus tip where he suggests removing the line of code within your header.php file that publishes your WordPress version. This is to prevent your WordPress version number from being publicly viewable.

WordPress.com Still Growing According To Compete.com – Compete.com released a list of the fastest growing and declining sites of 2007. These stats are made up of the top 1,000 domains in between December of 2006 and December of 2007. However, WordPress.com appears to have grown by 523% with 24,393,457 visits. Great news for WordPress.com despite Compete being the one to show case these statistics.

WordPress/Automattic Blog By Team Members – is (going to be) written by various team members at Automattic and their goal is to help all publishers get the most out of WordPress. They will cover features that are often overlooked, highlight plugins that extend WordPress functionality and showcase interesting sites being built with WordPress. They are looking for publishers working on innovative projects using WordPress and would like to field questions from users. From the comment that Raanan left on PressedWords, it would appear that they want to focus on large WordPress installations that are doing lots of custom work and help publishers find the proper resources.

What Makes A WordPress Theme Premium? – Ronald Hureca asked this question back on January 12 and boy did he get a response. Answers ranged from premium meaning PAID FOR to better support with more features than your average theme.

Dean’s Migration Plugin Vulnerability – According to an advisory released by Packetstorm, a fellow by the name of g30rg3_x has discovered two bugs within Dean’s Permalinks Migration Plugin version 1.0. The first bug relates to XSRF and can allow an attacker to force a user to perform an unsolicited action that when combined with an XSS bug that has also been discovered, allows the attacker to gain valid credentials.

WordPress Tips Of The Week:

Jeffro2pt0 - Add Buttons To Text Editor – WP Candy published an awesome tutorial which highlights how to add custom buttons/functions to your visual text editor. For instance, I’ve managed to add a H1 and H2 button to my visual text editor so I no longer need to access the dropdown menu.

Ronald – His tip this week is for plugin and theme authors. An effective way of demonstrating your plugin and/or theme is through a screencast. For Mac users, there is a great program (for $30) that makes great screencasts called Screenflick

I added that I have sometimes used a program from TechSmith called Camtasia Studio It’s not cheap but it works, $299.00 If you know of a better solution for Windows user’s and screen capture software, let us know in the comments.

Andrew - Firstly I want to encourage WordPress users that are maybe comfortable with modifying their own theme to just get stuck in and produce their own plugin; just for their own personal use. Not every plugin needs to be a a fully featured, released, plugin with admin pages and customizable options. Learning how to put together something really quick and basic, perhaps with a single hook and a single function can let you do some really interesting things.

Secondly I really want to make a point of how useful a good knowledge of the wordpress.org codex can be. In particular it helps to understand how to find things; for example, I regularly just search for functions from the wordpress.org home page because I know that will generally give me the functions reference page. The more of the codex you read the more you start to understand the mindset behind some things such as templates.

I mentioned that, while it is possible to display category specific content using conditional tags, the template system will actually look for a category, and now a tag, specific template page as the first step in the template hierarchy. There is more information on that at http://codex.wordpress.org/Template_Hierarchy

David - Dave lets us know of a blog metrics plugin that is especially useful for multi-author blogs. This plugin gives you at a glance information such as author contributions and conversation rates. A good plugin to have to monitor who is doing what.

Listener Participation:

So how can you be a part of the show? Well, there are a number of ways. The easiest way is to create an account on Talkshoe.com. Then, download and install their client software. The Talkshoe software serves as a bridge of communication between the host, and his/her listeners. The software contains a chat room as well as phone number information to call into the show.

However, you do not need to install the software in order to listen to the show live. Friday at 9PM EST, look on the front page of Talkshoe.com or click on the LIVE NOW button and look for the Wordpress Weekly show. Instead of clicking on the JOIN IN button, click underneath where it says LISTEN ONLY. This will tune you into the live stream.

If you want to call in to the show via telephone, Skype, etc., use your phone to call 724-444-7444 and follow the audio instructions. *Note* In one of the recent updates to Talkshoe, anonymous calling is now supported. This means you can call in and participate without the need to create a Talkshoe account. However, if you have a Talkshoe account, your registered name will show up within the Talkshoe client letting others know who is speaking.

You can also use SIP clients such as ProjectGizmo or X-Lite. For example, when I use X-Lite to dial in, I type in 123@66.212.134.192 and then follow the audio directions.

Remember this information as it will be required when you want to dial into the show.

Talkcast Name: WordPress Weekly

Talkcast ID: 34224

Phone Number: 724-444-7444

This would also be a good time to remind you that Talkshoe now has a web client that you can access without the need to download and install anything. The web client makes it as easy as pie to participate in the show.