ArbuZz
Forum Replies Created
-
Forum: Fixing WordPress
In reply to: Secutity Patch without Upgrade..?Damn… as usual…
Thank you for your time and concern though!
Upgrading is not an option for us right now ?? It’s just not an option…
I think “upgrade-or-die” approach is very bad, having in mind all the problems that 2.8 unexpectedly brought to regular users. Despite of all the goodies, this case can become a stumbling-block for wordpress ubiquity. Those multiple bugs (https://www.securityfocus.com/archive/1/506011) might be just a sign of bigger problems to come.
I’m in a middle between regular user and developer, so I’ve heard number of different opinions about 2.8+. And they are not positive. One just can’t explain properly to website owner why a plugin that worked perfectly for ages, suddenly stopped working in 2.8 and has to be replaced with something else. Unexpectedly people around the world got stressful and frustrating hours and days, degrading their blogs. And now they got driven into painful situation, when upgrading is pain, and not upgrading is potentially even more pain.
That’s just not right.
Especially when the whole fix consists of just several lines in this or that file.
I’ve found another “fix” fro another bug here:
https://www.google.com/translate?js=y&prev=_t&hl=en&ie=UTF-8&u=http%3A%2F%2Ftoscho.de%2F2009%2Fwordpress-2-8-3-das-doppelslash-problem%2F&sl=de&tl=en&history_state0=??
Forum: Fixing WordPress
In reply to: Secutity Patch without Upgrade..?Wow,
I guess that’s exactly what was patched. Having that narrowed to wp-login.php, I’ve found this:
https://lists.grok.org.uk/pipermail/full-disclosure/2009-August/070137.html
Thank you very much!
Forum: Fixing WordPress
In reply to: Secutity Patch without Upgrade..?319 files… ouch.
Although I think doing diff between 2.8.3 and 2.8.4 should reveal that security change. Hm… that’s an idea by the way. Thank you. Is there a quick way to make that?
Forum: Fixing WordPress
In reply to: Secutity Patch without Upgrade..?Yeah, very sad…
Does anyone know what files were patched? I’m pretty sure the whole fix is just several additional lines maybe. Anyone?
Forum: Fixing WordPress
In reply to: $wp_default_secret_key mismatching with AUTH_KEYNo luck here. Same error, but changing of AUTH_KEY doesn’t help. In fact I use official key generator at: https://api.www.ads-software.com/secret-key/1.1/.
I have qtranslate too. What’s that $wp_default_secret_key variable anyway?
Help appreciated.
Forum: Plugins
In reply to: New plugin – SuperSlider-ShowLooks like great plugin. Thank for you work. Although I got: “this.setOptions is not a function” error in firebug and no slideshow in the post ?? I use default settings. What could the problem?