pik256

Therefore, I suggested this as an option, not as hardcoded behaviour.

wp-quiz.php, line 25:
require_once dirname( WP_QUIZ_FILE ) . '/vendor/autoload.php';
but there is neither /vendor directory nor autoload.php file in it.
plugin is incomplete

WP statistics plugin has a design error. In general, in order to collect statistics, it is necessary that each page view is recorded in the database. This can be done in two ways: either when displaying the page, update the database immediately, within the same request, or by including an additional javascript on the page to send statistics data to application to be recorded. This is how google analytics works, as the GA application runs on a different server than wordpress itself.

In the case when the statistics database is on the same server as wordpress, the first approach is less overloading this server, because the request is single and this is how this plugin commonly works. However, with caching plugins the page is read out of cache memory, the generating page script is not run and the statistics would not be able to update the database. Therefore, wp-statistics, when working with caching plugins, uses the second method – an additional database update request. Up to this point, everything works fine. The error is in what exectly is sent with that request. Unlike google analytics, this additional request does not contain the data of the user who sends it. The author of wp-statistics took shortcuts and instead of generating this data with a javascript in the internet user’s browser, he calculated all of them earlier, wrote then to the generated page, and placed them in the server’s cache. As a result, each visitor who visits the page sends data to update the statistics, but it is not his data, but data of the first visitor, who caused the page being generated and cached. The wp-statistics plugin receives this request, verifies it, and concludes that it has already been registered, and therefore rejects it. The request loads the server, runs a computation, and then throws it into the trash bin.
For verification see any cached page: it contains something like

<code><script>var WP_Statistics_http = new XMLHttpRequest();WP_Statistics_http.open('GET', 'https://.../wp-json/wp-statistics/v2/hit?_=xxx&_wpnonce=yyyy&wp_statistics_hit_rest=yes&browser=...&...&current_page_id=...', true);WP_Statistics_http.setRequestHeader(&quot;Content-Type&quot;, &quot;application/json;charset=UTF-8&quot;);WP_Statistics_http.send(null);</script></code>

All these data should be calculated at users browser and not cached at server side.

• This reply was modified 3 years, 9 months ago by pik256.

Oops, I should have posted it at another plugin forum. Sorry for the mistake.

The same error in 5.0.3:

`[24-Feb-2021 14:25:55 UTC] PHP Fatal error: Uncaught Error: Class ‘ZeroSpam\Includes\DB’ not found in wp-content\plugins\zero-spam\includes\class-plugin.php:144
Stack trace:
#0 wp-content\plugins\zero-spam\includes\class-plugin.php(120): ZeroSpam\Plugin->init_components()
#1 wp-includes\class-wp-hook.php(287): ZeroSpam\Plugin->init()
#2 wp-includes\class-wp-hook.php(311): WP_Hook->apply_filters()
#3 wp-includes\plugin.php(484): WP_Hook->do_action()
#4 wp-settings.php(557): do_action()
#5 wp-config.php(93): require_once(‘…’)
#6 wp-load.php(37): require_once(‘…’)
#7 wp-blog-header.php(13): require_once(‘…’)
#8 index.php(17): require(‘…’)
#9 {main}
thrown in wp-content\plugins\zero-spam\includes\class-plugin.php on line 144`

BTW. I can see class DB definition in includes/zero-spam.php file, but I cannot find ‘require’ or ‘include’ for this file in zero-spam sources.

The bug is located in includes/class-wp-statistics.php in function includes().
Cron is not admin but you have a code (line 160 and next):

        if (is_admin()) {
            ...
            require_once WP_STATISTICS_DIR . 'includes/admin/class-wp-statistics-admin-purge.php';

To fix it you must move require_once statement before is_admin() condition

But of course, I use it. I can assign this name to status in utf8. It works. But when I choose the status from list in plugin options (as a target status for close button) and save it, then after reloading an options page this option is empty.

the same in submit_reply_confirm_box.php:
_e('Submit Reply?','wp-support-plus-responsive-ticket-system-ticket-system')
instead of
_e('Submit Reply?','wp-support-plus-responsive-ticket-system')

I could tell you the reason why to disable comments. Sometimes there are several hundreds pictures in gallery and people watch them clicking 2-3 times per second: next, next, next. This could be faster then processing requests like

GET /wp-admin/admin-ajax.php action=get_attachment_comments&nonce=….

On the server side the request queue and server load grow and grow and after a few minutes user is blocked as DOS attack (if you are lucky and have DOS protection) or your server have problems for some time.

I know that thoughtless clicking is stupid and such idiots deserve blocking but your code could be foolproof and disabling comments, particularly when you do not use them is wise solution.

thanks
My wordpress runs on Windows 2012 (IIS 8.5 + PHP 5.5.10 + MySQL 5.6.16)

turn off javascript and try to register

Well, this must be difference in php configuration, OS, version or something else. In this situation the only way for me is to sit down and debug. I wanted to avoid it because of complexity of regexp and lack of reasonable debug environment. But I will do all my best. Maybe next weekend…

OK. It was not so easy because I used Firefox, but finally I found the way. First, you have to use Internet Explorer. IE visual editor preserves hard spaces. Firefox replaces all hard spaces with soft spaces so even simple edit-save with no change removes all [C2 A0] sequences from text.

Second, copy text from this page and paste it into WP visual editor (in IE). The first enumerated line ends with hard space [C2 A0]. Dewidowing is turned off. After turning it on, the last fragment of the line (included between </sup> and </li> tags) disappears.

Well, I use CapsMan and exactly – I cannot do this with it.
If I grant user (not admin) edit_users capability then he can edit any account (including his own) elevating it to administrators role.
CapsMan author is going to resolve the issue in the future so I searched for presently working solution.

I have the same need and I am searching for plugin. I am a newbie for WP and cannot create a plugin yet but I have found the following function in wp-admin/includes/user.php. It suggests that since 2.8 users could have limited rights to assign roles.

/**
* Fetch a filtered list of user roles that the current user is
* allowed to edit.
*
* Simple function who’s main purpose is to allow filtering of the
* list of roles in the $wp_roles object so that plugins can remove
* innappropriate ones depending on the situation or user making edits.
* Specifically because without filtering anyone with the edit_users
* capability can edit others to be administrators, even if they are
* only editors or authors. This filter allows admins to delegate
* user management.
*
* @since 2.8
*
* @return unknown
*/
function get_editable_roles()
…