labs.dagensskiva.com

Updated dagensskiva.com with the patch for XML-RPC released in conjunction with WordPress 2.3.3:

WordPress 2.3.3 is an urgent security release. A flaw was found in our XML-RPC implementation such that a specially crafted request would allow any valid user to edit posts of any other user on that blog. In addition to fixing this security flaw, 2.3.3 fixes a few minor bugs. If you are interested only in the security fix, download the fixed version of xmlrpc.php and copy it over your existing xmlrpc.php. Otherwise, you can get the entire release here. 

Decided to patch rather than do the entire update since we have a lot of registred users that potentially could exploit the security flaw, to make a quick fix to a potential situation.

You can add dagenskiva.com as a webclip on your iPod Touch or iPhone, with a pretty icon, for one click access.

The icon that the iPod looks for is the apple-touch-icon.png file, located in the sites root directory.

I’ve put up the latest in the string of plugins derived from the development work of dagensskiva.com into the WordPress Plugin repository. It is called ‘Post Links’, and is a system to add links to a post (as many as you want), and then easily display them in templates.

More information about the plugin can be found here, and it can be downloaded from WordPress.org.

The plugin can be seen in action on e.g. this review, under ‘Externa Länkar’.

We have now released our ad management WordPress plugin developed for dagensskiva.com. More info about the plugin can be found here.

The plugin can be downloaded from Wordpress.org.

As usual, this is beta software, and it’s licensed under the GPL:

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see .

Do enjoy, and I appreciate any feedback.

I upgraded our servers to WordPress 2.3.2, which offers a security fix and some xmlrc enhancements (which I don’t think anyone uses). A pretty smooth ride as of yet. Through some plugin work, there’s only one thing that we have to hard-hack in the WordPress codebase - this relates to bbPress’ feeds that are blocked by a 404 from WordPress.

I also upgraded to More Fields version 0.4 and Ad-minister version 0.3.2. I’m gonna do some finishing touches to the latter plugin and roll out version 0.4 to the WordPress SVN server - hopefully I’ll get around to that this weekend - it is a nice plugin, even if I say so myself…

And, apparently it’s WordPress and not Wordpress.

Now that the votes have been counted for the selection of the Record of the Year 2007, I’ll post the image that was shown if a visitor tried to vote more than once. Kal made it on http://mine.icanhascheezburger.com and it cracks me up every time.

Finally, having uhhmm’d and ahhrree’d about implementation, I’ve decided submit the 0.4 beta version of the ‘More Fields’ plugin to the Wordpress Plugins CVS server, else it might never happen.

You can find more information about the plugin here. I’m hoping to update the examples to reflect the current look of the plugin, albeit I’m still hoping for a redesign of the ‘More Fields’ admin for some future version.

You can download the plugin from Wordpress.org.

The plugin is a beta, which means it might be riddled with bugs and oddities that might sink your particular Wordpress ship. It is released under the GPL license.

As always, feedback and comments are always very much appreciated.

I’m quite exited to see this one out the door. There are another two proprietary plugins that we currently run on dagensskiva.com - one that handles the external links associated with posts, and one (sizable) ad-management system. I’m hoping that these will also be released shortly.

At dagensskiva.com we don’t necessarily want to list artists by the first letter of their name, e.g. we want The White Stripes to be listed under W, not T. The following MySQL ORDER clause will perform such as sort.

SELECT artist FROM bands ORDER BY IF(LEFT(LOWER(artist), 4) = 'the ', LOWER(RIGHT(artist, LENGTH(artist)-4)), LOWER(artist)) ASC

Which will also ignore the case of the first letter after the The when sorting by transposing down to lowercase. I’m forcing to a hex conversion to deal with åäö, not sure how that will work in character sets other than UTF8.

My feeling is that there is a cleaner way to do this - do let me know if there is a prettier way of doing this.

Edit (01/01/2008): As Johan Dahlin pointed out, locale based sorting is not the work of the developer, but the database. Thanks for the help!

I’ve been working on a plugin that uses the custom fields (post meta) to hold settings and content. To transfer the settings of the plugin from the development server to the live server (yes, we’re skipping staging, hoping to set one up soon), I thought the simplest way was to create a Wordpress xml export file, for this one post, accessible via one simple link click.

The link to the xml file looks like this (btw, the plugin is called ADMinister, which is a plugin to handle advertising, and other temproary content, not related to specific pages or posts):

<a href="<?php echo get_option('siteurl'); ?> /wp-admin/export.php?download=true&administer=true">
Download</a> Worpress xml export for one post.

And in the plugin, the following bit of code will alter the export process to only export the specified ID or IDs.

function p2m_export_administer () {
   global $post_ids;
   if ($_GET['administer'])
      $post_ids = array(get_option('p2m_ad_post_id'));
}
add_action('rss2_head', 'p2m_export_administer');

The id of the page/post is held in the option ‘p2m_ad_post_id’, and the url parameter ‘administer’ is used to signify that we want to later the behaviour of the export. The global parameter $post_ids is the array that holds the ID of what to export. Even though we’re intent on only exporting one, the parameter must remain an array.

The xml file can then be imported into another Wordpress installation. Obviously, this is rather inflexible if you want to transfer settings back and forth, but the point here is to illustrate how to better control the Wordpress xml export file.

We had a bug whereby the user was declared a bozo (dåre) by bbPress, when posting in Wordpress Admin, so that articles could not leave the draft stage. We made a small bbPress plugin that fixes this problem. It should reside in the my-plugins folder in the bbPress installation and needs to be activated (which you need to be a Keymaster to do).

Download the plugin