Breadcrumb NavXT 5.2.2

This is the second, bug fix release of the 5.2 branch of Breadcrumb NavXT. It fixes a bug, introduced in 5.2.1, where the current item would only use the internal default breadcrumb templates rather than the correct breadcrumb template from the settings. Additionally, the set of translations that ship with Breadcrumb NavXT were updated to include all current translations with 90% or higher completeness. Finally, a bug in the logic for the multisite settings mode warning in the settings page (when BCN_SETTINGS_USE_NETWORK is defined) has been fixed, previously it would throw PHP warnings.

As always, you can grab the latest version of Breadcrumb NavXT from the Breadcrumb NavXT page. If you experience any issues with this version of Breadcrumb NavXT, please leave a comment on this post detailing the issue.

-John Havlik

[end of transmission, stay tuned]

Breadcrumb NavXT 5.2.1

This is the first, and hopefully only, bug fix release of the 5.2 branch of Breadcrumb NavXT. Four bugs relating to the breadcrumb trail for attachments were fixed, a bug relating to support for search pretty permalinks, a bug relating to how empty URLs are handled by Breadcrumb NavXT, and a bug in the text domain and domain path in the plugin header were fixed.

For the attachment bugs, attachments to the front page and the page post type now have the proper breadcrumb trail generated, without PHP warnings. Additionally, media that has not been attached to a post/page now have proper breadcrumb trails generated.

As always, you can grab the latest version of Breadcrumb NavXT from the Breadcrumb NavXT page. If you experience any issues with this version of Breadcrumb NavXT, please leave a comment on this post detailing the issue.

-John Havlik

[end of transmission, stay tuned]

10 Years Using WordPress

Ten years ago, this blog was created. Sure, I had written a few posts on another platform. However, it was ten years ago that I made my first post within WordPress (version 1.5 at the time). JD had just setup a WordPress install for me on Weblogs.us, and the post was a simple “This is my new blog” type post (no longer available).

Since then, I adopted and rewrote a plugin that is now approaching 2 Million downloads and an estimated 300k active users. By no means was this my first plugin, and it is not the last one I will create (something new will be arriving late this summer). While I had been playing with (x)HTML and CSS for years before WordPress even existed, I learned PHP through extending WordPress—some purists may cringe at the thought, but that is not my problem.

Additionally, I have had the opportunity to be a server administrator for Weblogs.us, starting back when we still ran Apache on Windows. Since that time, we’ve moved to Gentoo/Funtoo Linux VM guests on top of the hardware. And, in late May, we will begin migrating select Weblogs.us users to new Nginx+PHP-FPM setup running on top of some new hardware.

Lastly, I’ve attended 6 WordCamps, and have presented at 5 of them on 6 different topics in 8 sessions. This includes all 3 times WordCamp Minneapolis has been held, thus far. This year, I plan on attending more WordCamps than I’ve been able to in the past (really want to get to Austin and out to the West Coast). Not only are they a great excuse to see new cities, they are a great place to meet members of the WordPress community in person.

-John Havlik

[end of transmission, stay tuned]

I’m Speaking at WordCamp Minneapolis 2015

My presentation titled “Writing (more) Secure Plugins” was accepted into developer’s track for WordCamp Minneapolis 2015. This presentation aims to enlighten WordPress plugin developers of common attacks and preventative measures that should be taken within any WordPress plugin.

Topics covered include: Plugin security best practices, data sanitization (and validation), action authorization, and permissions. As always, this is a non-exhaustive list of the topics I’ll cover but it should give a feel for what I’ll be talking about.

-John Havlik

[end of transmission, stay tuned]

TLS, HTTPS, Weblogs.us and the Generation 4 Layout

One thing I have not talked about in a while is Weblogs.us. Currently, we are busy designing and deploying what I am calling the Generation 4 Layout. This new layout includes a migration to Nginx, PHP5.5 and a few other goodies that will make things faster for everyone.

A big benefit for this new layout is it will be easier for us to support HTTPS on end user sites. Now that Google is pushing everyone to this, we’re going to be ready. Since we have a limited number of IP addresses available to us, we will be using Server Name Indication extensions to TLS to do this. Additionally, as of now, only users with their own domain names who purchase a TLS/SSL certificate will be supported. At the moment, we are not planning to purchase a wildcard TLS/SSL certificate to cover all subdomain users.

Deployment Timeline

Currently, we are in the process identifying candidate sites to migrate to the Generation 4 Layout as part of a test roll out. Initial deployment is slated for mid May. Starting in mid July, we will start general deployment of the new layout. The plan is to decommission the old virtual machines holding the Generation 3 Layout by the end of 2015.

-John Havlik

[end of transmission, stay tuned]