Yearly Archives: 2015

I’m Speaking at WordCamp Minneapolis 2015

Posted by in Announcements

My presentation titled “Writing (more) Secure Plugins” was accepted into developer’s track for WordCamp Minneapolis 2015. This presentation aims to enlighten WordPress plugin developers of common attacks and preventative measures that should be taken within any WordPress plugin.

Topics covered include: Plugin security best practices, data sanitization (and validation), action authorization, and permissions. As always, this is a non-exhaustive list of the topics I’ll cover but it should give a feel for what I’ll be talking about.

-John Havlik

[end of transmission, stay tuned]

TLS, HTTPS, Weblogs.us and the Generation 4 Layout

Posted by in Weblogs.us

One thing I have not talked about in a while is Weblogs.us. Currently, we are busy designing and deploying what I am calling the Generation 4 Layout. This new layout includes a migration to Nginx, PHP5.5 and a few other goodies that will make things faster for everyone.

A big benefit for this new layout is it will be easier for us to support HTTPS on end user sites. Now that Google is pushing everyone to this, we’re going to be ready. Since we have a limited number of IP addresses available to us, we will be using Server Name Indication extensions to TLS to do this. Additionally, as of now, only users with their own domain names who purchase a TLS/SSL certificate will be supported. At the moment, we are not planning to purchase a wildcard TLS/SSL certificate to cover all subdomain users.

Deployment Timeline

Currently, we are in the process identifying candidate sites to migrate to the Generation 4 Layout as part of a test roll out. Initial deployment is slated for mid May. Starting in mid July, we will start general deployment of the new layout. The plan is to decommission the old virtual machines holding the Generation 3 Layout by the end of 2015.

-John Havlik

[end of transmission, stay tuned]

Tagged: ,
Updated:

How to Remove Breadcrumb NavXT 5.0 Migration Compatibility Layer

Posted by in Guides

From version 5.0 through 5.1.1, Breadcrumb NavXT included an extra plugin named “Breadcrumb NavXT 5.0 Migration Compatibility Layer”. The purpose of this plugin was to help overcome a bug in WordPress that causes plugin updates to break if the file containing the plugin header changes. Beginning in 5.2.0, Breadcrumb NavXT no longer includes the Breadcrumb NavXT 5.0 Migration Compatibility Layer.

If you still have the Breadcrumb NavXT 5.0 Migration Compatibility layer activated when upgrading to Breadcrumb NavXT 5.2.0 you may see the following PHP warning:

Warning: fopen(…/wp-content/plugins/breadcrumb-navxt/breadcrumb_navxt_admin.php): failed to open stream: No such file or directory in …/httpdocs/wp-includes/functions.php on line 4183
Warning: fread() expects parameter 1 to be resource, boolean given in …/httpdocs/wp-includes/functions.php on line 4186 Warning: fclose() expects parameter 1 to be resource, boolean in …/httpdocs/wp-includes/functions.php on line 4189

As long as Breadcrumb NavXT is activated, the warning message above can be ignored. It is only warning that the Breadcrumb NavXT 5.0 Migration Compatibility Layer was activated but is no longer available. If Breadcrumb NavXT is activated, then the Breadcrumb NavXT 5.0 Migration Compatibility Layer was not doing anything useful.

Migration Compatibility Layer Removal

Updating to Breadcrumb NavXT 5.2 should automatically remove the Breadcrumb NavXT 5.0 Migration Compatibility Layer. However, if you are on an earlier version, you may remove the Breadcrumb NavXT 5.0 Migration Compatibility Layer by performing the following, using a FTP client (or SSH/SCP client) navigate to your WordPress install’s plugins directory. Find the breadcrumb-navxt directory. Within the breadcrumb-navxt directory, there should be a file named breadcrumb_navxt_admin.php, delete this file.

-John Havlik

[end of transmission, stay tuned]

Breadcrumb NavXT 5.2.0

Posted by in WordPress > Plugins

Holy feature refinement Batman! Breadcrumb NavXT 5.2.0 features several squashed bugs, a slight change in how post type archives are handled, and refinements in the settings page. Additionally, the Max Title Length setting was deprecated, in favor of using CSS to limit the title length.

PHP Requirements

Breadcrumb NavXT 5.2.0 drops support for PHP5.2 and below. The migration to the new adminKit library has introduced code that depends on language features present only in PHP5.3 and newer.

Changes Post Type Archives

In prior versions, if enabled, post type archive breadcrumbs would always represent the post type of the current post’s post type. In most cases this is the desired behavior. However, if using “post parent” as the post hierarchy, it may be preferable to use the post type of the top post in the hierarchy. This is the new behavior in 5.2.0. It was introduced to improve support for bbPress, is it has several post types with the post parent hierarchy spanning multiple post types.

Deprecation of Max Title Length

Limiting the length of titles within breadcrumbs has been a feature in Breadcrumb NavXT since its inception. While the current implementation of this feature is more sophisticated than the original implementation, it has flaws that are not easily fixed. It does not understand HTML, and thus can break HTML tags. Additionally, from a semantical point of view, the breadcrumb trail markup should never be truncated. Back in August, a guide on using CSS to limit the breadcrumb title length was release, this is now the officially recommended method of limiting the breadcrumb title length.

Settings Page Updates

Breadcrumb NavXT 5.2.0 updates to a new version of adminKit, with this new version comes two enhancements: improved settings saving feedback, and stylized enable/disable setting groups.

Previously, when saving settings, if something failed other than parts of the submitted settings, nothing was reported. This has been fixed to report when settings were not saved, and when the settings were not saved due to no changes in value for any of the settings.

Additionally, settings that depend on another setting to be checked/enabled will automatically be unavailable (disabled) until the dependency setting is checked/enabled. This is intended to clarify what settings will/can be used given the current settings configuration.

The Translation Team

[glot-translators=breadcrumb-navxt]

As always, you can grab the latest version of Breadcrumb NavXT from the Breadcrumb NavXT page. If you experience any issues with this version of Breadcrumb NavXT, please leave a comment on this post detailing the issue.

-John Havlik

[end of transmission, stay tuned]

Breadcrumb NavXT 5.2 and PHP5.2

Posted by in WordPress > Plugins

Breadcrumb NavXT has maintained PHP5.2 compatibility ever since WordPress dropped PHP4 support about four years ago. However, the time has come to move past PHP5.2 and on to newer versions of the language.

Due to new features in the upgraded adminKit library, Breadcrumb NavXT 5.2 requires language features that are not available in PHP5.2. To complicate matters further, PHP5.2 is no longer available in the package manager for the Linux distribution I run on my testbed server. Thus, even if I wanted to maintain PHP5.2 compatibility, I have no easy means to test for it.

Lastly, PHP5.2 is no longer maintained by the PHP authors (PHP5.3 has the same issue). Therefore, Breadcrumb NavXT 5.2 requires PHP5.3 or newer and it is very likely that Breadcrumb NavXT 5.3 will require PHP5.4.

-John Havlik

[end of transmission, stay tuned]