Rob Miller wrote an excellent article on the use of wp_error in WordPress plugins… http://robm.me.uk/2006/06/11/wp_error/ I’d suggest suggest that every WordPress hacker/plugin author, that is not familiar with this realtively […]...
I posted this over on the WP-Hackers list, but maybe I can get some help from my own readers… (Thanks btw It’s nice to see that, after only three short […]...
WordPress 2.03 is a critical security release. It eliminates the HTTP Referrer check and replaces it with a nonce system. What is a referrer check? Well, it is an attempt […]...
Has anyone else noticed that you can publish posts and not yet have them appear on the website? If you choose “Edit Timestamp” and set the date to a time/date […]...
The 0.2 had some debugging left in it and a verification didn’t work. Thus version 0.3. It can be downloaded in the same place: http://www.thecodecave.com/downloads/plugins/wp-contract-form.zip Changes ————————– 0.3 REQUIRED RELEASE […]...
Updated to version 0.2 – Please download again. Well, I’ve written my second WordPress Plugin. Well – Not really. This was more of a hack… See Ryan Duff has a […]...
With all of the recent talk about WordPress security and Nonces, I’ve decided to create a plugin that enhances the security. It is meant to both provide an easy way […]...
In June of 2001, Peter Watkins defined the term Cross Site Request Forgery – pronounced Sea Surf. He keeps that discussion here: http://www.tux.org/~peterw/csrf.txt I’d posted a copy of this text […]...
We’ll see where it goes… http://trac.wordpress.org/ticket/2666 Ticket #2666 WordPress shouldn’t use URI instead of URL just because URI is geeky cool. ——————————————————————————– Priority: normal Reporter: SilverPaladin Severity: minor Assigned to: […]...
Well, if you’re visiting my site after my major blunder in the discussion about WP security, please feel free to leave a comment! (No Images Please! 🙂 ) Sigh, yes […]...