What’s wrong!

WordPress1.5.1版本问题可真不少,前段时间是trackbacks的问题,更新到1.5.1.1。现在有出现了安全问题(安全最重要!)!看看是怎么回事!

It has come to our attention that under certain circumstances there is a security vulnerability in WordPress that may be triggered if you’re running the default template. We were able to respond very quickly (under 40 minutes) and update the download to 1.5.1.2. You can upgrade by overwriting your old 1.5 files or if you would like to apply the fix manually it is relatively simple:

1、Open the wp-includes/template-functions-category.php file in a text editor like Wordpad.
2、Go to around line 103 where it says get_the_category_by_ID.
3、Create a new line after that and paste in $cat_ID = (int) $cat_ID;

One note, even if the vulnerability was present in your blog, you would still be safe if your host ran mod_security on their servers. It is an Apache module which can provide very high-level protection against everything like the vulnerability above to comment spam. We will be updating the hosting page shortly to reflect which hosts there support mod_security or not.

当你使用的theme是默认theme的时候,将会引发这个安全漏洞(其他模板不会??为了更安全还是补上的好!),但如果你的服务器运行于mod_security下,这个问题也就不是问题了!(我在使用的服务器没有这个哦~查看方法:下载一个PHP探针,打开后,看“服务器解译引擎”或phpinfo中的”SERVER_SOFTWARE”)

补丁方法:
1、去wordpress下载1.5.1.2版本,覆盖原文件即可;
2、如果你想自己动手,很简单。打开wp-includes/template-functions-category.php(可以在后台的Manage→Files中打开,方便!),查找到get_the_category_by_ID(在103行,是个函数名),在这行的下面加上$cat_ID = (int) $cat_ID;
既是把
function get_the_category_by_ID($cat_ID) {
$category = &get_category($cat_ID);
return $category->cat_name;
}
改为
function get_the_category_by_ID($cat_ID) {
$cat_ID = (int) $cat_ID; //添加这行
$category = &get_category($cat_ID);
return $category->cat_name;
}

2005/05/28 16:19

No Comments »

查看16,413次

Category: 冰古相关

Migrating from Drupal to WordPress-把Drupal转换为WordPress

WordPress没有从Drupal转换到Wordpress的程序,还是看看别人是怎么做的吧~学习学习
[提醒]切记,要先备份啊!!

I finally decided to move my greek blog from drupal to wordpress. Since there was no migration script, I wrote a couple of sql statements that moved all posts, comments and categories from my drupal tables to the (new) wordpress 1.5 tables.

Here is the proccess in short:

WARNING This may delete your DATA Make sure you backup EVERYTHING before starting the procedure

1. setup a fresh wordpress installation.
2. make sure term_data term_hierarchy node term_node comments (drupal tables) are in the same DB you use from WP.
3. Run the following SQL statements:

delete from weblog_wp_categories ;
delete from weblog_wp_posts;
delete from weblog_wp_post2cat ;
delete from weblog_wp_comments ;

insert into weblog_wp_categories(cat_ID,cat_name, category_nicename, category_description, category_parent) select term_data.tid, name, name, description, parent from term_data, term_hierarchy where term_data.tid=term_hierarchy.tid ;

INSERT INTO weblog_wp_posts(
ID, post_date, post_content, post_title, post_excerpt, post_name, post_modified
)

SELECT nid, FROM_UNIXTIME(created), body, title, teaser, concat(‘OLD’,nid), FROM_UNIXTIME(changed) FROM node WHERE type=’blog’ OR type=’page’ ;

INSERT INTO weblog_wp_post2cat (post_id,category_id) SELECT nid,tid FROM term_node ;

INSERT INTO weblog_wp_comments (
comment_post_ID, comment_date, comment_content, comment_parent
)

SELECT nid, FROM_UNIXTIME(timestamp), concat(‘‘,subject, ‘
‘, comment), thread FROM comments ;

You should now have all your posts and comments and categories in WP. Go to the admin interface and make sure everything is in place…

Notes: This is not the perfect way to migrate. Comments are not nested in the right way. A lot of things may not work. On the other hand if, like me, made a really simple use of Drupal, this should move most of your data to WP…

From:http://vrypan.net/log/archives/2005/03/10/migrating-from-drupal-to-wordpress/

2005/05/26 22:14

No Comments »

查看16,804次

Category: wordpress

汗,发现自己的blog上不能留言了!

原因还不清楚,难道跟我上次用的那个插件有关??
到现在还是没搞定,烦~~
[PS]谢谢 jay在留言簿上的提醒!!之前的很多留言都没能及时回复,在这里跟大伙说声对不起了~
[ungrade]把wordpress升级到了1.5.1.1,好像现在可以了!

2005/05/22 23:28

2 Comments »

查看23,280次

Category: 冰古相关

解剖wordpress theme-part4

汗一下,以为part3是最后一部分了。
谁知道,现在Part4也出来了~继续学习!!
Part3Part2Part1

2005/05/21 11:35

1 Comment »

查看18,837次

Category: wordpress

Adsense for Feeds

在RSS上放Adsense(Beta)好像出了.申请地址

Google AdSense for Feeds
AdSense for feeds is a program that enables publishers to place relevant ads in the feeds they syndicate. Google technology understands the nuances of language, and places ads that are closely matched (or “targeted”) to the content next to which they appear. Learn more

If you are a current AdSense publisher and your feed has more than 100 active subscribers, you may qualify for participation in AdSense for feeds (BETA). If you’d like to participate, simply fill out the application below.

If you do not have an AdSense account, click here to apply.

[PS]your feed has more than 100 active subscribers!这好像有点多了吧!看来申请是不能通过了~:sad:

2005/05/21 11:10

No Comments »

查看15,831次

Category: Uncategorized

打领带的方法(ZZ)

不用说转载那里的了,图上有水印了!

2005/05/20 13:41

4 Comments »

查看27,917次

Category: Uncategorized

wordpress再次更新-1.5.1.1Released

补上了上次post的那两个bug~
看看zed1是怎么说的:

Update: In our effort to optimize we made two mistakes in 1.5.1, one related to feeds and one related to trackbacks and pingbacks. We’ve updated the download with 1.5.1.1 which corrects these bugs and a few others.

下载更新

2005/05/20 12:11

3 Comments »

查看36,095次

Category: wordpress

修补wordpress1.5.1

发现1.5.1也是有bug的,赶紧补上~~
-、 trackbacks 可以收不能送, pingbacks 收送都不行
修补是打上这两个pacth:changeset 2609changeset 2606
“精神奕奕”已经把打上pacth的文件打包了,大家可以去下载,然后覆盖原文件就可以了(我也是用这些来补,自己太懒了,懒得自己去修改文件:oops:)

二、RSS 有 bug — 一段時間沒有新文章, RSS就吐不出資料.这里有修改的方法→HERE
[PS]自己太懒了,走开一会~~
[EDIT]新版本更新了这两个bug,请尽量升级到wordpress1.5.1.1版

2005/05/18 20:37

4 Comments »

查看27,549次

Category: wordpress