Adrian Toll
Forum Replies Created
-
@seinomedia Thanks for the notification, and the quick turnaround on the fix. In the future, please be a bit more forthcoming with an ETA – i.e. “under a week” rather than “very soon” – as it helps us plan our response. If I’d know it was going to be this quick I wouldn’t have spent the weekend thinking about whether we need to deactivate and / or replace the plugin. Given that I presume you’re doing this partly as a way to let people know about WPServeur, it would give people a better impression if that had been clearer.
@seinomedia Although I recognise the issues that come from maintaining open source software – quite a lot of effort and high expectations despite code being given away for free – it would be very helpful to have a proper understanding of how long this might take We don’t know how serious the vulnerability is – does this issue mean that people get hold of usernames as @semoliner suggests, or does it just give away the custom login URL etc. – and we have no realistic ETA other than “very soon”. In my mind, “very soon” is within a day or two, and it’s been longer than that, although of course with a weekend in between. Please give us more information so we can plan effectively.
I have received an email about this from our hosting partner too, listing sites that both are and aren’t Multisite instllations, but I don’t know if that’s just on the basis that “you’re using this plugin in WordPress and there’s a vulnerability”.
Although there are few details, given that the severity is low, it sounds like this might just be a way for people to know the custom login URL rather than people being able to log in without proper credentials. For reference, this is the link that they pointed to: https://patchstack.com/database/vulnerability/wps-hide-login/wordpress-wps-hide-login-plugin-1-9-11-secret-login-page-location-disclosure-on-multisites-vulnerability
Forum: Plugins
In reply to: [Disable Embeds] JS error due to ‘core/embed’ block refactoringAppreciate the fix @swissspidy!
Forum: Plugins
In reply to: [Disable Embeds] JS error due to ‘core/embed’ block refactoringI’m seeing this too, although the plugin says it’s tested up to 5.6.2. It would be great if the author could update to stop this happening as the omnipresent error message is pretty distracting during development and it looks like a pretty quick fix.
Forum: Plugins
In reply to: [Gutenberg] Gutenberg interface without content editorI’d like to know this too. The problem is defining custom post types that don’t need a content area, but do have custom fields. Currently the editing experience is disjointed because it flips between the Gutenberg interface for posts that have the content area and the classic interface for posts that don’t.
Forum: Plugins
In reply to: [Rename wp-login.php] Don't add notices for W3 Total Cache and WP Super CacheGotcha. Thanks!
Forum: Hacks
In reply to: apply_filters the_content not triggering oembed even in the loopThanks bcworkz
“I suspect you’ve done that.” Never assume anything!
The plugin wysiwyg custom fields were storing exactly what TinyMCE was giving them, which includes automatically added
<p>and</p>tags. So the content lines in the database start<p>http://www.youtube.com...which doesn’t match the regexp.To get it working I’m now stripping the
<p>and</p>tags from the returned content withstr_replace(array('<p>','</p>'), $tabContent)andapply_filters('the_content',$tabContent)is adding them back in. I’m also going to suggest an update to the plugin so that it stores a value with the<p>and</p>tags stripped, and applies the_content to the output.Thanks again!
Forum: Plugins
In reply to: [Media Library Assistant] Default "Link To" as NoneThank you for the extensive and thoughtful reply. I used
update_option('image_default_link_type','none');to update the setting, which seems to have set the default correctly now. I’m not sure why it wasn’t earlier (although with the nature of these thing perhaps it was and I wasn’t looking in the right place!) You’re right that logging out and back in again made the change stick.
If you added those settings in MLA I’d definitely use them – I always have to tell clients individually to change the Link To dropdown to None unless they have a specific reason for making their images available, and being able to set that by default would be great. Having the align and default size would probably be handy too, although those aren’t as key for me.
Forum: Hacks
In reply to: apply_filters the_content not triggering oembed even in the loopThought I may as well post the whole lot in case it’s useful: http://pastebin.com/finF7jWM
Forum: Hacks
In reply to: apply_filters the_content not triggering oembed even in the loopThere’s an answer on WordPress Answers here which says:
So I’ve never really found out why oembed urls added via apply_filters(‘the_content’, $output), are not processed while embed shortcodes are. Im still hopeful someone might shed some light on that.
From that it sounds like it’s a replicable issue, but I’d expect to see more blog posts about it if it was a common issue. Happy to post the full template code if you think it’d help.
Adrian
Forum: Hacks
In reply to: apply_filters the_content not triggering oembed even in the loopHi bcworkz
Thanks for the reply. My page does have a loop – it’s just a bit further up the page, and I didn’t want to post the whole code, but I should probably have added that for clarity 🙂
The first line in the template is…
<?php get_header(); while ( have_posts() ): the_post(); ?>… and as the_content() (and everything else in the template) is working as expected I presume the relevant post ID is available at the point I’m calling apply_filters.
When I mentioned shortcodes, I mean that things like a Gravity Forms [form] shortcode is being parsed correctly, and the form HTML is being written out in place of that shortcode. However, a single YouTube URL like …
http://www.youtube.com/watch?v=OKY6BGcx37k… on its own line isn’t being turned into the iframe embed code, so the oembed isn’t being triggered, as I would expect from
apply_filters('the_content',$tabContent)Any other thoughts?
Thanks
Adrian
Forum: Plugins
In reply to: [WP-UserOnline] PHP Warning: array_merge(): Argument #2 is not an arrayYep, those are both working perfectly now. Thanks!
Forum: Plugins
In reply to: [WP-UserOnline] PHP Warning: array_merge(): Argument #2 is not an arrayTrying to active this alone is giving me an error: Warning: include(/snip-wordpress-directory/wp-content/plugins/wp-pagenavi/scb/load.php): failed to open stream: No such file or directory in /snip-wordpress-directory/wp-content/plugins/wp-pagenavi/wp-pagenavi.php on line 12
Also, when WP User Online isn’t the published version I now can’t activate that either: Fatal error: Call to undefined function scb_init() in /snip-wordpress-directory/wp-content/plugins/wp-useronline/wp-useronline.php on line 93
Perhaps the original WP Page Navi was loading the scb library and WP User Online was using that? I think there’s some kind of unintended conflict / dependency going on there.
Forum: Plugins
In reply to: [WP-UserOnline] PHP Warning: array_merge(): Argument #2 is not an arrayOne quick further question – I’m also getting the same error from WP-PageNavi. I presume that will disappear when you upgrade scribu’s framework in that plugin too?