Add a comment 五月 20th, 2008 by presser
绝望了,数据再次丢失。不过现在我有了前车之鉴,数据都有备份,实在是不幸中的大幸。今天赶紧把数据都迁移到了dreamhost,迁移很顺畅,因为之前都是直接使用widget,所以即便是模板丢失了,对我也没有太大的影响,widget只要拖来拖去就可以搞定了,实在是很爽。
如今只花了10分钟时间,就已经把网站全部恢复,自己都觉得很惊讶。
Add a comment 四月 8th, 2008 by presser
wordpress代码分析 ---- wp_safe_redirect。wordpress提供了一个跳转方法wp_safe_redirect,避免登录url被修改,登录成功后跳转到有害的第三方站点。如下:
PHP:
-
/**
-
* wp_safe_redirect() - Performs a safe (local) redirect, using wp_redirect()
-
*
-
* Checks whether the $location is using an allowed host, if it has an absolute
-
* path. A plugin can therefore set or remove allowed host(s) to or from the list.
-
*
-
* If the host is not allowed, then the redirect is to wp-admin on the siteurl
-
* instead. This prevents malicious redirects which redirect to another host, but
-
* only used in a few places.
-
*
-
* @since 2.3
-
* @uses apply_filters() Calls 'allowed_redirect_hosts' on an array containing
-
* WordPress host string and $location host string.
-
*
-
* @return void Does not return anything
-
**/
-
function wp_safe_redirect($location, $status = 302) {
-
-
// Need to look at the URL the way it will end up in wp_redirect()
-
$location = wp_sanitize_redirect($location);
-
-
// browsers will assume 'http' is your protocol, and will obey a redirect to a URL starting with '//'
-
if ( substr($location, 0, 2) == '//' )
-
$location = 'http:' . $location;
-
-
$lp = parse_url($location);
-
$wpp = parse_url(get_option('home'));
-
-
$allowed_hosts = (array) apply_filters('allowed_redirect_hosts', array($wpp['host']), isset($lp['host']) ? $lp['host'] : '');
-
-
if ( isset($lp['host']) && ( !in_array($lp['host'], $allowed_hosts) && $lp['host'] != strtolower($wpp['host'])) )
-
$location = get_option('siteurl') . '/wp-admin/';
-
-
wp_redirect($location, $status);
-
}
如果需要跳转到可信的第三方站点,可以修改filter hook ---- allowed_redirect_hosts,把可信任的第三方站点加入列表,这样也就达到了扩展wordpress的目的。
Add a comment 三月 17th, 2008 by presser
自从上一次服务器丢失数据以来,我对wordpress的备份就多留了一个心眼。时时刻刻都记着安全生产,定期备份,这是每一个wordpresser都可以轻松做到的。
简单的做法:
Add a comment 三月 16th, 2008 by presser
wordpress plugin inline-js 0.4发布。这个插件可以在文章中直接插入javascript。
Inline-js plugin minor update. It now work fine with exec-php plugin.
Plugin Name: Inline Javascript Plugin
Plugin URI: http://www.ooso.net/index.php/inline-js/
Feed URI: http://www.ooso.net/index.php/feed/
Description: Plugin that insert inline javascript in Posts/Pages
Version: 0.4
Author: Volcano
Author URI: http://www.ooso.net
Usage
- Unzip
- Copy inline-js.php to direcotry wp-contents/plugin and activate the plugin.
- Setup
- Disable tag balancing ‘WordPress should correct invalidly nested XHTML automatically’ through the ‘Options / Write’ menu in WordPress
- Disable the WYSIWYG rich editor in the user’s settings through the ‘Users / Your Profile’ menu
- Assign the ‘unfiltered_html’ capability to the user. Assigning capabilities to roles or users is out of the scope of this plugin. Because WordPress has no built-in configuration menu in the admin menu to assign roles/capabilities, you need to install the role/capability manager plugins role-manager.
- Use [inline] and [/inline] tag around the javascript,and post it
- Ok
inline-js 0.4下载
Add a comment 三月 15th, 2008 by presser
本站目前正在用的主题,叫做hello :D。用了好一段时间,却一直不知道是出自哪里,现下终于找到了出处:WordPress Theme: Hello
这是07年秋季设计的风格,做成了 Textpattern 的模板,十一月初正式使用。今年的模板做得比较少,去年年底的总结提醒自己宁缺勿滥,这也算是对自己的改正吧。这款设计主以灰黑色和绿色为主色调,当然蓝色也是必不可少的,绿草有蓝天的衬托才更接近理想化的自然。

Add a comment 三月 14th, 2008 by presser
wordpress 2.5因为一些原因延期发布了,但是忍不住尝鲜的我,还是采用svn更新了一些wordpress 2.5的代码,然后在本站上成功update到最新版本。
升级过程很顺利,和之前2.3系列小版本的升级没有区别。可以看到2.5的后台有很大的改动,几乎认不出原来的样子。除了外观以外,后台还摒弃了一些基于prototype.js,大量使用jquery。jquery的文件比prototype.js要小多啦,这对页面展现速度有很大的帮助:)
另外缺省主题也已经更新并支持tag,不枉我费了一番功夫升级到这个版本。