WP 3.0.2

If you haven’t already, update your WordPress installation. It’s really easy. And 3.0.2 provides a “mandatory” security update.

The haiku:

Fixed on day zero
One-click update makes you safe
This used to be hard

One click updates! Reason No. 43,954 that WordPress is better than Joomla or Drupal. Jus’ sayin’.

Go mobile

The WPtouch plug-in will convert your WordPress site into a mobile-optimized app with no more hassle than installing a  plug-in. Brilliant! MobilePress, which says it does the same thing, doesn’t look bad either.

I’ve never used either of them, though, so I couldn’t say how well they work. With a little luck, that might soon change.

Hotmail security still sucks

Robert Graham of Errata Security takes a look at the recent “Web 2.0” report card compiled by Digital Society, and remarks:

Of the major webmail providers in the U.S., only Gmail is secure against sidejacking attacks. Yahoo Mail and HotMail are insecure, and can be compromised quickly. There are still a lot of HotMail users out there — they are fools.

I talked to the people at Microsoft responsible for fixing this problem ALMOST THREE YEARS AGO. Yet, they’ve done nothing about fixing this huge hole. I just tried it out today — while FireSheep looks a bit funky (it doesn’t correctly show the user name), it easily hacks into HotMail accounts.

Among the best on the card? WordPress!

WordPress 3.0: Thelonious

WordPress 3.0 is out.

Short version: It rocks!

For users, WP 3.0 offers a new default theme, Twenty Ten, that allows for customizable  headers and backgrounds and support for drop-down menus out of the box.

For developers, WP 3.0 provides three ginormous new features that make WP 3.0 significantly more powerful than earlier versions.

  • custom page and post types
  • custom taxonomies
  • multiuser support

WP was already a pretty robust content management system, but one of the things it lacked was support for custom content types. Users were limited to only pages or posts. While you could often fake it using excerpts and/or custom fields, solutions were often unwieldy, and managing them were troublesome for both users and developers.

WP 3.0 changes that. Now, in addition to posts and pages, you can create you own content types — movies, for example — with their own associated fields, such as actors and ratings.

Six Revisions has a run-down of what’s new. Mashable has the highlights.

WordPress 3.0 to include WordPress MU (multiuser)

The rumors of a merge between WordPress and WordPress Multiuser began swirling around late May. In June, a lead developer at WordPress MU, Donncha O Caoimh, confirmed the consolidation. And the WordPress community celebrated.

But only briefly. After the announcement, questions of “when?” quickly followed, and for that Mr. O Caoimh had no ready answers.

On Christmas Day, WordPress announced the launch of WordPress 3.0, and with it, the inclusion of WordPress MU.

In a nutshell, the merge of the two WordPress versions means that from 3.0 on, every WordPress installation will be capable of hosting multiple blogs/sites.

Different company employees, for example, could have their own blog — robert.k4media.com, jet.k4media.com, etc — but instead of multiple installs, with multiple databases, admins, etc, everything is in one easy-to-manage code base. Something along these lines might also be useful for a single company with several brands.

Users can have limited permissions for security reasons — no theme or plugin uploads, for example — while the Admin still retains God rights. Or Users too can have Admin privileges.

The merger also means that many cool MU projects, such as BuddyPress, the WordPress MU “social networking” plugin, will soon be available for the masses.

At K4 Media, we recommend WordPress a lot. Not so much as a blogging software, but as a content management system.

  • WP is very user-friendly
  • WP is designed to be customized (k4media.com runs on WordPress)
  • WP’s automatic update process makes staying current easy
  • WP is easily extensible with 1000s of plugins
  • WP is open source

In recent years, WordPress has evolved into much more that just blogging software. It really is a terrific little CMS, which is why we use and recommend it so much. The move to incorporate MU will only make WordPress that much stronger.

Plug-in drama

I am just in the process of trying to install a few nifty plugins. Neither Search Everything nor Cforms wants to work. Bugger.

I’ve used Cforms many times in the past and it has always worked without flaw. Except when the permissions were not set correctly…

… the problem with Cforms hanging on “one moment please” took a bit of sleuthing, but it was extremely easy to fix. I had originally installed the plugin on my local development server. That process hard-coded in js/cforms.js the local install path, for some strange reason. The original block of javascript looks like this:

// ONLY in case AJAX DOESN’T work you may want to double-check this path:
// If you do change this setting: CLEAR your BROWSER CACHE & RESTART you BROWSER!
var sajax_uri = ‘/wp-content/plugins/cforms/lib_ajax.php’;

The local install had changed that last line to “http://192.168.1.10:8888/wp-content/plugins/cforms/lib_ajax.php,” which of course would not work in the live environment.

So the contact form works now. Go ahead, say something!