WordPress Plugin Review
Plugin Name:User Locker v.1.1.7
Date of review: 20th November 2009
Author profile: Daniel Frużyński
WordPress plugin directory link: User Locker
User Locker WordPress plugin introduces maximum number of invalid login attempts for the user name. When this number is exceeded, plugin locks that user account. It can be unlocked by requesting new password (using Lost Password option) or asking help from the blog administrator only.
You can find the original description of this plugin at the authour’s blog plugin page
(primary site language is not English, but it is the English description). It this post I will tell you about my impressions after testing this plugin and going through its source code.
Wordpress 2.8.6 Security Release
WordPress 2.8.6 Security Release was published. Official page at wordpress.org
doesn’t say too much about it, just that:
2.8.6 fixes two security problems that can be exploited by registered, logged in users who have posting privileges. If you have untrusted authors on your blog, upgrading to 2.8.6 is recommended. The first problem is an XSS vulnerability in Press This. The second problem is an issue with sanitizing uploaded file names that can be exploited in certain Apache configurations.
Is it interesting for you what changes were made in terms of PHP source code? Let’s try to discover WordPress 2.8.6 Security Release details together.
Do you search comprehensive but free Integrated Development Environment tool for the PHP development? Take a look at the NetBeans project. I use it about two years and very satisfied how it works for me.
WordPress development team is near the time when the first beta 2.9 version will be available. There are a lot of new features appeared in this version. The full list of new features is available here http://codex.wordpress.org/Version_2.9
As the development 2.9-rare version is already available for testing let’s look together on the some features which the most noticeable for the every WordPress user. There are:
- Content (post, page, comment, media library item) trash status;
- Post thumbnail;
- Image Editor.
Platinum SEO versus All In One
Or why I switched my blog from All In One SEO to the Platinum SEO plugin
I used All In One SEO WordPress Plugin about a month. It worked good for me. Thanks to the author. But there is another side of the medal. What I don’t like from the very beginning it is the very aggressive and annoying donation requests and self-advertising this plugin shows on its Settings page. “I enjoy this plugin and have made a donation” checkbox uses some form of psychologic pressure on the plugin user to extort something from him. Is this plugin really free? I see that it is released under GPL (GNU General Public License) in the all_in_one_seo_pack.php file header. Do you agree that this is a freeware software? My doubts about it were very strong up to this moment. And finally when I had installed version 1.6.7 of All In One SEO I have no any doubts that this plugin is not really freeware.
thank you counter button
This is the visitor’s “Thank you” or “I like it” clicks counter. Every time a new visitor clicks the “Thank you” button one point is added to the total “thanks” counter for this post. Plugin uses AJAX to send data to the server and get it back. So no page reload is required. The plugin stores its counters in its own MySQL table. Only one “thanks” for the same IP-address can be permitted. Plugin can skip all further “Thank you” clicks from that IP-address once it is automatically registered. Total quant of thanks is displayed on the button just to the right from the click invitation text. Invitation text is ‘Thank You’ by default, but it can be changed at the plugin Settings page. Plugin has wide range of options to customize its behaviour and presentation. Live preview will help to select more suitable style.