How to change WordPress User Role capabilities

November 22nd, 2009

User Roles

User Roles


Every WordPress blog owner knows that WordPress 2.8 and higher user standard roles are: Administrator, Editor, Author, Contributor, Subscriber.
What is the difference? What the “Author” can do but “Contributor” can not? Comprehensive information about it can be found here, at WordPress.org
But where all that data are stored? How to change the role if you really need it? Interested? Read this article and you will get some answers on that questions. Recently I met with the following problem at the multi-authored blog. User with role “Author” can upload images to the blog server, but can not use it in his/her posts. Any HTML tags are immediately removed from post text after “Author” saves his draft or post.
Read the rest of this entry

User Locker 1.1.7 WordPress Plugin Review

November 21st, 2009

WordPress Plugin Review

WordPress Plugin Review

Plugin Name:User Locker v.1.1.7
Date of review: 20th November 2009
Rating: 4.5
Author profile: Daniel Frużyński
WordPress plugin directory link: User Locker

User Locker WordPress plugin introduces maximum number of invalid login attempts for the user name. When this number is exceeded, plugin locks that user account. It can be unlocked by requesting new password (using Lost Password option) or asking help from the blog administrator only.


You can find the original description of this plugin at the authour’s blog plugin page (primary site language is not English, but it is the English description). It this post I will tell you about my impressions after testing this plugin and going through its source code.

Read the rest of this entry

WordPress 2.8.6 Security Release Details

November 14th, 2009

Wordpress 2.8.6 Security Release

Wordpress 2.8.6 Security Release

WordPress 2.8.6 Security Release was published. Official page at wordpress.org doesn’t say too much about it, just that:
2.8.6 fixes two security problems that can be exploited by registered, logged in users who have posting privileges. If you have untrusted authors on your blog, upgrading to 2.8.6 is recommended. The first problem is an XSS vulnerability in Press This. The second problem is an issue with sanitizing uploaded file names that can be exploited in certain Apache configurations.
Is it interesting for you what changes were made in terms of PHP source code? Let’s try to discover WordPress 2.8.6 Security Release details together.
Read the rest of this entry

Limit Login Attempts 1.4.1 WordPress Plugin Review

November 10th, 2009

WordPress Plugin Review

WordPress Plugin Review

Plugin Name: Limit Login Attempts v.1.4.1
Date of review: 10th November 2009
Rating: 4.8
Author profile: Johan Eenfeldt
WordPress plugin directory link: Limit Login Attempts

“Limit Login Attempts” WordPress plugin limits the number of wrong login attempts possible through normal login dialog as well as (for WordPress 2.7+) for cookies authentication mechanism.

Read the rest of this entry

NetBeans IDE for PHP development

October 25th, 2009
NetBeans IDE

NetBeans IDE

Do you search comprehensive but free Integrated Development Environment tool for the PHP development? Take a look at the NetBeans project. I use it about two years and very satisfied how it works for me.

With NetBeans you have a dedicated PHP coding environment and complete integration with web standards. NetBeans offers a version of the IDE tailor-made for developing PHP sites. The NetBeans PHP editor is dynamically integrated with NetBeans HTML, JavaScript and CSS editing features such as syntax highlighting and the JavaScript debugger.

Read the rest of this entry

WordPress 2.9 new features

October 17th, 2009

WordPress 2.9

WordPress 2.9


WordPress development team is near the time when the first beta 2.9 version will be available. There are a lot of new features appeared in this version. The full list of new features is available here http://codex.wordpress.org/Version_2.9
As the development 2.9-rare version is already available for testing let’s look together on the some features which the most noticeable for the every WordPress user. There are:
– Content (post, page, comment, media library item) trash status;
– Post thumbnail;
– Image Editor.
Read the rest of this entry

Platinum SEO WordPress Plugin versus All In One

October 11th, 2009
Platinum SEO versus All In One

Platinum SEO versus All In One

Or why I switched my blog from All In One SEO to the Platinum SEO plugin

I used All In One SEO WordPress Plugin about a month. It worked good for me. Thanks to the author. But there is another side of the medal. What I don’t like from the very beginning it is the very aggressive and annoying donation requests and self-advertising this plugin shows on its Settings page. “I enjoy this plugin and have made a donation” checkbox uses some form of psychologic pressure on the plugin user to extort something from him. Is this plugin really free? I see that it is released under GPL (GNU General Public License) in the all_in_one_seo_pack.php file header. Do you agree that this is a freeware software? My doubts about it were very strong up to this moment. And finally when I had installed version 1.6.7 of All In One SEO I have no any doubts that this plugin is not really freeware.

Read the rest of this entry