If you use my SyntaxHighlighter Evolved WordPress plugin, please update ASAP. There’s a security issue with the Flash file that is used by version 2 of the highlighting library. This file is meant to be used for allowing one-click copying of the code to your clipboard (since normal copy/paste doesn’t work with it) but the file reportedly suffers from a cross-site scripting security issue.
Even if you use the better version 3 of the library (the default for my plugin), the file from version 2 of the library will still be included in the plugin’s files.
As a temporary fix, I have emptied out the file. This unfortunately means your visitors will not easily be able to copy any code you paste. I recommend switching to the superior version 3 via my plugin’s settings page. Code highlighted using the newer version can be selected and copied normally.
Feel free to leave any questions you have about this security issue on this post but please leave other general SyntaxHighlighter comments on the plugin’s homepage. Thanks.
My most popular WordPress plugin, Viper’s Video Quicktags, has passed the 1 million download mark!
I really should give it more love and attention…
With the release of Jetpack 1.5, Jetpack now supports the awesome carousel feature that you may have seen running on WordPress.com. It’s superior to my jQuery Lightbox For Native Galleries plugin in my opinion so I am opting to discontinue development on my plugin.
My plugin should continue to work for the indefinite future but I will no longer be maintaining it.
JW FLV Player has been removed from the latest version of my Viper’s Video Quicktags plugin. The player is not compatible with the GPL license and as a result cannot be included in plugins that are hosted in the WordPress.org plugin repository. I shouldn’t have added the player to my plugin in the first place but it was the only decent player at the time oh so many years ago. Today I have rectified that mistake by removing it from my plugin’s download.
However do not fear — I have not actually removed the functionality, I just no longer bundle it with my plugin. If you wish to continue to use the player to embed
.mp4 files after upgrading to version 6.4.0 of my plugin, you will need to download this ZIP file and extract it to your
wp-content folder, resulting in
/wp-content/jw-flv-player/player.swf. I’m hosting the ZIP file since my plugin uses an old version of the player that is no longer available for download from the official site.
This is a temporary band-aid fix. The eventual plan is to switch to the GPL-licensed Flowplayer but that won’t happen until I complete the latest recode of my plugin which introduces many much-needed features. Whether I’ll actually ever finish version 7.0 of my plugin is another matter though.
If you have any questions or need any help, please post over on the Viper’s Video Quicktags page.
GitHub is an awesome code repository and code distribution website. It’s used by countless people and organizations to develop and release code.
I’ve wanted to made use of GitHub for a very long time now but the site is built around the Git revision control software. However I instead extensively use Subversion (SVN) in my daily life and have no desire or need to learn Git — everything I currently do requires that I use SVN. Not to mention that the Git experience on Windows is absolutely horrendous.
So I was incredibly pleased to learn that GitHub supports SVN! They added full support way back in October 2011 but I somehow missed the memo.
This is super good news because it means I can now start to distribute my code and projects via my my GitHub page. Nothing is there quite yet but I hope to package up and commit some code to there soon.
I’m having trouble coming up with a good name for my latest WordPress plugin so I thought I’d crowd source it.
My other WordPress-powered site, FinalGear.com, receives very large traffic spikes. I used to just run WP Super Cache to prevent the site from going down but Apache would still actually die under the load even though it was just serving static content. Since the site has no comments or other often changing content, the easiest solution at the time was just to throw a reverse proxy called Varnish in front it with a decent cache time (5-10 minutes per page). I’ve since switched from Apache to nginx which solves that issue but it’s still easiest to just leave Varnish there.
Varnish is set up to ignore cookies on the front end of the site. That means I get served the exact same version of the site that you (a guest) sees — no admin bar, no post edit links, and so forth. Getting to the admin area is easy thanks to an absolutely positioned hidden link in the bottom left of the site (hover over it, you’ll find it) so lack of an admin bar is no problem for me.
When I created the navigation menu at the top of my site using the menu feature in WordPress (Appearance → Menus), I didn’t want to have to maintain anything but the top-level menu items. When I released a new plugin and created a page for it, I didn’t want to have to go into my menu UI and add it there too. So instead I wrote this plugin.
Add Descendants As Submenu Items adds a checkbox to each menu item that is of a hierarchical post type (i.e. pages). Checking this box will automatically display all descendants as submenu items on the front end of your site. You can see it in action at the top of my site — I only configured the top level menu items and everything that shows up when you hover over them has been added by my plugin rather than manually by me.
An example menu and the checkbox this plugin adds
These submenu items have been added by the plugin
For more details and to download the plugin, check out the plugin’s homepage.
Just a little something I’ve been working on.
(The checkbox and the text next to it is what my plugin is adding.)
Not everyone was happy with the new highlighting package featured in SyntaxHighlighter v3.0.0 and using old versions of plugins is a bad idea (you miss out on features, bug fixes, etc.) so I’ve added the ability to toggle between v2 and v3 of Alex G’s SyntaxHighlighting package. I’ve also fixed a few bugs that were discovered post-release (such as HTML entities being broken in the Visual editor).
Everyone, including those who downgraded to v2.x of my plugin, should upgrade to v3.1.0 of my plugin.
One thing to note by the way: I would stay far, far away from TinyMCE (the Visual editor/tab) when blogging about code. It has the nasty little habit of attempting to “clean up” your code (namely HTML) for you and in the process with mess up your code. If you’re writing code, what are you doing using a WYSIWYG editor anyway?