WordPress Planet

October 06, 2015

WPTavern: You Can Now Search for and Install Plugins From Within Jetpack Manage

At the end of 2014, Jetpack 3.3 introduced a centralized dashboard that enables users to manage Jetpack powered sites. At the time, you could only do the following:

  • Plugin management: Turn plugins on or off with one click — per site or in bulk.
  • Initiate plugin updates: Update plugins for a single site or all sites in bulk.
  • Automatic updates: Turn on auto-updates for any plugin on a per-site basis or in bulk.

Now you can browse and install plugins from the WordPress plugin directory on sites you own that use Jetpack with the Manage module activated. Visit https://wordpress.com/plugins/browse and choose the site you want to manage. Look for the Configure area on the sidebar and click the Add button to open the plugin browser.

Plugin Browser in WordPress 4.3 Jetpack Plugin Browser

When the plugin directory launched a redesign earlier this year, a common complaint from readers is that the ability to see new plugins added to the directory was removed. Unlike the plugin browser in WordPress, the browser on WordPress.com displays new plugins.

Both browsers display similar information in the detailed view with the exception that the WordPress.com browser doesn’t show a list of contributors. Enej Bajgorić, a member of the Jetpack development team, explains how to quickly install a plugin to a Jetpack site when browsing the WordPress plugin directory:

If you find yourself browsing the WordPress.org plugin repository and want to install the plugin on your Jetpack site, you can just replace the .org in the URL with .com and be taken to the new Plugin Browser where you can install the plugin with a single click. You will need to be logged into your WordPress.com account for this to work.

A plugin browser to search for and install plugins is another feature that makes Jetpack Manage a free, decent alternative to commercial services for managing multiple sites. If you manage multiple sites with Jetpack Manage, let us know what you think and what key features you’d like to see added.

by Jeff Chandler at October 06, 2015 06:29 PM under Plugins

October 05, 2015

Matt: Interview in French

Si vous parlez français, vous pourriez profiter de cette interview avec moi sur Journal Du Net.

by Matt at October 05, 2015 11:07 PM under Asides

WPTavern: Tom Nowell on How Automattic Keeps Workers Healthy and Happy

Tom NowellThis post was contributed by Tom J Nowell. Tom is a VIP Wrangler at WordPress.com VIP, lead of the WP The Right Way project, blogger, and community moderator at WordPress Stack Exchange. Tom will be speaking at WordCamp New York later this month on escaping and security.

This is a story about my job as a VIP Wrangler, what Automattic does to keep Automatticians happy, and my battles with anxiety, depression, and fear.

Joining the VIP Team

Almost a year ago, I worked for Code For The People, a six person development agency that was in acquisition talks with Automattic. I remember at the beginning of the week, we thought an acquisition could happen before Christmas and by the following Friday, we were signing new employment contracts, and booking tickets to Lisbon for the VIP team meet up!

I remember being the first to arrive, surrounded by people from the VIP team I’ve never met in person. We went out for dinner, learned how to do deploys, visited aquariums, gardens, and then went home.

The Happiness Rotation

After the meet up, I spent two months finishing contracts and started my Happiness Rotation. A happiness rotation is three weeks of working on the WordPress.com support team to get in touch with the problems end users are facing. Every Automattician has to go through a happiness rotation as part of their trial.

Working the happiness rotation was hard. When I say this, I don’t mean it was an insurmountable task. I had a full-time Happiness Engineer available 24/7 to ask any question I wanted, a week of walkthroughs, supervised working, mountains of documentation, pre-written examples, and slack channels with friendly supportive people. I knew what to do, how to do it, and I’ve done it before.

VIP Training

Despite this, I struggled, and VIP training began. Work at VIP fits into several sub roles that developers cycle through and training consists of a week in each role mentored by an experienced VIP Wrangler. Afterwards, we continue the cycle as full VIP Wranglers. Throughout the entire process, I had a general mentor for any and all things Automattic, be it mystery acronyms, or how to book a holiday.

At this point, I realized my job had grown in scope and felt insurmountable. I didn’t know what was going on and there was still much to learn. Combined with a torrent of new notifications, p2s, and emails, I felt lost. GitHub scaled from two to three emails per day to hundreds, P2 posts filled my other inbox, people asked difficult questions, and the sheer amount of activity at Automattic was overwhelming.

Dealing With Adversity

In the last few years, I viewed Automattic as my career end goal and suddenly I was there, years ahead of schedule. Not just that, I was struggling. I couldn’t grasp what was going on and I felt paralyzed in the face of work. I grappled with the thought that I was bad at my job, didn’t belong there, and that I wouldn’t last the next six months. I had this feeling that at any time, they were going to pull me into a call and say it isn’t working out.

A number of questions ran through my head. What would people think if they saw I left after the acquisition? Everyone’s treating it as a promotion and congratulating me. Maybe I’m not ready? I was handed a theme to review and struggling to read basic lines of code, mulling it over in my mind, why can’t I do this?

Sometimes I had the wrong window open and was reviewing my code but was so preoccupied, I didn’t realize it. Today, it takes me four days to review 6,000 lines of code in a theme but at the time, it took me two weeks to move through 1,000 lines.

The Catch Up Calls

It’s at this point that I was introduced to the bi-weekly catch up call. The team leads would chat with each person individually every two weeks to find out how they were, what they were doing, and what they’d like to do the following week. It was a chance to flag any problems and plan ahead.

I experienced nothing like this at CFTP or at any of my previous jobs and combined with the stalling work on the review, I panicked. My first catch up call was awkward and didn’t last long. My second catch up call didn’t go so well. I was at WordCamp Norway preparing to give a talk on WP The Right Way. I sat in a quiet room and received a call on a Skype from my team lead.

I felt as though I was put on the spot having to justify what I’d been doing the last two weeks, and trying to figure out how to spin weeks of panicking in front of a computer into a tale of bountiful code reviewing, pleasant Norwegian winters, and a smile.

Recovering From the Breakdown

Instead, I closed my machine and burst into tears. A few minutes later I opened my machine, apologized, and tried to explain what had happened. I was told they didn’t care how much work I was doing as long as I was learning and happy. A colleague picked up the review I was working on and noted that I was  thorough with the parts I reviewed.

My team lead, Steph, checked up on me every two to three days for the next two weeks to make sure I was okay and tried to find what kind of work I took to best. I spent time on deploys, then moved on to a long rotation doing code review so that I could focus on particular tasks and build my confidence.

While this was happening, another colleague asked if I was okay as he thought I was down. He introduced me to an internal slack channel called Bluehackers where other Automatticians who struggled could share their experiences. Seeing other people talk candidly about their problems made me recognize a lot of things I hadn’t considered, the most important being that I wasn’t alone.

I’m Not Alone

I wasn’t the only one who struggled some days and failed to get anything done. I wasn’t the only one who panicked when faced with new or even familiar tasks. Everyone at VIP was friendly and supportive, not because they knew of my situation, but because they are nice people. One time, my technical lead sent me three family sized pies because we had a slack discussion on pudding.

Sometimes I don’t get anything done. Sometimes I struggle to do things I normally do effortlessly. Sometimes I turn off the video in calls because I’m still in bed. It’s 3PM and I can’t bring myself to get up, changed, and eat. There are so many projects I want to do. I have the knowledge, I have the resources, the support, the time, but they don’t get done, and it’s a struggle to explain why. Sometimes it’s things I know that need doing, like buying food or paying bills.

Confirmation Things are Working Out

A few months later I was in Seville at WordCamp Europe. Initially, I wasn’t going to go but decided I would regret it if I didn’t. I threw some clothes in a suitcase and purchased a flight. Large groups of people are scary, but I’ve found WordCamps tend to have familiar friendly faces mixed in. I can’t stress how big a boost it is to be able to see and make friends from event to event, yet still meet new people.

Before I left, I found myself with my former boss and now colleague. He asked how I was getting along at Automattic. He asked me this before, and I said, “It was rough at the start but I think I’m there now.” He told me that everyone else at the company thought good of me and that I was fitting in well. It might have been simple statement but it meant a lot to me.

A Bout of Impostor Syndrome

I had real moments when I went to sleep thinking I was going to lose my job, that I might not be cut out to be a developer, and that I didn’t deserve the things I had. But throughout the entire process, my team leads and my colleagues tried to support me. They placed my well-being first and they proactively asked if I was ok when they suspected something was wrong, and sought to put real solutions in place where they could.

They found other people with similar problems and tried to give me the ability to express what was happening, sharing their own problems coping, and what they were doing to keep on top of them. They gave praise and listened to good ideas, asked for help when they needed it, and they understood. Right now, I’m ok, but things have a habit of creeping up unnoticed, triggered by unexpected things.

I get anxious about food at WordCamps if I don’t know what’s being served, I’m uncomfortable in social situations, and at times I have problems gathering the energy to do day-to-day things, but I’m lucky. I have a good job, a nice family, a comfortable apartment, and interesting work. My problems are mild and I know others have it worse. Most people are going to pretend everything’s ok but everyone needs a little help.

Suggestions for Employers and Struggling Employees

Automattic has things in place to make sure Automatticians lead healthy mental lives. We have an unlimited holiday allowance, a small expense budget to make traveling easier (e.g. a pot of tea at an airport or a massage), team meet ups, sabbaticals, and many others. Matt Mullenweg doesn’t want Automatticians to struggle, we work hard and it takes its toll. Often, we forget that we have to take care of our emotional and mental needs and give ourselves time.

Consider creating your own internal Bluehackers group and give people avenues to express themselves when they need to. Make sure they’re happy, and that you care about their well-being more than their quality of work and output as reassurance goes a long way. Some companies have gone as far as setting minimum holiday allowances to force employees to spend time on themselves.

If you’re dealing with problems like these, talk about it. Talk to a GP/Doctor, a friend, family, whatever works for you. Talking is hard, but it’s necessary. If someone opens up to you, listen. Don’t try to offer solutions, don’t compare and contrast, don’t try to offer sympathy, don’t expect it to be sorted out in a month’s time. Simply listen as that person chose to tell you, so give them space and respect.

If you suspect someone is down, ask them if they’re ok and if you notice they bounce back, tell them, and tell them you’re glad! Highlight interesting things that happen, help them when they make a mistake, ask them when you make one yourself. But remember, sometimes all someone needs is a hug and a cup of tea to know that things are ok. Give them space, don’t ask for explanations, and let them know you’re there if you need them.

by Jeff Chandler at October 05, 2015 05:11 PM under vip

October 04, 2015

Post Status: How WordPress core development happens — Draft podcast

Welcome to the Post Status Draft podcast, which you can find on iTunes and via RSS for your favorite podcatcher. Brian and his guest co-host, Brad Williams discuss some of today’s hottest, current WordPress news.

This week Brian and Brad talk about how to get involved in WordPress core, what to expect when you do, how to navigate the waters of core development. They also discuss term meta, its use cases, how it works, and why it’s a great feature for WordPress 4.4.

Brad is guest hosting this week, as Joe is out. He’s the co-founder of WebDevStudios, a co-organizer for WordCamp US, and wrote Professional WordPress Design & Development  (my go-to book on WordPress development). You can follow Brad on Twitter @williamsba.


Direct Download


WordPress core development process:

Term meta:

by Katie Richards at October 04, 2015 12:55 AM under Everyone

October 03, 2015

WPTavern: WP101 Founded by Shawn Hesketh Turns 7 Years Old

Earlier this week, WordPress video training site WP101, founded by Shawn Hesketh, turned seven years old. Since launching in 2008, Hesketh’s videos have been viewed more than a million times by over 500k people. He’s also re-recorded the videos that make up the WP101 series 17 times. With seven years of experience under his belt, I asked Hesketh what he would have done differently in the beginning.

“From a technical standpoint, I wish I’d picked a solid membership plugin that would have enabled us to grow. We’re planning a costly migration in the coming months, and a better membership plugin might have saved us the considerable hassle and cost,” Hesketh told the Tavern.

Technical issues aside, Hesketh believes his business’ success is largely due to his focus on serving people, “It’s one thing to create an online course and hope people discover it. But it takes much more dedication to actually engage people on a daily basis, take the time to understand their goals, and then help them get clear on how to accomplish those goals,” he said.

Hesketh doesn’t have any regrets but wishes he launched the question and answer forum on the first day, “Its given me the opportunity to answer questions that may not be covered in our videos. That’s the real value that WP101 brings to the table, real people helping others,” he said.

WP101 launched around the same time as a lot of commercial theme shops such as iThemes, StudioPress, and WooThemes. Although WP101 doesn’t sell commercial themes or plugins, Hesketh has carved out a space in the WordPress ecosystem that enables him to make a living. If you use WP101 or have in the past, I’d love to hear what you think of his videos in the comments.

by Jeff Chandler at October 03, 2015 01:33 AM under wp101

October 02, 2015

WPTavern: The Top 100 Active WordPress Themes and Plugins on GoDaddy’s Hosting Network

It was a warm, sunny afternoon in Tempe, AZ as I walked with a group of GoDaddy employees on our way to lunch during Pressnomics 3 earlier this year. It’s the first time I met Mendel Kurland, Christopher Carfi, and Kurt Payne in person. During lunch, we discussed a number of topics from the efforts made to change the company’s image, to ideas that help the WordPress community.

I suggested to the team that GoDaddy create a billboard chart that shows the most popular themes and plugins used across its network. Not only would the information be beneficial to the company, it would also give the WordPress community valuable insight into what plugins and themes are used on a webhosting network with millions of customers.

Nine months after our discussion, GoDaddy turned the idea into reality with the Hot 100.

Top 100 Plugins and Themes of The WeekTop 100 Plugins and Themes of The Week

GoDaddy tracks which themes and plugins are activated across the millions of sites it hosts and puts the 100 most popular of each into a list. The list is generated each week and places the previous week of results into an archive allowing you to monitor trends.

Similar to the Billboard Hot 100, you can see the current rank of a plugin or theme, whether it’s moved up or down, and what its rank was the previous week. With an influential list like the Hot 100, it would be easy to accept paid listings. Carfi, confirms it’s not possible to purchase placement.

How the Lists Are Generated

The Hot 100 is determined by ranking the net change in the number of active installs of WordPress plugins and themes in aggregate across GoDaddy’s hosting network. It looks at plugins and themes that are active at the time of the analysis and does not include plugins or themes that are deactivated.

Instead of using the total number of active installs, the Hot 100 looks at the week-over-week change in active installs. This enables the list to determine which plugins and themes are hot or part of a rising trend. It also prevents bias towards plugins that already have a large install base such as Jetpack.

Interestingly, themes on the list that are non-GPL are specifically noted and link to the Hot 100 instead of their corresponding theme page. In a post published to the Advanced WordPress Facebook group, Jeff King, Senior Vice President of Hosting at GoDaddy explains why.

One great recommendation and valuable bit of feedback we received is that, since the community embraces GPL, we should reflect that ethos in the Hot 100 list. While some non-GPL themes or plugins may occasionally show up in the list due to the fact that some non-GPL items still exist in the ecosystem, we don’t necessarily need to link to them. As of next week, we’ll be removing links to non-GPL themes and plugins.

The Hot 100 Is a Valuable Resource

Although WordPress.org provides stats for plugin and theme authors, you can’t determine where they’re being used. The GoDaddy Hot 100 gives the public and developers of popular plugins and themes an opportunity to see how well they’re doing on one of the largest webhosts in the industry. While Jetpack and Akismet are the two most active plugins and seven default themes make up the top 10 themes, it’s the 25th-100th rankings that I find interesting.

For example, Hello Dolly which ships with WordPress and is activated by default after installation is ranked 27th this week. Last week, it ranked 38th meaning a lot of new installs of WordPress have taken place. This indicates that even though a lot of customers disable the plugin at some point after installation, it remains active on many sites hosted by GoDaddy.

One of the largest jumps I’ve seen so far is the Image Widget plugin by Modern Tribe. It was ranked 95th last week and 31st this week. It would be interesting to know why a lot of new WordPress installs are activating this plugin on GoDaddy hosted sites this week versus last week.

The Hot 100 is a valuable resource and I encourage you to see if your favorite plugins and themes made the list. Although it’s specific to GoDaddy, do you think the data is valuable? Would you like to see other large webhosting companies provide a glimpse into the most active WordPress themes and plugins used across their network?

by Jeff Chandler at October 02, 2015 06:51 PM under trends

WPTavern: Jetpack 3.7.2 Patches Two Security Vulnerabilities

Jetpack 3.7.2 is available for download and patches two security vulnerabilities. The first is a cross-site scripting vulnerability in the contact form due to improper input sanitation that affects Jetpack 3.7.0 and below. Marc-Alexandre Montpas of Sucuri is credited with responsibly disclosing the vulnerability.

The second is an information disclosure vulnerability present in certain hosting configurations responsibly disclosed by Jaime Delgado Horna of Listae. In addition to patching the vulnerabilities, 3.7.2 also fixes an error with the REST API that creates multiple drafts and published posts. Other notable fixes includes:

  • Updating the Google+ logo in our sharing buttons.
  • Adding custom capabilities for module management for multisite installs.
  • Fixing a bug that was sending the contact form response fields in the wrong order.

Montpas has additional information on the cross-site scripting vulnerability discovered in Jetpack on the Sucuri blog, including a timeline of events. Please update to Jetpack 3.7.2 as soon as possible to protect your sites.

by Jeff Chandler at October 02, 2015 04:12 PM under xss

October 01, 2015

WPTavern: WPWeekly Episode 208 – A Nod to the King

In this episode of WordPress Weekly, Marcus Couch and I discuss the death of Alex King who was a pillar of the WordPress project. King passed away a few days ago from colon cancer. We share stories of meeting and discussing WordPress topics with King and describe his many contributions to WordPress. King will be dearly missed by the WordPress community.

During the second half of the show, we discuss upcoming changes in WordPress 4.4, the lessons I learned moderating comments on WP Tavern, and WordCampus renaming to WPCampus.

Stories Discussed:

Alex King, Founder of Crowd Favorite Passes Away
Alex King’s Final Request
WP Super Cache 1.4.5 Patches XSS Vulnerability
Lessons I Learned Moderating Comments in WordPress
WordCampus Renames Event to WPCampus
WordPress 4.4 to Possibly Rearrange Fields to the Comment Form
WordPress 4.4 Removes the View Post and Get Shortlink Buttons From the Post Editor

Plugins Picked By Marcus:

Contact Form 7 Customizer allows you to alter items like spacing and button size of the contact form using the customizer.

View Admin As lets you simulate what a site looks like from a user with a specific role or capability.

Grayscale Images converts images to gray-scale and displays the colored image hovered over.

WPWeekly Meta:

Next Episode: Wednesday, October 7th 9:30 P.M. Eastern

Subscribe To WPWeekly Via Itunes: Click here to subscribe

Subscribe To WPWeekly Via RSS: Click here to subscribe

Subscribe To WPWeekly Via Stitcher Radio: Click here to subscribe

Listen To Episode #208:

by Jeff Chandler at October 01, 2015 09:25 AM under wpcampus

WPTavern: 6 WordPress Plugins That Take Native Comments to the Next Level

Last week, I shared the lessons I learned and the drawbacks to moderating comments in WordPress. In this post, I highlight six plugins that solve a problem I encountered or enhance comments for both readers and site administrators. All of the plugins are free of charge and available from the WordPress plugin directory.

Problem Solvers

Crowd Control

Crowd Control Plugin BannerI discovered that not all comments need to be moderated. Crowd Control, by Postmatic, gives readers the ability to report comments they feel don’t adhere to a site’s commenting policy.

When enabled, a new option is displayed on the General – Discussion settings page. You can configure how many reports a comment needs before it’s sent to the moderation queue and whether administrators should be notified when it happens.

Crowd Control SettingsCrowd Control Settings

If an administrator approves a comment that’s in moderation due to hitting the threshold, it won’t end up back in the moderation queue. This gives administrators the last word on whether a comment is acceptable or not.

Crowd Control in ActionCrowd Control in Action

If you think a comment needs an administrator’s attention or does not adhere to the WP Tavern commenting policy, hover over the comment and click the report button. A new column is added to edit-comments.php that displays how many reports a comment has. It’s important to note that detailed information of who reported the comment is not saved to the database.

Reported Comments ColumnReported Comments Column

The system is open for abuse but I trust that the Tavern readership will use it responsibly.

Show Parent Comment

Comments that are pending moderation in the WordPress backend that are in response to another comment are hard to moderate. Show Parent Comment, developed by Stephen Cronin, adds a Show More dropdown to the edit-comments.php screen that allows administrators to see the text of the comment that a person is responding too.

Click to view slideshow.
I’ve used this plugin for more than two weeks and I enjoy the user interface. It looks and acts as if it’s a natural part of WordPress. Chris Christoff created a ticket in Trac with the suggestion that a user interface element like the one in Cronin’s plugin be added to core. If you have feedback on the best way to accomplish this, please add it to the ticket.

Enhancements to Native Comments


Epoch Plugin BannerEpoch is a plugin developed by Postmatic and a few other contributors that enhances WordPress’ comment system. Unlike services such as Disqus or Livefyre that replace the comment system, Epoch adds features to WordPress’ native comments. This allows you to keep comments within your database at all times without relying on a third-party.

Epoch applies a series of visual enhancements to the comment form. Replies from the post author are a different color from regular responses and the date and time the comment is written is displayed at the top. Epoch also uses Ajax to send and receive comments which eliminates the need to refresh the page.

Click to view slideshow.

Epoch has a front end moderation capability that allows site administrators to approve, trash, or spam comments. Unlike the native comment form, Epoch doesn’t load the comments unless the browser reaches a certain point on a post or is accessed via a direct link.

In most instances, the comment form loads quickly but on certain mobile devices, the lack of speed is noticeable. The team is aware of the performance issues and is attacking the problem with a three stage approach.

Epoch relies on JavaScript to function so if a visitor browsing your site has JavaScript disabled, the comments don’t load. Again, the team is aware of this issue and is creating a fallback to WordPress’ native comment system if the files can’t be retrieved from its CDN or JavaScript is disabled.

Basic Comment Quicktags

Basic Comment Quicktag Plugin BannerIn WordPress 4.3, the allowed HTML tags text displayed near the comment form was removed. The tags were removed because they’re note relevant and confusing to most users. While I agree that the text is not relevant, I think the comment form should have basic text formatting buttons so readers don’t have to remember and manually type HTML tags.

Basic Comment Quicktags in ActionBasic Comment Quicktags in Action

Once Basic Comment Quicktags is installed, navigate to Settings – Discussion and check the box to enable them for comments. When enabled, the comment text area will have Bold, Italic, Link and Quote buttons. The best part of this plugin is that it exposes a built-in core feature using the Quicktags API added to WordPress 3.3. Text formatting buttons in the comment area is a courtesy I’d like more site owners to give to readers.

Simple Comment Editing

Simple Comment Editing Plugin BannerSimple Comment Editing, developed by Ronald Huereca, adds the ability for readers to edit their comments in a limited time frame. By default, readers have five minutes to edit their comment once it’s submitted. Although no configuration is necessary, you can alter the time and behavior of the plugin by using actions and filters. I’ve changed the time limit to 15 minutes on the Tavern to make sure readers have plenty of time to make edits.

Simple Comment Editing Countdown TimerSimple Comment Editing Countdown Timer

With Simple Comment Editing installed, the amount of contact form submissions and requests to edit a comment have gone down considerably.


Postmatic Plugin BannerPostmatic is a plugin that ties into a service and has a number of features. Readers can subscribe to posts or to comments and receive updates via email. Postmatic has a beautiful email template that shows the most recent reply, the commenter’s Gravatar, and a recap of the post and conversation.

Postmatic Comment Email TemplatePostmatic Comment Email Template

Readers can respond to comments via email without having to visit the comment form. Site administrators can reply, trash, or submit comments to Akismet via email. It’s important to note that Postmatic is not a third-party commenting service. Instead, it uses the native comment system in WordPress allowing you to keep and own your data at all times.

While I moderate comments from the WordPress mobile app or the WordPress backend, Postmatic is a great fallback. I also think the email template looks great and offers a better user experience than the comment notification emails provided by WordPress. Postmatic does a lot more than what I describe above but for the purpose of this article, I focused on the comment portion of the service.

Postmatic is a new addition to the Tavern that I encourage you to try. After trying it out, please tell me about your experience. I especially wany to know if it’s easier to keep track of and take part in conversations.

Notifications That a Comment in Moderation is Approved

One of the problems I’ve yet to solve is being addressed by a number of WordPress contributors in ticket 33717. If all goes well, it’s possible this feature will be added to WordPress 4.4. Once added, readers whose comments end up in the moderation queue will automatically be notified by WordPress when it’s approved.

It’s Not Perfect but It’s an Improvement

Even with all the features these plugins provide, I don’t think the comment system in WordPress or the form on WP Tavern is perfect. I’m not sure if perfection of either can be achieved. However, I think both are improvements over the previous iterations. If there’s a plugin you use to improve WordPress’ native comments or its moderation system, let me know about it in the comments.

by Jeff Chandler at October 01, 2015 08:28 AM under simple comment editing

September 29, 2015

Donncha: The Web Won’t Forget Alex King

If you use a WordPress site, either as a visitor or owner, you’re using code that Alex King, one of the original developers of WordPress, worked on.

He passed away after fighting cancer for 2 years but his online presence lives on in the form of his blog with it’s deep archive of posts going back years, and in so much code that it’s humbling to look at his projects page. Looking through the svn log of WordPress trunk shows he still had a hand in helping the WordPress project until relatively recently:

trunk$ svn log|grep alexkingorg
props alexkingorg for the initial, long-suffering patch.
props alexkingorg. fixes #24162.
Props alexkingorg
`wp.media` instead of just `media`. props alexkingorg, see #22676.
Add $post_ID context to the pre_ping filter. props alexkingorg, devesine. fixes #18506.
Add filter so the users can select custom image sizes added by themes and plugins, props alexkingorg, fixes #18520
esc_textarea() and application for obvious textarea escaping. props alexkingorg. fixes #15454
Escape links by default. Props alexkingorg. see #13051
Safely include class-json.php, class-simplepie.php and class-snoopy.php, props alexkingorg, fixes #11827
Fix user creation from admin after changes for #10751. Fixes #10811 props alexkingorg.
Hooks needed to allow alternate category admin inteface. Props alexkingorg. fixes #3408
Wrap cat name in CDATA. props alexkingorg. fixes #3252

I’m sorry I never met Alex, however I remember working virtually with him and Adam Tow on AllThingsD which seems like a lifetime away now. Adam has a great article on Alex on his blog, as does Matt who went into detail about Alex’s involvement with WordPress going back to the days of b2. I had completely forgotten the CSS competition he mentioned!

Alex, your legacy lives on.

Related Posts

by Donncha at September 29, 2015 08:44 PM under Alex King

WPTavern: WordPress 4.4 Removes the View Post and Get Shortlink Buttons From the Post Editor

In WordPress 4.4, the View Post button in the post editor is disappearing in favor of a clickable permalink. Four years ago, Scribu, who is a former WordPress contributor, created ticket #18306. In the ticket, Scribu explains that the View Post button is redundant functionality and suggests that it be removed in favor of a clickable permalink.

Here are two screenshots of the post editor. The first is WordPress 4.3 and the second is WordPress 4.4. Clicking the permalink allows you to preview the post in its current state. Notice the slug part of the URL is in bold. You need to click the Edit button to edit the permalink.

WordPress 4.3 Post EditorWordPress 4.3 Post Editor WordPress 4.4 Post EditorWordPress 4.4 Post Editor

Not only does this change remove redundant functionality, it removes a UI element from the page. Enhancements like these are a huge win for WordPress because it makes the interface simpler without permanently removing the button’s purpose.

In addition to the View Post button, the Get Shortlink button is also removed. The button shows up if you’re using a custom shortlink and can be re-enabled using code or a plugin. For most users, the Edit button is the only one they’ll see between the post title and content box.

I expect some users will be frustrated as they go through the process of changing their workflow but overall, I think it’s a great improvement. What do you think?

If you’re using the WordPress beta testing plugin by Peter Westwood, I encourage you to set it to bleeding edge nightlies and update your site. You’ll be able to test this change and others during the WordPress 4.4 development cycle.

by Jeff Chandler at September 29, 2015 07:22 PM under wordpress 4.4

Matt: Remembering Alex King

Alex speaking at WordCamp SF 2009One of the original WordPress developers, Alex King, has passed from cancer at far too young an age. Alex actually got involved with b2 in 2002 and was active in the forums and the “hacks” community there.

Alex had a background as a designer before he learned development, and I think that really came through as he was one of those rare people who thought about the design and usability of his code, the opposite of most development that drifts toward entropy and complexity. One of my favorite things about Alex was how darn tasteful he was. He would think about every aspect of something he built, every place someone could click, every path they could go down, and gave a thoughtfulness to these paths that I still admire and envy today.

As an example look at his project page (essentially a category archive) for the Post Formats Admin UI, isn’t that clever and intuitive how the posts connect together, and when more time passes in the thread it’s shown as a break. It’s classic Alex: something simple and thoughtful that in hindsight is so gobsmackingly obvious you wonder why everything doesn’t work that way, but you never would have imagined it beforehand. And Alex wouldn’t just imagine it and do it for himself, he released his best work as open source, as a gift to the community and the world, over and over and over again.

Back when WordPress was getting started Alex was a celebrity of the b2 world, his hacks (plugins before plugins) were some of the coolest ones around. We had a ton of overlapping interests in web standards, photography, development, and gadgets so we frequently read and commented on each other’s blogs. I would never miss a post on his site, and that’s back when we were both doing one or more posts a day. To get a sense of Alex it’s worth exploring his blog — he was a clear thinker and therefore a clear writer. The straightforward nature Alex wrote with was something I always admired about him.

We discussed WordPress early on, Alex signed up to help with what later became the plugin directory, and his CSS competition (look at those prizes! and notice it’s all GPL) was hugely influential on the path to themes, and he officially became a contributing developer in August of 2003.

The list of what Alex was one of the first to do in the WordPress community is long, and in hindsight seems gobsmackingly obvious, which is the sign of innovation. I smile when I think of how he moved from the Bay area to Denver before it was cool, or his love of scare quotes. Once there was something going on in WordPress and he called me to talk about it, I was so surprised, he said the number was right on my contact page (and it was) but even though it had been there for years no one had ever called it before, but that was just the type of person Alex was, always reaching out and connecting.

Adam Tow, myself, Barry Abrahamson, Alex King; Photo from Adam Tow’s post.

I’m not sure how to include this next part: I couldn’t write last night — I was too tired. After falling asleep I had one of those super vivid dreams that you can’t tell are dreams. There had been some sort of mix-up on Twitter and Alex was still alive, I visited Colorado with my sister and saw him surrounded by family at a picnic table, all the rooms were taken so they put me on a floor mattress where I slept. Tons of his friends were around and we took pictures together, he was excited about the better front camera on the 6s+. (Alex understood mobile all the way back to the Treo days.) It was all very ordinary and in a group setting, until we decided to walk alongside a small highway, past some grain silos, to meet the group at a bar. The walk was just the two of us and we talked and laughed about the big mix-up and he asked about this post, what was going to be in it. He got most excited and emphatic with the part about him being a developer with great taste, and a clear writer William Zinsser would be proud of, so I like to think that those were two things he was proud of. The overwhelming emotion I remember was joy. Waking up was disconcerting, part of me wants to believe part of Alex’s spirit was there, where another more logical part thinks my mind was just going through the denial stage of grief. Regardless I know that Alex will stay in the minds of people who knew him for many years to come.

Code that Alex wrote still runs billions of times a day across millions of websites, and long after that code evolves or gets refactored the ideas and philosophy he embedded in WordPress will continue to be part of who we are. Alex believed so deeply in open source, and was one of the few people from a design background who did. (Every time you see the share icon on the web or in Android you should think of him.) I like the idea that part of his work will continue in software for decades to come, but I’d rather have him here, thinking outside the box and challenging us to do better, to be more obvious, and work harder for our users. He never gave up.

by Matt at September 29, 2015 05:57 PM under Asides

WPTavern: Alex King, Founder of Crowd Favorite Passes Away

Alex King with his daughter HeatherAlex King with his daughter Caitlin

Alex King, who founded web development agency Crowd Favorite, and author of several WordPress themes and plugins passed away last night at his home. In January 2013, King was diagnosed with stage four colon cancer. He used his blog to tell the story of his fight to stay alive.

On August 24th, King finished the first cycle of a new clinical trial that he says went well.

I’m nearly through my first cycle of the new clinical trial and overall I think it’s gone pretty well. I was able to get the 6 pills/day (3 in the morning, 3 in the evening) without too much concern. That said, by the end of the 5 days taking the pills I would basically sleep for the day.

On the same day, he published what would be his final request to the WordPress community. King requested that anyone with memories of him and his career to submit them to his wife.

One of the things my wife and I are trying to do is put together some information about my career that will hopefully give my 6 year-old daughter a better sense of who I was as an adult. She knows me as “dad”, but when she gets older she’ll be curious about who I was to my peers and colleagues.

If you have any memories of King, please honor his request and submit them to his wife.

Outpouring of Support

As the news of King’s death spread throughout the community, many shared grief on Twitter while others reflected on his accomplishments in WordPress.

In addition to Twitter, many published their thoughts and memories of King on their site.

King’s Impact on WordPress Early On

King is one of a handful of people who witnessed the transition from b2 to WordPress. He’s one of the earliest WordPress developers and is largely credited with motivating developers to build themes using the template engine in WordPress 1.5.

Alex King wrote a CSS Style Switcher hack, which came with three CSS stylesheets. Not everyone who had a WordPress blog wanted to create their own stylesheet, and many didn’t know how. Users needed a pool of stylesheets to choose from. To grow the number of stylesheets available, Alex ran a WordPress CSS Style competition. Prizes, donated by members of the community, were offered for the top three stylesheets; $70, $35, and $10 respectively. – WordPress History Book

In the first contest, King received 38 submissions with Pink Lillies by Naoko Takano winning first place.

Pink Lillies Wins First Design ContestPink Lillies Wins First Design Contest

Each sylesheet submitted to the contest was available to the public. In essence, King’s website was an early version of the WordPress theme directory. In the second contest, he received over 100 submissions. In total, King hosted 138 themes on his site. He decided not to host the competition again in 2006 due to the sheer amount of work required.


King appeared on several different WordPress podcasts and spoke at a number of WordCamps. Here are links to a few of them.

My Memorable Experience With Alex King

The last time I spoke to King in person was at WordCamp San Francisco 2013. A group of us rode together in a party limo complete with blinking lights inside. I sat across from him and asked a few questions related to his health. I also asked him about the early days of WordPress. King was a soft-spoken man who at times is hard to hear but it turned out to be a great and memorable conversation.

The WordPress community has lost an inspirational person and a pillar of the WordPress project. My deepest condolences go out to his friends and family. King is survived by his wife Heather and his daughter Caitlin.

by Jeff Chandler at September 29, 2015 02:42 AM under crowd favorite

September 28, 2015

Post Status: Rest in peace, Alex King

The prototypical WordPress developer and blogger, Alex King was a tremendously influential member of the WordPress ecosystem.

He was one of a very small group of people involved during the transition of b2 to WordPress. He helped to create the website that would become the first WordPress.com VIP client. He started the first WordPress-centric consulting agency. He was fundamental to the development and direction of dozens of WordPress features. He even created a small icon that would go on to become the ubiquitous “share icon”.

Alex was a selfless contributor, a driven entrepreneur, and a friend to many. He was also a husband to Heather and a father to Caitlin.

In addition to web work, Alex loved golf and photography. His blog is an outstanding example of the art, where he logged his story, his passions, and his challenges. I could not possibly tell his story better than he himself can.

Following are more valuable links to help remember Alex:

Today is a sad day for the WordPress community, and Alex King will be missed. May he rest in peace.

by Brian Krogsgard at September 28, 2015 08:29 PM under Everyone

September 27, 2015

WPTavern: WordPress 4.4 to Possibly Rearrange Fields to the Comment Form

WordPress plugin and theme developers need to take note of an important change in WordPress 4.4 that rearranges the comment form. In WordPress 4.4, the comment form is arranged so that the text area is displayed first followed by the name, email, and website fields.

Comment Text Area is FirstComment Text Area is First

According to Aaron Jorbin, WordPress core developer, the change improves navigation when using the keyboard to toggle through fields. It also makes it easier for users to leave comments.

Since the change requires filters and actions to run in a different order, the HTML output by comment_form will be different. Jorbin explains that if developers use any of the hooks inside comment_form, especially comment_form_field_comment and comment_form_after_fields, developers should test their themes and plugins using WordPress 4.4 nightlies.

If you run into any problems or inconsistencies, please report them to ticket #29974. What do you think of the change? Do you think readers want to write their comment first instead of filling out the other three fields?

by Jeff Chandler at September 27, 2015 07:02 PM under wordpress 4.4

WPTavern: WordCampus Renames Event to WPCampus

WPCampus Featured ImageWhen WordCampus was announced, some of our readers expressed concern that the event’s name is too similar to WordCamp US and would cause confusion.

There was also concern that without being officially sanctioned by WordCamp Central, the event would infringe the WordCamp trademark that is owned and protected by the WordPress Foundation. To alleviate these concerns, the organizing group changed the name from WordCampus to WPCampus.

Rachel Carden, one of the event’s primary organizers, says the team had a backup plan from day one, “While most of the community agreed that the name WordCampus was spot on, the possibility of changing our name was proposed from day one as WordCampus was being confused with WordCamp US,” Carden said.

“As much as we love WordCampus, we didn’t want it to get in the way of what we hope to achieve, so the topic was passionately discussed at a planning meeting. The entire community cast their votes for a new name and WPCampus was selected as the clear winner,” Carden told the Tavern.

More than 250 people have expressed interest in WPCampus. If you’re interested in speaking, sponsoring, or attending the event, please fill out the survey.

by Jeff Chandler at September 27, 2015 05:25 PM under wpcampus

September 26, 2015

Matt: Cars should be Open Source

“The reality is that more and more decisions, including decisions about life and death, are being made by software,” Thomas Dullien, a well-known security researcher and reverse engineer who goes by the Twitter handle Halvar Flake, said in an email. “But for the vast majority of software you interact with, you are not allowed to examine how it functions,” he said.

The Times has a great look at hacker and car manufacturer mishaps and makes the case over and over again for Open Source. It’s great to see more of the world waking up to the importance of open source.

by Matt at September 26, 2015 06:18 PM under Asides

September 25, 2015

WPTavern: Freenode to Purge Inactive Nicks, Channels, and Accounts on October 2nd

photo credit: 13Moya 十三磨牙 - ccphoto credit: 13Moya 十三磨牙cc

Freenode, the IRC network responsible for hosting communication servers for WordPress and many other open source projects will be performing maintenance on or around October 2nd. Freenode will remove expired nicks, channels, and accounts.

Although a lot of people have switched to SlackHQ from IRC to communicate in real-time, the WordPress support channel with hundreds of users still exists on Freenode with no plans to move it to Slack.

If you have a registered account on Freenode and have not identified with the service in 120 days or more, you must authenticate your account before October 2nd. You can do this by connecting to Freenode and using the /msg nickserv identify command, then enter your password.

If you’ve forgotten your password, use the /msg nickserv sendpass command to recover lost passwords. Alternatively, use the /msg nickserv help sendpass command to receive help recovering your password.

It’s especially important for users who have registered channels on Freenode to authenticate or else the username and channels associated with it will be removed.

by Jeff Chandler at September 25, 2015 06:57 PM under irc

Donncha: WP Super Cache 1.4.5

WP Super Cache is a fast caching plugin for WordPress. It will help your site run faster and serve more traffic.

This is a security and bugfix release.

  • Some servers display a directory index when no index.html is found in a directory. That may reveal the filenames of cache files.
  • There were issues in the settings page that might allow an attacker to browse or delete files named index.html.
  • PHP Object Injection could occur if an attacker managed to inject malicious code into the legacy cache meta files.

When you upgrade, your “legacy cache” files for logged in users will be deleted. This may have an impact on your site:

  • If your site is slow at generating new pages.
  • If you have many known users (logged in users or people who comment).

Your site will suddenly have to generate new cache files for all visiting known users.

Relying on caching like this is not recommended for these types of users as it’s very inefficient. Each user has a separate cache file that must be checked whenever the plugin does administration work like cleaning up stale cache files.

If most of your traffic is anonymous users who don’t comment you don’t need to worry about this.

Directory Listings

If a server is configured to show directory listings it will show files and directories in the cache directory to visitors who access those directories directly through their browser. This might reveal private posts, and in the case where legacy caching is enabled for known users the login cookie was stored in “.meta” files that could be downloaded.


Files named “index.html” were added to the main cache directories to stop remote users viewing the contents of the cache directories. Unfortunately it’s not possible to add empty index.html files to the supercache directories because those files could be served by accident to legitimate visitors of the site. However, the plugin will also add a directive that disables directory listings to the file cache/.htaccess. You can now also change the location of the cache directory on the Advanced Settings page of the plugin. If you can’t disable directory indexing on your server and you have private posts you should change this location and use PHP mode to serve cache files.


If a directory index is found in the cache directory it will show a warning like this to administrators:

index.html warnings

Clicking the logout link will log everyone out, except the user who clicks it, but it guarantees that the login cookies are updated, just in case someone has copied the cookie from an old meta file.

Directory Traversal and File Deletion

User input in the settings page wasn’t properly sanitised. The code that sanitised directory paths when deleting cache files wasn’t secure and might allow an attacker to view or delete files named index.html. Deletes are protected by a nonce, limiting the useful lifetime of the URL however.

PHP Object Injection

The plugin used serialize and unserialize to store data in “legacy cache” meta files. This might be used to perform a PHP object injection attack. Serialised data is now stored as JSON data.

The format of legacy cached files has changed. The files in the meta directory no longer have a .meta extension. They are .php files now and each file has a “die()” command to stop anyone loading them.
The data stored in those files is now stored as JSON serialised data. The login cookie is an MD5 hash now as well.
When you upgrade the plugin your existing legacy cache files will be deleted and regenerated as visitors use your site.

Apart from those security fixes there have been a number of enhancements and bugfixes:

  • Disabling the plugin no longer deletes the configuration file. Uninstalling will do that however.
  • Enhancement: Only preload public post types. Props webaware.
  • It’s now possible to deactivate the plugin without visiting the settings page.
  • Fixed the cache rebuild system. Rebuild files were deleted immediately but now survive up to 10 seconds longer than the request that generate them.
  • Minor optimisations: prune_super_cache() exits immediately if the file doesn’t exist.
  • The output of wp_cache_get_cookies_values() is now cached per visit.
  • Added PHP pid to the debug log to aid debugging.
  • Various small bug fixes.
  • Fixed reset of expiry time and GC settings when updating advanced settings.
  • Removed CacheMeta class to avoid APC errors. It’s not used any more.
  • Fixed reset of advanced settings when using “easy” settings page.

This release wouldn’t be possible without the help of Brandon Kraft, Dane Odekirk, Ben Bidner, Jouko Pynnönen and Scrutinizer. Thank you all!

Related Posts

by Donncha at September 25, 2015 05:19 PM under wp-super-cache

WPTavern: Lessons I Learned Moderating Comments in WordPress

In the past 4-5 weeks, I’ve moderated every comment submitted to WP Tavern. Not only was it an experiment to see what would happen but a new way for me to use WordPress. The experiment introduced me to several drawbacks in WordPress’ comment moderation system.

Lack of Context

Comments that are pending moderation in the WordPress backend that are in response to another comment are hard to moderate. Take the following screenshot for example. This comment is in response to a comment submitted by Norcross. Unless I open Norcross’ comment in a new browser tab or window, I have no idea what the context of the conversation is. Pending notifications in the WordPress mobile app also don’t show text from the parent comment.

WordPress 4.3 Comment Content AreaWordPress 4.3 Comment Content Area

I propose that WordPress core adds the text from parent comments to replies in the backend so I know what people are responding too. This also helps when replying to comments from the backend as I’ll know the context of the conversation.

Lack of Notifications That a Comment in Moderation is Approved

WordPress does not send an email notification when a comment is approved from moderation. However, there are a lot of people working to add this feature to WordPress 4.4.

A Whitelisting System for Anonymous Comments

The biggest drawback to comment moderation is that not every comment needs to be moderated. A whitelisting system can lessen the burden of having to moderate each comment.

WordPress provides the ability to blacklist comments. You can also configure a set of parameters to determine when a comment goes into the moderation queue such as, number of links, content within the comment, and if the comment author has a previously approved comment. None of these configurations are useful if WordPress is configured to send every comment to moderation.

WP Tavern does not have open registration and allows comments from anonymous people. This makes whitelisting difficult since the IP address, name, URL, and email address of a commenter can easily change or be imitated. The whitelisting component of WordPress becomes more useful if you can tie it to a registered user account.

I’m unsure if WordPress can improve this area of the moderation system or if it’s an assumed risk administrators take when accepting anonymous comments.

A Major Time Suck

Moderating every comment is a pain and sucks up time that can be spent doing something else. During my vacation last week, I continued to moderate comments from the WordPress mobile app because if I didn’t, the conversation stopped. I’ve concluded that by accepting anonymous comments, there needs to be a way for the audience to help moderate instead of doing it on my own.

In a future post, I’m going to list a few WordPress plugins I’ve discovered that takes the commenting system to the next level. Many of the plugins solve one or most of the problems listed above.

by Jeff Chandler at September 25, 2015 03:52 PM under moderation

WPTavern: WP Super Cache 1.4.5 Patches XSS Vulnerability

If you use WP Super Cache, you should immediately update to version 1.4.5 as it patches a XSS vulnerability in the settings page. This version also prevents PHP object injections. In addition to security patches, 1.4.5 contains a number of bug fixes. Make sure to update your sites as soon as possible to patch the vulnerability. You can find more details on this release on Donncha Ó Caoimh’s website.

by Jeff Chandler at September 25, 2015 02:37 PM under xss

Post Status: All about the WordPress REST API and its current state — Draft podcast

Welcome to the Post Status Draft podcast, which you can find on iTunes and via RSS for your favorite podcatcher. Brian and his co-host, Joe Hoyle, a co-founder and the CTO of Human Made, discuss some of today’s hottest, current WordPress news.

This week, Joe and Brian go into depth discussing all aspects of the WordPress REST API, and the state of the API today.

With the recent merge proposal, there is a good chance it will be included in WordPress core via a two stage process in the WordPress 4.4 and 4.5 releases. The first release would be the core infrastructure and the second release would include the endpoints. This is our longest podcast, but we go in depth on one of WordPress’s most anticipated features in years.


Direct Download


  • Brief overview: what is the REST API?
  • Why is the REST API important, and why are people excited about it?
  • REST API proposal
  • Reviews from the core team
  • New REST API core component
  • Trac Ticket
  • Comparison’s to Drupal’s REST API
  • Customizer roadmap in regards to the API
  • Authentication and future REST API projects


by Brian Krogsgard at September 25, 2015 05:21 AM under Developers

September 24, 2015

WPTavern: WPWeekly Episode 207 – Going Postmatic

In this episode of WordPress Weekly, Marcus Couch and I are joined by Jason Lemieux and Dylan Kuhn of Postmatic. During the show, we learn the company’s history and how it started. We discuss what the service offers and how people can take advantage of it.

Last but not least, we learn what the company has in store for version 2.0. If you’ve thought about using Postmatic or want to learn more about the company, this episode is for you.

Stories Discussed:

The WordPress REST API Is One Major Step Closer to Being Merged Into Core
The Impacts HeroPress Is Having on WordPress Communities in India
Jeff Yablon and the WordPress Foundation Settle Out of Court
The Ultimate Guide to the WordPress REST API by Josh Pollock

Plugins Picked By Marcus:

WP User Activity logs activity in WordPress. Activities can be sorted, filtered, and viewed per-user, along with session data for logged in users, IP addresses, and user-agents.

Wishlist for WooCommerce lets customers save the items they want to purchase in the future.

Database to Excel allows you to export a MySQL database table to a Microsoft Excel file. It also allows you to show all of the values within a database table with an export to Excel option.

WPWeekly Meta:

Next Episode: Wednesday, September 30th 9:30 P.M. Eastern

Subscribe To WPWeekly Via Itunes: Click here to subscribe

Subscribe To WPWeekly Via RSS: Click here to subscribe

Subscribe To WPWeekly Via Stitcher Radio: Click here to subscribe

Listen To Episode #207:

by Jeff Chandler at September 24, 2015 06:31 PM under wordpress foundation

Akismet: Akismet WordPress Plugin 3.1.4

Version 3.1.4 of the Akismet plugin for WordPress is now available.

This update clarifies the error messages that Akismet uses so that they’re easier to understand, and it enables link previews in the admin for all links in a comment — not just the author’s website link. A fix is also included for a bug that could have caused comment moderation emails to be sent for some comments that were caught as spam. For a full list of the changes in this release, see the revision log.

To upgrade, visit the Updates page of your WordPress dashboard and follow the instructions. If you need to download the plugin zip file directly, links to all versions are available in the WordPress plugins directory.

by Christopher Finke at September 24, 2015 05:35 PM under WordPress

September 23, 2015

WPTavern: WP Comment Humility Relocates the Comments Top-level Menu Item to the Posts Menu

One of the key features in WordPress 4.3 is that comments on pages are disabled by default. If you only enable comments for posts, you may be interested in WP Comment Humility, a new plugin created by John James Jacoby that moves the top-level Comments menu item to the Posts menu. The following screenshot better illustrates what it does.

Comment Humility in ActionComment Humility in Action

If a site enables comments for posts only, this location for the menu item makes sense. What if you’re using Custom Post Types? According the plugin’s FAQ, the user experience might be weird, “If you have a post type other than post that supports comments, it may make more sense to not use this plugin,” Jacoby said. He suggests giving it a try and if the user experience doesn’t feel right, to disable it.

Documentation is located on GitHub where you can also submit Pull Requests. WP Comment Humility works out-of-the-box without any configuration options on WordPress 4.3 and is available for free in the WordPress plugin directory.

by Jeff Chandler at September 23, 2015 11:19 PM under wp comment humility

WPTavern: Highlights From Matt Mullenweg’s Q&A Session on Product Hunt

On September 22nd, Matt Mullenweg participated in a question and answer session on Product Hunt. Product Hunt is a site that lets users share and discover new products. In the session, Mullenweg answers questions like what advice he’d give to his 20 and 25-year-old self and how he combats burn out. Here are a few highlights from the session.

Nikhil V – Hello Matt, with the upcoming release of the WP REST API in WordPress core, what do you hope to most see built with its capabilities?

Matt Mullenweg – I’m hugely excited about the REST API! Once the infrastructure is in, I think we’ll see really widespread adoption from plugins that right now are creating their endpoints in very ad-hoc ways. Once we iterate a bit more on the core content endpoints and authentication I think we’ll see a lot more specialized interfaces built on WP as like a content kernel, an engine powering a wide array of applications and interfaces you’d never imagine having WordPress behind them today.

Erik Torenberg – If you could go back in time and give advice for your, say, 20-year-old self, what would you tell yourself? How about 25?

Matt Mullenweg – To my 20-year-old self I would say to be okay with things building up over time. Something I didn’t appreciate until recently is that there any many productive decades ahead with which to build the things that I feel need to exist in the world. One of the best things I did then was avoid any press or capitalization on my age (to the extent I could) because youth is an ephemeral asset and just a novelty in business.

To my 25-year-old self I would tell him to slow down and think about health more, I burned the candle at both ends that year. I would also say to not get as caught up in mailing list and IRC arguments and discussions, just focus on building.

Sydney Liu – In the early days of WordPress, what was the 20% that got you the 80% of the results?

Matt Mullenweg – There’s no simple answer there, if I had to pick one thing it would be luck.

Kristof Bernaert – How do you see WP about 5 years, or how do you want it to see?

Matt Mullenweg – In 5 years I think that WP will be infinitely easier to use for both power-users, developers, and newbies. You will be able to have a full experience of core, plugins, themes, docs, and support in several dozen languages that will be as large or larger than English. There will be over a million people making their living on top of the platform. Most people will be creating from touch devices, and their content will mostly not come from keyboards (virtual or physical) as an input device.

Tys Bradford – Your accomplishments with WordPress have literally changed the face of the internet and enabled people without programming skills to make beautiful and functional websites. Do you think this could be replicated ever with mobile applications (iOS/Android)? I have seen a few companies try, but none have come close to delivering in the way WordPress is able to.

Matt Mullenweg – Thank you! The ecosystems and app stores for iOS and Android right now are too locked down, and the discoverability and overhead of apps is too distorted, for an approach like WordPress’ to work for mobile applications. The environment for the foreseeable future there is going to favor more centralized apps, my only hope is that at least a few get really successful (including ours) that aren’t advertising-driven.

My Question Was Not Answered

Unfortunately, my question was not answered. However, I’m going to ask it in this post with the hope that he’ll answer it in the comments.

You’ve spent a lot of time, money, and energy trying to create a great mobile experience in WordPress via dedicated apps. As more of the WordPress backend becomes responsive, how will this affect (if any) the priority level of developing the mobile apps versus putting that time and effort into a 100% responsive WordPress backend?

Mullenweg answers a lot more questions than what’s listed above but those are the ones that stand out to me. You can read the entire session on the Product Hunt site.

by Jeff Chandler at September 23, 2015 08:46 PM under product hunt

WPTavern: The WordPress REST API Is One Major Step Closer to Being Merged Into Core

After more than three years of development, the WordPress REST API is one major step closer to getting merged into core. Ryan McCue, a lead contributor to the project, published the first official proposal to merge the API into WordPress. The proposal explains what the REST API is, why it’s needed, an integration plan, and what happens after the merge. The plan is to integrate the API in two stages, infrastructure and endpoints.

Two Part Plan

The infrastructure is the code responsible for routing requests and handling the meta layer of the API, including JSON serialization/deserialization, linking, embedding, and REST best practices. Merging the infrastructure first allows developers to start building upon it and to migrate from existing custom code. The plan is to merge the infrastructure portion of the API in WordPress 4.4.

Endpoints are considered the more complex of the two as they’re responsible for mapping data from the external JSON format to the internal data structures and vice versa. In other words, endpoints are the bridges of communication between WordPress and external applications. To provide more time for core committers to review the code, endpoints will be merged in WordPress 4.5.

Development of the API takes place on GitHub but core WordPress development takes place on Subversion and Trac. When the API is merged into core, it will no longer be developed as a separate project. McCue proposes that the best of GitHub and Trac be integrated so developers comfortable with GitHub can continue to contribute to the project:

Given the team’s experience with GitHub as well as Trac, we can bring the best of both worlds by helping integrate the two. This would also improve contributions to WordPress as a whole, and benefit the whole community. This will be especially important as we encourage more contributions from the wider community (client authors, for example). We think we can make good progress here, and we’d love to try to help improve the process.

Although there’s a GitHub repository for WordPress that’s synced to its Subversion counterpart, it does not accept pull requests. If integrating GitHub and Trac proves to be successful, it could open the door for WordPress to accept pull requests or contributions through GitHub.

The plan to merge the API into core is not finalized and the team needs your comments, questions, and opinions. I encourage you to read the full proposal and the comments as McCue answers additional questions related to the merge. How happy are you to see this merge proposal?

by Jeff Chandler at September 23, 2015 06:55 PM under wordpress rest API

September 22, 2015

Matt: Product Hunt AMA Today

In about half an hour I’m doing an AMA (ask me anything) on Product Hunt, please join and ask some questions on any topic that tickles your fancy.

by Matt at September 22, 2015 06:39 PM under Asides

WPTavern: The Impacts HeroPress Is Having on WordPress Communities in India

Topher DeRosia, who recently attended WordCamp Pune, India, published a post on the HeroPress blog that describes the subtle impacts the project is having on people.

Saurabh Shukla, lead organizer for WordCamp Pune, says the site inspired not only their speaker selection but their presentations as well, “We wanted people to derive at least a level of inspiration from the speakers and decided that stories make more sense than presentations,” Shukla said.

Examples of inspiring presentations at WordCamp Pune include, a workshop where people could experience accessibility issues for themselves, WordPress for activism, and building education products for South Asia.

WordCamp Pune ClassroomsPresentation in a Classroom at WordCamp Pune

According to DeRosia, many Indians feel like their WordPress communities are not getting the respect they deserve. DeRosia believes the amount of excitement expressed by Indians for HeroPress is because their work is noticed and appreciated.

“That is why India is excited about HeroPress. They’re getting respect. Not just from me, but from thousands of readers around the world,” DeRosia said.

Although DeRosia says he’d be content with the impacts the site has had if HeroPress ended today, I would be sad to see it go because it’s a great addition to the WordPress community. Thankfully, DeRosia says people are requesting more essays, exchanges of knowledge, shared wisdom, shared respect, and more of the HeroPress spirit.

If an essay published on HeroPress or the project’s mission has inspired you in any way, please let us know in the comments.

by Jeff Chandler at September 22, 2015 05:50 PM under india

Matt: Interview, and Complementing Slack

I had a conversation with Tony Conrad at the StrictlyVC event in San Francisco last week, following a dizzyingly talented line-up of Chamath Palihapitiya and Steve Jurvetson.

Techcrunch has a good write-up with a number of the relevant quotes from the event. The only thing I’d like to respond to, because it wasn’t a direct quote, is the headline “Move Over Slack? Automattic Mulls Commercializing Its Own Internal Messaging Product.”

The first problem is the headline missed the obvious alliteration of “Mullenweg Mulls,” 😀but more importantly… Slack has become a really key tool for both Automattic and WordPress.org and anything we do with the evolution of P2 (some of which we already have running internally) will be complementary to Slack, not competitive with it.

by Matt at September 22, 2015 04:26 AM under Asides

WordPress Planet

This is an aggregation of blogs talking about WordPress from around the world. If you think your blog should be part of this send an email to Matt.

Official Blog

For official WP news, check out the WordPress Dev Blog.


Last updated:

October 06, 2015 06:30 PM
All times are UTC.