WordPress 2.9 “Carmen” is out, fresh & crisp!

I just noticed that WP 2.9 is already out of its “beta” phase and you can download its stable release.

Of course, Matt already has posted an article about 2.9, along with the new “code name” of 2.9: “Carmen” (Carmen McRae, jazz vocalist).

Only a day ago, I was reading a quite detailed article about the new features and improvements in WP 2.9 — this article I can recommend to you, too.

I liked two things more than others:

— You can already restore items from the “Trash” — items that you have deleted by accident or on purpose! Everything deleted will be kept in the Trash for 30 days (and you can change the time period for which the items will be saved there).

— Mass upgrade of plugins with one click only!

Of course, there are a lot of fixed bugs and some other improvements (full list).

Although I already feel enthusiastic about 2.9, I might wait for 2.9.1 to be released… sort of a Service Pack 1 for 2.9.x ;-)

Plugin for removing <meta name="generator" content="WordPress…" /> in WordPress blogs

A while ago I wrote a short post about an easy way to remove the following code from the HEAD of a WordPress blog:

<meta name="generator" content="WordPress [version number]" />

This included only the modification of the functions.php file in your theme. But then it occurred to me that there should be now even an easier way — via a plugin. And there is such a plugin, indeed!

Remove-Generator-Meta-Tag WordPress Plugin

It’s very simple (one line of code, actually) and easy to activate & use. Simply upload to your ‘wp-content/plugins/’ directory and activate it via the WP Admin interface.

There are probably other similar plugins, but this one is the simplest I could find!

Enjoy! :-)

WordPress capturing $_POST requests (updated script)

A while ago, I discovered a small and useful code snippet, which allowed you to capture all $_POST activity, related to your WordPress blog.

This might be useful when your WP-based website is experiencing a hacker attack. Or when you want to know where from is coming the biggest spam comment flood that try to drown your MySQL database in spam.

After using this small code snippet for a while, I discovered a way to improve it a little bit.

The original script didn’t show timestamps of the events recorded. I added this functionality, while leaving the original code almost the same.

If you want to use this updated version, feel free to copy the code:

$posty_ip = $_SERVER['REMOTE_ADDR'];
$the_file = $_SERVER['SCRIPT_NAME'];
$date_sub = date('Y-M-d @ H:i (O)');
if ( $posty_ip != "" && $posty_ip != "" ) {
  if ( !empty($_POST) ) {
    $fp = fopen( '/home/path/path-to-log.html', 'a' );
    foreach( $_POST as $key => $value ) {
	fwrite( $fp, $key.' = '.$value." 
\n" ); } fwrite( $fp, "ip = ".$posty_ip."
\n" ); fwrite( $fp, "date = ".$date_sub."
\n" ); fwrite( $fp, "file = ".$the_file."
\n" ); fwrite( $fp, '================================================'."

\n\n" ); fclose( $fp ); } }

I also added HTML line breaks, as for me it was more useful to have an HTML log file.

The instructions where (and how) to place this code can be found in the original place. Still, it’s worth repeating: Be careful where you place the log file on your server!

I would also recommend to use a plugin, which encrypts passwords (you can download it from wordpress.org). This is not obligatory, but it is always wise to send passwords over http encrypted, and this plugin does exactly that (you don’t have to use https to be able to encrypt the passwords being sent).

Enjoy! :-)