I upgraded this site from PHPNuke to WordPress in 2005. The cut over was rather abrupt and poorly thought out by yours truly. At the time, I believed I had successfully migrated all of my old content to the new environment. But several years later (!!), I realized the migration had left any article from my old site with a ‘read more’ tag without more to read in my WordPress configuration. This bothered me, and today I decided to see what I could do to ‘fix’ it.
My site has been plagued by odd characters in some of my old posts for a rather long time. The most common is the seemingly random appearance of Â characters in the midst of some of my posts.
I know the basic cause: one of my WordPress / MySQL updates in ancient times (circa 2008) ended up producing a character set mismatch. I long ago fixed the cause, but all the existing bad characters persisted. Until today… I hope
I’ve been using Facebook (or “Bookface”, as my nephew Shane calls it) fairly regularly lately. Today I decided to see what could be done to integrate my blog and Facebook a bit. I read the “how to” guide by Thiemo Fetzer, and now I have Yet Another WordPress Widget in the left nav of my site.
Nothing has changed for “normal” users of my site. For folks who regularly use Facebook, however, you now have an option. You can click on the “Login using Facebook” option, and your authentication will be handled via Facebook (i.e.: you log in using your Facebook credentials). KellysWorldBlog will be added to your application list once you’ve logged in once. Assuming I understand the application correctly, you won’t automatically receive anything from my site simply by using your Facebook login. I (or any visitor) can, however, click the “facebook share” icon to share individual blog posts on my wall.
What benefits does this give? Well, I guess you don’t need to remember your ID on my blog any more, and your Facebook icon will now appear next to the comments you post. But the main thing this does is allow for easy sharing of my blog posts with your friends.
I was doing some work on my server today and noticed some errors in my logs of the following form:
Feb 23 16:04:45 kgadams httpd: PHP Fatal error: Call to undefined function bodyclasses() in /xxx/wpg2header.php on line 848
The problem appears to relate to an upgrade I performed several months ago in the Atahualpa WordPress theme I use. The result was that any attempt to open a gallery page (i.e.: to look at my photos while visiting my blog) would result in a blank page… and the above error appearing in my server logs.
I’ve corrected the problem, but am disappointed that I didn’t even notice an issue that has probably existed since at least January. Ah well, ignorance is bliss I guess…
If you are running a WordPress based blog like I am and suddenly notice your post URLs have something “extra” appended (see the subject line), your blog has been hacked.
You can read more about it here (thanks, UCLABoyz, thanks schang!), where you will also find guidance regarding cleaning the problem up. Unfortunately, it appears that the hack works on all versions of WordPress up to and including the most recent.
I have BadBehavior installed on my blog, and so it was rejecting the URLs with this addition which I *think* would be thwarting the hackers involved: they hadn’t been able to create an administrative user. Unfortunately, it also meant none of my blog posts were working properly until I noticed the problem and corrected it.
Hopefully WordPress will issue a fix for this soon- in the mean time, keep an eye on your URLs, WordPress bloggers!
UPDATE: Another link to a lengthy thread regarding this hack on the WordPress.org site. What is interesting here is the apparent vector: a weakness in the WordPress code, apparently up to and including the most recent release, that permits an ordinary subscriber (i.e.: not an administrative user) to run some administrator features e.g.: changing the permalinks.
UPDATE #2: it appears that updating to the most recent version of WordPress (2.8.4) removes the “double slash” vector for running some admin commands (notably permalink.php). This fix was apparently added somewhere between WordPress version 2.8 and 2.8.4.
I’ve included some extracts from my server logs and further thoughts below…
I installed a new WordPress theme several weeks ago. I noticed a couple of days ago that posts had funny looking “blank portrait” images beside them. I right clicked on them, and noticed that the images were linked to Gravatar. I remember reading about “Gravatars” (globally recognized avatars) quite some time ago, but I more or less dismissed it as not relevant to my interests. I think when I read about it, there may have even been charges associated with the service
Well, apparently it is relevant to my interests now. Automattic (the company responsible for WordPress) has acquired the service, and now you can set yourself up there for free. If go to the Gravatar site or alternately have an account on WordPress.com, you can associate an image with your email address… or apparently several images with several different email addresses. Anyway, once you’ve done that, if you use that same email address to identify yourself on a blog or website that supports Gravatars, your image will appear there without further setup.
All of this was news to me, but apparently Gravatar support is actually “baked in” to WordPress since version 2.5, and any “compliant” WordPress theme inherits this support. I didn’t notice it earlier probably because I was using a non-standard theme. None of this probably means much to most of my visitors but… I found it intriguing to discover something I had completely missed. Sort of like discovering an old friend of yours has been hand carving collectable duck decoys for years and you never had a clue they did any such thing. Exactly like that… except completely different.
No doubt you were shocked just now if you are one of my regular visitors. Yes, the site looks weird at the moment: I’m experimenting with a different WordPress theme, one called Athahualpa. I’m not sure yet if I really like it, but it has some nice features that I wanted to try out. Let me know what you think!
I’m upgrading the WordPress engine that delivers this blog to the latest version. The site will be somewhat “broken” until I’m done: my apologies for the inconvenience! The upgrade is complete, but not without the usual “oh dang, that’s broken now” moments.