Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Some issues, and ideas #24

Open
oferwald opened this issue May 5, 2013 · 7 comments
Open

Some issues, and ideas #24

oferwald opened this issue May 5, 2013 · 7 comments

Comments

@oferwald
Copy link

oferwald commented May 5, 2013

bad use of slugs

the code uses the directory and then assumes that the plugin is in the format of slug/slug.php which is not always correct, sometimes the php file has a different name

missing upgrade_notice

Sending this can give a nice effect, and it just needs to be added to packages.php

a suggestion, stop querying wordpress.org when using internal updates.

Why inform and query wordpress.org on irrelevant stuff?
see this code example: (for example, to hide bbpress)


function filter_parse_arr($arr, $url) {
    // hide from wordpress.org
    if ($url == "http://api.wordpress.org/plugins/update-check/1.0/") {
        $plugs = unserialize($arr['body']['plugins']);
        unset($plugs->plugins['bbpress/bbpress.php']);
        $arr['body']['plugins'] = serialize($plugs);
    }
    return $arr;
}```
### another suggestion, add a counter to the download.php

I implemented this locally with mysql, many other ideas can work

Great work, all in all :)
@jeremyclark13
Copy link
Owner

Agreed about the slug, I've got to dig into how WordPress generates the slug. I've had numerous occasions where the slug being different than expected caused problems.

That's very interesting about blocking the the plugin from sending info over to WP.org as well.

Yeah when the original script relied on a mysql database for securing the downloads I had thought about this as well. I currently mulling over moving this into a WordPress plugin to add some more advanced features. Just need the time.

Thanks again for the report and ideas.

@turtlepod
Copy link
Contributor

to get the slug use plugin_basename( __FILE__ ).
however this script need complete rewrite.
in a way I'm not recommending to use this script. there's a lot that need to be fixed.

i just release http://autohosted.com plugin to manage auto update.
it's a commercial plugin, but all documentation is open to read.

@oferwald
Copy link
Author

oferwald commented May 5, 2013

Just looked into plugin_basename, and when I was about to post, your message popped up.

Good luck with the new plugin, why don't you make it into an optional service?

@turtlepod
Copy link
Contributor

@oferwald thanks. about service: no plan for that.

you need to read this docs if you want proper sanitation for plugin sections:
http://autohosted.com/docs/plugin-sections-allowed-tags/

@jeremyclark13
Copy link
Owner

Looks like @turtlepod beat me to the plugin, good luck with that. I just haven't had time lately to work on this much, but I do plan on working on it again and hopefully fixing the problems that there might be. Like @turtlepod said a complete rewrite is in order and as of right now I just don't have the extra time. Hopefully soon though.

@holisticnetworking
Copy link

@oferwald Hey! Could you elaborate on the upgrade_notice element? Where does that appear? I'm presuming that's what creates the highlighted band under a plugin with an update available? I'd like to be able to employ this as well.

@oferwald
Copy link
Author

oferwald commented Feb 4, 2014

@holisticnetworking just add this to the packages array (if I remember correctly).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@jeremyclark13 @holisticnetworking @turtlepod @oferwald