K2 Release Candidate 6 has been released. This release of K2 is fully compatible with WordPress 2.5.
I will be using K2 release candidate 6 as a base for Unwakeable 1.5. You can expect to see the release of Unwakeable 1.5 later on this week. You can download it from the official Unwakeable page.
Head on over to the K2 release candidate 6 announcement post for more details on the latest K2.
Popularity: 3% [?]
WordPress 2.5 was released on March 29th. The current version of Unwakeable (version 1.2.1) doesn’t play so well with WordPress 2.5. The only thing that’s really broken is the dashboard, which is a pretty big thing to have broken.
It seems there’s a known issue with K2 themes and the WordPress 2.5 dashboard, as explained in the K2 support forums. There’s supposedly a fix for this issue, but I could not get it to work fully. The fix works fine as long as you have K2 sidebar modules disabled from the theme options page.
Unwakeable 1.2.1 is so far broken and outdated I’m not even going to make an attempt at fixing it for WordPress 2.5. Instead, I’m working on Unwakeable 1.5, which is based off K2 Release Candidate 5. Unwakeable 1.5 is almost finished and should be up for download within a week, if not sooner.
Popularity: 8% [?]
K2 release candidate 3 was released a little over four months ago. Today, as I was going through all my feeds, I saw there were some commits to the K2 SVN. The log for one of the commits stated that the version for K2 has been bumped up to release candidate 5. Here’s a piece from the commit:
Author: Heilemann
Date: Mon Feb 25 22:57:53 2008
New Revision: 636Modified:
trunk/style.cssLog:
Upped version to RC5. Preparing release.
This is rather exciting for me, especially the “preparing release” portion of that. I’m hoping “preparing release” means they’re getting ready to drop K2 1.0 as opposed to getting ready to release a download for K2 release candidate 5. As you probably know, Unwakeable is based on K2. Once K2 1.0 is out, I’ll start building Unwakeable 2.0.
Popularity: 12% [?]
I’ve waited far too long to post an update on Unwakeable 2.0 and it’s status, so here it is, almost. First, I’d like to address the issues with the current Unwakeable release (version 1.2.1) and WordPress 2.3. There’s a few issues, although most of them are fairly minor.
1. Tags: Unwakeable 1.2.1 does not support the new tagging system in WordPress 2.3. If you’re using the new tagging system, your tags will not be displayed. Ultimate Tag Warrior still works just fine with Unwakeable 1.2.1 and WordPress 2.3.
2. Prototype: Livesearch (and probably rolling archives) don’t work with WordPress 2.3. I really have no idea why, it’s probably a combination of a few things. One major contributor is probably the fact that WordPress 2.3 likes jQuery instead of Prototype, and Unwakeable relies heavily on Prototype for it’s ajax effects, such as livesearch, rolling archives, and live commenting. I only use livesearch, so I can’t say for certain if rolling archives and live commenting were truly broken. All I know is Firefox CPU usage skyrockets when loading this site when livesearch is enabled.
3. Archives Page: The archives page is slightly broken, it displays an error similar to this at the top:
WordPress database error: [Table 'tlongren_wordpress.wp_categories' doesn't exist]
That happens because Unwakeable 1.2.1 doesn’t know about the new taxonomy schema in WordPress 2.3. WordPress 2.3 does away with three tables, categories, post2cat, and link2cat. Those tables are replaced by three new tables that, when combined, offer much greater flexibility in handling post categories and blogroll categories. I think this new schema handles tags as well.
4.Tag Archives: This may be unique to this site, I haven’t tested, but whenever you try to visit a tag archive (my unwakeable tag archive for example), a 404 is received. Obviously, it should display all the posts with the given tag. Can anyone using Unwakeable 1.2.x confirm this is also broken on their WordPress 2.3 site?
5. Unknowns: There’s probably lots of broken things I’m not aware of. K2 Sidebar Modules may very well be one of them. I really doubt they work 100% because they make some use of categories. If you’ve got anything I’ve missed, please let me know about it so I can make sure it’s working in Unwakeable 2.0. One thing that DOES work that I entirely expected to be broken are the category archives. I was ready for all sorts of errors when trying to view a category archive, like the Unwakeable category archive, but they display exactly as they did with WordPress 2.2.x. Please let me know if you’re aware of any other incompatibilities between Unwakeable 1.2.x and WordPress 2.3.
Continue reading ‘Unwakeable: The Future And WordPress 2.3′
Popularity: 20% [?]
I hadn’t planned on releasing another version of Unwakeable in the 1.x series, yet here it is. The release of Unwakeable 1.2.1 was prompted after the discovery of a cross-site scripting (XSS) vulnerability in the Unwakeable search functions.
The vulnerability makes it possible for people to run malicious code that could, for example, steal all the cookies from your domain. You can download Unwakeable 1.2.1 from the official Unwakeable page. There are no new features in Unwakeable 1.2.1. The only difference between 1.2 and 1.2.1 is the fix for the XSS vulnerability.
If you’re already using version 1.2 and don’t want to bother upgrading, I’ve put together a post describing the steps to take to patch the vulnerability in Unwakeable 1.2.
I apologize for the inconvenience and please let me know if you have any issues with Unwakeable 1.2.1.
Popularity: 23% [?]
It was brought to my attention a couple days ago that Unwakeable 1.2 contains a cross-site scripting (XSS) vulnerability in the search piece. To test to see if you’re vulnerable, search for this on your Unwakeable site:
<script>alert('XSS Vulnerability!');</script>If you see a javascript popup after searching, you’re vulnerable to attack and should follow the steps below to fix the vulnerability in Unwakeable 1.2. I’ve already taken steps to fix this vulnerability in Unwakeable 2.0, which will be released shortly.
To fix your installation of Unwakeable 1.2 you need to edit three files: serchform.php, theloop.php, and header.php.
First, open searchform.php and change this piece on line 8:
<form method="get" id="searchform" action="<?php echo $_SERVER['PHP_SELF']; ?>">to this:
<form method="get" id="searchform" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']); ?>">Next, open theloop.php and change this piece on line 42:
printf(__('Search Results for \\'%s\\'','k2_domain'), $s);to this:
printf(__('Search Results for \\'%s\\'','k2_domain'), htmlspecialchars($s));Finally, open header.php and change this code on line 6:
Search for <?php echo $s;to this:
Search for <?php echo htmlspecialchars($s);That’s it, once you’ve made those three changes you should no longer be vulnerable to this cross-site scripting attack. To make sure, just perform the search I mentioned above. It should no longer produce a javascript pop-up.
You can find out more about this vulnerability at blogsecurity.net. They have a tool called WordPress Scanner that will scan your WordPress installations for security problems.
Let me know if this fix doesn’t work for any of you.
Popularity: 19% [?]
Web Design - Mortgage - Cheap Flights - Car Insurance - Homeowner Loans
Bike Insurance - Landlords Insurance - Search Engine Marketing - Mobile Phone
