Jinsan, I’m with you on this and thank you for asking/posting this. If you ever get any correct info (a way to upgrade just for the security fix(es) without deleting or disabling anything; actually I don’t really mind disabling Plugins, it’s the REST of the instructions that have me cringing and not understanding) will you PLEASE post here about it so that I (and I suspect others in our boat) can follow you? I would be thrilled and very grateful.
Thread Starter
jinsan
(@jinsan)
Well I should point out that my post is the ideal for me, I mean I’m sure others in the minority might feel the same, but it’s just a request really. I have no solution, I have no idea how to do it, or how to go about doing it. Usually with most software you can add as a minimum the security fix, the bug squashing can be made optional. I’m sure there’s like 95% wow factor with 5.1 but I don’t really want to take the risk if everything is working right now. Now, if YOU find the solution YOU let me know, cuz I aint got a monkeys on how to go about it 🙂
As for me, I’ve decided to wait awhile before doing this upgrade from 1.5 to 1.5.1. I’m kinda hoping they”ll release something with JUST the security bug fix, for people like me who are new and inexperienced and afraid to delete everything partly because we wouldn’t even know how to put it all back if we had to. This is just a request and a hope, as you said. I realize WP is free and I am thrilled to be able to use it. Actually I would consider making a donation if they’d release “Just The Security Bug Fix For Dummies.” Heh.
I just don’t have the confidence that this upgrade process won’t have me messing up things up beyond my ability to repair them (even with the option of posting at length in the appropriate place in the forum, as I try to explain my specific issues carefully and politely, hoping for understandable/effective assistance from volunteers, some of whom are EXCELLENT, others of whom, let’s just say, don’t in my view have the right temperament for volunteer work. But I digress.)
I have a lot of customized Pages and stuff. These were very hard to set up. Lots of posting here, lots of reading and searching and re-reading and typing and more typing. Anyway, I’m like you, I don’t want to take the chance of messing it all up right now.
Will post here if I hear anything. Best of luck to you.
I have a lot of customized Pages
If I understand well, all the Pages “customization” happens in the template files of your theme – which is not affected by the upgrade.
and typing and more typing…
I agree 🙂 Guys, with the energy spent for writing all these complains, you could have done a test:
1. Backup your DB
2. Download ALL your WP installation to your computer
3. Deactivate your plugins on the server
4. Follow carefully the upgrade instructions
5. Check how your blog works
6.1. If it is OK, be happy
6.2. If it doesn’t – install again what you have saved: the DB backup and the old files.
7. In both cases come back, please, and report what happened. It might help others.
Thread Starter
jinsan
(@jinsan)
Guys, with the energy spent for writing all these complains, you could have done a test – caution is the word here, Yes 99% will probably be fine, probably less, but my question is why or if I can apply the security fixes without deleting everything.
If not, will this possibly be taken into consideration.
To your list:
I have, and always do 1 & 2 on a regular basis.
6.1 and 6.2 and dodgy and that’s the point I don’t want to be, on 6.2, and having to reinstall. I will do a test run of this, but frankly it’s a horrible way to upgrade. I like Wp for a lot of things, upgrading is not one of them – I guess you could call it barbaric. Destroy everything and then rebuild it, not exactly eloquent, but I guess my choices are limited sadly
Ditto. 🙂 Actually I took pains to explain that it is a request, not a complaint:
This is just a request and a hope, as you said. I realize WP is free and I am thrilled to be able to use it. Actually I would consider making a donation if they’d release “Just The Security Bug Fix For Dummies.”
I third the motion that this mysterious “major security flaw” be revealed so we can fix just it and not add all the untested buggy stuff.
Tried it on a testblog and RSS is broken – even after attempting the fixes provided in the other thread. (Yes, macmanx, I searched. I found. It didn’t work.) On top of that, changing any setting in options, posting, etc. leads to a blank screen. The stuff takes, but I have to go back to the main admin page by typing it in the browser bar to do the next thing. Minor? Sure, but still a pain.
Sorry, I’m irritated. This secrecy about how there is this mysterious ‘security’ fix is reminiscent of Microsoft pushing their latest version of WinBlows. 1.5 was probably the best software product I’ve seen, open source or proprietary in several years and 1.5.1, well, it isn’t.
Folks, if you want to know the difference between two versions of files the best way is to use a program called diff. For windows you could use winmerge. If you use those programs to learn the differences between each file in the original distribution you hacked up and the current version, you can edit your modified files and put in the same changes.
(you’ll still want to make sure you do a backup of your data and files before you start.) If the idea of doing this examination for each and every file followed by manual editing seems daunting, perhaps that is why the coders suggest upgrading the whole package with a reinstallation.
Moshu, you must type really slow, if you could have done all that in the time it takes to type a couple paragraphs. 😉
From http://aldoblog.com/?p=478:
* wp-blog-header.php
* xmlrpc.php
* wp-admin/
o post.php
o quicktags.js
* wp-includes/
o functions-post.php
o functions.php
o pluggable-functions.php
o template-functions-category.php
o template-functions-links.php
o template-functions-post.php
o version.php
o wp-db.php
