bvucp
Forum Replies Created
-
I believe this was fixed in 4.4.2, make sure you’ve updated to the latest version.
Just ran in to this issue too, glad to see you’ve already found the problematic code.
Do you know if Mr. Condon is aware of the issue? I would check myself but as others have reported, the plugin’s website is down right now…
Forum: Plugins
In reply to: [Really Simple Twitter Feed Widget] PHP errors when a new instance is createdYep, that fixed the remaining notices. Thank you!
(If you’re curious, PHP version is 5.3.10 on Ubuntu)
Forum: Plugins
In reply to: [Really Simple Twitter Feed Widget] PHP errors when a new instance is createdWow, you were on top of that!
I’m afraid I’m still getting a repeated “Undefined index” notice via ReallySimpleTwitterWidget->update() on both creation and update. Example:
[Thu Dec 11 09:30:45 2014] [error] [client ***] PHP Notice: Undefined index: erase_cached_data in ***TOP_FOLDER***/wordpress/wp-content/plugins/really-simple-twitter-feed-widget/really_simple_twitter_widget.php on line 211, referer: ***
[Thu Dec 11 09:30:45 2014] [error] [client ***] PHP Stack trace:, referer: ***
[Thu Dec 11 09:30:45 2014] [error] [client ***] PHP 1. {main}() ***TOP_FOLDER***/wordpress/wp-admin/admin-ajax.php:0, referer: ***
[Thu Dec 11 09:30:45 2014] [error] [client ***] PHP 2. do_action() ***TOP_FOLDER***/wordpress/wp-admin/admin-ajax.php:85, referer: ***
[Thu Dec 11 09:30:45 2014] [error] [client ***] PHP 3. call_user_func_array() ***TOP_FOLDER***/wordpress/wp-includes/plugin.php:505, referer: ***
[Thu Dec 11 09:30:45 2014] [error] [client ***] PHP 4. wp_ajax_save_widget() ***TOP_FOLDER***/wordpress/wp-includes/plugin.php:505, referer: ***
[Thu Dec 11 09:30:45 2014] [error] [client ***] PHP 5. call_user_func_array() ***TOP_FOLDER***/wordpress/wp-admin/includes/ajax-actions.php:1785, referer: ***
[Thu Dec 11 09:30:45 2014] [error] [client ***] PHP 6. WP_Widget->update_callback() ***TOP_FOLDER***/wordpress/wp-admin/includes/ajax-actions.php:1785, referer: ***
[Thu Dec 11 09:30:45 2014] [error] [client ***] PHP 7. ReallySimpleTwitterWidget->update() ***TOP_FOLDER***/wordpress/wp-includes/widgets.php:275, referer: ***Forum: Plugins
In reply to: [Really Simple Twitter Feed Widget] PHP errors when a new instance is createdI’m also getting a rash of undefined index notices whenever saving a widget instance. The foreach loops on lines 204 and 217 just need to check if the index in question is actually set, I think.
Thanks Peter & wpsmort!
The Feature Manager is open to all admins, and on this site I need to be able to appoint admins with control over the Dashboard side of things – users, content, etc. – without allowing them to start doing server-side modifications.
Using the wp-config constant DISALLOW_FILE_MODS generally covers this, but All in One SEO 2.2 has now opened another window that’s free of that constant. (Speaking of which, respecting that flag and refusing to save File Editor modifications if that constant is flipped on would probably be good practice, and would also solve my dilemma with the 2.2 update.)
While unlikely short of a log-in getting hacked – which is certainly imaginable – the worst-case scenario I see for the new .htaccess editor is someone enabling PHP execution in the uploads folder.
I suppose I could also just change ownership of .htaccess to make it unwritable for WordPress. Would also close this gap, but it would prevent a security plugin from writing to it as well.
There’s a whitelist for 404 errors(/”intrusion detection”), which is certainly handy.
However, I’m looking for one that will apply to the login limits, so that when my legitimate users logging in from certain IPs mess up their credentials, they don’t get locked out. I can’t seem to find one? (WordPress 3.6.1, BWPS 3.5.6)
Forum: Themes and Templates
In reply to: Disabling static front page optionThanks for the advice. Definitely don’t want to tamper with the core, agreed!