Bryan Willis
Forum Replies Created
-
Hey thanks for reaching out. Sorry for late follow-up I forgot to follow this thread.
I had also come across that article on WPMUDev, but upon further review I noticed that it seems XML is still blocked, so I’m not sure if they ended up deciding it was a risk or they just haven’t updated their docs.
https://premium.wpmudev.org/docs/hosting/sftp-ssh/#chapter-disabled-functions-php-ini
Also, Kinsta originally told me the same thing about not blocking XML, but after I asked them to look into it more closely they confirmed that this function was set and blocking XML import.
libxml_disable_entity_loader(true)Here’s what they said as to why…
“It looks like it can cause a security issue if another script changes the secure connection setting to false/disabled.”
I can confirm that Kinsta, at least, will enable this on an individual basis and did so for me. However, they said that when the PHP updates to a newer version it will revert the change and to reach out again if I need to.
Anyway, I guess if any other users run into this problem with Kinsta, just let them know to reach out to Kinsta and they will bypass this on request for now. Personally, I’m going to have them enable the block again once I upload my backups, just to be on the safe site.
After doing a little more research, it looks like the possible security risk is XML eXternal Entity (XXE) attack. Here’s a really good writeup about it here: https://gardienvirtuel.ca/fr/actualites/from-xml-to-rce.php
Anyway, thanks for support and hope this information helps. Let me know if you have any questions!
So I figured out what the problem was after some trial and error.
I had a deprecated function ‘get_currentuserinfo()’ that I had put into my theme a few years back to disable access to the admin for people without a high enough user level…
function restrict_access_admin_panel(){ global $current_user; get_currentuserinfo(); if ($current_user->user_level < 4) { wp_redirect( get_bloginfo('url') ); exit; } } add_action('admin_init', 'restrict_access_admin_panel', 1);Anyway, I removed it and all was fixed. Not sure if it was ‘get_currentuserinfo()’ that was causing the issue or possibly the outdated function in general. I’m thinking maybe admin_init gets ran when performing an upload with Formidable and it says that the logged out user is not at high enough level. I’m curious though why I never ran into this problem with Gravity Forms or another plugin that uploads files…
Forum: Plugins
In reply to: [ACF Front End Editor] Error: 414 Request-URI Too Large on SaveYea I’m getting this too with content within
the_content()Here’s the errors I’m getting:
Forum: Reviews
In reply to: [RS Head Cleaner Lite] ламает сайтThis sucks. I went on a rant after seeing a negative post of his on a similar plugin. Guessing he was new to ww.wp.xz.cn and doesn’t know about support topics.
The rating system on this site sucks. The community needs to implement some sort of system similar to Stack Exchange’s points system or even just make it so a user can not give a negative review without posting a support topic first and then waiting at least a few days.
90 percent of the bad reviews I’ve seen on WordPress that aren’t really justified are from people that are new to ww.wp.xz.cn witin a year or have never made a previous review. I honestly think the majority of these people don’t even know that the support section exists or don’t know what it’s for.
Forum: Reviews
In reply to: [Minify HTML] ламает сайтI hate when people do this. You shouldn’t be allowed to use FREE plugins if you’re going to give shit reviews without an explaination. Borodkoleg not that it’s likely you will respond to this, but seeing that head cleaner, JCH Optimize, and RS head cleaner lite also don’t work on your site, maybe this is a compatability issue specific to your site, not the plugins.
Seeing as though there are millions of sites that use WordPress, plugins authors cannot obviously accommodate for every person’s issues. However, if you post a support issue before bashing a plugin plugin authors usually get back to you with some sort of a solution (despite not making any money doing so).
I have used all of the plugins you gave 1-2 stars to and I can personally vouch for all of them that they work. Personally this one has worked the best for me, but that’s beside the point. It probably took no more than 10 seconds to leave your review for each one of these plugins while the plugin authors spent have most likely spent weeks to months writing, tweaking, and offering support for their plugins.
My reply here is in no way meant to put you down @borodkoleg and chances are you’re new to wordpress and don’t know about submitting issues. But in the future click the support tab and leave your concerns/issues there and wait for a reply before even considering writing a negative review. If you don’t hear back from anyone in 2-3 weeks then by all means leave a review, but you have to give the plugin authors a chance.
A negative review can single handedly destroy a plugin if it it doesn’t have many reviews because most people won’t even consider using a plugin if it has low star rating. And if no one is using the plugin and it has a bad rep, what incentive does the plugin author bother continuing development?
Anyway, I hope you get a chance to read this @borodkoleg as well as all others new to wordpress.
Bottom line… Submit an issue before leaving a negative comment. Period.
- This reply was modified 9 years, 8 months ago by Bryan Willis.
Forum: Plugins
In reply to: [Custom User Profile Photo] Issue when transferring sitesI added the issue on Github as well so I could show some pictures of what I’m talking about here:
Forum: Plugins
In reply to: [ACF-VC Integrator] error when activating pluginThanks and looking forward to the pro version!
Forum: Plugins
In reply to: [WCAG 2.0 form fields for Gravity Forms] Required attribute missingAria tags were added to gravity forms so this is probably what’s causing them to load twice. Haven’t looked into it though so don’t quote me on that.
Forum: Plugins
In reply to: [Gravity Forms CSS Ready Class Selector] It works with WordPress 4.4.2?Here’s an updated version that works.
https://github.com/bryanwillis/gravityforms-ready-class-selector-revised
Forum: Plugins
In reply to: [Gravity Forms CSS Ready Class Selector] notice errors in adminThat code that was causing errors wasn’t even needed for the plugin to work. Since this plugin isn’t edited anymore I created a updated, simplified version of the code if you want to use it still. Works fine for me.
https://github.com/bryanwillis/gravityforms-ready-class-selector-revised
Forum: Plugins
In reply to: [ACF-VC Integrator] error when activating pluginYea I get this as well and it keeps telling me that I need ACF installed to use ACF-VC even though ACF pro is installed. Is this not compatible with the pro version?
Thanks didn’t realize the migrate worked both ways.
Hey Vicky-
To answer your first question yes you can just add this anywhere in your
functions.php.You can also add it as a separate file in your theme if you don’t want to clutter your functions.php pointing to the file. Then you’d just add
include_once('order-scripts.php); to your functions phpIf there’s a smaller plugin that I know I’d probably want to use in my theme this is the approach I usually take.However, some people don’t like to include things that aren’t related to the actual theme (like caching) in the theme files. So if you’re someone like that, a better approach and probably the easiest is to just add the file to the mu-plugins folder. It will automatically be included so you don’t have to add anything to your functions.php.
I actually rewrote the plugin with the code I suggested in my previous comment and included it all in one file here . I also deleted the admin menu since it’s not necessary and just clutters the admin. If you download that file and drop it in wp-content/mu-plugins that’s all you have to do and it should just work. Note that you might have to create the mu-plugins folder if it doesn’t exist yet.
The last option is to use an amazing plugin like code-snippets to add the code there. I recommend to everyone who’s ever tried wordpress to try this plugin out. It let’s you create your own micro plugins for things like exactly this. It’s extremely useful.
As far as your other question about caching it should work with most caching plugins. Caching is kind of confusing to understand at first because there’s different methods of caching like browser caching and server caching. If you just enable basic browser caching with the htaccess file or through a plugin this won’t affect this plugin. However, if you enable a caching plugin that statically caches the files on the server as html then you could find it not working. This probably would occur if you enabled the caching plugin before the order scripts plugin. Just make sure this plugin is enabled (or added to your theme first) and then enable or flush the caching plugin to fix the issue.
Personally I think comet-cache is one of the easier cache plugins to use and it should work with this plugin. This is also a very good one, but is a little more complicated to use.
You can also try this minify plugin which is pretty solid: https://ww.wp.xz.cn/plugins/minify-html-markup/
Forum: Reviews
In reply to: [Facebook Events Importer] Great Idea Useless interfaceHaven’t had a chance to take a look at how to get around this issue yet. I know Eventbrite has a feature that allows reverse updating events, but it’s not perfect either.
I wonder if anyone has ever tried The Events Calendar facebook addon. I haven’t checked if it is possible in that plugin since I don’t really want to drop $50 bucks just to see how it works, but if it is possible it might be worth taking a look at to see how it works.
Forum: Plugins
In reply to: [Stone HTML Compressor] Plugin compatabilityHa the battle of the minify plugin authors!
Hector the author of WordPress Popular Posts was who suggested that that the minify plugins not removing the css/js comments was what was causing the issues with that plugin.
I haven’t had a chance to retest either plugin but I will let you both know asap.
Maybe you guys should just team up and make a super minifier 🙂