Pwnie’s 2008

WordPress seems to have had the dubious pleasure of been nominated for the 2008 Pwnie Awards in the “Mass 0wnage” category:

It seems like hardly a week goes by without a new vulnerability in WordPress or one of its many plugins. Many of them are actively being exploited to own popular WordPress blogs and use them to serve spam or client-side exploits to unsuspecting visitors. The popularity of WordPress combined with the abysmal security practices of WordPress plugin developers places the entire Internet at risk and is worthy of a nomination.

To be fair many of the vulnerabities that are reported are within plugin code rather than the core. For more information on the CVEs reported for WordPress and WordPress plugins this year you can head over to the codex.

my wordpress toolbox

A long time ago I wrote about the ways in which you can get involved in WordPress development using free available tools on windows in my post “Windows WordPress toolbox”.  Since that post I have come up with a number of useful scripts and shortcuts that I use in my WordPress development.

Here are a number tools that I use most often, these are a set of bash functions which you can stick in your ~/.bashrc file on your linux machine or mac :

//Download a patch from a trac install and apply it to a svn checkout
//e.g. wp-trac-patch http://trac.wordpress.org/attachment/ticket/2345/2345.diff
wp-trac-patch() {
svn revert -R . & curl "$1?format=raw" | patch -p0
}
//Search through a subversion checkout using grep (only search the .php and .js files)
//e.g. wp-grep the_excerpt
wp-grep() {
find . \( -name "*.php" -print , -name "*.js" -print \)  | xargs grep "$1"
}
//Merge a change from trunk to a branch in a subversion checkout of the whole repository
//e.g. wp-merge 1234 2.6
wp-merge() {
svn merge -r $(($1-1)):$1 trunk branches/$2
}
//Output the svn:eol-style property of all the files in a repository
svn-eol() {
find . \( -name "*.php" -print , -name "*.js" -print \)  | xargs svn propget svn:eolstyle
}

I hope you find this useful