Must Have Plugins series: Sociable

 

It’s about time I start explaining how to combine great plugins publicly available to get the best results with your blog. Thinking about it, I’ve decided to start a series of posts on the plugins I think you’ll greatly benefit from. Starting today, every week I will talk about some new plugin. At a weekly rate, I think we’ve got at least 2 months of exciting plugins to be discovered! :)

Intro
What is one of the most important things about blogs? Why, sharing the content, of course! If you’re struggling to find an easy way for your visitors to share your posts with others – look no more. Sociable is a great plugin that will help you give your visitors an option of sharing posts through almost any well-known social bookmarking website (61 website is supported as of Sociable 2.0).

Peter Harkins is the developer behind this plugin, although originally Sociable was written by Kirk Montgomery.

How it works
After each post of yours, you will see a toolbar similar to this:

sociable.png

When you hover your mouse pointer over a particular icon, it is shown in vivid colours and you get a pop-up note with the name of the website, like this:

sociable-two.png

When someone clicks one of these icons, a relevant social bookmarking website opens with a standard page for sharing a link to your post with others. If visitor is not logged in in a particular service, then username and password will be asked first. Login and sharing pages vary in their design and complexity, but Sociable takes care of the most important part of sharing links: it automatically generates URLs understood by social bookmarking websites, so that whenever a sharing page opens, it already has the proper URL of your post.

Configuring Sociable
Once you upload plugin into your WordPress plugins directory (Sociable has all its files in a separate directory), simply activate it from the Plugins management panel of your WordPress Admin section. After this, in Admin’s Options you’ll see a Sociable tab with configurable sections:

1) Websites to be represented on Sociable toolbar
Out of a menu of many sites, which looks like this:

sociable-sites.png

… you’ll be able to select only the websites you would like to be offered.

As you can see from this illustration, you can simply tick the websites you like. Also, as the instruction suggests, you can drag-and-drop options to achieve the perfect order of icons to be shown on your Sociable toolbar.

2) Text to introduce the Sociable toolbar.
You can type any phrase you like (and yes, there’s a default one too) – whatever you think will motivate most your visitors to bookmark your posts.

3) Sociable visibility options
This is a group of tickbox options at the bottom of the screen, which allows you to precisely limit the visibility of Sociable plugin. For instance, that’s the place to disable Sociable for your main page or archives pages. My personal preference is to show Sociable toolbar for posts and pages with useful content only, so I disable the front page and archives options:

sociable-tickboxes.png

Conclusion
I think that’s all you need to know about this plugin. It’s definitely one of the must have plugins in my opinion. Give it a try and I’m sure you won’t regret it!

External links:

PerfectBlogger Website Redesign

Hi everyone, and welcome to our new website!

As some of you can guess, it’s a slight modification of a rather popular Nonzero Red theme. Well, it’s not red anymore – that’s one thing for sure.

I like this new theme much more than previous template, and its flexible design will make adding new features a lot easier.

Please browse around and let me know what you think! If you notice anything strange or wrong, I’ll be sure to fix it as soon as possible.

Upgrade to WordPress 2.1.3

WordPress

Well, it’s been two days since WordPress 2.1.3 and 2.0.10 security updates were released, and I’ve just upgraded the WP engine behind PerfectBlogger. It is recommended that all users of WordPress 2.x apply the relevant update. For WP 2.1, it’s WordPress 2.1.3 release, for 2.0 it’s 2.0.10.

Here’s the usual upgrade scenario:

  1. Download the latest WP version from WordPress downloads page
  2. Make a full backup of the current WordPress directory of your blog
  3. Make a full database backup (you should have such an option in your website hosting panel, or you can backup MySQL database manually if you have shell access to your web server)
  4. Unpack the downloaded WP archive and overwrite files of your blog’s WordPress with the new ones
  5. Verify as much as you can that everything works

It is important to always make backups. Even if you think you know what you’re doing, backup anyway – just in case.

Also, do plan for an immediate verification of the upgrade as it’s better to discover possible errors yourself than wait for your visitors to tell you (that is, if they can tell you given the severity of some upgrade errors – sometimes they can’t open your blog at all, and so won’t be able to submit a feedback form or leave a comment).

If you don’t want to download the whole archive with the latest release of WordPress, you can always follow the example of Mark Jaquith.

Just use the files and lists he generates for almost every WordPress release to only replace what’s really changed between latest WordPress versions. For this round of upgrades, please read Mark’s post on the WordPress 2.1.3 upgrade.

Good luck with your upgrades!

is_frontpage: plugin for static homepages in WordPress 2.1.x

If you remember, WordPress 2.1 have introduced a built-in support for static frontpages. It caused some confusion initially, cause plugins which used to provide this functionality, stopped working completely. However, one you discover the feature, it’s very easy to use it.

There is one small problem though: is_home() function will not work for such static frontpages. To work around, you can use a plugin called is_frontpage. Here’s how its author, Martijn Stegink, describes it:

Version 2.1 of WordPress introduced native support for a static frontpage, which only has been supported by plugins before. When using this option however, the is_home function doesn’t work. This is because is_home is supposed to return true for the “blog” home page, where your most recent posts show up, not the “front” home page. An is_frontpage function is not available yet.

Therefore I whipped together this small plugin, called is_frontpage. Just download the plugin drop the file in your plugin folder, activate the plugin through the admin interface and the is_frontpage function is available to you. Use it just like the is_home function. It returns true if you’re at the frontpage you set, otherwise it returns false.

Taken from: Bos89.nl blog

Upgrade to WordPress 2.1.2 right away!

WordPress

If you still haven’t taken time to upgrade from WordPress 2.1.1 to WordPress 2.1.2 – do this right now! You can read the official explanation on the WordPress blog, but the bottom line is that WordPress 2.1.1 downloads have been altered by a hacker, and therefore may contain a security exploit.

To make sure you’re secure, it is advised that you download and install WordPress 2.1.2.

 

Note: this only affects users of the WordPress 2.1.1 build, any other WordPress 2.x version was not infected.

pS: if you need help with upgrading your version of WordPress, feel free to leave a comment to this post and I’ll be sure to contact you by email.

Advanced Editor Options in WordPress 2.1

Since upgrading to WordPress 2.1, I’ve finally switched back to using the built-in posts editor. One of the reasons for doing this was that I’ve found the options I so needed – text justification and HTML code cleanup – available through the advanced editor options panel.

Pressing Shift+Alt+V in Firefox or Alt+V in Internet Explorer transforms your Standard Editor panel:

… into something like this:

As you can see, there’s quite a few more options available, namely:

  • paragraph formattion options (address, preformatted text, headings)
  • underline your text
  • full justification
  • color selector for your text
  • paste options for plain text and MS Word
  • messy HTML code cleanup
  • custom character button (charmap which allows you to click and insert any special character)

With all these options, there really is no reason to search for a better visual editor anymore. TinyMCE, which is the engine behind it, fits WordPress 2.1 like a glove, and makes editing your posts and pages a real pleasure.

WordPress 2.1

It’s been a bit over two weeks since the release of the long awaited WordPress 2.1, codenamed Ella, and although I had upgraded one of my blogs the very next day when it became available, it’s only now that I finally have some time to post about it.

First of all, please go and read the official announcement of WordPress 2.1. Once you learn all the new features, you will immediately know whether it’s worth upgrading or not.

If you have WordPress 2.0.5 and anything below it – don’t even waste your time: it is time to upgrade! Get at least version 2.0.7, although in most cases you should be okay just jumping up to 2.1.

There are many wonderful features in 2.1, but I personally like the following ones:

  • Autosave – an AJAX-powered feature to save you from losing any of your ingenious posts again. Quite often, having typed a page or two of text, you lose your text if your browser crashes or something else interferes before you hit the Save button – so this Autosave feature is a real saver (pun intended).
  • New visual editor for posts and pages – a much better looking editor which has a different tabbed interface for easier switching between post and its HTML code and also includes a spell-checker. It pleases me a lot that all the dialog windows appear normally in Firefox 2 now, cause they definitely were buggy in WordPress 2.0.7.
  • Admin area rework – it works much faster, thanks to more AJAX code and a cleaner CSS.
  • Upload manager – for a much easier uploading and management of your media files

Hope I got you interested in at least giving it a try? Although if you haven’t done this by now, there’s hardly anything to convince you. As a last resort kind of a thing, I offer you a 10 Things You Should Know About WordPress 2.1 by Aaron Brazell at Technosailor. His article gives a great introduction to new features, and I think you will benefit from it even if you think you know enough.

WordPress 2.0.7 is ready

WordPress 2.0Yet another update of WordPress has been posted yesterday: WordPress 2.0.7.

Here is what the WordPress official blog has to say:

Recently a bug in certain versions of PHP came to our attention that could cause a security vulnerability in your blog. We’re able to work around it fairly easily, so we’ve decided to release 2.0.7 to fix the PHP security problem and the Feedburner issue that was in 2.0.6.

Here are the changes which the above comment mentions:

  • Security fix for wp_unregister_GLOBALS() to work around the zend_hash_del_key_or_index bug in PHP 4 versions less than 4.4.3 and PHP 5 versions less than 5.1.4 with register_globals set to “On.”
  • Feeds now properly serve 304 Not Modified headers instead of mismatched 200/304 headers (a.k.a. the FeedBurner bug).

For a full list of changes since 2.0.6, please have a look at the original post with WordPress 2.0.7 announcement.

You can't be too secure, and with this in mind I've just updated both my WordPress-based blogs and strongly suggest you do the same.

Creating a theme in WordPress

First off, she's given us a list of useful resources for creating WordPress themes, and then came the actual posts.

So far, there are two posts describing two steps of creating a theme:

  • In this post, Rachel talks about the basics of your new theme layout. Before you get to actually code your WordPress theme, you really need to get absolutely clear about what you want your visitors to see on you blog and why.

    Your layout is supposed to be a well-thought positioning of your blog elements like logo, main menu, actual posts and additional content.

 

I think this series will prove to be invaluable to anyone who's interested in creating WordPress themes of their own. I personally had never created a theme from a scratch, but have customized a number of them – so it is a good opportunity for me to understand the whole process even better.

Security Alert: templates.php XSS vulnerability in WordPress

Thanks to Thilak of TechBuzz, I've just learned about wp-admin/templates.php (part of your WordPress administration functionality) seems to be vulnerable to a rather nasty XSS exploit.

All the versions of WordPress prior to the future 2.0.6 are vulnerable to this issue, so it's highly recommended to back up your current templates.php file and replace it with a patched templates.php file (mind you, it's a WordPress 2.0.5 version of this file).

For more details, please read the WordPress Persistent XSS post by David Kierznowski who is credited with discovering this vulnerability. David has also posted a proof of concept for this exploit: WordPress template.php exploit.

For a structured description of this problem and a fix for it, please consult the relevant Security Focus discussion.