Author: Shelley Powers

I wrote this before running into the magic quote problem in last post

I created another WordPress weblog today by copying the database and files from this weblog, and then once created, upgraded all the files to 1.2. I needed an environment identical to this one to make my edits so that upgrading this site would be relatively risk free.

To create the second database, I used mysqldump to download a copy the contents of the existing one, created a new database, and then loaded the data from the dump. Once I copied the files, I modified the wp-config.php file to point to the temporary database, and started to work.

I received my first comment spam within an hour of creating the duplicate weblog, and received a comment by someone who came in through Google within two hours. And during my effort, the original weblog was hit by a comment spam attack, which played havoc with my effort (me wondering what I was doing wrong to be generating all these ‘approve comment’ requests in the inbox). However, thanks to the attack, I found I had an error in my crapflood protection; fixing it should prevent manage these attacks in the future.

The first edit I made was to modify the upload.php file to incorporate a modification that wraps a thumbnail image with a hypertext link to the larger photo. I then tried this on a photo of another major storm that hit St. Louis today.

The next modifications were to copy the edited wp-comments.php and wp-comments-post.php files, and replace the top part of the wp-comments.php with the new code in the upgrade (everything above the line). All my edits I could save, as is–including the live preview from Chris Davis. There’s also a new plugin for WordPress 1.2 that provides a preview page for comments, and I may add that as an option for people who don’t have Javascript enabled.

The next change was to add the entry into menu.php for my Switch blogs multiple blog handler, in addition to using the install-multi-php file I wrote to create the table. All that was left then was copying the switch.php file into the wp-admin directory.

Following the previous discussion on multiple weblogs, I also deleted the wp-images, wp-contents ,and wp-includes directory for the new installation and created a symbolic link to their counter-parts in the first test WordPress 1.2 weblog directory location. By doing so, the plugins I’ve downloaded or created for my other WordPress directories are now available for this one.

Include the my_recent_comments list that feeds the sidebar–my processing includes links to comment authors web sites and a few other odds and ends not provided by any existing WP function or plugin.

After making sure comments work, I then decided to have some fun and play with the CSS for the WordPress administration pages. I didn’t change much: added some background color, and some border effects for the buttons. I also changed the background color for the ‘look at me’ events such as deleting a post. Instead of that glaring red, I have a nice dark blue. The darkness is alert enough – never depend on color to ensure that a person pays attention to what they’re doing.

I rather like my new WordPress Admin look. It’s a newer, kinder, gentler WordPress…that just happens to work the same no matter what pretty pretty we do to the CSS.

Currently, WordPress supports moderation for all posts, or none. I’ve always liked turning moderation on by item, which I implemented in WordPress 1.02. To carry this forward, after upgrading the database during the 1.2 upgrade process, I had to use phpMyAdmin to add the ‘moderated’ option to the comment_status field in the wp_posts table.

The code to manage moderated comments in wp-comments.php didn’t need to change. But if you’re interested in adding this modification to your setup, first of all, look for the following line using your text editor:

<?php if (’open’ == $post->comment_status) { ?>

And replace it with:

<?php if ($post->comment_status ==’open’ || $post->comment_status == ‘moderated’ ) { ?>

After the line to create the “Leave a Comment”, add the following, but edit the message to whatever you want:

<?php

if ($post->comment_status==’moderated’)
echo(“Use your own moderation message here, complete with HTML formatting”);
?>

Save the file, and then open wp-comments-post.php and look for the following:

if ( ‘closed’ == $wpdb->get_var(“SELECT comment_status FROM $tableposts WHERE ID = ‘$comment_post_ID’”) )
die( __(’Sorry, comments are closed for this item.’) );

With the following:

$commentstatus = $wpdb->get_var(“SELECT comment_status FROM $tableposts WHERE ID = $comment_post_ID”);
if (’closed’ == $commentstatus)
die(’Sorry, comments are closed for this item.’);

Then look for the the following line:

$wpdb->query(“INSERT INTO $tablecomments

And insert the following code before this line:

if ($commentstatus == ‘moderated’) {
$moderation_notify = true;
$approved = 0;
}
else
$approved = 1;

Save the file. The last change then is to add the ‘moderated’ option in the advanced editing form, as shown in the following screen shot. Rather than talk you through this, a copy of my changes files is contained in zip file at the end of this writing.

This is the only change on this page–I also have added a link to my preview page.

Currently WordPress uses the same page, index.php, to serve all requests: archives, category, individual pages and so on. I don’t necessarily like the same look with each page, so I copied it into category.php and individual.php.

The pages themselves don’t need to change, other than to modify the look into what you prefer for these pages. But to ensure they’re called, I needed to modify my .htaccess file to point to these pages, rather than index.php:

RewriteRule ^archives/([0-9]{4})?/?([0-9]{1,2})?/?([0-9]{1,2})?/?([0-9a-z-]+)?/?([0-9]+)?/?$ /individual.php?year=$1&monthnum=$2&day=$3&name=$4&page=$5 [QSA]
RewriteRule ^archives/category/?(.*) /category.php?category_name=$1 [QSA]

To create my preview page, I copied individual.php to preview.php and made one modification to the code: it now calls a file called wp-blog-draft-header.php rather than wp-blog-header.php. This new file is an exact copy of the old one except for one change:

Look for:

$where .= ‘ AND (post_status = “publish”‘;

And replace with:

$where .= ‘ AND (post_status = “draft”‘;

Save the file, and now I have a preview page. You can take a look at it with a post kept in draft state.

WordPress 1.2 does have a page preview located at the bottom of the edit page, but I like the ability to preview the writing within the context. Especially when using my photos, I need to know how they look in context.

The file upload, individual moderated comments, and full page preview (and the new look and feel) are the first phase of modifications. The second is to add another page and menu option to manually generate a static page from any given page; a plugin that can be used to statically generate the index.php and syndication feeds; and selecting comments by date range to easily delete a comment spam attack.

You can get a copy of the files discussed in this writing here. If you decide to play with any of this, make sure you back your files up first.

As you may have noticed, I upgraded this site to WordPress 1.2 yesterday. You may have noticed because WordPress 1.2 has what I consider to be a very serious bug in that it ‘escapes’, or adds a slash, in front of all apostrophe’s in both comments and RSS. This is commonly referred to as the ‘magic quote’ problem with PHP. (I’m writing a LAMP essay on this for later.)

The rumors of workarounds at the support center talk about adding filters to filter out the slashes, and I did this for comments. But then, thanks to some friends, I found out that the RSS is also featuring escaped slashes. In fact, the built-in page preview is escaped, and the only thing not escaped is the text in the main post.

 

Since there are new users of WordPress 1.2 that haven’t said anything about this problem, I’m wondering if it has to do with the upgrade from WordPress 1.02 to WordPress 1.2. Or maybe they have a fix. Or maybe they don’t know the problem exists. Or maybe they got the secret decoder ring to wear while writing to their weblog. Mark did you get the secret decoder ring?

I don’t know what’s happened in WP to generate this problem, but you might want to consider postponing a port or upgrade to WordPress 1.2 until an official fix has been created. Having to add these strip slash filters isn’t the best way to deal with this problem.

For those who have ported to WP 1.2 and are having problems, I’ve added filters to the syndication feeds, and the comments that seem to work with the comments at least. We’ll see how it does with syndication.

Add the following to wp-comments.php:

add_filter(’comment_text’, ’stripslashes’);

Make sure to add this into an existing PHP block.

Add the following to the PHP code in the syndication feeds:

add_filter(’the_excerpt_rss’, ’stripslashes’);
add_filter(’the_content’, ’stripslashes’);

Let’s say this post is a good test whether these work or not.

More later on the adventures of upgrading and also what hacks I’ve added.

Update

And when I first posted this, I had an opening PHP block, <?php> …<?> that I didn’t convert to HTML escaped characters included in the code. This caused WordPress to fail. This should not happen–the results might look funny, but the application should not fail.

But the stripslashes seem to be working on new entries within the syndication feeds.

Second update