Learning by Doing » wordpress

Updated to 2.4.bleeding(trunk)

Mr. Gunn — Sat, 27 Oct 2007 22:00:43 +0000

I was going to update to 2.3.1, but I thought I’d see if the trunk was working as expected first, and it is.

It’s actually fairly easy to upgrade using subversion, so here’s what I did.

Updated betablog(my nonpublic mirror of my working site) to trunk

using svn sw http://svn.automattic.com/wordpress/trunk/ .
Files changed:
A wp-admin/js/edit-posts.js
A wp-includes/js/wp-lists.js
A wp-includes/images/wlw
A wp-includes/images/wlw/wp-icon.png
A wp-includes/images/wlw/wp-watermark.png
A wp-includes/images/wlw/wp-comments.png
A wp-includes/wlwmanifest.xml

No files I have edited are part of this update, so I shouldn’t have to re-edit anything. svn update should incorporate the changes into files, instead of overwriting the whole file, unless there are overlapping changes. The only local modification I’ve made to this is to add my analytics tag to footer.php, but this hasn’t been modified in the repository version.

[smithers]$ svn status -u * 6188 wp-includes/functions.php * 6188 wp-admin/setup-config.php ? wp-config.php ? sitemap_gen.py ? robots.txt ? wp-content/uploads X wp-content/plugins/akismet ? wp-content/plugins/code-markup.php M 6188 wp-content/themes/default/footer.php ? config.xml ? google5422237c5650fd97.html * 6188 wp-settings.php ? .htaccess Status against revision: 6294

Performing status on external item at 'wp-content/plugins/akismet' Status against revision: 23396

I’ll add a comment to wp-admin/setup-config.php to see if the file is over written or just modified.

I don’t understand just yet how to diff my copy against the repository. In other words, I can get a list of what I’ve changed since last update, but I can’t get a line-by-line list of what they’ve changed without doing an update. However, doing an update should tell me if my changes overlap, and then I can manually incorporate them, but this probably won’t ever be an issue because the only thing I’ve changed in the core files is the tag output. The analytics stuff is at the end of the file, where it’s not likely to overlap.

Added comment to wp-admin/setup-config.php

[smithers]$ svn status -u * 6188 wp-includes/functions.php M * 6188 wp-admin/setup-config.php ? wp-config.php ? sitemap_gen.py ? robots.txt ? wp-content/uploads X wp-content/plugins/akismet ? wp-content/plugins/code-markup.php M 6188 wp-content/themes/default/footer.php ? config.xml ? google5422237c5650fd97.html * 6188 wp-settings.php ? .htaccess

[smithers]$ svn update U wp-includes/functions.php U wp-settings.php G wp-admin/setup-config.php

U means repository file changed, but I didn’t change it locally. (it had status * before update)
G means it changed both places(i.e. it had status M * before update)

Removed change from wp-admin/setup-config.php
[smithers]$ svn status -u ? wp-config.php ? sitemap_gen.py ? robots.txt ? wp-content/uploads X wp-content/plugins/akismet ? wp-content/plugins/code-markup.php M 6294 wp-content/themes/default/footer.php ? config.xml ? google5422237c5650fd97.html ? .htaccess M 6294 wp-admin/setup-config.php Status against revision: 6294

So footer.php remains modified, because it wasn’t updated, and setup-config.php remains M, because even though I removed the change I made, making it an exact copy of the repository version, it’s still different from the version in my .svn directory, which is fine, because I don’t plan on checking any changes into the repository any time in the forseeable future.

Ah, svn update doesn’t change the version number, it just updates the existing code, so totally new files don’t get added, and WP still thinks you’re running the old version, even though subversion reports the revision number correctly. svn update, then svn sw is perhaps a good idea, then, so that repository changes get incorporated locally, then new files get added. I don’t know if svn sw will overwrite, but I know one way to find out. I’ll edit wp-admin/setup-config.php in my other blog that hasn’t been updated yet, and instead of svn update, I’ll do svn sw.

That results in a C status for the changed file, so that means I’ll have to manually incorporate changes. This is most likely due to the fact my comment was at the top of the file.

[smithers]$ svn sw http://svn.automattic.com/wordpress/trunk/ . C wp-admin/setup-config.php U wp-admin/link-manager.php U wp-admin/page.php U wp-admin/export.php U wp-admin/edit-pages.php U wp-admin/categories.php Updated to revision 6294.

If you get a conflict, you need to do one of three things:

Merge the conflicted text “by hand” (by examining and editing the conflict markers within the file).

Copy one of the temporary files on top of your working file.

Run svn revert to throw away all of your local changes.

Once you’ve resolved the conflict, you need to let Subversion know by running svn resolved. This removes the three temporary files and Subversion no longer considers the file to be in a state of conflict.

You have to be in the directory to use svn resolved, or you get an error.

[smithers]$ svn resolved /wp-admin/setup-config.php svn: warning: '/wp-admin' is not a working copy

[smithers]$ cd wp-admin [smithers]$ svn resolved setup-config.php Resolved conflicted state of 'setup-config.php'

Some themes are in subversion, too, and since themes are more often customized, it makes sense to use subversion for them, especially the complicated K2 theme.

[smithers]$ svn status -u
M * 500 theloop.php
* 500 page.php
* 500 page-archives.php
* 500 single.php
* 500 k2.pot
* 500 header.php
* 500 attachment.php
Status against revision: 582

So my changes to theloop.php will need to be merged. Let's try svn update.

[smithers]$ svn update D app/display/sbm/backup.php D app/display/sbm/header.php D css/rollingarchives.css A css/options.css A css/humanmsg.css A css/rollingarchives.css.php A css/header.php C theloop.php A images/sbmmanager/buttoncircle.png A images/sbmmanager/deletebutton.png A images/sbmmanager/undo.png U single.php A js/jquery.easing.js.php A js/jquery.humanundo.js.php A js/jquery.humanmsg.js.php Updated to revision 582.
So I got the dreaded C for theloop.php, but I guess I should have expected that.
Rollingarchives.css is gone, interesting, and humanundo.js functions have been added. Single.php hasn't been changed, thankfully, nor has header, footer, or style.css.

Because of the revision marks in theloop.php, the file requires resolution of the changes before it will work again. In my case, almost the whole file has changed, so I'll have to re-add the tag code to the new version.

Lots of changes to theloop.php. One thing k2 does that I don't agree with is that it only shows tags on single post pages. I think it makes more sense to just stick the tags in the place of the categories at the top.

Problems:

no problems with updating blog code

I don't understand why there's ' . surrounding everything in theloop.php.

Pasting the code in as before isn't working.

Pasting just the_tags(__('Tags: ','k2_domain'), ', ', '.') replacing the k2_nice_category, works, but outputs before the time and date.

Current status:

All sites upgraded to 2.4.bleeding

K2 theme is updated on betablog, but my customizations to theloop.php aren't there because I need to figure out how to put them in the page of the categories.

Useful subversion commands:

svn status -u shows which files will be updated when you run svn update
* means files will be updated
M means files are files I've changed
X means files are unversioned, but specified as an external, so this applies to WP supplied plug-ins.
? means files aren't being tracked in subversion. Files I've created, such as the sitemap generator, which isn't part of wordpress, will have ? Status.

Do you have too many passwords to remember?

Mr. Gunn — Thu, 27 Sep 2007 22:23:39 +0000

Or worse, do you use the same password for everything? There’s a better way to do it, which relieves every site and blog owner from having to store your password.

The way to do it is to set up an OpenID, that way the only person you have to blame is yourself, and perhaps your hosting provider. Another benefit of doing this touches on a big interest of mine: owning your identity online. You see, in the OpenID scheme, your blog URL is all you provide upon login. The rest of the information is exchanged by encrypted API handshake between the OpenID provider(your site) and the site you’re logging into(the OpenID consumer).

The setup is not for the faint of heart, but it’s not that bad, and I took good notes on how I did it.

To set up your site as an OpenID provider, you need to following things:

A hosting account running PHP5 and offering shell access, and a domain name. I always recommend Dreamhost, and you can get hosting for only $5/month using my “Synthesis” promo code.

Step 1: Download the latest and greatest version of the PHP script. It’s 0.6 currently.
Log into your account, and open a shell window, and issue the following commands(if you’re not running PHP as CGI, you can skip the .htaccess part and do everything from the root URL if you want – read below to see how to tell):
mkdir me cd me svn co https://www.siege.org/svn/oss/phpMyID/trunk/ .

Step 2: Visit MyID.config.php in your web browser. You should see something like this:

This is an OpenID server endpoint. For more information, see http://openid.net/
Server: http://williamgunn.org/me/OpenID.config.php
Realm: phpMyID
Login

Step 3: Edit MyID.config.php to include your info.
- pick a username
- generate and include your password hash
echo -n 'username:realm:password' | openssl md5
- optionally enter personal information to be supplied to sites.

Step 4: Go back to your webbrowser and hit the login link on the page you loaded before. Now, you’ll be redirected and a window will popup asking for your username and password. Enter them, and press enter. If you get a message saying you’re logged in, you’re not running php as a cgi, and you can skip the rest of this paragraph. If you are running php as a cgi, you need a .htaccess file to convert the authentication headers into environment variables the script can use. This is because “The HTTP Authentication hooks in PHP are only available when it is running as an Apache module and is hence not available in the CGI version.” The fix is easy: if you didn’t make a subdirectory above, make one, and create a file called .htaccess containing the following code(you may already have an example file in your root directory).
# Option 1, mod_rewrite (req) RewriteEngine on RewriteCond %{HTTP:Authorization} !^$ RewriteCond %{QUERY_STRING} openid.mode=authorize RewriteCond %{QUERY_STRING} !auth= RewriteCond %{REQUEST_METHOD} =GET RewriteRule (.*) %{REQUEST_URI}?%{QUERY_STRING}&auth=%{HTTP:Authorization} [L]

Now, you should be able to hit the login link and get logged in.

I get redirected to the following URL: http://williamgunn.org/me/scriptname.config.php?openid.mode=id_res&openid.identity=http%3A%2F%2Fwilliamgunn.org%2Fme%2Fscriptname.config.php&openid.assoc_handle=[redacted]&openid.return_to=http%3A%2F%2Fwilliamgunn.org%2Fme%2Fscriptname.config.php&openid.signed=mode%2Cidentity%2Cassoc_handle%2Creturn_to&openid.sig=[more redacted stuff]

Now set allow_gmp and allow_test to true in the config file, allowing encryption aka Smart Mode and testing, and load http://yoursite.com/you/MyID.config.php?openid.mode=test

If you’re on Dreamhost, which doesn’t have support for GMP in the php binaries, you will get a file looking somewhat like this:

bcmath	warn – not loaded
gmp	warn – not loaded
logfile	warn – log is not writable
session	pass
secret	pass
expire	pass
base64	pass
hmac	pass
bigmath	fail – big math functions are not available.
sha1_20	pass
x_or	pass

If you get that, you’re ready to delegate your OpenID identity. Go to the root of your domain(or wherever you wish) and enter the following code in a file named index.html

If you’ve already got an index.html, just put the two lines in the head section.

Now go login to a site that accepts OpenID, or just leave a comment here. See here for details on how to set up your site to accept OpenID, see here.

Write a Google sitemap for your WordPress blog

admin — Fri, 21 Sep 2007 23:17:57 +0000

One of the most effective ways to increase the visibility of your content is to make sure it’s indexed regularly by Google. However, the Googlebot sometimes has a hard time with database-driven websites like WordPress blogs, so it helps if you tell Google which URLs to visit. The way to do that is with an XML sitemap. There are a couple different kinds of sitemaps, which work with different search engines, but I’m only going to talk about the XML sitemap supported by Google and Yahoo. There’s also a Google sitemap generator for WordPress, but if you’re like me, you try to keep the number of active plug-ins to a minimum to make your site as fast as possible.

Not only will a sitemap ensure Google has the freshest content from your site, but it will also make your site run faster by telling the Googlebot that it doesn’t need to crawl your back archives with the same frequency as your front page. This is especially important for shared hosting situations like Dreamhost. Because the Googlebot alone can use 50% of the CPU of the shared server, if your site isn’t configured properly, you could bog down the server for everyone else and even get your site taken offline¹.

To set this up you’ll need an account with Google Webmaster Tools, the downloadable sitemap generator, and a hosting account that uses Analog logging and offers python support. I use Dreamhost. If you need a host, check ‘em out (and use promo code “Synthesis” to get your first year for $60).

First, download the program and upload it to the base directory of your website. Unzip the package and open up config-example.xml. In config-example.xml are the parameters that control how the URL list that makes up the sitemap is generated. You’ll need to rename this to config.xml for it to work. There are two steps to setting up config.xml: Including URLs, and excluding URLs. Because sitemap_gen doesn’t do any crawling itself, you have to supply it with a list of URLs. One simple way to do this is with a text listing of URLs, but manually adding to this list every time you wrote a new post would get tedious. Conveniently, sitemap_gen can parse logfiles, so you can use your logs as the URL list. The frequency with which URLs appear in your logs also allows sitemap_gen to assign a priority score to each URL, letting the Googlebot know which pages to update more frequently and which pages it doesn’t need to crawl as often.

Next, find the section in config.xml that says, “The “site” node describes your basic web site.” In this section, you want to replace http://www.example.com with the path to your site. Replace /var/www/docroot/sitemap.xml.gz or whatever comes after store_into with the name of your sitemap. I used sitemap.xml.gz, to generate a compressed sitemap for google to read.

Moving down the file, find the INPUTS section. This is where you will specify which URLs to include in the sitemap. This part if broken up into sections which contain different link inclusion mechanisms. You can only use one mechanism at a time, so delete or comment out the sections until you get to the one that talks about accesslogs. Remove two of the three example statements in brackets in this section, and modify the remaining one to contain the full path to your access logs. You can use the * character to specify all the logs in the directory like so . Delete the remaining sections in the INPUTS section.

The next section is the filters section. This is where you will specify which URLs to exclude. You can do a lot of fancy stuff here, but the most important thing for WordPress is to remove URLs that lead to non-content pages, like wp-login, for example². In these statements you tell sitemap_gen which URLs to add or remove from the list, using normal wildcards or regular expressions. I recommend keeping this as simple as possible, avoiding the use of pass statements because those act like short circuits and will leave matching URLs in the list no matter what you specify later, and in conjunction with regular expressions, this can sometimes be non-intuitive and hard to debug.

Here’s my filters section:

That’s all fairly straightforward, I hope, but two things merit explaining. The section below

is an example of one way to remove redundant URLs from your list. You don’t need the “Pretty URL” to your site and the /p?number URL both, and if you’ve changed that setting recently, they will both show up in your logs. The /\?p=[\d] string tells site_gen to exclude any URL of the form /p?some number. Also, you don’t necessarily need search result pages to appear in the list, so the next line takes care of that. The following two lines are for use with the Flickr Photo Gallery plugin. This plugin allows you to browse your tags just as you would at Flickr, but this creates a URL problem when the site is crawled, resulting in 90% of your logs being composed of redundant crap. Those two lines remove all the URLs pertaining to the gallery except gallery pages and display pages for a single tag.

The next thing worth mentioning is the lines below, which are generated when someone using IE visits your page with the discussion toolbar loaded. IE looks to see if your site supports it, which mine doesn’t.

After processing your logs and applying some intelligent filter rules to exclude URLs that aren’t content-containing parts of your site, you’re ready to submit. Run python sitemap_gen.py --config=config.xml --testing, extract the sitemap.xml file from sitemap.xml.gz, and load it in your browser. Look through it and make sure your rules have worked as expected, then run the command again, removing the –testing part. If you want to get fancy, you can set this up as a cron job. If you do, run it on access.log.0, yesterdays logs, around 2am. That way you don’t miss any traffic as the logging switches over at midnight.

Finally, log into Google webmaster tools and submit your sitemap to Google!

To see how must of your traffic is coming from the Googlebot, SSH to your server and run tail -10000 access.log| awk '{print $1}' | sort | uniq -c |sort -n from the same directory as your access.log files. The first number is the connections, the second is the IP making those connections. IPs that start with 66.249 are the Googlebot. If 66.249 is the last entry, and the number of connections is very high(over a thousand, say) and many times bigger than the number of connections for the second most frequent IP, you probably need to do something before the hosting company does something for you, like ban Google from accessing your site.
I’m not exactly sure if it would be better to leave some things in, but set to a zero priority, however I have non-content stuff removed for now. Really, the non-content pages should probably be excluded in robots.txt

I’ve had enough.

admin — Sun, 26 Aug 2007 02:07:07 +0000

I’m sticking with the default lame-ass Kubrick theme, as it seems to be the only one that plug-in developers test against, and I don’t have time to mess around editing the template to fix one thing while breaking another.

EDIT: I couldn’t resist, I’m trying K2

Google Documents and WordPress

admin — Wed, 27 Jun 2007 17:26:27 +0000

My dissertation post is here. When I edit the document at Google Documents and republish, it overwrites the post, so any explanatory text or tags are lost. One thing that is a little annoying is how it tries to take over the right-click context menu. I end up with the Google Document right-click menu opening up, with the Firefox context menu on top of it, obscuring the top half of the google menu.

I would have thought Google would have known better than to try to subvert such an important browser function. Bad Google, Bad!

The good: revision control, easy collaboration, seamless output to many formats, rich editing features.
The bad: post metadata isn’t preserved, non-standard browser UI, no way(I know of) to put the post on a separate page.

Maybe I could get the best of both by sticking the RSS feed of revisions on a separate WP page.

Keywords work now, and editing works. Now to get widgets figured out.

admin — Wed, 13 Jun 2007 13:19:56 +0000

Deleting posts from the manage page doesn’t work, but deleting from the edit entry page does work. There are about 10 support threads at WordPress for this, but no resolution. The ones where it was a rights issue have been figured out, but not the weird behavior of the manage page.

Because the widgets work in the default theme, but not in Tiga, there must be some weirdness with the theme, but I should be able to paste the widget code into sidebar.php in the theme directory.

I don’t think wp-admin/widgets.php works with tiga, because it expects wp-content/plugins/widgets.php. I’ll have to check that soon, and in the mean time, I could probably just paste the code in.

Replacing tiga’s sidebar.php with the default’s works, but the formatting is screwed up. I need to figure out what parts of the default sidebar need to be reproduced in tiga’s.

I’m having issues with my old theme, Tiga, and the new wordpress.

admin — Wed, 13 Jun 2007 00:22:56 +0000

Some things don’t work until I get this figured out.

Specifically, the jerome’s keywords plugin doesn’t work with both Tiga and wordpress2.2, though they work with either alone.
Many of the fancier sidebar widgets don’t work, like the one that displays RSS feeds.

Not only that, but I can’t delete posts.