Trupela Tok was upgraded today from WordPress 2.8.4 to 2.8.5. Within half an hour after reading about the upgrade via my newsreader it was all over and done with. Primarily a maintenance release it also contains a fix for a Trackback Denial-of-Service attack currently doing the rounds.
Upgrades!! I’m not sure whether I was born this way or whether it’s a habit I have picked up along the way but if I’m running a particular bit of software – no matter what it is – and an update/patch/fix appears on the horizon – I just got to have it and I got to have it now!!
(Interesting… it was only yesterday I was discussing with Mad Dog some of the features coming with WP version 2.9)
Here’s an excerpt from this mornings post by Peter Westwood – one of the technical leads on the WordPress Development Team:
The headline changes in this release are:
- A fix for the Trackback Denial-of-Service attack that is currently being seen.
- Removal of areas within the code where php code in variables was evaluated.
- Switched the file upload functionality to be white-listed for all users including Admins.
- Retiring of the two importers of Tag data from old plugins.
You want more detail? You got it!
I extracted the following table straight out of WordPress Trac and it tells us exactly what has been included/fixed in 2.8.5:
| ID | Summary | Priority | Milestone |
| 6139 | is_year() returns false on year archive pages under /blog (or any non-root blog locale) | high | 2.8.5 |
| 6698 | Editing a published post causes excessive pings / closing comments on old posts causes trackbacks | normal | 2.8.5 |
| 8545 | Incorrect background colour for ‘Select Files’ button (file uploader) | low | 2.8.5 |
| 8923 | cron timeout is too short | normal | 2.8.5 |
| 10015 | Bug display in Categories when searching | high | 2.8.5 |
| 10042 | New wp_list_authors ‘style=’ fails to return author list | normal | 2.8.5 |
| 10077 | clean_url improperly scrapes %20 | high | 2.8.5 |
| 10082 | shortcode bug | normal | 2.8.5 |
| 10126 | Warning upon saving draft page | normal | 2.8.5 |
| 10133 | Dashboard feeds not loading | high | 2.8.5 |
| 10152 | Backslashes are read by editor (single mode) as php escape characters | normal | 2.8.5 |
| 10200 | Cron not running | normal | 2.8.5 |
| 10234 | SunOS $REQUEST_URI issues breaking install/upgrade | normal | 2.8.5 |
| 10242 | Media menu does not handle multiple lines | normal | 2.8.5 |
| 10248 | force_balance_tags breaks <!–more–> | normal | 2.8.5 |
| 10257 | Output Broken: Ticket for collecting patches to proplery encode script and other href attribute values: Missing Changes | normal | 2.8.5 |
| 10278 | thickbox.js strings are not i18n | normal | 2.8.5 |
| 10281 | RSS Widget removes squared brackets »[« »]« from urls that link to the post | normal | 2.8.5 |
| 10298 | Error in /wp-admin/ when using danish characters (æøå) in domain names | normal | 2.8.5 |
| 10308 | Adding two categories in a row creates an erroneous slug | normal | 2.8.5 |
| 10309 | Publish Date (Schedule) does not handle inputs properly. | normal | 2.8.5 |
| 10330 | XML-RPC and AtomPub Endpoints Should Respect FORCE_SSL_ADMIN and FORCE_SSL_LOGIN | normal | 2.8.5 |
| 10331 | SELECT multiple=”multiple” Size Bug | normal | 2.8.5 |
| 10333 | Pages in Search results with the_category() shows default category | normal | 2.8.5 |
| 10354 | Argument not array in comment.php | normal | 2.8.5 |
| 10366 | State of collapsing sections in admin sidebar isn’t remembered properly | normal | 2.8.5 |
| 10379 | “Remove” in widgets should read: “Delete” | normal | 2.8.5 |
| 10411 | pagination not working, even with default theme | normal | 2.8.5 |
| 10429 | wrong theme files selected for editing | normal | 2.8.5 |
| 10435 | Canonical redirect does not work on IIS7 | normal | 2.8.5 |
| 10445 | Undefined variable: term in wp-includes/taxonomy.php on line 188 | normal | 2.8.5 |
| 10498 | RSS widget filters some characters | normal | 2.8.5 |
| 10502 | Bug with empty media “Name” field when it’s required | low | 2.8.5 |
| 10543 | Incorrect (non-UTF-8) character handling in tag’s name and slug | normal | 2.8.5 |
| 10545 | _publish_post_hook (adding to postmeta existing hooks) | normal | 2.8.5 |
| 10630 | Patch to make wp_enqueue_script work on login_head (wp-login.php) | normal | 2.8.5 |
| 10638 | WordPress would randomly fail, because of server configuration | normal | 2.8.5 |
| 10651 | Problem with image added “by hand” and get_children(…image…) | high | 2.8.5 |
| 10675 | Error 403 when editing post which has 74 revisions | high | 2.8.5 |
| 10817 | Some character coding error occur if ‘default_charset’ is set in php.ini | normal | 2.8.5 |
| 10821 | Taxonomy problem with deleting posts | high | 2.8.5 |
| 10841 | admin-ajax.php SQL INJECTION!! | highest omg bbq | 2.8.5 |
| 10884 | Available plugin update count disappears after updating plugin | normal | 2.8.5 |
Thinking of upgrading your WordPress installation? Don’t know where to start? The Codex has an excellent WP upgrade checklist to help you out. In the meantime here’s my own rough and ready Upgrade checklist for what its worth:
- Backup WP Database.
- Backup ALL WordPress files including .htaccess file.
- Verify the backups are there and usable.
- Put site in Maintenance Mode.
- Deactivate ALL Plugins.
- Deactivate any functions that rely on plugins.
- Ensure first six steps are completed.
- Run the Automatic Upgrade from the Dashboard Tools Menu.
- Check .htaccess and wp-config.php files.
- Recreate Permalinks.
- Reactivate Plugins and Functions.
- Take site out of Maintenance Mode.
- Test Admin access to site
- Test Public access to site
- Review what has changed in WordPress.
Could you give me a hand?
I thing I messed up my wp installation, I didnt do anything about what you said before the upgrade, and now Im not able to write anything in the post field. I notice that there is a new field called excerpt, and now when I open a new post and try to write, it only lets to do it there, nothing in the title or in the html body section. Also, for more info, I ran the update from my host control panel. When Im in the post section, it doesnt let me click in the dashboard or anywhere else. I hope you could help me or where to find the info I need.
Regards.
Cesar,
An upgrade gone wrong is never a nice thing. WP upgrade is generally a quick and easy process. I suspect that something else has gone askew.
A few thoughts:
- A great source of information for WP upgrades:
http://codex.wordpress.org/Upgrading_WordPress
- Hopefully you’ve done the mandatory backups and you are able to rollback if needed.
- Did you recreate permalinks?
- Did you clear cache, logout and login again.
- Have you posted a question on any of the WP forums?
- Does your theme support the current version of WP?
R
Thank you very much for your reply Robert.
Well, Im going to look like a complete rookie here, but the thing is that I have automatic updated setup to be sent to my email, but is only the database. As is says in the article, in order to make a rollback, I also need all the original files from the server before the upgrade, which I dont have. I dont really dont know if my theme supports the new version of wp. I was doing some tests yesterday, and I think that something happened because It was not responding as bizarre as before, but I will run some tests again and see what happens. Thanks.
Cesar,
Hope you are making some progress there!
R