TimThumb is small php script designed for cropping, zooming and dealing with images on the web. Although WordPress has it’s own image manipulation capabilities, TimThumb seems to remain very popular among free and premium WordPress theme developers. Not for too long though, an issue has been filed for TimThumb version 1.28 and trunk, which apparently gives the attacker shell access to the server hosting the script. Permalink
As mentioned in an earlier post here on Theme.fm, WordPress 3.3 is expected to arrive around November 15th and I’m sure you’re interested in what’s happening over at the development side of it, so today we’re publishing our top 6 WordPress Core Trac tickets worth following.
If you’re not familiar with Trac, you can read about it right here. Basically, it’s a project management and source code management system that is used in many open source projects including WordPress. Tickets are like issues or messages created and attached to versions so one can follow along.
Following a ticket is quite simple — you need to have a WordPress.org account and use it to log yourself in to the WordPress Core Trac. When viewing a ticket, scroll down to the very bottom and attach yourself to the CC field and submit changes. All the updates to the ticket will go to your e-mail. Make sure you visit the preferences section and set your e-mail for your Trac account too. Permalink
Some of the code and concepts in this post are outdated, please view the following post: Post Options API is Almost Ready for Action.
Remember Custom Fields? Yeah, the ones with a not so friendly user interface, designed to assign some meta data to posts, pages and other post types, that would hopefully appear somewhere in the post content through a function called the_meta. The most known example is the “mood” one, but theme and plugin developers nowadays use custom fields (i.e. post meta) for entirely different purposes, like title rewrites, meta description, per post/page custom CSS, AdSense banner codes, social bookmarking links display, layout configuration and much more.
The problem with custom fields is that while being okay for developers, they’re somewhat scary and sometimes frustrating for the less savvy people and it has been like that for years. To avoid that problem, developers are using custom meta boxes with their own custom form fields which are generally wrappers around the original post meta. That way the end-user can set their mood to Happy in a simple drop-down select box or perhaps a radio button group.
The trouble however is that there is no unified way of doing this, so each developer has to come up with their own, meaning redundant code, new UI, new learning curve for the end user and less flexibility. There’s a similar situation with custom admin screens and settings pages, hopefully being solved by the Settings API and today we’ll take a look at a similar concept for post meta data — the Post Options API. Permalink
Here at Theme.fm apart from creating our own themes, we like to play around with other people’s creations. It’s not just an opportunity to see what others are doing, how they’re rolling out and what kind of features they’re implementing in their themes, but to actually learn from them by reading their code, structure and documentation.
Today we’ve taken the Unspoken premium theme by WPShower which is a magazine and blog theme for WordPress. It was released last month with a couple of updates afterwards. Today Unspoken comes with 7 unique color schemes, a featured slider, customizable home page, widgets, menus, shortcodes and social bookmarking built-in. Permalink
Today’s a great day for us over at Theme.fm because just last night our very first free WordPress theme has made it through the review process and has been approved for the WordPress.org Theme directory! San Fran is quite a minimalistic, typography-based WordPress theme that provides a few different color schemes to pick from and many other exciting features. Permalink
The weekly WordPress development meeting has been held yesterday and the main discussion was the scope of work for the next major WordPress release, 3.3 expected in mid-November this year. I have to admit that the update is not as exciting as 3.2 was but hey, there’s room for bug fixing and minor code and UI improvements, right? And that’s what WordPress 3.3 is mostly about.
Expect a lot of minor bug fixes and performance enhancements, mostly around permalinks structure and rewrite rules, as well as the navigation menus current issues. Some minor improvements to the Meta API and possibly an introduction to a new class called WP_Meta_Box, which is quite exciting for developers that like to customize their post, pages and custom post types screen, as well as have their options pages laid out like the Dashboard. Permalink
The days of web safe fonts are about to end thanks to all the great attempts of designers, developers and industry leaders around the world. The good thing in digital production industry is the community of people who are always pushing the boundaries to their limits. Then when it becomes a new standard or convention its pushed forward again by the same community even further. Permalink
There are many different approaches on how you handle middle-scale to large-scale web applications development, source control, deployment and testing. Internally things may change, you can work in waterfall, scrum, agile and other methodologies, but externally it’s pretty much the same — local development server or servers, a testing (I like to call it playground) server and your production server, where your website is live and available to the whole world.
Today’s post is about handling automatic code updates at your testing server directly from your source control. Now this may sound tempting but you should never do anything like this on your production servers. Production server updates might be covered in one of our next blog posts but that’s one place where you’re better off doing some deployments manually rather than automate them. Permalink