Wordpress
Wordpress

A friend of mine owns and operates a number of websites – all of which run on ASP/.NET/MS-SQL servers.  He knows what he’s talking about, but he’s fairly dismissive of WordPress, PHP, and MySQL.

All this time I’ve been raving about WordPress, telling him that you can basically do anything with it.  I’ve mentioned how easy it is to use, how easy it is to maintain, its open source, how many global corporations use WordPress to build their websites, how its the tool of choice for so many designers, and how huge the WordPress community is.

In the meantime, he’s referring to his millions of rows in his “real-SQL, MicroSoft SQL” database.  I believe he’s been stuck thinking of PHP and MySQL as “kiddie” stuff, just not ready for big time.

That is, he’s been dismissive of WordPress until about two months ago.  In the last two months other people (SEO consultants, professional designers) have been raving about WordPress to him too.

I think he’s finally coming around.

Wordpress
Wordpress

I’ve been upgrading to the latest releases of WordPress as soon as each one comes out.  And, its a good thing too.

Over the last week or two a website named “Wordpresz.org” ((I’ve edited the link so that it goes to WordPress.org instead.  I don’t want contribute to these hackers fooling anyone else.)) was discovered.  The people who created this website were using a vulenerability in WordPress version 2.6.2 to redirect users to their website.  Their website purported to release WordPress version 2.6.4 ((The latest version is 2.6.3 which is just version 2.6.2 with a small but important security fix.)).  The problem was that they had hacked one file in the installation package to create a bigger security vulerability.

This just goes to show that:

  1. Monitor for Updates. Many programs these days automatically check to see if new versions are available.  If the program does not have this feature ((Or if you turn it off, as I sometimes do.)) , its a good idea to check about once a month or so.
  2. Update Frequently. Not all software updates are equal.  If the program is being updated to fix security vulnerabilities or improve the program’s stability, you definitely want to install the update.  This website’s installation of WordPress was already “inocculated” against this kind of attack because I had alled version 2.6.3 almost as soon as it came out.
  3. Use Official Sources. WordPress is open source software built using PHP and MySQL.  Since the program is open source, its easier to modify the code. ((As Uncle Ben said, “With great power comes great responsibility.”))  The themes and plugins available through WordPress.org are reviewed by other users for malicious code and for possible improvements.  If you’re not certain how to examine source code for malicious code, its best to only use official sources.

Here’s a (simplified) overview of how my permanent disability/impairment and workers’ compensation benefits calculators work. As I’ve mentioned elsewhere, I wrote these website calculators using javascript, PHP, MySQL, and AJAX.

In a recent post, I created a really simple test for cell phones using the above languages. Here’s what was happening:

  • The user clicks the button “Cell Test.”
  • The javascript embedded in the button detects the “click.”
  • The javascript embedded in the button then tells an AJAX program that the button was clicked.
  • AJAX sends a little bit of information to the web server – saying that the user clicked that button.
  • The PHP program on the server is notified that the button was clicked.
  • The PHP program checks a MySQL table to see what it should happen when that button is clicked.
  • The MySQL table returns the answer, what should happen when a button is clicked, to the PHP program.
  • The PHP program takes the answer from the MySQL table and sends it back to the AJAX program.
  • The AJAX program takes that information and, using a little bit of javascript, displays the answer in your web browser.

Easy!