Posts tagged with keywords "TDOMF", page 2
Update #1: It’s not my day. In my rush to get v0.12.1 out, I copied in some broken code to SVN. Nothing critical, just prevents TDOMF from running. v0.12.2 fixes this.
I’ve discovered a security risk in v0.12 of TDO Mini Forms if you use Custom Fields and the “Append to Post” format option. This was introduced during the implementation of the Form Hacker. I’ve already prepared a fix (v0.12.1 v0.12.2) for this and it is now on Wordpress.org (but it may take a few minutes before you can download it).
I strongly advise anyone using v0.12 to upgrade as soon as possible. If you can’t currently upgrade, please consider downgrading to the v0.11.1 or disabling the plugin until you can upgrade to v0.12.1 v0.12.2.
I do not know if anyone has been exploited by this hole, however I would also recommend carefully checking the HTML of submissions done with v0.12 for any PHP tags that might have slipped in the post content or custom fields.
I apologise for this and hope no-one is inconvenienced by it.
I’ve just released TDO Mini Forms v0.12 (get it in all the usual places). You should soon be able to automatically update it in your Wordpress install. Loads of new features; initial release of Form Hacker, AJAX forms, Categories Widget now supports Checkboxes and Radio buttons, new template tags and more bug fixes. You can see the full changelog after the “more” link.
I’ve had to disable the form import/export for this release as it was not playing nice with Form Hacker. The tdomfinfo() is also adversely affected by Form Hacker. Apologises for this, will fix as soon as I can.
Whats next now is to finish off bits and pieces to do with Form Hacker and probably spend time doing bug fixes. For me, at least, the next big feature is Post Editing. I’ve long ignored it, but I have to tackle it soon before I start on all the other little things that need to be done. Up until recently, every time I started to think about Post Editing, I would get carried away with trying to imagine some sort of generic framework where I could add modules to submit/edit anything in WP. But I’ve restrained myself and plan to attempt to add Form Editing (with an option for delete) without trying to reinvent tdo-mini-forms. Also, I don’t see the point of doing more than Post edit/submit/delete.
Enjoy v0.12!
Read More…
The Form Hacker is working! The soon-to-be-released new version of TDOMF will contain the first release of Form Hacker. With Form Hacker you can modify the outputted code of the Form, so you can move around fields from different widgets, change the “Post Text” text, format the form anyway you, add new PHP code, and many other things. It is quite powerful so be careful using it. The only limitation at the moment is that you can not modify the preview output or the Upload Files widget. I’m currently working on this and it may/may not be in the next release.
Also, with the Form Hacker, you can modify any and all messages that TDOMF prints out, such as the “your submission is now in moderation” or “you doesn’t have permissions to use this form” messages. The only limitation is that you can’t currently modify the messages from widgets, such as the notify-me emails. This is something I will be adding soon.
I’ve done some updates to the widgets too. The Text widget now supports several macros and can included PHP code for really advance stuff. The Categories widget can now display as checkboxes or radio buttons (thanks sillybean.net for that one).
And I’ve added two new options, the first one allows you to choose if you want to redirect to a submission after posting if moderation is disabled and set a fixed size for the log (several people reported issues with memory allocation and the log).
Hopefully by Friday, I’ll have version 0.12 out for you all. If you can’t wait, you can always grab the dev version which has the latest working code.
You can find it in the usual places! In case you’re wondering, 0.11 went out yesterday, however I put in a number of bug fixes before I thought about posting of the new release.
0.11 adds several major new features:
- Integration with Akismet for Spam Protection
- Queueing of approved posts
- Throttling rules to prevent over-zealous submitters or annoying spammers
- Import and Export of individual forms (including widget setup)
- Top Submitters Widget for your theme! List the top submitters: registered or not in your sidebar
All these features have been requested several times by different users. Please consider donating if you find them useful! 
Between 0.11 and 0.11.1 I’ve added several bug fixes:
- Fixing handling of dollar sign “$” in post input
- Fixed some formatting mistakes on options pane
- Added a .pot file for translation
As always, please direct questions, bugs and support requests to the forums!
Now on the plate is the AJAX and Form Hacker!
It was just taking a break! My host went unexpectedly down for a little period and so the TDOMF support forums were down and so too were all my development and test sites. Which meant that I was unable to do any work on TDOMF during the down period, which is why people’s requests on the forums and Wordpress.org went by largely ignored by me. I saw them, but there was little I could do to answer them. I’ll should be back getting back into the swing of things by next week, depending on how much sleep I manage to recoup over the next week.
But before it all went down I had started work on several features. Specifically to do with the problem of spam. My host had upgraded their PHP version and suddenly the TDOMF image captcha no longer worked on the forums and I had to remove it, otherwise no-one could post. Suddenly spam appeared. The one-question-captcha widget had zero effect on it. So I turned on moderation to prevent any more slipping through. I now have a queue of genuine spam submissions for TDOMF, so I thought, why not implement Akismet integration now with some real data. And it was coming together before my host went down. Now that things are starting to get back up to speed, I can start to look at finishing this work. I also want to look at throttling submissions - as in allowing a max limit of submission per user (or IP) per set period of time. And also expanding the one-question-captcha to support multiple random questions. I would hope these combination of features would provide enough tools to handle spam.
I will also look at queueing approved/published TDOMF posts. More than one person has asked for such a feature. The idea being that when you approve a TDOMF submission, it’ll only publish after X time after the last published post, creating a queue of published posts.
I still have the Form Hacker and AJAX features half done, but they require a lot of tweaking so they won’t make it into the next release.
After that I’m seriously thinking about looking at editing (and deleting) posts functionality. It’ll be a big chunk of work, but the time may be right for it.
I also see that Wordpress has gone to 2.5.1. Time to upgrade again.
Anyway, it’s good to be back and please be patient while I get up to speed.
I’ve just released a bug fix for TDO Mini Forms v0.10.4, get it in the usual places. v0.10.3 broke Custom Fields and also prevented the plugin from running on PHP4 hosts.
Also, sbruner (Steve Bruner) posted on the TDOMF forums that he has used the TDOMF plugin to create a rather nifty Contact Manager Theme for Wordpress. It looks pretty damn cool. Well done!
I’ve just released v0.10.3 of my TDO Mini Forms plugin. Get it in all the usual places.
The biggest changes in this version is that I’ve implemented a work around for the register_globals and $_SESSION issues. It should be noted that 99% of the time these are/were host configuration problems and nothing to do with TDOMF but I got fed up trying to support users on various different hosts who had difficulty turning off register_globals or enabling $_SESSION support. (So if this enables TDOMF to work flawlessly for you, consider donating, because it’s for you I did it. )
But moving forward, whats in store for TDOMF?
Read More…
I made version 0.10.2 of TDO Mini Forms avaliable yesterday. The main purpose of this release is to make TDO Mini Forms compatible with Wordpress 2.5. You can download it from the usual place.
- Fixed a bug if you reload the image capatcha, it would not longer verify
- Added a flag TDOMF_HIDE_REGISTER_GLOBAL_ERROR in tdomf.php that can be set to true to hide the register_global errors that get displayed.
- WP2.5 only: Can now set a max width or height for widgets control on the Form Widgets screen.
- Compatibility with Wordpress 2.5
As per usual, please leave feedback on the support forums.
Thanks to those who donated! Much appreciated.
As it turns out the migration is going a lot easier than I had anticipated. Functionally TDO Mini Forms works fine under Wordpress 2.5 but much of the admin backend was screwed up.
The Form Widgets screen is brokenThe main TDOMF page is messed upThe TDOMF sidebar on the Edit Post screen appears in the wrong placeThere appears to be an issue with the thumbnails and image uploads
The only thing left to do is make sure that the changes I’ve made will also work on 2.3.x.
Once I’ve released v0.10.2 I can get back to answering everyone else’s comments, so please be patient.
(Please leave comments and feedback on TDO Mini Forms on the forums please)
The last release of TDO Mini Forms plugin (version 0.10.1) hasn’t been tested on the newly released Wordpress 2.5 until today and a number of problems are cropping up.
The list right now is:
- The Form Widgets screen is broken
- The main TDOMF page is messed up
- The TDOMF sidebar on the Edit Post screen appears in the wrong place
- There appears to be an issue with the thumbnails and image uploads
If you find any others, please report them on the support forums.
I’ve setup a testbed to investigate and attempt to correct these issues but it may take a while. I was aware of the upcoming 2.5 release and I guessed at least the Form Widgets screen would get borked, but it’s just a glut of work that needs to be done. I was in the middle of implementing a new feature (a form “hacker”), that will have to be put on hold to do this work. I’m not particularly excited by doing it as it doesn’t improve TDOMF as such. If you are desperate for it or have been a long time user of TDOMF and want to upgrade Wordpress 2.5, then I’d recommend perhaps donating (see the link on the main page of your TDOMF install) as it’s a great way to get me motivated. However, it will get done, with or without encouragement.
