[planet wordpress]: Weblog Tools Collection: WordPress Plugin Compatibility Checker: The bigg.. http://tinyurl.com/q9elqc
WordPress Plugin Compatibility Checker: The biggest headache users face before upgrading to a newer version of W.. http://tinyurl.com/q9elqc
RT @blognews [planet wordpress]: Weblog Tools Collection: WordPress Plugin Compatibility Checker: The bigg.. http://tinyurl.com/q9elqc
WordPress Plugin Compatability Checker: http://tinyurl.com/q9elqc [WeblogTools]
Useful tool for wordpress plugin developers – WordPress Plugin Compatibility Checker http://tinyurl.com/q9elqc
#Wordpress plugin compatibility checker http://tinyurl.com/q9elqc
WordPress Plugin Compatibility Checker http://tinyurl.com/q9elqc
[…] alguns dias que li um post no Weblog tools collection com a indicação de uma lista com vários plugins para WordPres informando a compatibilidade […]
According to that site, most of the plugins I’m running under WP 2.7.1 are not compatible above WP 2.5. Hmm.
@Kenji yes the compatibility checks may not be exactly accurate and must only be used for informational purpose, the WordPress Codex plugin compatibility document is the best way to determine if a plugin is compatible with WordPress version or not.
testing comments
Ohhoh … this is something I’ve been looking for a few times. Thank you for sharing!
On the face of it this is a very useful tool but the PREP criteria governing the overall plugin status (red/green) is misleading at best.
Just because a prepare statement hasn’t been used doesn’t mean a plugin is not compatible with 2.8, neither does it mean that the code is insecure (there are other valid methods of securing SQL statements).
Likewise, there are plugins in that list shown as compatible from 1.5 up to 2.8 and showing as green. This is misleading too because the presence of the prepare statement would surely preclude the plugin working in WordPress versions earlier than 2.5
All that being said, it *has* made me realise about the ability to move wp-content (how did I miss that!?) and I will be updating Calendar to make allowances for this
You said:
Just because a prepare statement hasn’t been used doesn’t mean…that the code is insecure (there are other valid methods of securing SQL statements).
Technically you are correct that Plugin developers could all try to protect their plugin from SQL injection attacks in their own way.
But have you actually looked at the source code of your average plugin? It’s hardly professional-level code. I wouldn’t trust most plugin developers to write secure code. Have a look through Bugtraq one day for WordPress plugin vulnerabilities.
The solution to this problem is to encourage plugin developers to use a standard and well tested way of protecting against this type of attack (i.e. $wpdb->prepare). Naming and shaming of plugins that access the database without using the WP prepare statement function first is one way that we can do this.
Cheers,
Stu.
I never knew about this site, I will have to go and see if my plugins on my site are still ok. Thanks for sharing this.
I think the list of plugins would be more useful as the plugin checker doesn’t seem to be up to date on some of the plugin information.
A big thank you to the author. I have been waiting for that for a long time. It would be great to have this automatted within the Plugin repository. Imagine a script going through the “active” plugins in the plugin page and notifying the maintainer that the next version of WordPress might not compatible (based on deprecated functuion and such)? Feedback while you upload your new plugin on whether proper WordPress function are used and so on… Think of the possibilities! What a progress!
This tool, while not perfect this will make a huge difference.
Handly little tool Thanks for sharing.
As Keith already mentioned, the results provided by this tool may not be exactly accurate, it should only be used for informational purposes and reference. The developer, as you can read on our post, is going to improve the compatibility checker. It would be great to see this as a reliable decision maker.
Nice, How about compatability with WPMU?
Nice tool, seems like the PREP assessment is off though.