Part 1 of 2:

Part 2 of 2:

Related posts:

1. Basic WordPress Theme Editing for the Non-Techie: Part 1 The following video is intended for the non-techie who wants...
2. WordPress 3.0 New Features WordPress 3.0, due to be out around mid-2010, will be...
3. Goodbye WordPress.org — I’ve made my point This morning I made my last post on the wordpress.org...

Moodle should make my life easier, not harder. I do appreciate what it allows me to do—post course content without having to fashion an entire course web page on my own, include RSS feeds from other sources, have one central location for grades and hand-ins and such—but I feel that sometimes it is more lacking for power users than for beginners. Good software should accomodate beginners, advanced beginners, power users, and experts equally well, and in this sense Moodle fails.

Source: http://acdalal.wordpress.com/2010/01/11/my-moodle-wish-list/

A very good summary. Moodle is good for beginners who really only need a place to upload some docs, have an online gradebook–if they can figure out how to use it–, and allow students to upload assignments. It does have those features and a few others–essentially the same features it had 5/6-years ago. Hard to believe? Download and install Moodle version 1.5 and look at what it had in 2004/2005 vs what it has today.

http://download.moodle.org/stable15

All the core features are pretty much the same…could explain a lot of the frustrations felt by power users. Yea, Moodle is cheaper than Blackboard, like a Mule is cheaper than a Mercedes. Until, of course, the vet bills (1, 2, 3, etc…) start coming in…then the cost of the Mercedes doesn’t seem so high and it’s a heck of a lot nicer ride without leaving a trail of manure behind it

Of course, Moodle 2.0 has been in the works for about 2 years now and promises to deliver a revolution to the LMS world once released. Moodle.com has opted out of the Google summer of code this year because 2.0 development demands all their time/energy. So, who knows, maybe 2.0 is what power users like the one quoted above have been waiting for…we’ll see.

Related posts:

1. An Urgent Moodle Upgrade Notice — Upgrading is a Must! Moodle released an urgent upgrade notice today, two weeks...
2. A Critical Moodle LMS Security Vulnerability — All Versions EDIT: Start of edit posted on 25 Nov 09… Moodle...
3. “Ridiculous $400/hr. for Moodle support with no guarantee” Saw a very interesting post in the moodle.org forums today...

Related posts:

1. WordPress 2.9 — A Video Demonstration of New Features In the following video I demonstrate three of, what I...
2. WordPress 2.9 New Features WordPress 2.9 should be released near the end of the...
3. WordPress Security Vulnerability — Upgrade is a Must! There is a new WordPress security vulnerability that makes it...

No related posts.

In fact, some of the biggest Moodle security problems have impacted customers of some of the largest professional Moodle hosting providers–Moodle Partners–commercial companies endorsed and certified by Moodle to provide professional, enterprise-level services.

One example of this is the Moodle porn spam issue that impacted millions of Moodle sites all over the world–and still impacts an untold number of sites today. This issue received world-wide attention when Primary School Moodle sites, provided by a certified Moodle Partner, were found to be infested with vile pornography.

Source: Primary schools hit by porn hackers
Source: Porn infecting ‘thousands’ of e-learning (Moodle) sites

Another example is the huge security hole first reported here just a couple months ago demonstrating how any teacher on any Moodle site in the world could download the entire user database table and have access to all user information–usernames, passwords, e-mail addresses, phone numbers, etc., for every user on the Moodle site.  Professional Moodle partners all over the world got caught sleeping at the wheel…again.

Source–just one of many: Groot gat in open source e-learning cms Moodle

One would think that an open-source “community” with problems as serious as Moodle has had recently, would invite open and honest communication about its products and services, but you would be wrong.

I don’t know many things for sure, but one thing I do know is that Moodle has not seen the last of these types of problems. The closed, arrogant, intolerant, atmosphere that has been cultivated on moodle.org by the Moodle lead developer will continue to ensure that there is no shortage of people just waiting to expose the next big hole…it’s not a matter of “if” there is another big hole…it’s only a matter of “when” it will bite Moodle (ergo Moodle users) in the rear.

Related posts:

1. Moodle — 1990’s LMS Technology in 2010? Moodle should make my life easier, not harder. I do...
2. A Critical Moodle LMS Security Vulnerability — All Versions EDIT: Start of edit posted on 25 Nov 09… Moodle...
3. “Ridiculous $400/hr. for Moodle support with no guarantee” Saw a very interesting post in the moodle.org forums today...

My WordPress blog has been hacked; or at least I think its been hacked. What do I do now?

The WordPress Exploit Scanner plugin can help detect damage so that it can be cleaned up. Other things you should do:

• Change passwords for all blog users, including your own, with a role higher than Subscriber
• If you upload files to your site via FTP, change your FTP password
• Change your web hosting control panel (such as Cpanel) password
• Completely remove all current WordPress core code and re-install the latest version of WordPress
• Make sure you are only using trusted plugins and themes–those from wordpress.org or a trusted commercial developer
• Remove all unused themes and plugins
• Make sure all of your plugins and themes are up-to-date–it’s best to install new, clean copies of each theme and plugin
• Update your security keys in wp-config.php
• Search your entire web-directory (public_html directory, not just the WP directory) to ensure no other files are infected
• Check directory and file permission on your server. Typically, directory permissions should be 755 and files should be 644, but this will depend on your particular server environment.

If all else fails, contact me and I will quote you a reasonable price for fixing your site for you…I only work on Linux systems with Cpanel, or an equivalent control panel.

Related posts:

1. WordPress Tip: Delete Old or Unwanted Plugins Note: The following is made available under GPL from http://codex.wordpress.org/GPL....
2. Easy 5-Step WordPress Install Note: The following is made available under GPL from http://codex.wordpress.org/GPL....
3. Resetting Your WordPress Password Note: The following is made available under GPL from http://codex.wordpress.org/GPL....

Each of those revisions requires a separate record in the db. So, although this is a cool feature, it can significantly add to db bloat.  If you don’t really care to have all those revisions sitting around, or if you want to limit the number, WordPress does provide an option to change the default behavior allowing you to either disable revisions completely or allowing you to limit the number of revisions saved. To make these changes you do need to edit your wp-config.php file directly…currently, there is no option for doing this in WP admin.

Disable Post Revisions

To completely disable the revisions feature, add (or if already present) edit the following code to your wp-config.php file. The word (false) disables this feature.

define('WP_POST_REVISIONS', false );

Specify the Number of Post Revisions

If you want to keep the revisions feature, but limit the number revisions saved, then use the same code as above, but change false to the number of revisions you want to keep. In the example below, WordPress will keep the latest 3 post or page revisions.

define('WP_POST_REVISIONS', 3);

Related posts:

1. WordPress 2.9 Trash Feature — How to Customize In WordPress 2.9 one of the new features is the...
2. How to Write a WordPress Post Note: The following is made available under GPL from http://codex.wordpress.org/GPL....
3. WordPress Comment Moderation Note: The following is made available under GPL from http://codex.wordpress.org/GPL....

Related posts:

1. Upgrading WordPress to 2.8 — Running into Problems? I just upgraded this site to WordPress 2.8 yesterday and...
2. WordPress 2.9 New Features WordPress 2.9 should be released near the end of the...
3. WordPress Security Vulnerability — Upgrade is a Must! There is a new WordPress security vulnerability that makes it...

One thing about this new feature that is not so obvious, is that by default, items in trash are automatically deleted after 30-days. Of course, this could be a good thing as long as you know about it, but it could catch some by surprise who don’t know about this auto-delete feature in trash. I would imagine there are some who will use the trash as a holding place for posts, pages, or comments that they may want to remove from public view, but keep handy for possible future use. In the past, you may have just changed the status of a post or page from “Published” to “Draft” or simply “Unapproved” a comment to achieve the same result. The difference is, your draft posts/pages and unapproved comments were never deleted unless you deleted them–not so when you send something to trash. The 30-day delete time is defined in wp-settings around line 570–see screenshot below.

Of course, now that you know this, if you wanted to change it, you could open wp-settings and edit it there–changing the 30 to 60 would auto-delete items after 60 days. However, there is a better way to accomplish this so that you don’t over-write your changed during an upgrade, by defining this variable in the wp-config.php file. So, if you want to increase, decrease, or even disable this feature, you should open your wp-config.php file and include a line somewhere just like you see highlighted in the screenshot above. A good place to add the line would be directly below where the table prefix is defined in the wp-config.php file. The screenshot below shows wp-config.php edited to auto-delete items in the trash after 120 days.

But what if you want to completely disable the new trash feature? Changing the value to 0 (zero) will do that for you. The screenshot below shows how to edit wp-config.php to completely disable trash so that when you delete an item it is automatically deleted just as it was prior to version 2.9.

But note, if you disable trash, then when you click to delete something you will NOT be prompted to confirm…when you click Delete the item simply gets deleted and there is no getting it back without a backup.

Related posts:

1. WordPress 2.9 New Features WordPress 2.9 should be released near the end of the...
2. Customize WordPress Post Revisions In a default install of WordPress, each time you edit...
3. WordPress Comment Moderation Note: The following is made available under GPL from http://codex.wordpress.org/GPL....

http://wordpress.org/support/topic/342819

Since I don’t participate in those forums any longer, I’ll just provide my thinking here.

In a nutshell, I don’t really care what the default theme is. The first thing most people do once they get WP installed is change to a custom theme anyway. So putting a lot of thought and effort into what is the “default” theme may be important to WP and its image or brand, but it’s not important to end users…in reality, the default theme is really nothing more than just one of over a thousand GPL themes anyone can install in just a few seconds through the theme installer in the WP admin.

Now don’t get me wrong…I’m not trying to throw a wet blanket on the theme initiative and I’m sure it’s important for WP to show that they are staying “up to date” and on the cutting edge. Simple fact is, WP is hands-down the best blog software (and fast becoming the best CMS software) available today–open source or proprietary. So, best of luck with the default theme initiative, but I’m far more interested in how WordPress MU will be incorporated into WordPress–which is also due to happen in 3.0.

No related posts.