While it is outside the scope of plugin support to get deep into the use of MySQL to handle the querying of user data, there are some basic concepts that can be presented to help you build the applications that you need to handle users. And the fact that WP-Members relies on the existing WordPress database schema means that you can find many related articles and tutorials on the web.
Continue Reading →Blog
Wordfence announces critical vulnerability in Litespeed Cache
Recently, the Wordfence Threat Intelligence team announce a critical vulnerability in the Litespeed Cache plugin. This is a privilege escalation vulnerability, which means that an attacker who gains access as a low level user can exploit the vulnerability to gain admin rights on an affected site.
I am pointing this out because I know a lot of WP-Members’ users also utilize cache plugins, which can include Litespeed Cache. If you’re one of those users, please make sure that you update your version of Litespeed cache to a version higher than 6.3.0.1 as all other versions are vulnerable.
You can read more about this reported vulnerability here:
WP-Members Advanced Options 2.3.2
A new version of WP-Members Advanced Options has been released.
This update is to add a new feature: customize the native WP login.
This is an initial rollout of what I expect will be expanded upon later. This provides a way to very easily customize the native WP login.
This initial rollout allows you to choose from either a “light” or “dark” native theme or to load your own custom stylesheet. You can also specify your own logo file.
I’ll be expanding this in future releases to allow for more direct customization via the admin panel.
Part of the reason for this is to simplify things for users who need to implement 2 factor authentication (2FA). Most 2FA plugins integrate with the native WP login. For WP-Members users, that requires redirecting blocked content to the WP login, which isn’t exactly “pretty”.
Now, with the Advanced Options, you can not only easily set blocked and restricted content to redirect to the WP login (and redirect back to the originally requested content), but you can “pretty it up” without having to customize it yourself (although you can filter the stylesheet used to implement your own colors, fonts, spacing, etc).
Using a Code Snippets Plugin
For users not comfortable with adding code snippets by other means, a code snippets plugin manager can be a great tool. Actually, it can be a great tool for other users, too.
One of the most commonly used code snippets plugins is the aptly named “Code Snippets“. The plugin allows you to add custom code snippets as well as manage the code snippets you have added.
Some of the features include:
- Ability to activate/deactivate code snippets
- Ability to set code snippets to run only once (useful for utility scripts that manage user or post data)
- Screening of code snippet syntax so that an invalid code snippet does not crash the site.
You can get the plugin through the WordPress plugin panel by searching for “Code Snippets” or download it from wordpress.org: Code Snippets – WordPress plugin | WordPress.org
WP-Members PayPal Subscriptions 0.9.9
The WP-Members PayPal Subscriptions extension version 0.9.9 has been released. This update contains some important changes from the previous production version. All users should update.
Continue Reading →