WordPress 2.9 is out!

WordPress 2.9 is out – with some brilliant new features!

Recycle Bin – “Trash” feature

Have you every accidentally deleted a post, only to find that you clicked on the wrong button? If you’ve not done that before, some day you will! Haha, I’m not trying to be nasty, but frankly, accidents do happen. But WordPress 2.9 brings good news, with the implementation of a “Trash” feature, that works like the recycle bin in Windows. Accidentally deleted something? Now you can undo it.

Built In Image Editor

Now adding images to your blog post is easier than ever! With the new built in image editor, you can scale, crop, rotate and flip your images right from the WordPress admin screen.

wordpress image editor

Batch plugin update

Got outdated plugins… and lots of them? With WordPress 2.9, you can now update 10 plugins at once. Plus, before you do so, WordPress lets you know whether the plugin update would be compatible for you! Hurray! No more “upgrading then finding the plugin is incompatible” nasty issues.

Easier Video Embedding

Like video? Now you can embed videos in your blog posts easier than ever. Just specify the video URL in one line, and it gets embedded automagically when you publish. Now works with YouTube, Daily Motion, Blip.tv, Flickr, Hulu, Viddler, Qik, Revision3, Scribd, Google Video, Photobucket, PollDaddy, and WordPress.tv… and more to come in the next release!

So what are you waiting for? Read more about the update in the WordPress.org blog, and upgrade to WordPress 2.9 now!

WordPress 2.8.6 ERD / Database Schema

I thought I’d post this since I’ve had the opportunity to work in depth with the WordPress database in one of my more recent projects. This ERD is what I came up with through my observation by doing a fresh install and looking at what changed with each post / page / link / category is added.

The documentation I could find in the WordPress codec showed the ERD for version 2.5, and it has changed since.

I’ve omitted the columns of the tables – this is just a simple diagram to give you an overview of the relationships between the tables.

wordpress 286 erd

If you understand what ERDs are at all, most of the tables names should be descriptive enough for you to understand what is stored in them, and why they are related to other tables… but I thought the wp_terms_taxonomy and wp_terms_relationships stuff need a little bit more explaination.

So here is what I observed. (I shall go thru all the tables anyway)

Let’s start with the simplest.

  • wp_options – WordPress options (blog name, description, permalink settings etc)
  • wp_users – For each user you have in the database, you have one row here. Simple yeah? This table stores only the very commonly used fields
  • wp_usermeta – To store other information about the user, like your name details, settings, and preferences. These are stored in a meta_key and meta_value pair
  • wp_comments – One comment, one row. Each row is linked to one post.
  • wp_posts – Stores the bulk of your WordPress data – your posts and pages content
  • wp_postmeta – Like usermeta, this table stores additional information for each post, like your custom fields for each post.
  • wp_links – Information on the links you have defined in WordPress admin -> Links section
  • wp_terms – Stores a list of terms used in the database. A term can be a tag, a link category, or a post category
  • wp_terms_taxonomy – Each row here is references a row in wp_terms, and basically it provides information about what this term is used for. In the case, say where you have a link category and a post category with the same phrase, you could have two rows in this table pointing to the same row in wp_terms.
  • wp_terms_relationship – This table just links up the wp_posts and wp_links tables to the wp_terms_taxonomy table. Technically, things can go wrong here if you link up the wrong things, e.g. linking up a wp_posts row to a wp_terms_taxonomy row that defines a link category, so beware.

With this database design, the WordPress admin module does a lot of work to make sure the terms, taxonomy and relationships tables do not get messed up. The “three way relationship” you see between wp_terms_relationship, wp_links, and wp_posts is intentional – each wp_terms_relationship references to only EITHER a wp_posts record OR a wp_links record.

For example, it edits and appends a “-2” to the slug for the term when you edit an existing link category to match an existing post category. However, when you create a new link category with the same name an existing post category, no new terms are created, only new taxonomy. There are still some small bugs in the way this is managed, but I must say the implementation has been fantastic so far!

If you are just starting out developing functionality for WordPress or doing heavy tweaking of codes, I hope this has given you a better overview of how things work in the backend!

WordPress Users, UPGRADE Your Blogs!

If you are running a self-hosted WordPress blog, please upgrade your WordPress installation NOW.

This warning from Lorelle shows how critical the issue is.

According to Lorelle’s post, old WordPress installations are being attacked (as you read this), and the number grows by the hour. The current version for WordPress is 2.8.4. Check yours. If its not 2.8.4, you are at risk.

How do you know if you’ve been attacked?

Lorelle also mentions two clues:

There are two clues that your WordPress site has been attacked.

There are strange additions to the pretty permalinks, such as example.com/category/post-title/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_REFERER%5D))%7D%7D|.+)&%/. The keywords are “eval” and “base64_decode.”

The second clue is that a “back door” was created by a “hidden” Administrator. Check your site users for “Administrator (2)” or a name you do not recognize.

Attacked or not, upgrade. NOW.

Thanks Stefan, for the hat tip!

Mass Delete Pending Comments from WordPress

When comments come in for your WordPress blog, they can be one of these three categories.

  1. Approved comments – WordPress has detected that these comments are real comments, and has immediately approved these comments
  2. Pending comments – These comments pass the spam filter, but either WordPress feels they they are some sorta “non human”, or it violates some of the rules you have laid in the blog discussion settings.
  3. Spam comments – If you have the very handy Akismet in place, commented identified as spam will go direct to spam comments.

If your blog is popular to any extent, you can expect to receive a lot of spam comments. These are easy to clear. All you have to do is to click on Comments -> Spam from your WordPress admin page, and you can clear them in one go, with the “Delete all Spam” button.

However, the issue comes when hundreds, or thousands of comments come in and they go into your moderation queue. This means they pass the spam filter.

WordPress allows you to mass delete these comments in the wp-admin – but only in batches of 20 at a time. When you have 853 comments waiting for “moderation”, well, you will start to realise batch deleting in 20s might not be a good idea (you have to do it over 40 times!)


Fortunately, there is a (somewhat) simpler way to do this.

Here are the steps.

#1 Log In to Your Hosting Backend

In my case, and in huge percentage of web hosts around the world, we use CPanel. Depending again on your hosting provider’s settings, the well-known way to access your CPanel is <yourdomain.com>/cpanel.

You will have to key in a username and password.

When you have successfully logged in, you will see a screen like this:


#2 Access Your Database Using phpMyAdmin

Look for the phpMyAdmin icon (under databases) and click on it. You should see a page like that when you are in the phpMyAdmin page.


Select your WordPress database by clicking on it on the left. You will see a list of tables within that database.

Next, locate the tabs on the right side, and find “SQL”. Click on that.

You will see this screen.


#3 Run the Following SQL command on your database

The command is this:

DELETE FROM wp_comments WHERE comment_approved = '0'

You should see a status message saying something like “853 rows affected”.

Then, you are done! Log back in to your WordPress admin panel, and you will find all the pending comments gone! Hurray!