WordPress Release: 2.0.1

TL;DR

WordPress 2.0.1 is a maintenance release that addresses numerous bugs and issues from the 2.0 release. It includes important fixes for comment management, file uploads, caching, internationalization, and security. This update improves stability and performance while enhancing user experience through better plugin management, theme handling, and admin interface improvements.

Highlight of the Release

• Security enhancement: Preventing PHP file uploads to improve site security
• Performance improvement: Enhanced caching system with better flushing mechanisms
• Better file upload management with improved path handling and directory creation
• Fixed comment management to keep counts in sync when deleting comments
• Improved internationalization support with various i18n fixes
• Enhanced plugin management with alphabetical sorting by plugin name

Migration Guide

WordPress 2.0.1 is a maintenance release that focuses on bug fixes and minor enhancements. Migration from WordPress 2.0 to 2.0.1 should be straightforward with minimal impact on existing functionality.

Before Upgrading

1. Backup your site: Always create a complete backup of your WordPress files and database before upgrading.
2. Check plugin compatibility: If you're using custom plugins, verify they are compatible with the new version.
3. Review custom theme modifications: If you've made custom changes to your theme, note them down as you might need to reapply them.

Upgrade Process

1. Deactivate all plugins to prevent any potential conflicts during the upgrade.
2. Replace all WordPress core files with the new 2.0.1 files.
3. Run the WordPress upgrade script by visiting /wp-admin/upgrade.php.
4. Reactivate your plugins one by one to ensure compatibility.

After Upgrading

• If you were using a custom upload path configuration, check your upload settings as this release includes changes to upload path handling.
• Review your cache settings if you were using persistent caching, as this release includes improvements to the caching system.
• Test your site thoroughly, especially features related to comments, file uploads, and category management, as these areas saw significant fixes.

Upgrade Recommendations

Recommendation: Immediate upgrade recommended for all WordPress 2.0 users.

WordPress 2.0.1 is an important maintenance release that addresses numerous bugs and security issues present in WordPress 2.0. The update includes critical fixes for:

• File upload security and management
• Comment handling and filtering
• Caching system improvements
• User role and permission handling

Given the security enhancements and the large number of bug fixes (over 70 files modified with more than 3,000 changes), all WordPress 2.0 users should upgrade to version 2.0.1 as soon as possible. The risk of not upgrading includes potential security vulnerabilities, particularly related to file uploads and comment handling.

The upgrade process is straightforward and should not cause any disruption to your site's functionality. As always, make a complete backup of your site before upgrading.

Bug Fixes

• Comment Management: Fixed issue where comment counts weren't kept in sync when deleting comments.
• File Upload Issues:
  • Fixed handling of file extensions and paths in uploads
  • Corrected issues with directory creation and permissions
  • Fixed handling of special characters in filenames
  • Resolved issues with quotes in upload titles
• Caching Problems:
  • Fixed cache flushing mechanisms
  • Improved reliability of cache management without requiring glob()
  • Added proper locking when flushing cache
• Internationalization:
  • Fixed various i18n issues in trackbacks
  • Corrected character encoding in several areas
  • Improved handling of multibyte strings
• Admin Interface:
  • Fixed title issues for plugin menu pages
  • Corrected category JavaScript functionality
  • Fixed page parent dropdown to accommodate long page names
• URL and Rewrite Issues:
  • Fixed rewrite rules for page attachments
  • Added proper caching of rewrite rules
  • Improved handling of special characters in URLs
• Post Management:
  • Fixed draft posts to receive current timestamps
  • Corrected handling of post deletion
• Theme Handling:
  • Added fallback to default theme if current theme is deleted
  • Fixed conflict between Kubrick theme and hReview style
• User Management:
  • Fixed issues with user role display
  • Corrected handling of empty usermeta fields
• Security:
  • Improved sanitization of usernames
  • Enhanced comment filtering through kses

New Features

• Enhanced Caching System: Added ENABLE_CACHE flag to force persistent cache enable, providing better control over caching behavior.
• Update Option Actions: Added update_option_* actions to allow plugins to hook into specific option updates.
• Gettext Filter: Added filter for gettext functions to allow for more flexible text translations.
• Improved File Upload Options: Added upload folder options for better organization and management of uploaded files.
• DBX Hooks: Added hooks for the DBX (Dynamic Box) system to allow for better plugin integration.
• LiveJournal Importer: Enhanced LiveJournal importer with various improvements for better content migration.
• Dotclear Importer: Added new importer for Dotclear blog platform.

Security Updates

• File Upload Restrictions: Added prevention of PHP file uploads to block potential execution of malicious code.
• Comment Filtering: Enhanced kses filtering for comments to prevent XSS attacks and other security vulnerabilities.
• Permission Checks: Improved checking of user capabilities for file uploads and other sensitive operations.
• File Permission Management: Added code to remove execute permissions from uploaded files to prevent potential security issues.
• Input Sanitization: Enhanced sanitization of user input in various areas, particularly in username handling and URL processing.
• HTTPS Support: Improved support for secure connections with better handling of HTTPS protocols.

Performance Improvements

• Enhanced Caching System: Improved the WordPress object cache with better flushing mechanisms and control options.
• Rewrite Rules Caching: Added caching for rewrite rules to reduce processing time for URL handling.
• Optimized Database Queries: Several fixes to reduce unnecessary database queries, particularly in comment and post management.
• Import Process Optimization: Disabled post caching during imports to improve import speed and reduce memory usage.
• Better Resource Management: Improved handling of file operations to reduce server load during uploads and cache operations.
• Reduced Redundant Processing: Fixed issues where template filters were being invoked twice, improving page generation performance.

Impact Summary

WordPress 2.0.1 represents a significant maintenance update that addresses a wide range of issues from the initial 2.0 release. With over 3,000 changes across 71 files, this release focuses on stability, security, and performance improvements rather than introducing major new features.

The most impactful changes include enhanced security measures for file uploads, improved comment management and filtering, better caching mechanisms, and numerous fixes for internationalization support. Administrators will benefit from improved plugin management and upload handling, while content creators will appreciate fixes to draft posts, comment management, and category handling.

For developers, the addition of new hooks and filters provides greater flexibility for customization, particularly with the new update_option_* actions and gettext filter. The enhanced caching system also offers better performance control options.

This release demonstrates WordPress's commitment to security and stability, addressing several potential vulnerabilities while improving the overall user experience. The large number of bug fixes indicates a thorough review and refinement of the 2.0 codebase, making 2.0.1 a much more stable and secure platform for WordPress users.