Comment Save Saves Your Comments History In Chrome

I visit hundreds of sites everyday and comment on quite a few of them. In addition to that I also comment on lot on my friends posts on . Commenting is fun, but there are times when I want to refer to a conversation or follow-up on whether it has got any reply or not. I could of course bookmark the post and go back to it later.

Save Comments Chrome

Now, what if you had a service which keeps track of all the comments you make across the internet (at-least some part of it) and displays it to you whenever you want? Impossible? No. Thanks to a new Chrome called Comment Save, which basically saves all the comments you make on Facebook, WordPress sites, Gawker sites, Forums, Yahoo! Answers and news sites like CNN, New York Times and Guardian amongst others.

I gave the extension a run on and it works as advertised. It also provides you with a full-page view of all the comments you have made and an option to delete all or selected comments from the history.

Download Comment Save extension

Techie Buzz Verdict

Techie Buzz Recommended Download

Overall I found this extension to be pretty neat way to track conversations on the web from a centralized location. However, I would like to see a cloud-implementation for the storage so that I can have access to my comments across multiple computers.

Nevertheless, this extension provides a good and secure way to keep track of your conversations and is a highly recommended download from me. Go ahead and give it a try.

Ratings: 4.5/5 (Excellent)

Why WordPress Needs To Overhaul Their Plugin Repository and Introduce Safety Checks

I have written quite a few plugins including WordPress Automatic Upgrade and understand how things work within WordPress.

Earlier today, I wrote about a very dangerous plugin doing the rounds of the Internet called BlogPress SEO. The plugin is nothing but a Trojan horse which siphoned sensitive data to a third party and allowed them to login to the plugin user’s admin interface without having access to the admin password.

WordPress Security

That plugin is not in the WordPress repository and will never be, but there are thousands of plugins which are already in the repository and thousands which will eventually be part of it. Here is the catch, adding a WordPress plugin to the repository is as easy as sending an email, you just create a legitimate plugin, upload it to SVN and it’s there in the repository for everyone to use.

Now, here is the problem. As far as I believe there are no checks on what code is added to a plugin and to top that there are no checks at all to future updates. In plain words, I can create a legitimate plugin and introduce it to the repository. After that, whatever updates I make to it will never be checked (other than by clever WordPress users who sift through code), since the WordPress plugin updates are based on SVN trunks.

Any new trunks you create will be made available as a update to the end user, regardless of what code you put into it. Now, this may not be alarming since there are hardly any scams related to WordPress plugins within the repository, but today’s event goes on to show that it can be exploited. It does not take much effort to get in a plugin into the repository itself, so a scammer/hacker will be able to create multiple plugins and then add exploit code to it and offer it as updates. By the time the exploit is discovered, it might be too late for users who have already updated and sent out sensitive information to the hacker.

Now, while I am making a valid point here, there is really no foolproof way to stop this problem. Of course, it would help if there are safety checks and maybe a community based checking of code before it actually is made available as an update to users. Community based code checks are hard, if not impossible, because it will involve people to actually check the updated code before it is made available to users. This will also add a hassle to developers who are contributing for free, however, in the end it will be beneficial to everyone.

Once again the approach of checking code is not exactly foolproof. A recent example involves and , who now have a very strict process of approving extensions and it causes problems to developers. However, both of them did let through/had or which snooped on sensitive information and passed them on to third parties, some without even you having to install those extensions. The most recent example being Firesheep, an extension which allowed you to extract cookies for and and then used it to login to these networks (P.S. Install BlackSheep to stay safe from Firesheep).

Now here is the big problem, none of these harmful extensions are available through the repositories, if they are, they are quickly taken off, but people can still go ahead and install these. Just like Firefox has the ability to block extensions (they blocked .NET and WPF add-ons from Microsoft), and Google Chrome has developed features in the browser to block unsafe extensions, WordPress has to take steps to block harmful plugins at the core. They have to have the ability to inform users or explicitly block plugins which are harmful.

Considering how huge a community WordPress has, it would be easy to have a system in place to report unsafe extensions, no matter if they are present in the repository or not, along with providing a friendly warning to users that the plugin they are about to install might be unsafe. In addition to that, they have to move towards encouraging more and more developers to use the WordPress repository for plugins. I had written about the benefits of users adding their plugins to the WP repo on WLTC and saw many developers unhappy with the system, so this might take a while.

If they add this feature, and it works on the fly, it would be one of the best features I could use. Though I am a experienced plugin developer and have coded plugins such as WordPress Automatic Upgrade, I fear for the millions of people who might start adding plugins which are really bad.

Hope WordPress does something about this as this could easily get out of hand. The coder of BlogPress was foolish, he wrote code that could easily be identified, imagine intelligent people being able to write code which cannot be identified and the threats just multiply.

(Image Credit:

WARNING: Don’t USE BlogPress SEO Plugin On WordPress, It’s A Scam and Trojan

WordPress is an open community and practically anyone can develop plugins or themes for it. However, there are several shady plugins for WordPress out there which you might as well stay away from.

One such plugin is called BlogPress SEO, which promises users hundreds of backlinks once you install it. However, don’t fall for it, it is a trap and will expose your login information to the developer of the plugin and will allow them to automatically login to your blog.

There are couple of blog posts from Yoast and Mtekk which expose the big problems with this plugin. First of all, this plugin stealthily emails your admin email address to the author of the plugin. The second and bigger problem is that, the plugin has a function which allows the plugin author to bypass the WordPress login.

Yes, you read it right, the plugin first emails your admin email to the author and then allows him to login to your WordPress admin without a password. Scary right.

If you have installed the BlogPress SEO plugin, you have to do two things. First of, deactivate the plugin ASAP. Secondly, change your admin email address. Changing your password will do no good. Thirdly, only install plugins which are available in the WordPress repository as they are safe.

Backup WordPress Database, Themes, Plugins & Uploads To Dropbox, Amazon S3

Backup WordPress Dropbox & Amazon S3In the past we have told you about several ways to backup your WordPress database using command line and other techniques, along with backing up your FTP files.

If you find the manual backup process tedious there are several plugins which allow you to automate the backup and email you a copy of the data. However, I just came across another neat WordPress plugin which will allow you to backup your WordPress database, theme files, plugin files and more to your Dropbox account, Amazon S3 or FTP host.

The plugin which is called WP Time Machine, is definitely a neat one if you want to store offsite backups of all your data. The plugin allows you to backup all the files inside the wp-content folder and also your MySQL database. Time machine can be configured to run periodically through a WordPress Cron Job.

In addition to that, it also backs up your .htaccess file so that you can restore it if there are any problems. Visit to learn more about the plugin and start downloading it.

Backing up data is a good exercise which will help you in the long run.  To top that Dropbox is a decent alternative as it provides users with 2GB free space and the ability to access files from virtually anywhere. If you don’t have a account yet, sign up for a free Dropbox account.


WordPress 2.6 for iPhone and iPad Released

The WordPress team has released an updated WordPress app for the and . WordPress 2.6 contains several new features including video recording and upload, local drafts, auto-save, post revisions, media library and more.


The WordPress app for iPhone and iPad has been upgraded to include new features that will make it more easier to blog from your iDevice. It will now allow you to easily upload that video you recorded during your recent vacation with ease.

Users will also be able to save local drafts to their device so that they can always go back and add more thoughts to their posts before they publish it along with the ability to auto-save posts so that they you no longer have to worry about losing it because of a crash.

Complete features in WordPress 2.6 and iPad app include:

  • Video. Record, upload, attach, and play videos within the app.
  • Total rewrite of the way local drafts are handled, to prevent the unintentional loss of your pending posts.
  • Auto-save and post revisions.
  • Media Library to manage your media from your iDevice.

You can download the WordPress app from the iTunes store here or read the release post and release notes on the new changes.

How To Migrate Windows Live Spaces to WordPress

Microsoft recently announced that they would be shutting down Windows Live Spaces and moving all users to If you are a Windows Live Spaces user, Microsoft has made it very easy to move your data elsewhere, so how do you move it to Take a look at the steps listed below.

Step 1: Login to your Windows Live Spaces account.

Start Windows Live Spaces Migration

Step 2: When you view your Spaces account, you might see a notice which will prompt you to Upgrade your blog, click on the "here" link to start the migration process.

Live Spaces WordPress Migration

Step 3: Read the information on the page. Once you are done click on the "Get started. Upgrade my blog to!" link. Read the agreement on the next page and click on the "Confirm" button to continue.

Windows Live Spaces To Shut Down, Move 30 Million Users To WordPress.Com

Windows Live Spaces, the blogging platform from Microsoft will shortly shut shop and move 30 million users to the WordPress platform.

Windows Live Spaces to WordPress

Microsoft today announced the closure of Windows Live Spaces and migration of over 30 millions users will be migrated over to at TechCrunch Disrupt. Users data will be migrated through a process that preserves all the content to, all Windows Live Spaces blogs will also be redirected to the new domain.

Users will also have an option to download the information from their blogs and store or or delete it entirely. Windows Live Spaces will shut down within the next 6 months, giving users ample amount of time to make a decision before forced migration or deletion of data could take place.

WordPress is currently one of the best blogging solution for hosted as well as free blogging, and the 30 million additional users for the site will take their total blog tally to well over 50 million. WordPress currently powers over 8.5% sites across the internet.

Update: More at the official blog.

Joomla To WordPress Migration

Joomla is a very popular CMS platform, however, it is too advanced if you are using it only for blogging purposes. I remember using Joomla initially before shifting to WordPress and back then it was a bit of a painful process.

Joomla to WordPress Migration

However, if you are a Joomla user and are looking to move to WordPress, you can easily do it using using a Import Wizard or Migration wizard which are available as free downloads. You can download the import wizard for Joomla to WordPress from the links given below.

If you have trouble migrating, feel free to leave your comments. Since I have already migrated once from Joomla to WordPress I might be able to answer your questions.

Blank Page in WordPress, How To Fix It and Where To Look

If you are a WordPress user there might be a chance that you might have come across a blank screen on your website or blog. For those who are not in the know a blank screen appears on a website or blog running WordPress whenever there is an Fatal PHP Error with a plugin or theme.

Blank WordPress Error Message

Several users might see blank screen in WordPress after they have upgraded to a new version of WordPress, installed a new plugin or changed their themes. Many users are perplexed when they see a blank screen and do not know what to do. However, a blank screen only appears when there is a fatal error while running a PHP script.

The reason users see a blank screen and not error messages is because WordPress hides all PHP related error messages. So the first thing to do after you see a blank screen on your website or blog is to turn on error reporting on WordPress.

To turn on error reporting, login to your FTP server and edit wp-config.php and add this line to it.

define('WP_DEBUG', true);

Once you have added this line to the wp-config.php file, refresh your website and you will see the error messages that are causing a problem with WordPress loading your website.


This will make it easier for to figure our what is wrong with your site. Once you know where the error is, you can delete or remove the offending plugins or have someone look at the error messages to rectify the problem that is causing your site to not load.

Make sure to delete the WP_DEBUG line from the config file after you have fixed the error, or else you might also start seeing PHP Notices and Warnings.

Thesis Bows down to Open Source Still keeping its Rightful Ownership

The Thesis vs. WordPress war was just catching up but could not go far as it was compelled to use open source licensing finally. If you were not following, Thesis theme developer Chris Pearson was interviewed a few days ago when he spilled the beans regarding his profits from Thesis.

This was enough to upset WordPress founder Matt Mullenweg, who wanted Thesis to respect the open source License WordPress is based on. Thesis has maintained a low profile and saved itself from the attention of FOSS fanatics. However, the recent interview fired up the FOSS community fueled by Mullenweg’s tweets. This was enough to force Pearson to accept that his code indeed used some of open source and now, Thesis is available under a split GPL.

Does that mean we all can use Thesis now? No. This move will hardly affect anyone. The split GPL Thesis is using will make the PHP part of the code open keeping back the JavaScript and the CSS. However, this was necessary at the same time. Pearson had to keep his business based on Thesis.

Matt Mullenweg was of the opinion,

Even if Thesis hadn’t copy and pasted large swathes of code from WordPress (and GPL plugins) its PHP would still need to be under the GPL. We write software that empowers and protects the freedoms of  users, it’s our Bill of Rights. People should respect that.

The move has saved Thesis from further scrutiny and has ended a cold war between Thesis and WordPress. The last time a tech giant used open source code, the media booed it heavily. This move helped Thesis save its reputation at the same time.