Posts by pixelentity

493 posts
  • Has referred 1000+ members
  • Has sold $250,000+ on Envato Market
  • Has collected 10+ items on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
+8 more
pixelentity says

Exactly, why is that required ? why authors have not been informed about it ?

We already have update capabilities in our themes using just the class-envato-protected-api.php, why we should be forced to use the toolkit ?

To just hook in the WordPress update system is way simpler and more reliable than using the toolkit and its custom Theme_Upgrader class. It just requires few lines and we even released a class that other authors are using in their own themes.

Envato should just release (or sponsor) a plugin using the very same hook method. There’s no need for a custom Theme_Upgrader class. The plugin will be able to update all themeforest themes installed by the buyer at the same time, regardless the author.

The api allows that, we already tested and it works.

BF

493 posts
  • Has referred 1000+ members
  • Has sold $250,000+ on Envato Market
  • Has collected 10+ items on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
+8 more
pixelentity says

All themes require integration with the Envato WordPress Toolkit Library.

this is starting to get ridiculous now ….

there are all these new rules in place and nobody knows about them but reviewers. There’s nothing more frustrating for an author than waiting days in queue and then being rejected for reasons not mentioned anywhere.

BF

493 posts
  • Has referred 1000+ members
  • Has sold $250,000+ on Envato Market
  • Has collected 10+ items on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
+8 more
pixelentity says

You use buyer username/api key, not yours.

493 posts
  • Has referred 1000+ members
  • Has sold $250,000+ on Envato Market
  • Has collected 10+ items on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
+8 more
pixelentity says
493 posts
  • Has referred 1000+ members
  • Has sold $250,000+ on Envato Market
  • Has collected 10+ items on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
+8 more
pixelentity says

isotope++

it’s quite extensible also, we created a couple of custom layout for it

493 posts
  • Has referred 1000+ members
  • Has sold $250,000+ on Envato Market
  • Has collected 10+ items on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
+8 more
pixelentity says

Every word is true. But “scripts which relies on url parameters are exploitable by nature” != exiting security issues.
It depends on your concept of security. The latest exploit allowed arbitrary code execution but, even if that was patched, due the nature of the script, i could still be able to bring your server on knees by requesting all possible combinations of width/height for one or multiple images. This still qualifies as security issue for me.

The problem is not really timthumb using custom code to generate the image but the script doing it when image itself is requested instead of at page rendering time (like aqua resizer does for instance).

This may be sound optimal at a first glance (to only generate a thumbnail when it’s requested) but you lose control on the parameters which is far worst than creating more thumbnails than you need at a given time.

493 posts
  • Has referred 1000+ members
  • Has sold $250,000+ on Envato Market
  • Has collected 10+ items on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
+8 more
pixelentity says

To serve static images using php is just a massive waste of resources. Additionally, scripts which relies on url parameters are exploitable by nature: what if somebody just manually rewrites them by using random values for width and height ? a new image will be created each time, eating cpu cycles and storage.

493 posts
  • Has referred 1000+ members
  • Has sold $250,000+ on Envato Market
  • Has collected 10+ items on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
+8 more
pixelentity says

According to our bundle earnings calculator, which was updating each 60 secs, the final number of sales was 5928. You can use the following link to check what your final earnings were (replace the “20” at the end of the url with the price of your included item and refresh to see your earnings)

Bundle Earnings Calculator

DOK

493 posts
  • Has referred 1000+ members
  • Has sold $250,000+ on Envato Market
  • Has collected 10+ items on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
+8 more
pixelentity says

Yes. Basically this comes to the point where 100% GPL isn’t an easy choice for an author even if there are home rules (for upload) added by marketplace. Those rules will work like usage upload guidelines, nothing more than that – it would be impossible to monitor in the long run.
We wouldn’t for sure.

100% GPL themes would have 0 protection here. Even with split license, envato doesn’t enforce any “my house my rules” policy against copycats.

We, as many, also include custom made jquery plugin that are sold as separate commercial items and a 100% GPL theme would extend the license to the bundled plugin code.

493 posts
  • Has referred 1000+ members
  • Has sold $250,000+ on Envato Market
  • Has collected 10+ items on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
+8 more
pixelentity says

I’m not sure the plugin can work. it maybe good to import some basic data like post,menu, categories,page and it can’t import custom data base on site features. I use wordpress import to import sample data xml from wordpress site and a large bugs happens
I also hate xml file also. I strongly recommend use php file to install data. for example use php array. Easy to use and update later also!
Just take a look at wordpress importer plugin code because, If you choose to do the same thing by yourself, there are high chances you’ll end rewriting most of that stuff. You can’t just add post, there are a lot of other things you need to take into account (like url rewriting in content, for instance). It’s far easier to just use/extend what’s already done and works quite well than reinventing the wheel.
by
by
by
by
by
by