439 posts
  • Bought between 50 and 99 items
  • Europe
  • Exclusive Author
  • Has been a member for 2-3 years
  • Sold between 5 000 and 10 000 dollars
Pixelous says

It’s possible to check how Envato WordPress Toolkit works with default Dummy Theme 1.1 by DENONSTUDIO ? I use library not a plugin.

366 posts WordPress Guy
  • Envato Staff
  • Australia
  • Has been a member for 5-6 years
  • Contributed a Tutorial to a Tuts+ Site
  • Exclusive Author
  • Sold between 100 and 1 000 dollars
  • Bought between 10 and 49 items
  • Referred between 1 and 9 users
  • Reviewer
+1 more
Japh Staff says

Hey everyone!

Letting you know we’ve just released the Envato WordPress Toolkit plugin v1.4 (just the plugin, not the library, at this stage).

Version 1.4 adds support for theme backups during a automated theme upgrade. This backup functionality can also be turned off from within the UI.

This is an effort to address the concerns people have raised about customisations being lost during an automated theme upgrade. Now, when a user initiates an upgrade from the Envato WordPress Toolkit, the existing theme is backed up to the /wp-content/envato-backups/ directory first. A link is then provided on the Envato WordPress Toolkit page to download that backup ZIP file if the user should need it.

We hope you love this improvement on the plugin :)

3365 posts
  • Elite Author
  • Sold between 250 000 and 1 000 000 dollars
  • Community Moderator
  • Bought between 50 and 99 items
  • Referred more than 2000 users
  • Has been a member for 4-5 years
  • Repeatedly Helped protect Envato Marketplaces against copyright violations
+4 more
sevenspark Volunteer moderator says

Hey everyone!

Letting you know we’ve just released the Envato WordPress Toolkit plugin v1.4 (just the plugin, not the library, at this stage).

Version 1.4 adds support for theme backups during a automated theme upgrade. This backup functionality can also be turned off from within the UI.

This is an effort to address the concerns people have raised about customisations being lost during an automated theme upgrade. Now, when a user initiates an upgrade from the Envato WordPress Toolkit, the existing theme is backed up to the /wp-content/envato-backups/ directory first. A link is then provided on the Envato WordPress Toolkit page to download that backup ZIP file if the user should need it.

We hope you love this improvement on the plugin :)

Sounds like an awesome improvement, Japh!

I have two concerns:

1. Does the plugin do a writability check on the /wp-content/ directory, and explain to the user how to change permissions if necessary?

2. Does the plugin do anything to “lock down” the directory from non-admin, logged-in users? In other words, only the site admin should be able to access/download the zip. Otherwise, anyone who knows the directory structure could go around to WordPress sites with known ThemeForest themes and download theme “backups” for free, depending on how the user has their server configured (unless I’m missing something). I’ve seen this happen too many times where customers have placed plugin or theme zips in some random folder on their server that is publicly accessible. Standardizing that location could be an issue.

Just some food for thought, sounds like a great addition :)

Chris

366 posts WordPress Guy
  • Envato Staff
  • Australia
  • Has been a member for 5-6 years
  • Contributed a Tutorial to a Tuts+ Site
  • Exclusive Author
  • Sold between 100 and 1 000 dollars
  • Bought between 10 and 49 items
  • Referred between 1 and 9 users
  • Reviewer
+1 more
Japh Staff says

Sounds like an awesome improvement, Japh!

I have two concerns:

1. Does the plugin do a writability check on the /wp-content/ directory, and explain to the user how to change permissions if necessary?

2. Does the plugin do anything to “lock down” the directory from non-admin, logged-in users? In other words, only the site admin should be able to access/download the zip. Otherwise, anyone who knows the directory structure could go around to WordPress sites with known ThemeForest themes and download theme “backups” for free, depending on how the user has their server configured (unless I’m missing something). I’ve seen this happen too many times where customers have placed plugin or theme zips in some random folder on their server that is publicly accessible. Standardizing that location could be an issue.

Just some food for thought, sounds like a great addition :)

Chris

Thanks, Chris!

To answer your questions:

  1. Yes it does, however if you notice any problems please let us know ASAP
  2. Yes it does! The plugin locks down the envato-backups directory with an internally generated key that’s unique per installation

The plugin is open source, so feel free to take a look at our implementation, and if you see room for improvement let us know :)

3365 posts
  • Elite Author
  • Sold between 250 000 and 1 000 000 dollars
  • Community Moderator
  • Bought between 50 and 99 items
  • Referred more than 2000 users
  • Has been a member for 4-5 years
  • Repeatedly Helped protect Envato Marketplaces against copyright violations
+4 more
sevenspark Volunteer moderator says

Thanks, Chris!

To answer your questions:

  1. Yes it does, however if you notice any problems please let us know ASAP
  2. Yes it does! The plugin locks down the envato-backups directory with an internally generated key that’s unique per installation
The plugin is open source, so feel free to take a look at our implementation, and if you see room for improvement let us know :)

Awesome! Sorry, I didn’t get a chance to test those things out or look at the code yet, I should have been clearer about that – those were just the first two questions that popped into my head.

Great to see that both customer usability and author security concerns have been taken into account! :)

385 posts
  • Elite Author
  • Author had a File in an Envato Bundle
  • Sold between 100 000 and 250 000 dollars
  • Author had a Free File of the Month
  • Grew a moustache for the Envato Movember competition
  • Exclusive Author
  • Slovakia
+3 more
uDesignStudios says

Hey guys! Any word on the CodeCanyon version of this yet? :)

UDS

812 posts
  • Author had a Free File of the Month
  • Exclusive Author
  • Sold between 10 000 and 50 000 dollars
  • Bought between 1 and 9 items
  • Referred between 1 and 9 users
  • Serbia
  • Has been a member for 5-6 years
rvision_ says

Hey everyone!

Letting you know we’ve just released the Envato WordPress Toolkit plugin v1.4 (just the plugin, not the library, at this stage).

Version 1.4 adds support for theme backups during a automated theme upgrade. This backup functionality can also be turned off from within the UI.

This is an effort to address the concerns people have raised about customisations being lost during an automated theme upgrade. Now, when a user initiates an upgrade from the Envato WordPress Toolkit, the existing theme is backed up to the /wp-content/envato-backups/ directory first. A link is then provided on the Envato WordPress Toolkit page to download that backup ZIP file if the user should need it.

We hope you love this improvement on the plugin :)

A question: does plugin need a user API key to work properly (fetch data from envato)? Wouldn’t be a better idea to use purchase code, I think this is easier for buyers to find than API key.

Thoughts?

439 posts
  • Bought between 50 and 99 items
  • Europe
  • Exclusive Author
  • Has been a member for 2-3 years
  • Sold between 5 000 and 10 000 dollars
Pixelous says
Theme-Check
WARNING: Found ini_set in the file envato-wordpress-toolkit-library/class-envato-wordpress-theme-upgrader.php. Themes should not change server PHP settings.
Line 264: ini_set('max_execution_time', ETU_MAX_EXECUTION_TIME);
WARNING: curl_init was found in the file envato-wordpress-toolkit-library/class-envato-protected-api.php possible file operations.
Line 342: $ch = curl_init( $url );
WARNING: curl_exec was found in the file envato-wordpress-toolkit-library/class-envato-protected-api.php possible file operations.
Line 345: $data = curl_exec( $ch );
2001 posts
  • Elite Author
  • Author had a Free File of the Month
  • Has been a member for 4-5 years
  • Austria
  • Exclusive Author
  • Interviewed on the Envato Notes blog
  • Microlancer Beta Tester
+3 more
revaxarts says

Why does the user need his API key for this?

Why isn’t the purchasecode enough?

1 post
  • Bought between 1 and 9 items
  • Exclusive Author
  • Has been a member for 2-3 years
LynnStrauch says

I absolutely agree with that. Sometimes, these API ’s are difficult to work with. I really appreicate it when the plugins that are really helpful are just code with that API Key.

Just my thoughts.

Website Hosting 1 [link removed by mod]



Hey everyone!

Letting you know we’ve just released the Envato WordPress Toolkit plugin v1.4 (just the plugin, not the library, at this stage).

Version 1.4 adds support for theme backups during a automated theme upgrade. This backup functionality can also be turned off from within the UI.

This is an effort to address the concerns people have raised about customisations being lost during an automated theme upgrade. Now, when a user initiates an upgrade from the Envato WordPress Toolkit, the existing theme is backed up to the /wp-content/envato-backups/ directory first. A link is then provided on the Envato WordPress Toolkit page to download that backup ZIP file if the user should need it.

We hope you love this improvement on the plugin :)

A question: does plugin need a user API key to work properly (fetch data from envato)? Wouldn’t be a better idea to use purchase code, I think this is easier for buyers to find than API key.

Thoughts?
by
by
by
by
by
by