- Bought between 50 and 99 items
- Europe
- Exclusive Author
- Has been a member for 1-2 years
- Sold between 5 000 and 10 000 dollars
It’s possible to check how Envato WordPress Toolkit works with default Dummy Theme 1.1 by DENONSTUDIO ? I use library not a plugin.
- Envato Staff
- Australia
- Has been a member for 4-5 years
- Contributed a Tutorial to a Tuts+ Site
- Exclusive Author
- Sold between 100 and 1 000 dollars
- Bought between 10 and 49 items
- Referred between 1 and 9 users
- Reviewer
Hey everyone!
Letting you know we’ve just released the Envato WordPress Toolkit plugin v1.4 (just the plugin, not the library, at this stage).
Version 1.4 adds support for theme backups during a automated theme upgrade. This backup functionality can also be turned off from within the UI.
This is an effort to address the concerns people have raised about customisations being lost during an automated theme upgrade. Now, when a user initiates an upgrade from the Envato WordPress Toolkit, the existing theme is backed up to the /wp-content/envato-backups/ directory first. A link is then provided on the Envato WordPress Toolkit page to download that backup ZIP file if the user should need it.
We hope you love this improvement on the plugin 
- Sold between 250 000 and 1 000 000 dollars
- Community Moderator
- Author was Featured
- Item was Featured
- Bought between 50 and 99 items
- Referred between 1000 and 1999 users
- Has been a member for 3-4 years
- Repeatedly Helped protect Envato Marketplaces against copyright violations
Japh said
Hey everyone!Letting you know we’ve just released the Envato WordPress Toolkit plugin v1.4 (just the plugin, not the library, at this stage).
Version 1.4 adds support for theme backups during a automated theme upgrade. This backup functionality can also be turned off from within the UI.
This is an effort to address the concerns people have raised about customisations being lost during an automated theme upgrade. Now, when a user initiates an upgrade from the Envato WordPress Toolkit, the existing theme is backed up to the
We hope you love this improvement on the plugin/wp-content/envato-backups/directory first. A link is then provided on the Envato WordPress Toolkit page to download that backup ZIP file if the user should need it.
Sounds like an awesome improvement, Japh!
I have two concerns:
1. Does the plugin do a writability check on the /wp-content/ directory, and explain to the user how to change permissions if necessary?
2. Does the plugin do anything to “lock down” the directory from non-admin, logged-in users? In other words, only the site admin should be able to access/download the zip. Otherwise, anyone who knows the directory structure could go around to WordPress sites with known ThemeForest themes and download theme “backups” for free, depending on how the user has their server configured (unless I’m missing something). I’ve seen this happen too many times where customers have placed plugin or theme zips in some random folder on their server that is publicly accessible. Standardizing that location could be an issue.
Just some food for thought, sounds like a great addition
Chris
- Envato Staff
- Australia
- Has been a member for 4-5 years
- Contributed a Tutorial to a Tuts+ Site
- Exclusive Author
- Sold between 100 and 1 000 dollars
- Bought between 10 and 49 items
- Referred between 1 and 9 users
- Reviewer
sevenspark said
Sounds like an awesome improvement, Japh!I have two concerns:
1. Does the plugin do a writability check on the /wp-content/ directory, and explain to the user how to change permissions if necessary?
2. Does the plugin do anything to “lock down” the directory from non-admin, logged-in users? In other words, only the site admin should be able to access/download the zip. Otherwise, anyone who knows the directory structure could go around to WordPress sites with known ThemeForest themes and download theme “backups” for free, depending on how the user has their server configured (unless I’m missing something). I’ve seen this happen too many times where customers have placed plugin or theme zips in some random folder on their server that is publicly accessible. Standardizing that location could be an issue.
Just some food for thought, sounds like a great addition
Chris
Thanks, Chris!
To answer your questions:
- Yes it does, however if you notice any problems please let us know ASAP
- Yes it does! The plugin locks down the
envato-backupsdirectory with an internally generated key that’s unique per installation
The plugin is open source, so feel free to take a look at our implementation, and if you see room for improvement let us know
- Sold between 250 000 and 1 000 000 dollars
- Community Moderator
- Author was Featured
- Item was Featured
- Bought between 50 and 99 items
- Referred between 1000 and 1999 users
- Has been a member for 3-4 years
- Repeatedly Helped protect Envato Marketplaces against copyright violations
Japh said
Thanks, Chris!To answer your questions:
The plugin is open source, so feel free to take a look at our implementation, and if you see room for improvement let us know
- Yes it does, however if you notice any problems please let us know ASAP
- Yes it does! The plugin locks down the
envato-backupsdirectory with an internally generated key that’s unique per installation
Awesome! Sorry, I didn’t get a chance to test those things out or look at the code yet, I should have been clearer about that – those were just the first two questions that popped into my head.
Great to see that both customer usability and author security concerns have been taken into account!
- Author had a File in an Envato Bundle
- Sold between 100 000 and 250 000 dollars
- Author was Featured
- Item was Featured
- Author had a Free File of the Month
- Grew a moustache for the Envato Movember competition
- Exclusive Author
- Slovakia
Hey guys! Any word on the CodeCanyon version of this yet?
UDS
- Exclusive Author
- Sold between 10 000 and 50 000 dollars
- Bought between 1 and 9 items
- Referred between 1 and 9 users
- Serbia
- Has been a member for 4-5 years
Japh said
Hey everyone!Letting you know we’ve just released the Envato WordPress Toolkit plugin v1.4 (just the plugin, not the library, at this stage).
Version 1.4 adds support for theme backups during a automated theme upgrade. This backup functionality can also be turned off from within the UI.
This is an effort to address the concerns people have raised about customisations being lost during an automated theme upgrade. Now, when a user initiates an upgrade from the Envato WordPress Toolkit, the existing theme is backed up to the
We hope you love this improvement on the plugin/wp-content/envato-backups/directory first. A link is then provided on the Envato WordPress Toolkit page to download that backup ZIP file if the user should need it.
A question: does plugin need a user API key to work properly (fetch data from envato)? Wouldn’t be a better idea to use purchase code, I think this is easier for buyers to find than API key.
Thoughts?
- Bought between 50 and 99 items
- Europe
- Exclusive Author
- Has been a member for 1-2 years
- Sold between 5 000 and 10 000 dollars
WARNING: Found ini_set in the file envato-wordpress-toolkit-library/class-envato-wordpress-theme-upgrader.php. Themes should not change server PHP settings.
Line 264: ini_set('max_execution_time', ETU_MAX_EXECUTION_TIME);
WARNING: curl_init was found in the file envato-wordpress-toolkit-library/class-envato-protected-api.php possible file operations.
Line 342: $ch = curl_init( $url );
WARNING: curl_exec was found in the file envato-wordpress-toolkit-library/class-envato-protected-api.php possible file operations.
Line 345: $data = curl_exec( $ch );
- Microlancer Beta Tester
- Author had a Free File of the Month
- Has been a member for 3-4 years
- Item was Featured
- Author was Featured
- Austria
- Exclusive Author
- Referred between 200 and 499 users
Why does the user need his API key for this?
Why isn’t the purchasecode enough?
- Bought between 1 and 9 items
- Exclusive Author
- Has been a member for 1-2 years
I absolutely agree with that. Sometimes, these API ’s are difficult to work with. I really appreicate it when the plugins that are really helpful are just code with that API Key.
Just my thoughts.
Website Hosting 1 [link removed by mod]
rvision_ said
Japh said
Hey everyone!Letting you know we’ve just released the Envato WordPress Toolkit plugin v1.4 (just the plugin, not the library, at this stage).
Version 1.4 adds support for theme backups during a automated theme upgrade. This backup functionality can also be turned off from within the UI.
This is an effort to address the concerns people have raised about customisations being lost during an automated theme upgrade. Now, when a user initiates an upgrade from the Envato WordPress Toolkit, the existing theme is backed up to the
We hope you love this improvement on the plugin/wp-content/envato-backups/directory first. A link is then provided on the Envato WordPress Toolkit page to download that backup ZIP file if the user should need it.A question: does plugin need a user API key to work properly (fetch data from envato)? Wouldn’t be a better idea to use purchase code, I think this is easier for buyers to find than API key.
Thoughts?
