Hi! I’m the author of the script you mentioned that has a “number of flaws”. I was hoping that you might be able to report these flaws - there’s a bug reporting link on the page you linked to. I hate flaws in the code I write, even when it is handling unusual circumstances.

It took me a minute to figure out just how it was not handling the upload directory. It was handling all custom directories and files just perfectly. Then I found what you meant, and you’re absolutely right. Wordpress allows you to specify which directory to use as uploads. By default, if you don’t explicitly specify one, it tries to write to a directory called “uploads” underneath their system wp-content directory that comes with the source. I’m assuming this is what you meant by it not bringing over your uploads - please correct me if I’m wrong!

The script currently will not (by design) bring over any unknown files or directories that are inside supposedly “pure” Wordpress code directories (except for themes and plugins). This is to help protect from hacked Wordpress installations when you upgrade. But it is possible people will create their own valid, custom content within the pristine Wordpress source, such as having that upload directory underneath wp-content. I need to address this, and thank you very much for pointing it out.

The Wordpress installations I manage do not allow the web server to write to any directories that could contain Wordpress source files. Having a setup that allows the web server to write to your source code is not the best idea. But it seems that many people do this. I don’t know about your installation in particular (I hope you don’t have everything open for writing by the web server!) but I do need to account for directories and files that might have been created within Wordpress source subdirectories.

If there are any other flaws that you noticed, if you could report them, or just list them here, I’d be very appreciative.

As for it being overly-complicated, it’s designed to handle sensibly more than just one person’s blog, and it also backs up all your site and data, too, unlike the other script you listed. Although it can be run in nearly all situations by just specifying the name of the directory that contains your Wordpress site, it allows many aspects of the upgrade process to be controlled via command line options if administrators choose to do so, for special situations.

I had thought about just downloading new source code and just dumping it on top of everything you currently have, but there are many potential problems associated with doing that. Just one is, files that are no longer used in Wordpress (and may be a security issue) will forever remain accessible in sites updated with this other script you mentioned (it doesn’t clean out old ones).

Personally, I think the best approach is starting out each upgrade with pristine Wordpress source, then bringing in your customizations. I’m not a fan of just globbing stuff on top of something already there.

The auto-downloading of the source code is a good idea! I think I’ll do that, too. But in the interest of making things complicated (or allowing choice) I’ll also make it so that people can specify the Wordpress source tree that they might have already downloaded instead of forcing them to use the latest.tar.gz file from the Wordpress website. That way, people who modify the Wordpress source for their users will still have a script they can use. The trick is deciding on the best defaults to keep things simple. But even then, you need to document what you can control, which can make things appear complicated.

I think that the script you mentioned is probably the better choice for most single-site users (except for the simple overwriting of trees issue). I thinking adding a backup of your current source tree, and your data before running the upgrade is a good idea, too, though.

Mark,

First off, thanks for taking the time to respond so completely to my post. I’m happy that you found it (I didn’t expect *anybody* to read it, actually), and I hope you don’t take my feedback personally.

By complicated, I just meant it was harder for (me) to fix to be appropriate to my needs. The script I found instead was 6 lines of (for me, anyway) more understandable source. But I agree it has some flaws of its own, including not backing things up and leaving “turds” around…

As for the uploads issue, I used your script to upgrade my blog and the uploads directory didn’t get copied over. The plugins did, and so did my theme, but no uploads. It was just empty? No errors given.

Also, it failed to copy my .htaccess file, but I noticed you fixed that in version .4. I had .3 sitting around, and upgraded to fix that one.

I’ll certainly give your script another whirl–I agree with everything you said about gumming stuff up…

Oh no, I didn’t take it personally at all. Well, that’s a bit of a lie. You know how parents are with their babies. Then again, I’ve got babies spread out all over the place, so you could say I’m a little numb to it.

I really appreciate the feedback on it! You can never think of everything and the only way to make it better is to have people tell you.

I just finished writing in a fix for what you described, and version 0.5 is there now. You’ll find that anything under wp-content is not treated as customizations and will be brought over. The plugins and themes are still handled separately though to allow people finer-grained control (only if they want to use it).

I really, really appreciate you bringing this to light so I can fix it.

Having it download the source for you is a wonderful idea. I hate having to download that and extract it. I’ll do that as soon as I have some extra time over the next few days and will let you know so you can give it a whirl if you like.

I found your post because Wordpress is wonderful about “pingbacks” — when you linked to my Wordpress site from yours, it made a pingback on my site and let me know. It also revealed to me a problem in the theme I’m using where it’s not displaying pingbacks on static page content. I need to make them start showing up in the theme.

Thank you again!

OK, you prodded me good on this one. I just added capabilities for it to auto-download the latest source now. This will make me very happy, anyway. It’s now next to brainless and effortless. What could be better?

There’s no way I’m going to have it automatically call the upgrade.php script automatically, though. I think people should run that themselves — otherwise they won’t see any errors that might happen.