56 Responses

  1. Drew Strojny
    Drew Strojny Published |

    Great point Justin!

    I came to this exact conclusion when working on an extensive upgrade for our Vigilance theme. I made the decision to require a minimum of Wordpress 2.8 and decided to strip all the old code supporting outdated versions of WordPress.

    The new version (now released) enjoys cleaner and lighter code because of this decision. The increased security for users is icing on the cake.

    Reply
  2. Rarst
    Rarst Published |

    Operating systems might be decent analogy here…Situation seems quite same. As soon as WP became mainstream it got locked into backwards compatibility issue.

    It is good to sit in good company and talk about importance of security and latest WP version. Same as preaching security to users on unpatched WinXP SP1. They don’t care and they won’t care.

    I think no supoprt for older versions is excellent because it makes it easier for developer (and this is important for plugin to stay alive). However in big picture this won’t be a standard, too many users and developers alike crave for backwards compatibility because it excuses their laziness.

    And WP caters to the market, it won’t please few if that means backlash by many.

    Reply
  3. Tobias
    Tobias Published |

    Hi,

    I see a problem here with the automatic plugin upgrader.

    If a user (with an older WP version) automatically updates my plugin on his site and it breaks, because I use a new function, that user will possibly never update my plugin again. This might result in security issues through plugins that are out-of-date.

    Tobias

    Reply
  4. Brad
    Brad Published |

    Great article as always Justin. While I agree that forcing users to upgrade is a good idea, I’m not sure using the “let it break” method is the best approach.

    What if instead of a plugin breaking you simply tell the user what features they are missing because they are on an older version of WordPress and lock down that functionality from executing?

    Reply
  5. Today in WordPress world – 23/09 | Links | WereWP
  6. Jonathan
    Jonathan Published |

    I’m with Brad on this one. Instead of letting the theme or plugin fail miserably for users of older installs – and making them figure out what’s happening – throwing a persistent message up in the users admin screen or dashboard that they need to upgrade their wordpress version and locking down functionality strikes me as a better way to get the behavior we want.

    Reply
  7. Edward Caissie
    Edward Caissie Published |

    I’m leaning towards using wp_version_check().

    Add an appropriate message recommending the user update to the current version (perhaps within a certain time-frame as mentioned above) but essentially if the version check is not met then the plugin does not function.

    The only caveat being the users must be diligent themselves with keeping their plugins (and themes?) up to date.

    Reply
  8. Ptah Dunbar
    Ptah Dunbar Published |

    Devils Advocate: I’m not so sure about forcing users to upgrade as plugins and themes shouldn’t be making that decision for the user. There may be a myriad of reasons why the user hasn’t upgraded yet, or in some cases, can’t upgrade immediately due to company policy and they shouldn’t be punished for that. Plugins and themes can and should strongly recommend the users to upgrade but not force them. Those are two different scenarios.

    If your running a business off WordPress development (as I am, you and many others), supporting legacy versions of WP should be standard practice, IMO.

    Reply
  9. Hallow
    Hallow Published |

    I understand what you are saying. I ignored the last Wordpress call to upgrade and my security was affected. So now i always upgrade Wordpress and plugins immediately i get the red flag!

    Reply
  10. Aaron
    Aaron Published |

    I completely agree Justin.. Backwards compatibility is nice, but it also opens up a can of worms when it comes to possible vulnerabilities. Authors should update themes and plugins as wordpress changes their versions, and make their plugins only work with the latest version out. This would solve a lot of problems, reduce the size of plugins, and also ensures that plugins get updated often.

    Reply
  11. Los Angeles Webdesign
    Los Angeles Webdesign Published |

    I think its about time that force update should be implemented even making old users to ‘suffer.’ Its for their own good and I think even search engines today are refusing Wordpress sites that are using unsecured version of the blog platform to be ranked properly on their index.

    Reply
  12. yummy
    yummy Published |

    I think force users to upgrade is not very well,i would hurt some users because them maybe get used to the older one.

    Reply
  13. File Search Engine
    File Search Engine Published |

    As a non technical user, i would prefer the upgrade to be straight-forward as well as easily to rollback by a click of a button

    Reply
  14. Personāla atlase
    Personāla atlase Published |

    Easy to say but hard to do.

    People are even using IE6 for browsing internet and VLC 0.6 for watching videos. So it is now way to turn a world around in couple of seconds or even couple of millenniums. There will be always someone who is out of date. :)

    Reply
  15. Tampa Movers
    Tampa Movers Published |

    I do agree with you that it would be best for everyone if everyone upgraded in a timely fashion. But I’m not sure if discontinuing backwards compatibility is the right way to go. For example, if someone is using your plugin and after upgrading the plugin it breaks their site, they’re likely to just get a similar plugin that doesn’t break their site. As the person above mentioned, a significant portion of internet users is still using IE6 so it’s unlikely that we’ll see people upgrading WP as often as we’d like them to.

    Reply
  16. Robert J Lowe
    Robert J Lowe Published |

    I think it would be nice to be able to skip over the problem by ‘forcing’ them to upgrade, but isn’t that really side stepping the real issue of better plugin management?

    Reply
  17. James
    James Published |

    I am really new to WordPress and would first like to say thank you to all the coders and developers that make WP possible. It has been a great community to begin to be part of and I really like all of the work you guys do.

    As to you guys not making updates to your plugins compatible with new versions of WordPress as a way to punish those that do not stay current with updates is likely not going to bring about a major waive of individuals upgrading to the newer versions. I like the idea of preventing new functions from working on older versions of WP. This gives positive reinforcement of behavior. Which researchers have shown to be a much better stimulus to act for humans than negative reinforcement.

    I think once people finally upgrade to a version of WP 2.8 there will be less issues with people sticking to older versions. As the effort/cost to upgrade to the newest version has been nearly eliminated with the ability to just upgrade via a couple of clicks in the dashboard.

    Again a big thanks to everyone that makes WP possible.

    Reply
  18. RB
    RB Published |

    The problem is, I’ve dozens of plugins which does not support latest WP version. Some plugin developer need few days, weeks, months (and sometime never!) to make their code compatible with new WP version. To use those plugin I just have to wait or don’t use it at all! ;)

    Reply
  19. Wayne
    Wayne Published |

    You can’t really force users to upgrade. They’ll simply gravitate to other solutions if they don’t want to go through the hassle of upgrading all of their plugins. Even some developers seem like they can’t be bothered to upgrade a plugin they released when a new version comes out.

    Reply
  20. NotAlame
    NotAlame Published |

    Hi Justin!
    I don’t totally agreed with you… Because I have a wordpress site and I cannot upgrade to 2.7+ because of my hoster which let my memory_limit to 24M and this is not enough for such upgrade. And don’t say to me to change my hosted cause I can’t, so…

    Reply
  21. Romeo
    Romeo Published |

    I think that forcing users to upgrade have 2 “faces”
    THe good one for the programmer as u say in your post…
    The bad one for the user if he have made few changes to the plugin (translate smth if the blog is not in english) or smth like this…
    But till the plugins are Free…i think that it should be forced :)

    Reply
  22. Mark Clayson
    Mark Clayson Published |

    I found out to my cost the risks associated with not upgrading. I was taken over by infiltrators. Luckily all was OK and, of course, wordpress is easy to upgrade now with the automatic function.

    Reply
  23. Arie Putranto
    Arie Putranto Published |

    I agree with the terms that people will know their going out of date when they found some plugin are not working in their site. They will then forced to choose between the options, stay in the old version of wordpress they currently use and not using the plugin or upgrade it to start using the awesome-up to date plugin.

    It’s all about the option.

    Reply
  24. Rok Mejak
    Rok Mejak Published |

    At first the idea of immediate upgrade looks promising and nice but that is only from the developers point of view. Imagine a small company that runs 2-3 WP Blogs and does not have an IT person employed. What would be the costs of constant upgrading and updating the plugins in such case.

    Of course for me it would be no problem but from the other’s people perspective this task would be time demanding and expensive. So I think it should stay as it is. That people upgrade when they want and need to.

    Reply
  25. Optimist5
    Optimist5 Published |

    Another vote for annoying message instead of letting it fail. It just seems nicer.

    Reply
  26. Dean: Residential Roofing
    Dean: Residential Roofing Published |

    I agree that developers are part of the problem; they are trying to be too acomodating. The platform and most plug-ins are often provided at no or very little cost, so I don’t see why forcing a user to upgrade is a big problem. I understand that smaller businesses may not have an IT person, or other limitations, but expecting to receive support indefinitely for a free plugin from the developer is unrealistic.

    Reply
  27. hid kit
    hid kit Published |

    I agree with Tobias, there could be major security issues.. This is a hard problem to fix!

    Reply
  28. alphainventions
    alphainventions Published |

    Forcing people to upgrade might upset them, but they will see the benefits in the long run. Security first.

    Reply
  29. Sam Dodd
    Sam Dodd Published |

    This is tough because many wordpress users don’t know how to upgrade on there own so to force them might be asking for more trouble then its worth. Maybe the solution and I see it happening already is to update the automatic upgrade feature to the point where less tech savy users are auto updated.

    Reply
  30. Water boy
    Water boy Published |

    Forcing people to upgrade is necessary in some cases, especially when it is a security problem, however there may be a very good reason that someone does not upgrade. I agree that it is a pain to keep all the plugin automatically updated so if there was a feature for this to occur more smoothly it would help people out.

    Reply
  31. Outsource
    Outsource Published |

    I think that the information presented should be useful to many people a lot.

    Reply
  32. Andy Fitzpatrick
    Andy Fitzpatrick Published |

    Purely from a security angle this makes perfect sense and as has been mentioned the less coding required the better.

    Reply
  33. udaipur
    udaipur Published |

    i dont think forcing people would work !!

    according to me!! wordpress itself should approve plugins and give update wtill next update arrives

    Reply
  34. geld lenen
    geld lenen Published |

    I don´t agree at all. Personally I haven´t updated a few times because I didn´t want to. You should have that option I think

    Reply
  35. indyainfo
    indyainfo Published |

    Add an appropriate message recommending the user update to the current version

    Reply
  36. Dave
    Dave Published |

    I’ll be honest, I don’t like the idea of forcing upgrades. There have been times in the past where I’ve patched something just to make it work and pushed it out to the live site. The thought of upgrading and then coping with the potential broken / lost code from the patch is terrifying.

    Part of the problem, as well, comes in to the fact that there is no clear universal method for backing up an entire instance of Wordpress – including theme, all active plugins (and their settings), all posts, all users, etc. etc. etc… Without a universal 1-click “duplicate this site” feature, the process of forced updates on WP, plugins, and themes can cause more frustration than benefit… Especially to those of us that do so many things the “wrong way” but still get things to work! (Yes, I know I should document any patches & band-aids that I put on my code or on other themes & plugins, but sometimes you just need the damn thing to work and get published!)

    Reply
  37. Mohsin
    Mohsin Published |

    I think that forcing is not the solution and a very smart thing to do. I mean sometimes people do continue using the older version due to various reasons. maybe OS compatibility, ease of handling and lots of other different stuff.

    Reply
  38. Victor
    Victor Published |

    Backwards compatibility is nice, but it also opens up a can of worms when it comes to possible vulnerabilities. Authors should update themes and plugins as wordpress changes their versions. That’s a good effort you have put on the network through your blog.

    Reply
  39. Clayton Shumway
    Clayton Shumway Published |

    Great point, I agree that updates should be automated…keeps things uniform. Plus, you have to agree that the average WordPress user is fairly internet savvy, and it’s safe to assume they have the latest version of Firefox, well why not WordPress?

    Reply
  40. John
    John Published |

    I don’t agree with ending backwards compatibility support fully. That is one of the things that makes software great after all – support/compatibility for older versions/formats. If you were really using very old versions, then I think that would really be an issue.

    But what about those that customized there WP and themes/plugins according to their liking? It is open source after all. I for one do this. One time I customized a plugin heavily down to its code and I made the mistake of upgrading it. Bam! All customizations gone. Good thing I do regular backups, otherwise it would’ve been very had redoing everything that I did.

    Reply
  41. Alex
    Alex Published |

    I sort of agree with you on this. By forcing upgrades this would by default make wordpress and it’s plugins a lot safer and more compatible for users. good post!

    Reply
  42. Mathieu
    Mathieu Published |

    I think it is not a wise idea to force the upgradations. Most people I guess would take time to move on to new versions. As pointed repeatedly in the previous comments, customization is very important. Maybe there is some other creative way to solve this issue!

    Reply
  43. Darrin
    Darrin Published |

    I know I am guilty of not upgrading when I should but we have to also cut these guys slack who create free plugins and themes for our use. It would be nice if there was an easy solution to this but I feel as long as this stuff is free there won’t be.

    Reply
  44. cracker
    cracker Published |

    Wow Great point Justin!

    i love wordpress ^^

    Reply
  45. Arkenor
    Arkenor Published |

    Unless you’re also going to force all plugins and themes to also be updated at exactly the same time as your forced Wordpress upgrade, what you’re suggesting would result in a whole lot of people looking for a new platform.

    If every time you upgrade Wordpress it breaks plugins that may be an important part of the site, because it doesn’t want to do backward compatibility, how would that possibly be good for the end-user? It’d just render the platform too unpredictable to use for any serious purpose.

    Reply
  46. Davidalees
    Davidalees Published |

    I agree with Justin. We all have to remmember that these plugins are usually FREE.

    Reply
  47. Carl Hancock
    Carl Hancock Published |

    I have no problem with forcing users to upgrade.

    The fact of the matter is if you don’t keep your WordPress install up to date you are leaving yourself vulnerable to being hacked. Plain and simple. One of the major features that WordPress brings with each new release is patching security holes.

    If your plugins break every time you upgrade WordPress you are using the wrong plugins. Pick plugins by developers who actively maintain their plugin with each new WordPress release and you won’t have that problem.

    If you rely on plugins that aren’t actively being maintained by their developer… all I can say is good luck with that. You made your own bed.

    Reply
  48. darila
    darila Published |

    My experience is: users (also me, when im lasy) upgrade when something breaks. So yuor point of backwards compatibility seems right. But i think that largest possible audience is better thing.

    greeting darila

    Reply
  49. avsa adasi
    avsa adasi Published |

    I have no problem with forcing users to upgrade.

    Reply
  50. Byron
    Byron Published |

    Fact is, WP 2.7 is just not safe. I know the hard way :( . It’s a community service to require upgrades, especially when something like the “hidden Admin” vulnerability of 2.7 is brought to light.

    Reply
  51. Kyle
    Kyle Published |

    Deleted for being the stupidest comment Justin has read in some time, not actually reading through and understanding the ideas in the post before commenting, and, most importantly, wasting Justin’s time.

    Reply
  52. macky
    macky Published |

    i would say a high light in the wordpress plugin page is ok it is like most of the blogger will not login in the back end but it can really help blogger to keep updated their blog

    Reply
  53. TOEIC
    TOEIC Published |

    This could be a great idea but upgrading the wordpress all the time is not really handy

    Reply
  54. Hypnosis Bob
    Hypnosis Bob Published |

    I think the problem is that a lot of people do not regularly check for updates and do not want to go through the trouble of upgrading and FTPing, etc. Now, with the new version you have an automatic upgrade function which I think is great.
    To techie people, all this stuff may be easy and “just take 5 minutes”, but if you are not experienced it can be a real challenge.

    Reply
  55. Charles
    Charles Published |

    After reading through the article and many of the replies. I think there is a much simpler answer here. I myself warn very sternly to my clients if they upgrade their site themselves they are responsible for it. I offer to backup their site and do the upgrade at no charge (if I built the site). However, if the plugin breaks there is no way to go back therefore I get stuck finding a solution or re-installing from the backup. I think many more people would be willing to upgrade their plugins much more often if there was a way to go back if something wasn’t quite ready to work together. SO, if there was install NEW version, Install Back version.

    Reply

Leave a Reply

By submitting a comment here you grant this site a perpetual license to reproduce your words and name/Web site in attribution.

Please use your real name or a pseudonym (i.e., pen name, alias, nom de plume) when commenting. If you add your site name, company name, or something completely random, I'll likely change it to whatever I want.

css.php