gurumark

Some Q/A and Facts

Did Franz and 3 other guys have vested interested in this plugin’s failure?
I assume No, but looking at the comments “Don’t use it”, “full of crap” etc. I am not sure. You’d have to. Otherwise, how is it even worth the effort to comment at all?
Have they used the plugin and its SaaS service?
No, they haven’t created a custom plugin using this service. Franz thought there were some deficiencies in the way this plugin was written.(They said they will take a look at it).
Did Charlie Pryor ask Franz if he’s got vested interest in this plugin’s failure?
Nope.
Do I have a vested interest in this plugin’s success?
Yes. I have to. Otherwise, how is it even worth the effort to comment at all?
Does this plugin hurt some of other plugin owners selling pro versions of their own plugins?
Possibly. It might be the reason you see 1 star givers who are not plugin’s users.

Some Conclusions
If you write something negative in the form of a “review”, whatever you write must not be questioned. If you write something positive, you must have a vested interest, you have to. Otherwise, how is it even worth the effort to comment at all? Oh yeah, one more.. Don’t use SaaS services because they “phone home” and they are full of crap.

I don’t work for eMarket Design and am not authorized to speak on behalf of the company. My company is part of their premium tester program. We basically provide business requirements and testing services. We have been using the service for a long time (about 6 months). That’s why I am very familiar with the service and the functionality provided.

The service is composed of 3 tier architecture based on HTTP REST API.

Here is the conceptual picture:

1- Client (plugin) : Wp App Studio provides app metadata and sends REST request through HTTPS connection to controller engine. It also gets Account balance, checks app design based on API rules, and provides app generation status (success/failure message, or plugin download link)

2- Controller Engine : Gets the encrypted request, analyzes the app’s (plugin) complexity and checks the client’s account balance. Then sends XML response through HTTPS. It puts the request in the queue for code generation. If the code generation is a success then it sends plugin download link to Wp App Studio client through HTTPS connection.

3- Code Generators : These are a cluster of servers written in Java. They produce WordPress Api based code, do additional quality checks, push the generated code to Amazon S3, and send Controller Engine the download link, development status etc.

HTTPS connection does two things: 1- encrypt the connection 2- proves to the client(Wp App Studio) that the server it is talking to is emarketdesign.com. I believe HTTPS itself mitigates the risk for man-in-the-attacks, code injection etc. Franz also provided some tips which I think will further harden the security. (I am not a security expert.)
All the responses coming from the server goes through XML parser and in XML format. No other format is allowed.

Does it answer your question?

Do you homework read the documentation they provide first?

The plugins you provide here do just a part of what this plugin does. Pods doing a little more than the other two. Nobody forces you to use Jquery UI (again do your homework). They just give you an option.

Nobody says you do not review. It is good that you claim to find some security related deficiencies. It does not make a plugin a bad plugin. There are ton of very good plugins here in the rep not following the guidelines you pointed out. Considering the functionality this plugin provides, there could be some more bugs. That’s what the support pages are for.

Again my problem with your review is your style of writing. You seem to shoot to kill. Call people’s hard worked code a piece of crap. Give people a break! Kindly point out the issues, then give them time so that they can fix. They said they will take a look and see if there are some improvements to make.

If you have additional features you would like to see. Kindly ask them to consider. That’s how reviews should be. I don’t know how you and your german bodies view it in Europe, but here in U.S., when you imply that people might have an intention to send you bad code, that’s insulting. At least that’s how I view it.

Good to know.

Well, you can not get freebees in their part of the town. Nobody offers premium plugins let alone a plugin generated by WPAS. The zip file size itself is around 600k with full of functionality.

I have been dealing with open source goodies for about 6 years. I have not seen anything like it in Drupal, Joomla, or WP world. You can create a full blown CRM system in an hour without any coding. And it costs $27 per entity. Who does development for $27?

If you really want to see the code, stick to the complementary code in WP.org. And try not to insult people treating them as hackers or a bunch of script kiddies. Adios amigo!

First of all, eMarket Design is a legitimate, reliable U.S based company. They employ many developers like yourself. They do not have any intention to mess up your box. They want you to be happy so that they can make money. So stop treating everybody as thieves, hackers as such

You download plugins from this repository, correct? Does www.remarpro.com let you see the code before you download? They are in the business of making money out of the generated code. Why do you think they will let you see the code for free? It is basically a text file, as I said above, just review the code before you install it if you are paranoiac about it.

The generated code is downloadable from Amazon S3. It is there for 6 months.

The product: Wp App Studio is open source, The code generated is open source. The WAY the code is generated is NOT open source, duh!

Lastly, there is something called etiquette. Pick your words correctly when you write something. That all what I am saying. Try to ask questions like you did above before jumping into conclusions. I do not personally care about your review. Stick to your 1 star or no star. It is your business. Based on their client base I do not think they care either.

Wp App Studio does not generate code. The backend SaaS server does. All process starts and finishes in their server. It does not touch your box at all. The code is then uploaded Amazon S3 then you are provided with a link to the app’s (plugin) zip file. The plugin data is kept in S3 for 6 months so you can download from there whenever you want.
I also asked them to host the plugins generated in their servers and make them available to our clients. They said they are working on the setup.

I just replied to Franz. Wp App Studio is not gonna fix nobody’s servers security problems.

If you are worried about the security, man in the middle attack etc. or your network is not secure enough, use their demo server (demo.emarketdesign.com). Wp App Studio is installed and fully functional there.

Generate your code there in their own server. That’s what I do when I can not connect to company servers. Then you will be able to review the code, and see if it is safe enough for you. It is open source, modify, hack do whatever you want and make it useful for yourself and others. if you like to see more improvement, let them know. Their support team is great and very helpful.

You second response looks like more constructive approach. I am sure their development team will take a look and see if there is anything for improvement.

As I said, Wp App Studio is open source, the generated code is open source. Nothing is hidden. It is their first release and open to improvement.

I also read some of your reviews for other people’s plugins. You frequently use words like “crap”, “don’t use”, “no use” etc. These kinds of words do not encourage people to come up with new ideas or simply maintain their plugins. We do not want that, don’t we?

Plus, although Wp App Studio is backed by a company, most of the people use their spare time to contribute to the community. So “Respect” is the word which comes to my mind.

In addition, if you are worried about the security, you do not have to install the plugin in your own server. Use their demo server (it is installed and fully functional) and generate your code there. Then you will be able to review the code, and see if it is safe enough for you. It is open source, modify, hack do whatever you want and make it useful for yourself and others.

Peace!

Thanks DeeJay176, I will give it a go and see.

install plugin clouse soname ‘ha_clouse-5.5.24.so’;
ERROR 1126 (HY000): Can’t open shared library ‘/usr/lib/mysql/plugin/ha_clouse-5.5.24.so’ (errno: 2 /usr/lib/mysql/plugin/ha_clouse-5.5.24.so: undefined symbol: my_pthread_fastmutex_init)

I get the same error message. I use UBUNTU 12.04 LTS 32 bit and I use clouse-1.0b.1.2-linux-x86 version of the plugin.

mysql> SELECT version();
+————————-+
| version() |
+————————-+
| 5.5.24-0ubuntu0.12.04.1 |

Thanks,
Mark

Both servers are dedicated servers. I am not sure what has changed since the 0.80 version but it causes the error message. As I said 0.80 version gets activated with no memory issues.

I have inactivated all the plugins and tried it again but ended up with the same error message ” The plugin can not be activated. Fatal Error….” . This is the only error I get from wp.
This happened in two different boxes. One running OSX with 3gig ram and the other ubuntu 11.10 server with 4gig ram. I am sure there is a way to increase 256M mem limit for the admin area but currently we do not want to customize wp core.

Here is what error log for apache says:
“[Sun Jan 22 14:18:23 2012] [error] [client 127.0.0.1] PHP Fatal error: Maximum execution time of 30 seconds exceeded in ../www/wp-content/themes/suffusion/functions.php on line 1830, referer: https://localhost/wp-admin/network/update.php?action=upgrade-theme&theme=suffusion&_wpnonce=effbc84eaf
[Sun Jan 22 14:18:23 2012] [error] [client 127.0.0.1] PHP Stack trace:, referer: https://localhost/wp-admin/network/update.php?action=upgrade-theme&theme=suffusion&_wpnonce=effbc84eaf
[Sun Jan 22 14:18:23 2012] [error] [client 127.0.0.1] PHP 1. {main}() ../www/index.php:0, referer: https://localhost/wp-admin/network/update.php?action=upgrade-theme&theme=suffusion&_wpnonce=effbc84eaf
[Sun Jan 22 14:18:23 2012] [error] [client 127.0.0.1] PHP 2. require() ../www/index.php:17, referer: https://localhost/wp-admin/network/update.php?action=upgrade-theme&theme=suffusion&_wpnonce=effbc84eaf
[Sun Jan 22 14:18:23 2012] [error] [client 127.0.0.1] PHP 3. require_once() ../www/wp-blog-header.php:12, referer: https://localhost/wp-admin/network/update.php?action=upgrade-theme&theme=suffusion&_wpnonce=effbc84eaf
[Sun Jan 22 14:18:23 2012] [error] [client 127.0.0.1] PHP 4. require_once() ../www/wp-load.php:29, referer: https://localhost/wp-admin/network/update.php?action=upgrade-theme&theme=suffusion&_wpnonce=effbc84eaf
[Sun Jan 22 14:18:23 2012] [error] [client 127.0.0.1] PHP 5. require_once() ../www/wp-config.php:97, referer: https://localhost/wp-admin/network/update.php?action=upgrade-theme&theme=suffusion&_wpnonce=effbc84eaf
[Sun Jan 22 14:18:23 2012] [error] [client 127.0.0.1] PHP 6. do_action() ../www/wp-settings.php:289, referer: https://localhost/wp-admin/network/update.php?action=upgrade-theme&theme=suffusion&_wpnonce=effbc84eaf
[Sun Jan 22 14:18:23 2012] [error] [client 127.0.0.1] PHP 7. call_user_func_array() ../www/wp-includes/plugin.php:405, referer: https://localhost/wp-admin/network/update.php?action=upgrade-theme&theme=suffusion&_wpnonce=effbc84eaf
[Sun Jan 22 14:18:23 2012] [error] [client 127.0.0.1] PHP 8. suffusion_theme_setup() ../www/wp-includes/plugin.php:405, referer: https://localhost/wp-admin/network/update.php?action=upgrade-theme&theme=suffusion&_wpnonce=effbc84eaf
[Sun Jan 22 14:18:23 2012] [error] [client 127.0.0.1] PHP 9. suffusion_query_post_meta() ../www/wp-content/themes/suffusion/functions.php:26, referer: https://localhost/wp-admin/network/update.php?action=upgrade-theme&theme=suffusion&_wpnonce=effbc84eaf
[Sun Jan 22 14:18:5″

As soon as I revert back to 3.9.2, it works again. I do not know why functions.php exceeds execution time. It is OSX Leopard, ram (changed the domain name with localhost)

Same problem here using short codes in the posts after the update. Is there any patch?