Referrer Detector 2.1.1 and a little bit more

Hi everyone!

It’s been a while… yes I know I’m feeding up your ears (or eyes) with this same old same old greeting, but I’ve never been a good speaker.

So it’s been a while, and I’m writing another small plugin for personal purpose. Remember, I have another site dedicated to Vietnamese poetry? Well, I’m trying to enhance it up a bit - with some plugins I write maybe…

However, something today made me (temporarily) pause the work. Something not so happy.

In case you don’t know yet, I’ll stress it again: I didn’t invent the [concept of] Referrer Detector plugin. Instead, I first saw a similar plugin in action on my favorite blog Smashing Magazine. As Smashing is more or less a commercial blog, I was thinking it was something they made themselves and thus may not be open source, so I decided to write my own. When I found out that it’s originally a great plugin from Thaya Kareeson, my Referrer Detector was nearly finished, and I didn’t want it to be left abandoned. Apart from that, I also thought that my plugin, while still young and lacked of some important features, had some advantages that I personally could make use of (at that moment). So eventually I registered it in WordPress Codex. That’s the story.

When Referrer Detector was out, I was very happy to see how welcomed it was. My [G]mail box were full of comment moderation requests, and I was continuously asked for bug fixes, implementations, even some not so relevant stuffs (like how to change theme ;) ). These comments were the invaluable support that encouraged me to quickly release newer and hopefully better versions of RD, with visible and invisible changes as well. And it’s always been a joy for me to open my mailbox and see an unread message titled “[phoenix.heart - portfolio & more] Please moderate: “Here it is - Referrer Detector…”.

Thaya has noticed about my plugin, as he even left a comment on my blog entry - I was happy with it too. So it came to me as a surprise when today, I found out that it’s not that simple. Seems like he’s thinking I’m forking his code and is upset with the fact that RD is sharing the “fame” with his WP Greet Box. On a blog that promoted my plugin he left this comment:

Honestly, I am quite disappointed that my plugin hasn’t done better in the WordPress community. I am also even more shocked[upset] that Referrer Detector got the word out much quicker than WP Greet Box. I guess it really does matter “who” you knows in the blogging community.

I don’t want to sound biased, but as of right now (Referrer Detector version 2.1) I believe that WP Greet Box is hands-down better than Referrer Detector:

  1. Referrer Detector has a security flaw in its administrative AJAX interface. I won’t say more, so hopefully people with Referrer Detector installed won’t get hacked.
  2. WP Greet Box works with WPMU.
  3. WP Greet Box has the ability to keep track of visitors, so the visitor referred from google will not keep getting the same greeting message if they have visited within the last X hours.
  4. Exclusion rules have regular expressions support.
  5. More solid default CSS.

The only pros referrer detector has on WP Greet Box are:

  1. More default greeting messages
  2. The ability to include WordPress attributes like url, title, author, category etc. into the greetings

Given the security flaw Referrer Detector, I wouldn’t even try it out on a production site until the fix comes.

And on his official WP Great Box plugin blog, he changed the Upcoming Features to something below:

I have chosen to keep this list hidden to discourage kiddie coders from forking my code. I know some users that have went to the dark side to use a similar plugin, but they always come back to WP Greet Box because of my “awesome” support :) .

Maybe I’m a little over-sensitive, but nevertheless, it seems that I’m just one of those “kiddie coders” who’s “forking [his] code”.

To be fair, he was right about the pros and cons both plugins have - although still I believe that mine has something more that that. Also, I agree about the possible security flaw (and have fixed it in the latest version of WordPress). More or less, I’m not a hacker, so I can’t tell if it’s really a security flaw and if someone can make use of it, since first, AJAX calls across domains are very limited in terms of usability, and second, the person who may control the plugin and the admin panel, if not yourself, must be someone you totally trust.

What made me feel weird are:

  1. He seems to be thinking that all I (and some other plugin developers) have been doing is forking his code. This is not so correct :) To me, the code I was forking, if any, came from another plugin called ShareThis. Actually, this is the plugin I was learning from when I developed Digg This O’ Mine, and can be seen as my WordPress plugin tutor. Other than this, except for the concept that I learned from Smashing Magazine, I built my Referrer Detector from the scratch, as you can see if you take a look into the source code (of both RD and WPGB).
  2. He’s upset just because “Referrer Detector got the word out much quicker than WP Greet Box”. If it’s something really matters, then my answer will be “Digg”. I posted a story about RD onto Digg, that’s why it gets known rather quickly. Moreover, the more people get to know RD, the more they’re announced about WPGB, since on my official plugin entry and here again, I give all the initial concept credits to Thaya Kareeson. If his plugin is better, it will simply be used more widely. So why he got upset, I honestly don’t get.
  3. Seems like from his upset, he called other developers who share the same concept with him “kiddie coders”. Of course he is a great developer, as anyone can see from the concept and the way he’s writing code. But just because he’s great doesn’t mean others are bad, yes? And correct me if I’m wrong, isn’t writing various softwares with the same concept and purposes something we see everyday in this open source world? If not, then why so much Linux distributions?
  4. The “dark side” :)

So, as a conclusion, the concept credits go to Thaya, and I’m sorry if what I do is causing him some inconvenience. And let’s face it, everyone has his choice, so if my plugin doesn’t work for you for any reason, I always recommend WP Gree[a]t Box.

P/S: Have you noticed yet? Referrer Detector 2.1.1 which includes the security flaw fix is out!

  • Can you come up with stats tracking in v2.3? It’ll be really useful :)

  • Just installed Referral Detector 2.2. But on the Options > Referral Detector page, I’m getting javascript errors, preventing any of the functions from working.

    The same was for 2.1.1, which is what lead me to 2.2.

    WP 2.3.3 is installed.
    Javascript errors occur with both Firefox and IE7.

    Any idea?

  • Hi Rory,
    What exactly was the error?

  • You’ll need to excuse the crappy IE error message. I can’t seem to get an error message out of Firefox (2 and 3), the links just do nothing.

    IE7 javascript error:
    Line: 2
    Char: 1
    Error: Object expected
    Code: 0
    URL: http://www.roryhansen.ca/wp-admin/options-general.php?page=referrer_detector.php

  • I’m afraid that error from IE won’t help much… Could you install Firebug extension for FF and see the errors? Thanks in advance!

  • Rory, could you try pasting this line into line 162 of the file wp-content/referrer-detector/reffer_detector.php?

    print(‘<script type=”text/javascript” src=”http://jqueryjs.googlecode.com/files/jquery-1.2.6.min.js”></script>’);

    and try again?

  • Ahh, works. ;-)

  • Thanks!

  • You’re welcome, Rory ;)
    For me I should take care of this bug…

  • It seems that while your project is different from Thaya’s, you borrow heavily against it. It’s OK to do it from time to time, considering it’s open source but such heavy borrowing is frowned upon.

    He comes out with a feature, you immediately copy it, he comes out with another - same thing, you even refer to the box as “greet box”, a term you hardly came up with. Your plugin is essentially the same as his, with a few extra features tacked on, to be different. Again, I also frown upon this.

    Having seen the AJAX-related vulnerability and how long it took you to find it, I am going with GreetBox.

  • Artem, thanks for your comment but I couldn’t agree ;)
    I stress again: apart from the initial concept, I didn’t “borrow” anything from Thaya, leave alone “from time to time”. I didn’t even read his code ;) so I can promise, if you look into our code, you’ll find it hard to see anything in common. Well, in fact, as I looked into his code several days ago (the first time I did it), I even saw that he copied a large potion of JavaScript code and ideas from my own plugin.
    Sure, you can go with WPGB and I’ll say it’s a good choice. But imho there’s no need for you to go frown upon me and my plugin.

  • Phan,
    I respect Thaya and will probably even use his plugin for now (I like the timeout feature). I also understand his frustrations but frankly- welcome to opensource. If he doesn’t like it,  he shouldn’t do it. Even if you didn’t copy his code (which wouldn’t bother me as long as his license is respected), I don’t see any issue with being a better marketer and/or copying his new features. He of course can do the same back at you. Competing businesses play this game all the time, OSS just makes it much easier.

    I think you’re being very cool about this situation and you sound upstanding. Good for you. Keep doing your thing.

You can follow any responses to this entry through the RSS 2.0 feed.