HubSpot For WordPress – DO NOT USE

So we all know HubSpot and what they do. They (or someone) released a plugin called  “HubSpot for WordPress”. This plugin included some awesome features. Not too long ago, I went to look for the plugin in the repo and it was gone. From years in the WP world, this does not happen with a simple request.

I resorted in downloading a backup version I had on hand from another project. Being a curious person, I decided to poke around in the code and what I found was jaw dropping.

There is a set of standards, guidelines and best practices that are used when creating a theme and or plugin for WordPress and clearly, I do not think someone got the memo.

Here is why feel this way about this plugin and am happy that it has been removed:

  1. Files can be accessed directly and some even accept outside parameters.
  2. Un sanitized parameters can be fed to exposed files.
  3. wp-load.php is called directly and makes the assumption that the WP install in not in a sub directory and that all files are standard.

It is hard for me to believe that a company like HubSpot would release a plugin with such high disregard to security and standards. With this said, I would love to see the plugin reworked and put back in the .ORG repo but it will need a lot of work.

If you are using this plugin, please deactivate for security purposes. You can find the article from HubSpot on how to migrate to the new “simplified” (everything removed) HubSpot Tracking Code by visiting the link below.

If you have any questions or concerns about the plugin, I would be happy to answer them.

Drone Sighting in Wadsworth Ohio???

So just about 30 minutes prior to posting this I was contacted by someone in the Wadsworth, Ohio area. They stated that they was a drone flying overhead High St near the Walmart. They stated that it was flying about 150-200 FT high. They gave the description and sent a picture of what it looked like. The picture they sent was of the predator drone commonly known to be used by the military.

Credit: Google Image Search |

About 10 minutes later they sent another picture that they manage to snap of it after it flew by. The image is high quality but was taken at a distance as the drone passed.


If you look closely, you can see the drone right above the middle tree at the bottom of the photograph.

I just found it interesting that there was a drone flying overhead an area not known to have any airport (other than a small private airport) with no military base for a while.


Notice: The called constructor method for WP_Widget deprecated

With some of the changes in WordPress, this error/notice has been popping up more often in the support forums and with clients.

This notice is because WordPress has deprecated the method used to extend the WP_Widget class while modifying the constructor method. WP_Widget’s constructor is being called.

Starting in WordPress 4.3 you may have noticed a message like the following:

Notice: The called constructor method for WP_Widget is deprecated since version 4.3.0! Use __construct() instead. in […]\wp-includes\functions.php on line 3457

This error may even cause a “headers already sent” error message as well.

Chances are, this notice is being caused by an out of date plugin or theme. The first step is to make sure that you make a backup of your site and the DB. Once you have a backup of your site proceed with the following steps:

  1. Go to Dashboard->Updates
  2. Ensure you are running the latest version of WP by clicking the “Update Now” button. If you are running the latest version proceed to the next step.
  3. Update all Themes
  4. Update all Plugins
  5. Check you website to ensure it is working as expected.

If for some reason the error has not gone away, you probably have a plugin or theme that has not been updated to meet WordPress’s guidelines yet. You will need to find which plugin if causing the issues and deactivate it.

You can do so by deactivating all plugins to see if this resolves the problem. If this works, re-activate the plugins one by one until you find the problematic plugin(s).

If you still have the issue try switching to the default theme to rule out any theme-specific problems.

If you are still having issues after you have updated everything and ruled out bad plugins or themes, you may have a bad upgrade. Try manually updating WordPress.

Hope this helps shed some light on the issue. Please feel free to leave a comment below and share you experience.


But they said to edit /wp-includes/plugin.php…

As some of you may know, I spend a lot of my time deep in code or hanging out in the WordPress Trac or support forum. Today, I ran a crossed a post that almost made me put down my coffee and start head banging my desk.

If you work with WordPress, then you more than likely have seen the following warning (or something along the lines of it):

PHP Warning: call_user_func_array() expects parameter 1 to be a valid callback, function ‘some_function’ not found or invalid function name in /wp-includes/plugin.php on line XXX

The above warning is very common and has nothing to do with WordPress or any file that is mentioned in the warning. So why the head banging you ask? More times than I would like to see, people are looking to the file located at /wp-includes/plugin.php for some clue and then editing the file directly.

Editing core files directly is not recommended nor advised.

So whats wrong with editing core files directly?

It boils down to how WordPress updates work. Lets say that I edited the file “/wp-includes/plugin.php” to silence an error and the following month I upgraded WordPress. The warning message will be back. WordPress is tested extensively and 99.9% of the time the error or warnings are from third party plugins and themes.

Why the warning if it is not WordPress’s fault?

WordPress has hooks called actions and filters. They are used to hook into core functionality without having to modify any core code (Remember, changes to core will be wiped on the next update). Plugin and themes tell WP where and what function to run at certain parts of the script execution.

If a plugin tells WordPress to run “some_function” but the plugin does not define “some_function” you will see an warning that looks like it is WordPress having the issue.

How do I fix the warning message?

Follow the steps of disabling all the plugins and enabling them one by one until the problem comes back is the correct way of tackling the issue. Once you find out which plugin or theme is causing the issue, contact the developer of the plugin and let them know what is going on or simply do not use that plugin/theme.