In my view – bogging systems are a subset of content management systems. So, Wordpress is one of that kind.

NOTE: This answer was originally posted at StackOverflow.com by user162247

In its default setting, no, WordPress is not a CMS, it is a Blogging platform.

However, like with any other popular scripts (vBulletin, phpBB, Coppermine, etc) they can be tweaked and modified to your hearts content. If you add the necessary plugins and modify the template to look like a website and not a Blog then you effectively have a CMS that’ll allow you to publish new pages as WordPress Pages or Posts.

WordPress is as much a CMS as vBulletin or phpBB, so to those who seem to disregard my opinion, please explain why WordPress is a CMS and how come we don’t just call everything that handles content a CMS?

NOTE: This answer was originally posted at StackOverflow.com by Mike B

I recently found http://hilite.me. I like it because there is an option for formatting text–useful when you are posting a config file or a series of commands.

From a WordPress standpoint I’ve been trying to trim back the number of plugins I’m running after a scan on pingdom.com showed how much time my page loads were taking because of a syntax highlighting plugin–and I rarely post code so it was a really not worth it.

I like the idea of inserting code blocks as pure html in the post because you aren’t required to have that plugin in the future and I’d assume won’t impact page load times.

NOTE: This answer was originally posted at StackOverflow.com by John Poelstra

I use WP-syntax for WordPress. Works great for me.
It’s not exactly what you are looking for but I thought I’d mention it here if anyone is looking for syntax hightlighting in WordPress.
From the usage description:

Wrap code blocks with <pre lang=”LANGUAGE” line=”1″> and </pre>
where LANGUAGE is a GeSHi supported
language syntax.
The line attribute is optional.

NOTE: This answer was originally posted at StackOverflow.com by windyjonas

Wordpress. I’ve spent a lot of sleepless nights trying to answer the only one question: “Why??”

Since I’ve faced with its source code I hate it. It is awful. And let my post(and reputation as well) will be minused but it’s true.

It doesn’t have core. There is a rubbish of code instead of core. It reminds php3. Huge heap of unrelated and unlogical functions are used in it. “Copy and Paste” – the only one design pattern is used in wordpress.

Yes, the have emulated using of prepared statements. But why they don’t use PDO, or mysqli? They have copypasted almost all PDO functions but haven’t use it instead. Using of mysqli instead of mysql requires even less efforts.

They use myql_real_escape_string. But there is still something like protect_string_strongly, protect_string_weakly. There is no only only one function – do_not_protect_string_i_believe_my_users.

Global variables – is the philosophy of wordpress. “If we don’t know how to change this var we’ll mark it as global var and everybody will be happy.” – here is what wordpress developers thought when they developed hellpress.

Every new version contains a lot of new in design, they add new default themes, they change background color in admin area from #ccc to #cdcdcd, they use dropdown menu in admin area instead of accordeon. And it awesome. But they do not improve its code.

Did you read comments in WP “core”? No? And I did. They are “awesome”. Something like “What this function is called for? Let’s it leave just in case.” or “Do not hardcode this in new version.” and so on.

The only one answer to the question “Why?” I got is: “Because it works. And if it does work do not touch it!!!”

wordpress.org is one most visited sites in the world. Why? Because nobody able to understand wordpress’s logic. Everybody every time needs to ask something on the forum or read in the codex.

I hope you understand my point of view.

NOTE: This answer was originally posted at StackOverflow.com by Ruslan Polutsygan

One of the main differences between mysql_real_escape_string() and addslashes is that mysql_real_escape_string() works in conjunction with the character set so it knows how to properly escape data based on the character set.

Generally I think the best approach is to use a request class and do all your stuff there.
That way there is only one place where you deal with GET,POST,COOKIE, SERVER etc which makes it far easier to manage in contrast to having a bunch of random functions doing different things. That’s just a recipe for disaster.

NOTE: This answer was originally posted at StackOverflow.com by gus

Magic Quotes

The following text is taken from PHP.net

http://www.php.net/manual/en/security.magicquotes.why.php

There is no reason to use magic quotes because they are no longer a supported part of PHP. However, they did exist and did help a few beginners blissfully and unknowingly write better (more secure) code. But, when dealing with code that relies upon this behavior it’s better to update the code instead of turning magic quotes on. So why did this feature exist? Simple, to help prevent SQL Injection. Today developers are better aware of security and end up using database specific escaping mechanisms and/or prepared statements instead of relying upon features like magical quotes.

addslashes() vs mysql_real_escape_string()

The reason why you should use mysql_real_escape_string() is because it’s a “MySQL function” and is created especially for escaping user input before it’s executed in a mysql query, while addslashes() is a “PHP function”. That probably sounded a little weird, but there’s one important difference between the two and it has to do with the use of single- and multi-byte characters. You can still inject databases protected by the addslashes function, but injecting databases protected by mysql_real_escape_string is far more difficult. You can read more about it HERE

Register Globals

The reason why you should NOT use register_globals is because variables become accessible to everyone, which means that in the following example you would be able to set $access to true if it hasn’t been initialized before

<?php

if (isAuthenticated()) { $access = true; }

if ($access == true) {
  include(controlpanel.php);
}

?>

The above code would give you sh#! loads of problems, but if we initialize the variable first by adding the following to the top of the page

$access = false;

…we should be fine even if we have register_globals ON

So, if the Wordpress team have initialized all variables (which they probably have) then you don’t have to worry about the use of globals.

Conclusion

It’s definitely bad practice using any of those 3 functions/features and I would never do it myself. Are you sure you’re working with the latest version of Wordpress? Like someone commented, if you are using the latest version it’s because of laziness or worse it’s still in there. I’ld never use Wordpress for anything other than blogs that doesn’t require much security..

NOTE: This answer was originally posted at StackOverflow.com by Tom

There is no better way to answer why they are bad than referring to the PHP documentation on magic_quotes:

• Why did we use Magic Quotes?
• Why to not use Magic Quotes

Also note:

This feature has been DEPRECATED as of PHP 5.3.0. Relying on this feature is highly discouraged.

So why does Wordpress still use Magic Quotes?

Wordpress minimum requirements uses PHP 4.3. Yes, it is absolutely a backwards compatibility reason.

What about the other functions?

I am honestly not sure. Relying on super globals is a very bad idea. This is simply laziness of the Wordpress development team. Perhaps they have more important issues to work on.

NOTE: This answer was originally posted at StackOverflow.com by Levi Morrison

Here’s what I’m gleaning, upon considering the most popular answer and additional resources:

• $tag seems to be a synonym for the name of the hook. (That’s not particularly intuitive to me.)
• the_content is an example of a hook, of the “filter” type.
• the_content hook consists of multiple filters.
• Filters modify data. They basically filter the database, changing the data before the users view it.
• A common use of apply_filters(), for instance, is to apply the_content filters to $content. In this instance, double returns will convert to <p> tags, smiley faces will convert to icons, etc.
• “the_content” is a hook, while “the_content()” is a function.

NOTE: This answer was originally posted at StackOverflow.com by Marjorie Roswell

I totally agree that Wordpress with the SyntaxHighlighter Plugin is a great choice for your purpose.
Additionally, you might want to check out a plugin I developed some time ago: SyntaxHL Editor. It offers a simple GUI to enter and modify the source code in your post.

NOTE: This answer was originally posted at StackOverflow.com by user230423

Most Blogware meets 3 and 4 pretty easily (all the ones I know do, anyway).

1 is usually handled through a plugin; Wordpress has the one mentioned in your comments, SyntaxHighlighter (alexgorbatchev.com/wiki/SyntaxHighlighter), but if your chosen platform doesn’t have one you can use this javascript based one: http://code.google.com/p/syntaxhighlighter/ and make your own plugin for it. That’s actually anothr criteria I’d add to your list if I could, “Ease of extension”.

2 is probably the biggest differentiator between blog engines. Given your requirements, I”d recommend checking out Expression Engine (has the greatest / easiest control over emitted markup that I’ve seen), with Wordpress and Blogger following not far behind.

NOTE: This answer was originally posted at StackOverflow.com by Paul

Try this:

$pagename = get_query_var('pagename');

NOTE: This answer was originally posted at StackOverflow.com by user1581293

You can get the current page, post, or custom post type with the global variable $post.

echo $post->post_title

Note: In a function or class you’ll need to specify global $post; prior to trying to use $post.

If you have loops on your page, make sure you end each loop with wp_reset_postdata(); to set $post back to the default item being displayed (the page).

Note, the ‘post_title’ variable is also available for any custom loop / query.. including menu items and media attachments.. everything in WordPress is a ‘post’.

NOTE: This answer was originally posted at StackOverflow.com by James

    $title = get_the_title($post); 
    $parent_title = get_the_title($post->post_parent);

    echo $title;
    echo $parent_title;

Hope this will help !! 😉

NOTE: This answer was originally posted at StackOverflow.com by Jerad Rutnam

<?php wp_title(''); ?>

This worked for me, if I understand correctly, you want to get the page name on a page that has post entries?

NOTE: This answer was originally posted at StackOverflow.com by GregB

Ok, you must grab the page title BEFORE the loop.

$page_title = $wp_query->post->post_title;

Check for reference: http://codex.wordpress.org/Function_Reference/WP_Query#Properties.

Do a

print_r($wp_query)

before the loop to see all the values of $wp_query object

NOTE: This answer was originally posted at StackOverflow.com by keatch