2011 in review

The WordPress.com stats helper monkeys prepared a 2011 annual report for this blog.

Here’s an excerpt:

The concert hall at the Syndey Opera House holds 2,700 people. This blog was viewed about 46,000 times in 2011. If it were a concert at Sydney Opera House, it would take about 17 sold-out performances for that many people to see it.

Click here to see the complete report.

WordPress.com Stats 1.8: Sparkline

Just ahead of WordPress 3.1, we released WordPress.com Stats 1.8. The new Stats plugin includes some small fixes that will make it easier for us keep the plugin’s reports in sync with the reports seen on WordPress.com. The plugin’s reports are a few versions behind so look for rapid improvement in the coming weeks. But what’s most exciting about Stats 1.8 is how it works with a new feature in WordPress 3.1: the admin bar.

screen shot of admin bar
The admin bar on my self-hosted blog.

Stats 1.8 adds a tiny bar chart (called a “sparkline”) to the admin bar. To make this chart more interesting, and not just a copy of what you can already see in your stats report page, we zoomed in on the time axis. Rather than show one data point per day we show each of the last 48 hours. Following your blog’s time zone setting, lighter and darker bars represent daylight and nighttime hours.

Design credit goes to Joen and MT. The sparkline design seems simple and obvious now, but it took a lot of tries to get it that way. It wouldn’t have happened without their contributions.

Of course, we intend to bring the new sparkline to the WordPress.com admin bar as soon as possible. Remember how we said the plugin’s stats reports are a few versions behind the WordPress.com reports? With the admin bar it’s the reverse. Self-hosted bloggers are the first to get this upgrade. Everyone on WordPress.com will have it soon.

Help test Stats 1.5 beta

At first we thought it was a good idea to use iframes to display reports in the Stats plugin. We’ve seen since then a lot of problems with browsers and cookies. To help resolve these issues, and in anticipation of future features, I am updating the plugin and the WordPress.com stats reporting system to remove the iframes. I just posted 1.5 beta 1. If you host your own WordPress 2.7+ blog and you use the Stats plugin, why not contribute to its development by installing this testing version? Anyone can download the beta but I don’t recommend it unless you are able to cope with potentially unstable software.

  • What are the risks of using this beta?
    You won’t lose any stats. If something goes horribly wrong it’s probably a bad download; just reinstall the latest version of Stats.
  • How does it work?
    The plugin connects to WordPress.com to get the stats reports when you request them. It uses the API key to authenticate.
  • Aside from fixing cookie problems, how is this better?
    Now it’s possible for anyone who can publish posts on your blog to see blog stats. They don’t have to be logged into a WordPress.com account. They only need the publish_posts capability (Author role) to view stats reports.
  • Where did the dropdown blog switcher go?
    Because the plugin uses a single API key to authenticate, the service doesn’t know whether the visitor is the owner of that key or some other user. So it doesn’t make much sense to show the list of blogs belonging to the API key owner. You can still use the switcher if you view your stats on any WordPress.com dashboard.
  • Where did the Stats Access panel go?
    This is also related to single API key authentication. Maybe in future we will bring administrative access back to the plugin. But until then, we have left the Stats Access panel intact on WordPress.com dashboards. You might want to bookmark dashboard.wordpress.com if you need these features on a regular basis.
  • Will this be a required upgrade?
    You mean will older version of stats be broken? Not by 1.5. Later versions may break compatibility but for now you can keep using earlier versions of Stats if you like.
  • What if I install this and still see iframes?
    This happens because your server is unable to connect to WordPress.com. I set it up to use SSL (https) in the hopes that most hosts support this. If yours does not work, I’d like to hear from you and do some testing on your host.

Attachment Stats

WordPress 2.5 with its new uploader results in a lot more post attachments. Until now, the Stats plugin didn’t keep track of which attachments were viewed. Stats 1.2.1 contains a minor change that lets us show you which of your attachments are most popular.

Remember, attachment views are only counted if you link to the attachment’s Post URL when inserting from the uploader.

Stats Plugin Vulnerability

Anyone hosting their own blog and running the WordPress.com Stats plugin should update the plugin to version 1.1.1 immediately or apply the patch below. A critical SQL injection vulnerability was found and fixed. The bug could allow an attacker to steal administrative credentials. (WordPress.com bloggers are not affected.)

Most users will want to download the latest version and simply copy the new files directly over the old ones. Subversion users may do `svn up`. Advanced users may apply the patch manually.

Thanks to Alex Concha who found and reported the bug to me. He also provided the fix.