POSTIE for WordPress
March 29, 2011 in Product Reviews by The Geek
Product Review: POSTIE for WordPress
For the WordPress bloggers there aren't many choices to post to your blog via email. POSTIE is the biggest or most well-known plugin to allow users to send emails to themselves and have them turned into WordPress posts automatically. It really is a neat idea and a good feature to have.
The lack of documentation for POSTIE is absurd. The author of the module/widget didn't take the time to document how to get it to work the way it is supposed to. It also doesn't contain any examples of the emailformatting required for a successful email to post conversion. After a fewhours of trying to get the TAG function to work (the ability to add tags to the post) I tried consulting other web sites to see if they could figure it out and to my surprise, there wasn't anyone who could get it to workconsistently.
POSTIE allows you to add titles, tags and categories to the post but it never shows you how to do it. It appears the tags have to appear in a very specific order or they won't be read at all. However, after trying to use the TAGS function at the top and at the bottom neither showed more orless successful than the other. Sometimes it worked, most times it didn't. The other functions appeared to work okay. TAGS does not work so if that is important for you, you will need to use an alternative for POSTIE.
After successfully posting a few dozen test posts to Ask-A-Geek (minus TAGS, of course) I decided to look closer to the formatting of the posts and make sure everything looked how it was supposed to. After looking at every one of my posts I noticed a bug so large that it means one of two things. The author of POSTIE is an incompetent programmer, or worse- a lazy one.Any time an apostrophe ' is found in the email or post, it gets removed completely and replaced with a spacebar key. That means for everyone who likes to use contractions (can't, won't, shouldn't, her's) had messed up formatting and really screwed up words.
For example:
The hen's house had no roof!
Turned into:
The hen s house had no roof!
There is no fix for this bug. If you can type everything without contractions then this doesn't mean much for you, but for everyone else youwill regret installing and using POSTIE.
The last thing I wanted to mention was how POSTIE actually posts to WordPress. After looking through the code to see why the apostrophes weren't working I noticed that the plugin works with the database directly. For most widgets or plugins for WordPress this wouldn't be much of a problem. However when you're dealing with actual posts then you're opening a world of security problems. WordPress has a lot of built-in security filters to make sure the data is clean when it is submitted into the database. POSTIE avoids these filters and checkers completely and posts anything you want straight to the database. What's so bad about that? If someonefigured out what email address you need to submit to AND what email address you need to submit from (it is easy to mask the FROM email address to make it look like it came from you when it really didn't), they could inject MySQL code into the database and modify or delete everything you have.
In short, POSTIE is bug prone and does not post emails to WordPress in any functional manner. Even if the bugs get fixed someday it's hard to trust a developer who releases untested and undocumented products. From asecurity stand point you risk losing all the data stored in WordPress if you use the POSTIE plugin. I recommend finding another alternative before it's too late.
Wow those are pretty harsh criticisms for a product that is “freely” available to the public to use. On the contrary, I say “kudos” to the postie developer who took the time to come up with a great product. I’ve been using postie now for almost 3 years to make direct photographic posts via email from my iphone with little to no issue.
Security wise, what you say about SQL injection may be true… so use a very long and cryptic email address and don’t freely expose that you post to your website via postie. In addition, make sure your site is backed up nightly and you should probably avoid this functionality if your using it on a business site. However, for any homegrown blog or family run website, postie is an awesome plug-in.
As for documentation… here’s more than enough to make it useful to you: http://robfelty.com/plugins/postie
Again, I’m not an advocate or a developer for postie, but for a “FREE” plug-in… I think it’s one of the better plug-ins I’ve used, and I use it every day.
Harsh? Maybe but just because it is offered free doesn’t make it immune to people pointing out problems/bugs/criticisms about it. If all you post are pictures with few words it probably does every thing you need. In that case, great!
However if you are writing any amount of textual data with contractions I bet you have a lot of errors in your posts. If you do post substantial text posts, mind sharing your URL here so others can take a look at it and see how well it is working for you? In 100% of the posts I wrote originally with that plugin in use had numerous problems with word spacings being removed and all contracted words being all goofy.