I have a WordPress theme that I often update with new features. I sent users a zip file every time I have an update. This is a bit cumbersome as they must (1) temporarily activate a new theme (2) remove my theme (3) install an updated theme (4) activate an updated theme (unless they are ftp skills, most of which are not).
I decide between the two approaches, uploading files via the theme options panel and remote updating, similar to how WordPress automatic updater works. I would prefer a remote update if it is (a) safer than offering regular file downloads, and (b) not program rockets.
In the “file upload” approach, I have already made great strides in adding the uploader utility to my theme settings, which allows the user to take my zip file and it automatically updates its theme with new files in my zip code. Although I verify that the user is logged in before downloading, there are obvious security issues with this approach.
I would welcome any advice or advice on the merits of the automatic remote update procedure and its relative security and complexity with downloading files.
source
share