I get asked every now and then if a new online shopping site is reputable or not. As there is no magic way to determine this I have written up these pointers to help you do the same.  Now please I am not responsible for any mistakes in ordering from a site that seems legit and then turns out to be fraudulent!

I'm trying to look at the following things:

1. Do a google search for the domain name together with one of the following words added: reliable, reputable, fraud, scam etc. This might bring up a few experiences, check some links to determine that these experiences are genuine (not written by a competitor for example).
2. Search for the domain name on the Web Of Trust and TrustPilot. Don't just look at the figures, look at the comments, so these seem genuine (have they been written with due care and attention and proper punctuation etc)?
3. View the incoming links for the domain, using Alexa. Are these from genuine sites or things like link directories where people can add their sites just to get higher in the search results.
4. All reputable shops will use social networking for marketing purposes. Check their Twitter replies and Facebook wall comments for happy / unhappy customers.
5. If you know of a community that discusses the subject matter, search there too. They will probably have determined whether or not the site can be trusted.
6. If you are still unsure, attempt a trial checkout and see if the website supports reputable external payment options. If your payment details are not stored with the website then they are safe in the event of a hack / security breach.

#web

Many gamers now look at the listing of a game in the store, and if there is an inapp purchases link and they see 100 of x, 200 of x, 300 of x where x is energy, credits, bux, dollars, street cred, or whatever just skip the game - even though it might have interesting mechanics. Just be brave and proud and ask for a subscription instead of hoovering money out of my pockets. It's a black mark on the state of gaming in my opinion.

It's a clear indication that the game is not made to have the most fun with, but to make the most money out of you by artifical limiting the experience. Where a subscription allows the same steady income without affecting the game experience. Just say no.

The fact that f2p iap titles sell well just proves my argument that "the game is not made to have the most fun with, but to make the most money out of you by artifical limiting the experience". I didn't say these games are not financially successful, because they are.

If the free2play games are so much fun to play, you'd expect to see a lot of sequels in the charts to build on previous success. In the top grossing list (which favour inapp free2play titles) there are no f2p sequels as opposed to 2-4 paid sequels.

So it seems the only way to get people to play your f2p iap title is to make it appear like a new experience by reframing the theme, from restaurant to club to bakery - or from vampire to gangster to army.

Is this because people get jaded from the f2p model?

#games

If you are looking for guidance on how how to format your code, you could do worse than to base it this coding standards styleguide.

via WordPress Coding Standards

#link #php #wordpress

I wish all Wordpress Plugins had their settings in ONE menu, and all entries in this Plugin Settings menu MUST be named identically to the plugin.

Not "broken links" plugin with settings -> permalinks -> "link checker" because I will never find it.

Time for a wordpress plugin settings corrector plugin

#wordpress

The other day I was provided with a new Ubuntu server with a large data drive. It seemed a good idea to move (among other things) the mysql data folder onto this drive.

[code language="bash"]

sudo mv /var/lib /var/media/lib
sudo ln -s /var/media/lib /var

[/code]

However when trying to start MySQL it will no longer start:

[code language="bash"]

service mysql start
start: Unable to connect to system bus: Failed to connect to socket /var/run/dbus/system_bus_socket: No such file or directory

[/code]

The whole reason I did use a symbolic link was to avoid issues like this. What to do? It turns out AppArmor does not allow mysql to read out of the new /var/media/lib location, as noted in the my.conf file:

[code language="bash"]

# * IMPORTANT
# If you make changes to these settings and your system uses apparmor, you may
# also need to also adjust /etc/apparmor.d/usr.sbin.mysqld.

[/code]

Simply open the mentioned file, duplicate the /var/lib/mysql lines and correct the path to the new locations. Restart AppArmor (or reboot) and Mysql can be started. Verify this by running:

[code language="bash"]
ps -ef | grep mysql
[/code]

#sql

Currently playing:

1. Kard Combat (http://www.kardcombat.com/)
2. Wooords (http://toucharcade.com/2011/07/25/wooor ... word-game/)
3. Reckless Getaway (http://www.polarbit.com/our-games/reckless-getaway/)
4. Shake Spears! (http://www.gamezebo.com/games/shake-spears/review)

Or apps wise:

1. Due (http://www.dueapp.com/)
2. Air Video (http://www.inmethod.com/air-video/index.html)
3. Kik (http://kik.com/)
4. ShoppingList (http://itunes.apple.com/us/app/shopping ... 58413?mt=8)
5. InstaCast (http://vemedio.com:80/products/instacast">http://vemedio.com/products/instacast)

#ios

You know how every now and then you want to revisit a page in a while to see what's changed? Perhaps review if something has been added to a discussion? Maybe you're waiting for a beta to open or you have posted to a forum that doesn't have topic notification (or it is a regular website).

Simply click the reminder bear bookmark and customize when you want to get an email reminding you off the page. It's like a disposable bookmark, and lets you get on with more important things. I find it very liberating, try it out yourself.

#link #web

Introducing Hide Trackbacks - You can have the benefits of track/ping backs (know when someone writes about posts) whilst keeping the comments clean and uncluttered.

After enabling the plugin, trackbacks and pingbacks are no longer shown on your posts and the comment count is updated correctly to reflect this. You can still access them via the admin panel. NOTE: Although the plugin officially requires WordPress 3.1.2 it might very well work on older WordPress versions (if it does please let me know).
Derived from original code created by  Honey Singh (used with permission of the author).

Installation is simple:

1. Upload the `hide-trackbacks` directory to `/wp-content/plugins/`.
2. Activate the plugin through the 'Plugins' menu in WordPress.

Download link and information:
Wordpress.org Hide Trackbacks

#hidetrackbacks #wordpress

I am experimenting with using a Linux virtual machine as my web development environment of choice. I store the vm on a removable drive so that I can develop from any location, without having to setup a working environment. Previously I had to check out the repositories, setup a local webserver and I had trouble keeping things working, because every configuration change had to be applied in every location. Now it is all centralized and my life is simpler.

The aim is to make working on projects as easy as possible. I have all projects checked out in a folder called /var/sites. They are mostly PHP projects and because of my shared hosting environment they share a single apache configuration. How can I easily serve them? Having seperate virtualhosts for each project would result in me having to make manual changes on every location again, so this was not the way to go.

Instead I created a simple shell script that creates a symbolic link from the Apache's webroot to the project I am working on:

[gallery link="file"]

#!/bin/bash
echo "Available sites:"
ls  /var/sites

echo
echo -n "Type site to serve: "
read site
if [ -z "$site" ]
then
exit
fi

sudo rm /var/www
sudo ln -s /var/sites/$site /var/www

#development #linux

For those that do not follow me on twitter (@pacifika), I've created a patched version of Textile, the html generator alternative to Markdown, to make it easier to use in CodeIgniter projects. I have provided the patch and patched Textile on support forums of both projects.

[Patch] CodeIgniter Helper class patch for classTextile.php · Textpattern CMS Support Forum.

After patching, you can just use Textile like this:

$this->load->helper('textile');
$text = Textile("Dude this is *my* code!");

For more information read the post on the forums!

#php

Update: This plugin is no longer available.

We’re using a customized version of WordPress as an electronic portfolio for students and we are using WP List Files to make documents available on the ePortfolio. Unfortunately the WordPress support forums seem to hide my topic (possibly because it's an older version) and the author is no longer supporting the plugin.

Due to time constraints, these plugins are no longer supported and will not be updated, ever! Unless you know what you’re doing, I strongly discourage using these on a production blog since they have not been tested since WordPress 2.5.

The plugin didn't work in version 2.0.3 that we are using because the wp_enqueue_script function does not exist in this version  (the codex page does not say when this function was added). Anyway after manually adding the JavaScript to the theme's head element the plugin almost worked fine - links didn't take our folder structure into account.

works:
joeblogs.com</dir specified in post or page>

doesn't work:
allblogs.com/blogs/joebloggs</dir specified in post of page>

Fix it by replacing line 231 to read:

$files .= '

• wpurl').$item['link'].'">'.$itemName.''.

 

The hyperlink created for the item didn’t have the complete blog URL in it. It assumed the blog was installed in the root of the domain. After this fix the plugin works fine.

#wordpress

Dear sir/madam,
I am writing you to complain about the new ministry of sound website and the lack of data protection with regards to your users.

Earlier today I received an email notification about the new MoS website. The email also notified me that a new password was issued to use on the website. These are two characteristics of a phishing mail - in this case launching a new website and sending out new passwords, they could easily have been sent from a malicious source wanting me to login to their MoS-lookalike website and take my credit card details. You shouldn't send out a new password unless someone requests it on your website, because email can be forged. You also sent out my password in plain text email rather than on a secure part of your website. Anyone can read it and login to my account and purchase orders.

Also to my surprise while investigating the source of the mail, several of the links point to a http://www.c-f-1.com/ domain (update: this domain name no longer exists!), the name doesn't help to improve the trust in your email. To my astonishment the link led to a webpage with the html email, again with my password in plain sight. Have a look (link removed), I changed my password already. Let's wait for Google to index it so that anyone can search for my account information. They already found other newsletters.

Finally, I used mosdownload.com to buy my mp3s online. This site no longer works as an error comes up when it tries to redirect, due to a configuration error. My order history is gone, most of my profile is gone.

I'm very disappointed with your lack of security and care for your customers and unfortunately have come to the conclusion that I won't be using your service again, and I will recommend my friends and family to do the same, due to these trust issues.

#technology #web

If you use both VisualSvn + Trac (or another flavour of Subversion and Trac), and tried to integrate them with Fogbugz , you will have tried the TracFogbugzPlugin.

Trying to get this to work isn’t straightforward as it’s not compatible with Trac 0.11. You will come across the following error:

Traceback (most recent call last):
File "C:\Python25\Lib\site-packages\trac\web\api.py", line 339, in
send_error
'text/html')
File "C:\Python25\Lib\site-packages\trac\web\chrome.py", line 684, in
render_template
data = self.populate_data(req, data)
File "C:\Python25\Lib\site-packages\trac\web\chrome.py", line 592, in
populate_data
d['chrome'].update(req.chrome)
File "C:\Python25\Lib\site-packages\trac\web\api.py", line 168, in
__getattr__
value = self.callbacks[name](self)
File "C:\Python25\Lib\site-packages\trac\web\chrome.py", line 460, in
prepare_request
for category, name, text in contributor.get_navigation_items(req):
File
"c:\Python25\lib\site-packages\tracfogbugzplugin-0.9u-py2.5.egg\fogbugz\fogb
ugz.py", line 22, in get_navigation_items
yield 'mainnav', 'fogbugz', Markup('<a href="%s">FogBuz</a>',
self.baseurl)
LookupError: unknown encoding: >/">https://<<myurl>>/

To fix this line 22 needs changed, to read:

yield 'mainnav', 'fogbugz', Markup('<a href="%s">FogBuz</a>'%self.baseurl)

Or download the file below and use it as part of the installation instructions (if this is your first Python Egg you want to read about installing Trac plugins. ;)

Now it is loading but the plugin doesn't seem to work, haha.

Download: Patched tracfogbugzplugin-09u-py25

#subversion

Everybody who's ever tried it knows the problem. Life as a regular user on Windows is a pain: who wants to switch users just to install software, sometimes even to run it? However running software as a non-admin increases security. It's impossible for spyware to install itself into the system when it is not allowed to.

Using SetSAFER, a program created by Microsoft employee Michael Howard we can run just any applications as a regular or limited user, while still using an administrator account. After testing for side effects, which I explain below, I recommend you give this a try. I no longer have to run a realtime spyware scanner, and now just schedule routine scans.

As one of the articles Michael has written on the subject is not available anymore I'll quote the nonadmin site for an complete explanation of the program:

SetSAFER is a policy-setting tool written by Michael Howard that can force applications to always run with lower privileges. You can download it and read about it in his MSDN article "Browsing the Web and Reading E-mail Safely as an Administrator, Part 2".

For example, you could mark you favourite  browser to always run as a user, regardless of whether it starts by invoking an URL on the desktop, a link in email, a newly spawned browser and so on.

SetSAFER uses the SetSAFER.xml file to configure the applications that should be run with lower privileges. You can edit this with any text editor such as notepad to add applications and even folders. My configuration can be found below. This way I run my browsers, e-mail software and messengers without worrying about spyware:

<?xml version="1.0" encoding="UTF-8"?>
<safer>
<app comment="Internet Explorer" path="c:\program files\internet explorer" user="true" />
<app comment="Mozilla Firefox" path="c:\program files\mozilla firefox" user="true" />
<app comment="Opera 9.5 Alpha" path="c:\program files\opera 9.5 alpha\opera.exe" user="true" />
<app comment="Outlook" path="c:\program files\microsoft office\office12\outlook.exe " user="false" />
<app comment="Outlook Express" path="c:\program files\outlook express" user="true" />
<app comment="Windows Messenger" path="c:\program files\messenger" user="true" />
<app comment="Windows Live Messenger" path="c:\program files\windows live\messenger" user="true" />
</safer>

Side Effects

Some applications are not built to run in a mixed privileges environment and seem to cause issues when run like this. However, this is not SetSAFERs fault as it just uses the built-in windows policy settings!

Google Desktop and Google Toolbar for Internet Explorer monitor the browser history for pages that are visited and add them to their database. I assume this is not allowed as a regular user. Whatever the reason, it causes the browser to freeze whenever you go to a webpage. I've uninstalled Google Toolbar and Google Desktop until I have found a solution. Any help would be appreciated.

The website for Windows Update and Microsoft Update and certain Java applets will not  function if the user is not an administrator. This can be a pain if you want to manually check for updates. The solution: navigate to the installation folder for Internet Explorer (c:\program files\internet explorer ) and copy the iexplore.exe program to another location. The copy will run with full rights.

Finally, any program started from another application inherits the security settings from the parent program. This means that installations run directly from the browser will run with lower privileges. They'll let you know you do not have enough rights to install it. This is intended and exactly what we want: a secure browsing environment. However, it might prove a slight annoyance at first. Just browse to the file yourself and run it yourself.

Downloads and Resources

• Download SetSAFER with my configuration. (it requires the .NET Framework 2.0)
• If you prefer you can download SetSAFER directly on the author's website.

#windows