Need a web site?

Need a web site?

Need a basic – but professional – web, blog or ecommerce site?

Maybe something to get you started which could be built on later?

We’ve got you covered 🙂

For a limited time, we’re offering great deals on entry-level sites.

For details, see here.

 

Australian suburbs database

Australian suburbs database

Here’s a database of Australian suburbs – including geographic coordinates ????

This was originally developed for Kevin Fleming, who was gracious enough to release it in the hope that it will be useful to others 🙂

The tarball contains two SQL files – one for the `suburbs` table, and another for `states`. They were generated via phpMyAdmin 2.9.1 from MySQL 5.0.51. You’ll probably want to start using them together with something like:

select postcode, lat, lng, states.name as state
from suburbs, states
where suburbs.name = 'suburbname' and state.id = state;

The usual / expected disclaimers apply: if it breaks, both pieces are yours… I / we make no claims as to the accuracy of this stuff (although the application we built it for relies on it)… Blah blah blah…

I’d imagine that New Zealand stuff will come – we’ve made a small start on it – and will post that here if / when it happens 🙂

But wait! There’s more! Perhaps not a steak knife, but here’s a function to find the distance between two sets of co-ordinates:

// Return the distance between two sets of geo coordinates:
function distance($lat1, $lng1, $lat2, $lng2) {
    $pi80 = M_PI / 180;
    $lat1 *= $pi80;
    $lng1 *= $pi80;
    $lat2 *= $pi80;
    $lng2 *= $pi80;
    $r = 6372.797;
    $dlat = $lat2 - $lat1;
    $dlng = $lng2 - $lng1;
    $a = sin($dlat / 2) * sin($dlat / 2) + cos($lat1)
           * cos($lat2) * sin($dlng / 2) * sin($dlng / 2);
    $c = 2 * atan2(sqrt($a), sqrt(1 - $a));
    $km = $r * $c;
    return $km;
}

Download it

 

Android Studio – utility libraries

Android Studio – utility libraries

It took me *ages* to figure out how to set up my libraries in Android Studio…

I want them to exist separately to my app projects so I can develop them and reuse them at will as I do with my PHP libraries. But the way the Google tells us to do it actually copies them into each project (Google’s Android development documentation still leaves a lot to be desired…).

Finally, I stumbled upon this – exactly what I was looking for ????

 

Schema.org strangeness

Schema.org strangeness

Soooo… A couple of weeks ago we took on a job which involved, among other aspects, setting up the site’s Schema microdata. Something odd happened…

While testing in several of the better test suites (including Googles microdata validation page), a bunch of the tags simply wouldn’t validate – even though they were definitely correct and valid and the nesting was done correctly.

The problem? The failing tags needed their property arguments to be *unquoted*. We pored over the code for hours to see if there was some reason for it, but came up with nothing.

Has anyone else experienced this? A lengthy Google search turned up nothing…

 

BuddyPress anti-spam techniques

Those of us who run and / or manage BuddyPress-enabled WordPress sites will know exactly how bad (and annoying) the spam issues are – particularly registration spam.

Of course, as with anything related to BuddyPress, documentation and community help is sorely lacking…

Following are some of the techniques we’ve developed to handle BuddyPress spam 🙂

Basic techniques

jQuery enabled + time to submit reg form

.htaccess techniques

Registration honeypot

 

BuddyPress anti-spam techniches – Registration honeypot

A hidden “honeypot” field in your registration form is a great way to catch out signup bots and scripts – a bot or script will blindly enter text into the field, but humans won’t see it and, therefore, won’t 😉

Add the following to your (child) theme’s functions.php:

function add_honeypot() {
    echo '<div style="display: none;"><input type="text" name="system55" /></div>';
}
add_action('bp_after_signup_profile_fields','add_honeypot');
function check_honeypot() {
    if (!empty($_POST['system55'])) {
        global $bp;
        wp_redirect(home_url().'/spam-prevention');
        exit;
    }
}
add_filter('bp_core_validate_user_signup','check_honeypot');


That’s it! Don’t forget to add a page with the slug “spam-prevention” to your site which explains to the user that they did something that looks spammy…

 

BuddyPress anti-spam techniques – .htaccess techniques

Some basic BuddyPress anti-spam techniques can be effected from your .htaccess file (or, better, directly in your Apache config file/s). The following is a great start:

<IfModule mod_rewrite.c>
    RewriteCond %{REQUEST_METHOD} POST
    RewriteCond %{REQUEST_URI} /register*
    RewriteCond %{HTTP_REFERER} !111.222.333.444[OR]
    RewriteCond %{HTTP_USER_AGENT} ^$ [OR]
    RewriteCond %{HTTP_USER_AGENT} ^(curl) [OR]
    RewriteCond %{SERVER_PROTOCOL} ^(HTTP/1.0)
    RewriteRule (.*) /spam-prevention [R=301,L]
</IfModule>

The above implies that your registration page slug is “register” and that you have a page with the slug “spam-prevention”, which should just be a page telling the user they did something spammer-like. Obviously, “111.222.333.444” should be replaced with your site’s IP address…

Basically, it requires the following (if your registration page is POSTed to):

  • the HTTP referrer must be your site’s IP address
  • the user-agent string must not be blank
  • the user-agent string must not be “curl”
  • the protocol must not be HTTP/1.0

BuddyPress anti-spam – Basic techniques

Some of of the most basic BuddyPress anti-spam techniques which you should implement before any others:

  • Change your “register” page slug
  • Change the introduction text on your Register page
  • Change or remove the “Powered by BuddyPress” string in the footer
  • Change the “Register” string in your nav menu

BuddyPress anti-spam techniques – jQuery enabled + time to submit reg form

This one is by far the best technique I’ve found to curb the (current…) spate of BuddyPress spam registrations.

It covers three aspects: ensuring the user has JavaScript / jQuery and cookies enabled in their user agent, and also rejects bots / scripts which seem to always manage to load the registration form and then submit it in well under 10 seconds (as is the case with every single BP spam signup I’ve run forensics on in the last several months).

Note that these instructions are a little terse – I’m not here to teach you best practice techniques involved with coding against WP or BP, or coding in PHP or jQuery in general :p

So… Let’s get started!

Firstly, you’ll want to load your own external JS / jQuery file, and set up a few things you’ll need later. Add the following to your (child) theme’s functions.php:

function add_my_jquery_stuff() {
    wp_enqueue_script('myjquery',get_bloginfo('stylesheet_directory').'/my.js',array('jquery'));
    if ($pagenow == 'register.php') {
        if (isset($_POST['signup_submit'])) echo '<script>ispost = true;</script>';
        else {
            echo '<script>var ispost = false;var timestamp = '.time().';</script>';
            wp_enqueue_script('jquery-cookie',get_bloginfo('stylesheet_directory').'/jquery.cookie.js',array('jquery'));
        }
    }
}
add_action('wp_enqueue_scripts','add_my_jquery_stuff');

You should at least change “my” in the above code to something more unique to avoid namespace clashes. The “array(jquery)” argument simply ensures that WP has loaded the jQuery library before enqueueing your script file.

You can test whether the current page is the register one however you like – obviously, I usually use “if ($pagenow == ‘register.php’)”.

If you already enqueue an external, custom js file then adjust the above to suit…

Then, create an empty file called my.js (or whatever matches the filename argument you used above) to the root folder of your (child) theme.

Next, you’ll need to install the jQuery-cookie plugin. Just plonk jquery.cookie.js into your (child) theme root folder – it’s already called via the function above.

Onto the jQuery… Add the following to your external js file:

jQuery(document).ready(function($) {
    if ($(location).attr('pathname').substr(0,9) == '/register') {
        if (!ispost) $.cookie('myregcookie',timestamp);
    }
}

Of course, ignore the document.ready wrapper if you already have an established js file, and adjust the cookie name to suit your application / taste.

Now add the following to your functions.php file:

function my_check_reg_cookie() {
    if (!isset($_COOKIE['myregcookie']) || time() - $_COOKIE['myregcookie'] < 10) {
        global $bp;
        wp_redirect(home_url().'/spam-prevention');
        exit;
    }
}
add_filter('bp_core_validate_user_signup','my_check_reg_cookie');

And lastly, create a new page in your WP admin backend – call it Spam Prevention (make sure it’s slug is spam-prevention), and make it say something like:

If you’re seeing this page, you’ve done something that looks a little spammy.

It could be that you simply haven’t got JavaScript or cookies enabled. If that’s that case, then should you know how to turn it back on for our site – or else you might need a better or more recent browser :-)

Spammers like to use automated software and lots of other tricks to bypass the very techniques we use to make sure only our members and other, legitimate folk are using our site.

If you are a real person and / or a legitimate member, then we apologise for the inconvenience and invite you to contact us so that we can get you sorted as soon as possible :-)

That’s it! Here’s how it works: When your registration page is hit, a Unix timestamp is generated by PHP and passed to jQuery as a variable. jQuery then sets a cookie whose value is the timestamp. When the registration form is submitted, the existence of the cookie is checked. If it doesn’t exist, it’s a fail. If it does, and the timestamp it contains is less than 10 seconds old, it’s a fail. If it’s a fail, the user is redirected to the Spam Prevention page (and the registration attempt is ignored).

Have an appropriate amount of fun 🙂