Special post as a warning.

Hello to all who read this.

This post is not one of my normal Internet Marketing or progress reports on the program but a warning about using power tools.

This weekend I was working with my wife and eldest son at his house clearing up the aftermath of the recent storms.

Log splitter

One of his trees had to be cut down and we were splitting the wood with a hydraulic wood splitter.  These are amazingly effective at splitting pretty much any size log.

We had been working steadily for a couple of hours with a lunch break and had become comfortable with the operation of the equipment but had also become a little complacent with regards the safe operation of the machine.

Both Matt and myself had had a couple of near misses.  Both of us had caught the tip of a glove in some timber movement but neither of us had stopped to think about what that really meant and what could have happened.

Both times we had those near misses it was because we were using the equipment incorrectly.  Some of the logs were too long to go on the splitting deck grain onto the blade so we had begun putting them in sideways and cutting across the grain to shorten them first.

Because the blade didn't go all the way to the back plate we also were putting a block of wood behind the logs, this was the biggest mistake.  During the cutting motion somtimes one or more pieces of wood would ride up and these were the bits which caught the glove tips.

This is what caught me.  I got two fingers caught between a piece of wood and the backing plate.  Mainly because I wasn't watching what my left hand was doing.  The automatic reaction to getting a finger wedged against something is to pull your hand away, which I did.  Unfortunately I left a couple of bits of finger and two nails behind when I did that.

They were left in the glove I was wearing.  I don't have any gory photos to show you but it was very bloody and I could see bone through the mangled finger tips.  Yes it did hurt, a lot, I did say a string of rude words.

After an ambulance ride and an overnight stay in the hospital I had plastic surgery for a couple of hours during which it seems that I still have full length fingers if a bit thinner

I am very greatful to the SA Ambulance crew who were very professional and all the Flinders Hospital staff who also were on top of their game and did their jobs with professional efficiency but were also very compassionate and caring.

To the plastic surgery team, I'll have a better idea of how well you did your job on Thursday when I get the finger reveal but it seems that you also deserve my gratitude.

I take all responsibility for this injury.  It was entirely my mistake and could have been easily avoided.  This post is just to make anyone who wants to use any power tool think a little about what they are doing, use the tool correctly and watch what both hands are doing.

I have now added a private post to this blog with photos of the repaired injury to my fingers.  I don't have any of the initial trauma, yet, but I will post them if I can get a copy.

There is a warning here, if you don't want to see these images don't click the link.

To the private post.

The next private post - Day 8

Continuing saga - Day 11

Dressing change at home - Day 14

Dressing change at home - Day 17

Thursday at FMC - Day 18

Monday dressing change FMC - Day 22

Thursday at FMC - Day 25

Thursday at FMC - Day 32

Thursday at FMC - Day 39

Thursday not at FMC - Day 46

Thursday at FMC and the Sunday after - Day 53

Now that February has ended …

Sad but true that the program is not yet ready for prime time.

What happened?

I made a seriously big mistake and have spent the last couple or three weeks fixing it.

I was testing the backup & restore functions in the WP Maintenance Robot and I boobooed.

I restored an old and incorrect database to my main website.  The backup worked fine, unfortunately, and I trashed my site completely.

I have now proved that it is possible to restore a WordPress database manually but it is a time consuming and very painful way to do it.  A couple of the tables took 4-5 days to rebuild.

I made mistakes in the rebuild as well, my WordFence plugin lost all it's settings even though I thought I had them right.

I'll just have to re-install it and set it up again.

Why did I have to test the backup and restore functions.

In their infinite wisdom Oracle have 'fixed' the 'security issue' with mysqlbackup.

They decided that putting the username and password in plain text on the command line on your own servers was insecure.

To fix this they have implemented a 'secure' system.  Now you need to create a secure and encrypted file and call that on the command line.

This is actually less secure than the previous system because a hacker no longer needs to know your username and password, all they have to do is use the default file name and all your data are theirs.

To implement this remotely for every unknown site really isn't possible so I had to do a complete rewrite of the backup process.  That was an unexpected delay but it's pretty much done.

The real test is to restore a site from a backup I made, this time I'll do a proper database dump first just in case it fouls up again.

These little issues have put the delivery of the program back by about a month I guess but there is another issue to deal with.

My wife and I have a wedding to go to in Bali in 3 weeks time, 5 weeks after we get back from that we go to Europe for 7 weeks.

If it's not ready before then you won't get to see it before the end of July.

Definitely keen to get this done and out there.

Political Agendas Have No Place In Disaster Situations.

As some of you will know, I live near Adelaide in South Australia.  You may also know that we have a serious bush fire burning quite close to this city now, the date today is Monday 5th January 2015 and the fire has been burning since last Friday.

It will be several days yet before the CFS (Country Fire Service)  can get it put out .

These people are almost all volunteers and the service will take any reasonably able-bodied person and train them to do the job.

They risk their lives to protect people and property who often don't take sufficient precautions to protect themselves but insist on living in high fire risk areas.

These statements are, I know, controversial but I am not picking on those farmers and others who do do the right thing but I am aiming this directly at those who do not.

However, there is a far bigger issue here than the residents in those risky areas.

I saw the leader of the Greens political party make a big statement about how this fire is a warning about Climate Change.

This is a load of crap.  Fires like this are a direct result of the environmentalists preventing the authorities doing burn-offs in the forests and national parks.

They claim that burning off destroys the environment.  This is not correct.  Cool burns, as experienced in a controlled burn-off reduce the understory fuel load and protects the environment.  They usually recover inside 12 months.  Trees and forests are not killed by a cool burn they are rejuvenated.  There are many plants in Australia which need their seeds to experience a burn to germinate.

Very few of the local fauna have any issues with a cool burn as it doesn't travel fast and they have little trouble in escaping the fire.  Generally only relatively small areas are burnt in any single burn-off so only small areas need to regrow and the local fauna have areas to survive in until recovery happens.

Hot burns like the one being experienced at the moment in the Adelaide Hills destroy massive areas of environment which will take years to recover.  The local fauna have little chance to escape as the fire moves so fast and they have no islands to survive in after the fire has passed.

Big bush fires are far more destructive than any series of cool burns will ever be and they cannot get a good hold on the bush if the burn-offs have been done regularly.

So, bush fires like this are a warning about not doing burn-offs due to misguided environmentalists who are the core constituents of the Green party.

Another annoyance to me is that it seems that the bulk of the environmentalist movement don't actually care about the environment at all, they just want to bleat about others not caring.

In Australia any environmentalist who is not a member of the CFS is just not serious.  The biggest threat to the Australian environment is fire, it has been for centuries, so if you are genuinely serious about protecting the environment you must be a member of the CFS or, at the very least, provide support services for those courageous volunteers.

Any of you who are CFS volunteers and also environmentalists should now comment to tell me that I'm wrong.  I'm not expecting many comments.

I have trouble believing that I have spent so much time on this program.

But it's true.  I have not given up and I do have a working program which I use for my own purposes.  Unfortunately for you it's written in Python on Mint Linux and I have had problems getting it to compile as a stand-alone program on Windows or the Mac.

Mostly due to the dependencies of the modules I used to create the program in the first place.  Yes Python is cross-platform and yes it is possible to create stand-alone programs with Python for each platform but for a non-trivial program it's quite difficult to get all environments to match each other and perform the same. Quite apart from the issues of getting the layout to look right on each platform.

Because of those problems I migrated the entire program to PureBasic and I have it working there as well.

PureBasic has the advantage of compiling to stand-alone on the Mac, Windows and Linux from essentially the same code.  There are some minor issues with the different operating systems but they can be resolved with compiler options in the code itself as long as you don't use any of the OS specific functions for any platform.

I didn't release that version though because of the Brute Force hacking of WordPress sites which is still going on.  Instead I wrote a tool to foil the hacker(s) who are behind this attack.  You can find this tool, why it works and how to use it, free to use, at the http://wpmaintenancerobot.com website.

When I had completed that program I had a program to write for work to assist in a particular function which required 100% accuracy of data transfer.  I wrote that one in Windows using Portable-Python so I could work on it at home as well as at work using the same platform, Python version, modules etc.

At home I currently run a MacBook Pro with Parallels so I can also run Windows 7 and Mint Linux all at the same time all doing different things.  These days one screen is just not enough but that's what I have to work with at home at the moment.  I have three screens at work which I like.  Multiple desktops is excellent but not quite the same.  Imagine multiple desktops on multiple screens...it would take a fair amount of discipline to keep that lot under control but I'd love to try.

Any way that project has now completed successfully and may never be used again as the contract we needed the tool for has been cancelled.

Now I need to incorporate the changes into the WordPress Maintenance Robot before you can have that one. I am hopeful that I can get this completed before the end of January 2015.

I'm thinking about how I market this program.  I think every WordPress site owner should use this, it really does make those updates easier and faster.  Yes I am aware that WordPress now does some of the updates on autopilot but not all and it doesn't update the plugins or themes for you.

Yes I do know that there are a number of other tools which will handle the updates for you and all of them either require you to add a plugin to the sites you want managed and/or are managed from an online dashboard somewhere that you don't control.

The WordPress Maintenance Robot is different in that it is a desktop tool.  It lives on your computer and is a secure as your PC or Mac.  You do not have to install a plugin to any WordPress site to make this work so you can do updates for other people if they give you the login details or even set you up with your own uniques login details.

The site access details are encrypted to a local database on your computer and are only used for site access as required.  Backups are stored securely on the site they were made on and are only accessible from the link built into the PDF report.

You can get a PDF report for the backup activity and the update activity which you can email to a client if you are doing this as a service.  I would suggest downloading their backups to your computer or other safe storage as a precaution as clients don't always do what you ask them to do.

Other backup tools mostly leave the zip file in a known location and with a known naming pattern.  If I know the location and pattern I can get your backups with a bit of brute force testing.  Once I have that your site is pwned and all your base are mine.

So, what is this functionality worth?  Frankly it's probably worth a lot more than you are willing to pay until your site is taken down or compromised.  I really would like everyone to be able to use this to protect themselves so my current thinking is that a single site will get full functionality for free.

More than one site will cost a monthly fee of $9.99 per site for up to 5 sites and then $6.99 per site for up to 10 sites and $3.99 per site for more than 10 sites.  This is not fixed yet but it indicates where I'm thinking with this at the moment.

I'm also thinking about having a fully automated version so that all you would have to do is plug in your details and wait for the regular emails to tell you all is well, updates have been made and where to get the latest backup files.

I would welcome some feedback from you on this.  In any case, all plans are subject to change with little or no notice.

It has been so long.

I have been still working on that program and it still isn't available but...

I have the website, nearly.  I registered the domain as I needed to begin the process of setting up registration etc.  The new website is at http://wpmaintenancerobot.com.  Not much to see there yet I'm afraid but it's a start.

After much fiddling around with Pascal I found that there isn't a good module to do what I want to do with a website.  The same issue with Tcl/Tk.  Both these languages are pretty advanced in lots of ways but they just didn't have anything that matches Twill in Python let alone exceeds it.

After losing several months trying to make it work I finally stepped back, took a deep breath and picked up where I left off with Python.  I'll just have to work out how to manage the compiling issue.

I have actually been having a go at that and discovered that I needed to re-write the GUI in Wx-Python because the module I was using, PythonCard, creates multiple files and doesn't compile well.

I have brought all the imports into a single file and written all the modules in the same file.  This is not considered best practice as it can be difficult to maintain a program written this way.  Unfortunately it is necessary to do it this way because the compiler tools only manage to import the dependencies for the main program and not the includes which means they won't be available and the program fails.  Spagetti code here we come.

So here we are, 6 more months down the track and what do I have to show for it?

There are still a couple of bugs in the backup and restore modules.  Nothing major I think but the backup just doesn't finish off nicely on one of my sites, I keep getting a 404 page not found error even though everything has completed and the output works on all the other blogs.  Hmmmm.  I'll find it and sort it out.

I realised that I needed to add significantly more security to the backup module.  As with almost all the backup tools I was leaving the zipped up files on the host for later download.  Anyone who got hold of my program, that would be anyone who wanted it, could identify how I was naming the files and then run a small program to check all known sites for the presence of this file, download it and have access to all the content, all the security tools in use, all the usernames and their access levels and all their password hashes.  A brute-force attack on those hashes on their own computer would find collisions and therefore access to the site fairly quickly.

That can't happen now.  The zip files are stored in the database as 64kb blobs in random order so even if an attacker gains access to the database they cannot put the files together again without the key, which isn't stored on the host.  Of course if an attacker does gain access to the database then putting the files together is not something they would bother with, they already have all your data etc.  No, this is not to protect you from direct attacks but to protect you from the attackers who have access to my program so they cannot learn how the files are stored and therefore create an automated way of downloading them from your database.

This may be overkill but I'm a bit of a belt and braces person by nature anyway.  Can't hurt to be extra careful.

The other thing I have been surprised at is the lack of serious competition in this field even after four years of development.  There are competitors but they seem to be mostly concentrating on putting all their eggs into plugin development and then using tokens to access other sites.  This requires that all the sites you want to look after also have a plugin installed.

This is a major point of difference.  My tool is a desktop based tool and all your data is safely stored in an encrypted database on your computer.  It is as safe as your computer with a little additional protection thrown in.  This does make you responsible for your own data but isn't that how it should be?  Why should I trust a third parties website and host with the login details to my sites? I'm not even really happy with cloud based storage.  It could change in the blink of an eye if the host goes belly up or decides to change the rules and locks down your data.  Nup, look after it yourself.  Use the cloud to transfer data but store it locally and remove it from the cloud when you no longer need it there.

Actually, don't remove it, overwrite it with non-sensitive data, save it and then delete it.  Any recovery done on the files then will recover the last saves data not the sensitive stuff.  Anyone who is interested in more information about WordPress security or what a secure password looks like can find it at http://guruburtlm.hubpages.com/hub/preventing-late-night-wordpress-cleaning.

Look for a progress update soon.

The continuing saga of automating the updates.

As of several months ago I do have a fully functioning WP Update tool.

It does back-up and restore to/from the host or a back-up site which you have ftp access to.

It does full update of your WordPress blog site.  That's any plugins or themes as well as the main core and it does it all on auto-pilot from a database of your blogs.

It handles MUWP sites and single stand-alone sites and it runs perfectly for me.

I run it regularly to update my sites (about 20) and I can get a PDF report for each one independently so I am very pleased with the functionality.

At this stage it is only available for Linux machines which is not what I wanted.

Did I mention at any stage how hard it is to create a single tool which can be compiled into an executable for multiple platforms?

Python is an excellent scripting language to write in and there are may libraries to add in which make doing all sorts of tricky stuff possible and the code is cross-platform capable but.

To build for the other platforms you have to build on those other platforms which means that you have to have exactly the same libraries and dependencies on each of those platforms.

This makes it a lot more difficult to keep the source files consistent across those platforms and the chance of introducing bugs is massively increased.

Add to that the use of a scripting language makes it difficult to protect your source code from all but the  most dedicated of hackers.  Full protection is impossible but good protection shouldn't be.

After months of thought, testing, discussion in forums and with people with some knowledge I found two other programming languages which have cross-platform capabilities.

I tried both TCL/TK and Free Pascal.  There are issues with both but, at this stage Free Pascal is winning.  Mainly because I can compile a full executable program from Lazarus (the IDE for FPC) and I can compile for other platforms by changing the target within Lazarus so I am really using the same code for all platforms.

More testing is required yet but it is looking promising.

Yet again I need to learn a new syntax and this one is very different so it is taking a bit longer but I am encouraged by knowing that my algorithm and code does work correctly.

Once completed the Pascal based program should be faster and I can use threading to speed things up even more.  I am still excited by the possibilities of this tool even though I have been working on it for over a year now.

How much longer?  I don't really know but perhaps 6 months as I am only a part time programmer with a busy family life and only get to write for an hour or so maximum per day.  Barely enough time to work out where I was up to last time.

Another Stumbling Block.

I have a quite nice front end for the new program and I can do all sorts of good things from the desktop but it's slow and it holds up the computer while it does things, as you would expect.

What I didn't expect is that some things are so slow that they can actually time out and that's a problem for an automated tool.

I examined the potential of Python to be a cgi program and it can, very nicely as it turns out BUT.

I found that I cannot guarantee that the end user will have Python installed on their host computer.  Even if they do there is always the issue of which version is installed.

Back to the search for a cross platform solution which I can almost 100% guarantee will be on whatever hosting platform my potential client is using.

It came down to this...what is WordPress using?  Since this is to be a WordPress tool it does make sense that if I use the same languages that WordPress is using then they must have that installed on their host.

There is still an issue of versions but that can be addressed much more easily from the WordPress forum because they will be having the same issues with their blog installation.

So there you have it.  Python on the desktop and a combination of perl and php on the remote site.  I do have to check for versions and modify the code slightly to accommodate the variations but they are well known and there is lots of help in forums and the main sites for these issues.

Now if only I can get about 3 weeks of totally uninterrupted time to complete this I should have it all done by July.  Can't actually see that uninterrupted time in big enough blocks but I will hammer away at it until it's complete in any case.

More Thoughts on Writing Programs.

Since my last post I successfully wrote one of the programs I mentioned using REBOL.

This is a seriously good language to develop in, particularly for the web as it was designed  as a network capable tool from the beginning.

I invested quite a bit of personal time in learning how to use this.  I am essentially a lazy programmer.  I don't sit down and do all the tutorials, exercises etc. to learn a new language.  No, that'll take too long and I want to do stuff now.

So what I usually do probably means I take longer to become proficient in the language but I feel like I'm making progress much faster - I'm probably not.

I just begin writing the program.  I write it a bit at a time and make sure I have something working before I write more.

For example, if I want to log into a website I'll firstly access the login page and display the source on the screen.  Now I know that is pretty simple but you would be surprised how difficult that can be with some languages.  REBOL was so easy with this that I was amazed. read http://www.brentmilne.com/wp-login.php is all it takes.

Anyway, I had this really nice program working.  Logging into websites, navigating around, filling in forms and submitting them, checking the results, handling errors, creating PDF reports and all manner of wonderful wizz-bang things and all was well in the world of Brent until...

I had done all this in a cgi script and I wanted a desktop front end for it.  I didn't want someone else's branding on the front end and REBOL didn't allow me to change that.

The solution is to write the front end in another language which was also cross-platform and could talk to the cgi script to pass information backwards and forwards.

Did I mention how hard it is to find a genuine cross-platform language which can be compiled to an executable file?

I finally settled on Python.

This is a language that I have been avoiding for years.  No I don't know why, I just have (to misquote Tony Abbott).

Anyway, progress was being made and a front end was built, it talked with the cgi script (written in REBOL) and all was well in the world of Brent until...

I needed to store the core cgi files somewhere - Amazon s3 cloud - and write a small cgi script to authenticate the user and move the files around.  I chose the server this site is hosted on and installed REBOL in the cgi-bin directory and hit an insurmountable brick wall.

This host is 64bit, REBOL is 32bit and never the twain shall meet.  Yes there are ways of getting 32bit programs to run on 64bit machines but specialised software packages need to be installed for that to work and they were not installed by default on the host.

Now I could talk to the host and probably get all this sorted out in time but I want to sell this tool.  I know that my target market for this tool are not geeks or technophiles so asking them to jump through hoops to use this will only result in the loss of customers so that is the real brick wall, not the 64bit thing.

What to do?  Yet again I begin the search for a cross-platform language to re-write this program in.

Did I mention how hard it is to find a genuine cross-platform language which can be compiled to an executable file?

I finally settled on Python.

Which was lucky because I had been using it for a while and was beginning to like it.  There are many similarities between Python and REBOL, much of the syntax is a comparable pattern e.g. print br.open("http://www.brentmilne.com/wp-login.php") will open and print out the login page - look familiar?

The other lucky thing was that I already had a front end written, mostly.

Because I had now had several months of delays I decided to re-write this tool as a purely desktop program rather than the hybrid I had been working on so I began doing just that.

Where am I now?  I have a tool which I am testing.  At this stage it's working pretty well so I have to set up some test sites so I can work it harder to see what bugs rear their ugly little heads for me to chop off.

Nearly ready to share with the Internet world, no one else will care and nor should they.

I think I should be ready inside a month, I'm only three months behind my original target but having to re-write the same program in different languages several times might be some justification for that.

I'll let you know when there is more to share.

The Wonderful World of the Internet.

Also known as the Wild Wild Web.

I migrated the domain to here and the original contents were no longer relevant so I have a blank canvas to fill.

I really have no Idea what I'm going to end with here so I'll probably just rant a bit from time to time.

At the moment I am searching for a new programming language.  Since mostly the  programs I write are for my own personal use and I have no intention of ever doing programming for a boss I have the luxury of using a language I like rather than one the customer or boss wants me to use.

This exploration has, over a period of several years, led me to use RapidQ, XBasic, Euphoria, Adobe Air and several Java type programs.

I can and have used C, assembler, and other assorted monsters.  I really liked using Forth but found programming Windows GUIs an absolute pain in the backside.  Actually that's no different to most of the other languages I have used and that's why I liked RapidQ, XBasic and Euphoria.  They all have the ability to make the GUI interface quickly and easily.

Just add the code to make the buttons do stuff etc.  Adobe Air doesn't have that capability but because I have been building websites for years using PHP, HTML and Javascript I found AIR quite useful.

I was just settling in to creating a tool in AIR when I discovered that Adobe have made a pragmatic decision to not support AIR in old versions of Macs or any version of Linux.

I use Mint Linux so this curtailed my ability to keep my AIR platform current.  Bugger.

For a brief moment I considered moving back to the Windows world, but I got better.

Do you know how hard it is to find a genuine, easy to use, cross platform programming language?

I think I have found one that I can learn to like. REBOL.

I have only been playing with this for a short time, about a week, but it holds significant promise.

I'll let you know how it goes.  I have a couple of programs I want to get written rather quickly.  One I have already written in RapidQ and as a web based application so I know how I want that one to work.  The other I had about 2/3s done in AIR but have abandoned that in favour of doing it with REBOL.

I'll let you know.