chmod +x wp-backup

(assuming you saved it under the name wp-backup). After saving it edit the file with your favorite editor and set the 5 configuration variable to whatever is appropriate for you. BACKUP_DIR is the folder to save the local backups to. FTP_HOST, FTP_USER, FTP_PASS control the FTP host, username and password, respectively, for the remote backup server. FTP_BACKUP_DIR sets the folder on the FTP server to save the remote backup to.

Now that the initial configuration is done, all you need to do is execute the script and give the path to the blog as an argument. For example:

./wp-backup /home/someuser/myblog

And that it, the script will backup your files (excluding cache) and database to both a local and remote locations. This allows using the same script to backup multiple WordPress blogs, unlike the previous script which had to be modified for each blog.

And now the script itself:

#!/bin/bash
 
# Copyright 2008, 2010 Guy Rutenberg <http://www.guyrutenberg.com/contact-me>
# WordPress FTP backup 2.0
#
# Easily backup wordpress instances via ftp.
#
# Change Log:
# ===========
# 2.0:
#  - Auto-detect database settings.
#  - Exclude cache data from backups.
 
BACKUP_DIR=
FTP_HOST=
FTP_USER=
FTP_PASS=
FTP_BACKUP_DIR=
 
# end of configuration - you probably don't need to touch anything bellow
 
PROG=`basename "$0"`
print_usage () {
    echo "USAGE: ${PROG} [options] BLOG_ROOT"
    echo "Backup a WordPress blog"
}
 
print_help ()  {
    print_usage
    cat << EOF
 
Options:
    -h, --help          show this help message and exit
 
EOF
}
 
TEMP=`getopt -o h --long help -n "$PROG" -- "$@"`
if (($?)); then
    print_usage
    exit 1
fi
 
eval set -- "$TEMP"
 
while true ; do
    case "$1" in
        -h|--help) print_help; exit ;;
        --) shift; break;;
    esac
done
 
if [ -z "$1" ]
then
 print_usage > /dev/stderr
 exit 1
fi
 
BLOG_DIR=$1
DB_NAME=`echo "<?php require_once(\"${BLOG_DIR}/wp-config.php\"); echo DB_NAME;" | php`
DB_USER=`echo "<?php require_once(\"${BLOG_DIR}/wp-config.php\"); echo DB_USER;" | php`
DB_PASS=`echo "<?php require_once(\"${BLOG_DIR}/wp-config.php\"); echo DB_PASSWORD;" | php`
DB_HOST=`echo "<?php require_once(\"${BLOG_DIR}/wp-config.php\"); echo DB_HOST;" | php`
 
BLOG_DIR=`dirname "$BLOG_DIR"`/`basename "$BLOG_DIR"`
BACKUP_DIR=`dirname "$BACKUP_DIR"`/`basename "$BACKUP_DIR"`
 
echo -n "dumping database... "
DUMP_NAME=${DB_NAME}-$(date +%Y%m%d).sql.bz2
mysqldump --user=${DB_USER} --password=${DB_PASS} --host=${DB_HOST} \
 --databases ${DB_NAME} \
 | bzip2 -c > ${BACKUP_DIR}/${DUMP_NAME}
if [ "$?" -ne "0" ]; then
	echo "failed!"
	exit 1
fi
echo "done"
 
echo -n "Creating tarball... "
TAR_NAME=${BLOG_DIR##*/}-$(date +%Y%m%d).tar.bz2
tar -cjf ${BACKUP_DIR}/${BLOG_DIR##*/}-$(date +%Y%m%d).tar.bz2 --exclude cache ${BLOG_DIR}
if [ "$?" -ne "0" ]; then
	echo "failed!"
	exit 2
fi
echo "done"
 
echo -n "Uploading SQL dump and tarball to FTP... "
lftp -u ${FTP_USER},${FTP_PASS} ${FTP_HOST} <<EOF
cd "${FTP_BACKUP_DIR}"
put "${BACKUP_DIR}/${DUMP_NAME}"
put "${BACKUP_DIR}/${TAR_NAME}"
 
EOF
if [ "$?" -ne "0" ]; then
	echo "failed!"
	exit 3
fi
echo "done"

<form>
...
    <input type="hidden" name="to" value="support@example.com" />
...
</form>

as it is likely that if the value of the “to” field changes the message will be sent to the modified address. The problem with this kind of functionality is that it allows a malicious user to send emails from your mail server. More specifically, it can allow spammers to user your benign server t send their spam (and as a side effect you might be flagged as a spammer yourself).

As this case is pretty obvious one doesn’t see many real-life uses of it anymore (but careless programmers used it more often n the past until they learned better). However one can achieve similar goals (spam-wise) by utilizing a common feature in contact forms: the “CC yourself” checkbox.


“CC yourself” is a convention used by some people when mailing, to verify that the email was indeed sent. It had found a place in many contact forms, as people wanted a way to make sure the form indeed works. But contact forms (as well as some mail servers) don’t verify that the email provided as the “from” is indeed owned by whoever fills the form. Combine that with the fact that many contact forms don’t employ CAPTCHAs (to make the form simpler to use), and you’ll get a situation much like the one discussed above.

In the first case there was a usability advantage to the programmer (who could easily re-use the form’s backend for other forms), which can be easily sacrificed for enhanced security. This time it’s worse as this is a usability feature for the user, which many people believe to be very convinient in contact forms.

I think there are several solutions possible:

1. Adding CAPTCHA to the form. This will make life for the spammers harder, but it also hurt the users by raising the bar for filling out the form. Also, nowadays, it getting harder and harder to find a strong yet easy for humans CAPTCHA.
2. Removing the “CC yourself” feature. this hurts the usability of the contact form.
3. Seperating verified users and unverified. Keeping the feature for registered users, but at the same time, removing it or adding CAPTCHA for unverified users. This seems like a good trade-off, but it requires more work and registration is not applicable for all websites.

In my opinion none of the solutions is perfect. It seems that once again spammers hurt the user experience for everybody else in order to fill our inboxes with unsolicited email.

 synclient TapButton1=0

To disable the tapping permanently you should use the following to run the command at the start of every KDE session.

echo "synclient TapButton1=0" > ~/.kde/env/disable-tapping.sh

The first one is that one must export the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY or else you get a error message from the underlying boto library:

  File "//usr/lib64/python2.5/site-packages/boto/connection.py", line 148, in __init__
    self.hmac = hmac.new(self.aws_secret_access_key, digestmod=sha)
AttributeError: S3Connection instance has no attribute 'aws_secret_access_key'

The second thing to note is that is the way to specify buckets for duplicity. Instead of

s3://<bucket-name>/<prefix>

which is used by s3cmd (which is a great tool), it asks to specify it using

s3+http://<bucket-name>/<prefix>

Being aware of these points can save some time and frustration. In order to automate the backup process one can use cron. For example add the following to your crontab

AWS_ACCESS_KEY_ID="<your-key-id>"
AWS_SECRET_ACCESS_KEY="<your-secret-access-key>"
0 1 * * 0  duplicity --no-encryption <folder-to-backup> s3+http://<bucket-name>/<prefix> &>> ~/backups.log
AWS_ACCESS_KEY_ID=""
AWS_SECRET_ACCESS_KEY=""

I unset the environment variables, so it won’t leak to other cron jobs unnecessarily.

sudo emerge -avu1 $(qlist -IvC /qt- | grep 4. | sed s/-4.*//)

This will allow Gentoo to solve the dependencies by uninstalling the old versions, unlike if you only try to upgrade a single package like x11-libs/qt-core

modprobe -r nvidia

before restarting the X server.

To block an ip or I’p range in ufw you should do

sudo ufw deny from 188.162.67.197/21

But here is the catch. Only the recent versions of ufw (which the version that comes with Ubuntu 8.04 isn’t one of them) support inserting new rules. When you add a rule it gets appended. So if you had a rule before that allows everyone to connect to your server on port 80, it also allows the IP range you’re trying to block, to connect to your machine.

As it’s impossible to foresee all the rules you might use, one has to resort to deleting all the rules he has to override, then re-add them so they will be after the rule that blocks the IP range. However I disliked the idea and looked for a simpler solution.

The easiest method I’ve found was to manully edit ufw’s configurations:

sudo vim /var/lib/ufw/user.rules

And then move the rule I’ve added, which looks like this:

### tuple ### deny any any 0.0.0.0/0 any 188.162.67.197/21
-A ufw-user-input -s 188.162.67.197/21 -j DROP

above any other rules in the configuration file.

Afterward, you’ll have to restart ufw so it will reload its configurations.

sudo ufw disable
sudo ufw enable

The guidelines weren’t just empty words, they were written while working on the Hebrew adaptation to the Fusion theme and in the same time writing a new proof-of-concept version of cssrtl.py. The original intent was to release a more mature version of that code when it will be completed. However, due to the apparent shortage of time in the present and foreseeable future, I can’t see myself complete the project any time soon. So following the “release early” mantra, I’ve decided to release the code as-is. As I said, the code is in working state, but not polished, so it may be of benefit but may contain bugs. If you find any bugs or have any suggestions, I would be glad to hear.

Download

You can download the new version from here: cssrtl.py-2.0.tar.bz2. The code is available under the GPLv2 or any later version.

Usage

The new version works by creating a seperate css “fix” file that fixes the directionality of the css styles.

./cssrtl.py < main.css > main-rtl.css

Afterward, just link the main-rtl.css after main.css in your HTML files.

Screenshot of game session

Instead of letting the project just sit and wait until it will be redeemed and completed I’ve decided to release my code. It consists of a simple terminal user-interface and an AI opponent. Compiling is straight forward and doesn’t require any special libraries. You can obtain the code from here: oware-0.1.tar.bz2 [15.1 KB].

tar xvf ./oware-0.1.tar.bz2
cd oware
g++ main.cpp ai/basic_ai_engine.cpp -o oware

Running the program is pretty simple, just type ./oware. You will be prompted to select the level of the AI opponent. The higher the number the slower and better the opponent will play. I suggest starting pretty low, and climbing up untill you find it challenging. The houses (holes) are numbered from 0 to 11 starting with the bottom left hole (yours) and going counter-clockwise.

The game is licensed under the GPLv2 or any latter version, so fill free to hack and improve the game if you have time.