Boring techie stuff

We used to get paid for IT once and put more effort into it, as here. Processed in 100% xoggoth written software those were. Now in our dotage (nearly 32) we just knock stuff up we need for personal use or in connection with our/our missus's tiny businesses. Some might find bits useful. We don't do extensive testing as we can't be arsed so no guarantees but they work, on our PC anyway. Feel free to do what you like with them.

1 Simple RBS Worldpay Callback script in PHP

Initially we used formmail. It worked but did not send a confirmation to the customer and the copy sent to us was an unformatted stream with the essential order data buried in a mass of crap like msgType:authResult, charenc:UTF-8 etc. We tried changing the extremely long perl script but could not make head nor tail of it. Then we suddenly twigged what is probably obvious to experienced server sidey people: except in one respect there is no difference between handling Worldpay's callback and mailing results from your own website form! When they send currency: GBP it's the same as your form having an INPUT type of NAME=currency, VALUE=GBP.

That one respect is security. Since the post is from outside your own host it could be used by spammy sorts so therefore:

  1. You may need to request your hosters to allow Worldpay access through the firewall if it does not already have it.

  2. You need to ensure that only Worldpay can call your script to avoid spammers calling it. A dedicated script does not need all the functionality of a general purpose one and can be much shorter. In particular, you don't need extensive checking for spam signatures, you just check that it is Worldpay that is calling.

One important thing you need to be clear about is the distinction between the customer details as taken on your own website and the customer details as taken on the worldpay site which may not always be the same, someone may use his own credit card for a business purchase for example. The details on your site are for delivery and you populate worldpay variables so they are copied to the wp site but the customer may then alter those to the details for his card. Therefore you will have two sets of similar variables for name, address, email etc. Names of the worldpay ones are set by them, see their documentation. Yours are set by you in your submission form with M_ or MC_ prefixes as required by wp. Your form names will probably not be same as my form names so you will need to change them in the script. See here for all names passed to WP from my form.

Anyway, here it is. A shortish php Worldpay callback script that works. The file extension must be changed to .php before uploading. The comments should make it fairly self explanatory. Just put your own details in where needed and change the variables, M_..., MC_... etc to be the names of those you use in inputs of your order form to pass to Worldpay.

This page is just a crude test page. As we said above, the WP post is no different to doing it from your own form so can you use the form here to test your php. Put some echo statements in the php script if needed, there is a commented out line in the script as example. Again, the form variables in this page will not be the same as yours so change to suit. The most important thing to change in the page is the order email address which in my case is called M_email, else you won't receive anything at all! You can't set the submitting ISP so the php script will reject a post from this page as spam. To get round that temporarily, just uncomment the line: //$error = 0; //temp test leave commented

2 Blog comment scripts in PHP

We don't really know php but after free Haloscan got taken over by some crappy thing we had to pay $9 a year for ($9 !!!!) we decided to make our own and bunged these together using various bits and pieces from the net. They are doubtless very inefficient and have a lot of duplication but work well. Includes easily modifiable anti spam code and a simple comment delete page.

Step 1 - create MySQL table.

You need a Mysql database in your hosting options. Create a table called "comments" with the following fields:

Use defaults for null, collation etc.

Step 2 - upload php files.

The following bits of php code are saved as text files so you can view them. Save to your PC changing the .txt extension to a .php extension. Note that some will display as html webpages because they are html format, a php file can contain or consist entirely of HTML. You still save on your own system with .php suffix, NOT .html. Before uploading these to your own host check through and change any line preceeded by *** to suit your own usage. There are comments against these lines to help you. For security you should always put php or other scripts in a separate directory with permissions of 0711 (owner read-write-execute, group and world execute). The files themselves should have permissions of 0755 (owner read-write-execute, group and world read and execute). Your FTP program should let you set these permissions.

php header files references my style sheet main.css which is here. Change .txt suffix to .css before uploading to your site to same directory as above.

Step 3 - Reference these in your blog page.

A) Put the following in your style section in the HTML header:

.comm {background-color:mistyrose; border:1px solid black; width:650px; padding:10px; text-align:center;}

B) Put this function in the jscript section in the HTML header. Where I have 033 put your own blog page number. This page number prefix is not essential but is useful as you can distinguish comments on one blog page from similarly named comments on another. Useful if you keep ranting about the same old things like most bloggers. (Not us at bloggoth obviously)

<script language=Javascript>
window.onload = init;
function init()
for (n=0; n<param.length; n++)
with (document.getElementById("cnt"+param[n]))
cnt = 1*innerHTML; cnt++; innerHTML = cnt;
function getparams(thispage)
str = document.getElementById("countin").contentWindow.document.body.innerHTML;
n = 0; p1=0;
page = str.substring(p1,p1+3);
if (page!==thispage) break;
p2 = str.indexOf(",",p1);
if (p2>0) param[n] = str.substring(p1+3,p2);
while (p2>0 && p2<str.length);

C) Stick this down at the bottom of your page just before the </body></html>. My path praise/ here should show the actual path to your php files from your blog page, for example, if the blog page is in your top level directory and you put them in a folder called comments this would be <a href="comments/display.php?action= etc/ (PS Using names like comment, feedback, mail etc is not a good idea as spammers search for such words)

<iframe id="countin" src="praise/count.php" style="width:20px; height:120px; visibility:hidden"></iframe>

D) Put the following after each blog post with the obvious changes. 033 is the page number to distinguish from same named comments on other pages - see B) above. The only thing that matters about page number is that what you put in here is the same 3 digit number as in jscript of B) above. You can not bother and just put 000 for every page if you prefer, the ID makes the table records unique even if the thread titles are the same. Note that comment titles in line 4 and 6 must use @ instead of a space. The code checks are case sensitive so make sure any use of capitals is the same in both. Change praise as per previous paragraph.

<center><p class=comm>
Topic: Citizen accounts
<a href="praise/display.php?action=033Citizen@accounts" target=_blank>here</a>.
Comments so far:
<span id="cntCitizen@accounts">0</span>

That's the actual bloggy stuff. For more control there are a couple of small utilities. Upload these extra files to your comments directory, again changing the .txt suffixes to .php suffixes as before.

1. The first is a page that lets you view comments including poster details like IP address. Using the delete page is much quicker than having to log in to your mysql database to delete a comment, just tick the comment you want to delete and click submit. If you use browser back after deletion to see the list again you must refresh to reflect your deletion. This could probably be improved but we can't be arsed. Also note that if you delete a record it's gone for good so if this matters you may need to add a means of backup.

2. The second utility is an uploader for the anti spam definitions file, spam.php. The uploader is again included here as a .txt file so rename as .php. Save the html file as is. spam.php was one of the main files from step 2 above. It is a simple list of strings likely to be found in spam. Changing it should be fairly obvious from the comments in it and after viewing the delete page. If you are getting spam from a specific address you can ban it.

3 Android notes

We don't know where the problems lie but developing for Android on Eclipse is initially like battling a horde of evil demons. Sometimes you can close Eclipse with a perfectly working project and the next time you open it you have missing path or folder errors. There are so many problems for the beginner that anyone used to the relative ease of .net on Visual Studio will feel like giving up. You spend your time on the net finding many others with same problems but good answers are few and far between. Here are some tips for beginners