Archive for the ‘Personal Blog’ category

« Older Entries

WordPress page header images made easy with SB Uploader

March 22nd, 2013

Screen Shot 2013-03-22 at 11.55.13A couple of years ago I wrote a plugin called SB Uploader. I did this because I didn’t like the media library that WordPress used and wanted to setting the featured image within any WordPress post or page simple. Well after a couple of years of development it is now in use by potentially thousands of people (perhaps a tad self indulgent but it has been downloaded a lot and is bundled with a fair few stock and premium themes) and supports custom post types and taxonomies as well as being able to be added in multiples (several configurable upload boxes per post type).

I use it with practically every theme I write for people and it is by far my most popular plugin yet (alongside SB Welcome Email Editor). I wanted to show people how you would set up configurable header images for pages and maybe posts using the script.

There is a function called sbu_the_wp_image which will return the featured image for the current post item (page or custom post type too). You pass it the size you want it to return (thumb, full or a custom image size) and there you have it. Job done. Just add the code to your page.php file above the call to the_content() (or wherever makes sense in the markup) and it will work.

<?php if (function_exists('sbu_the_wp_image')) { echo sbu_the_wp_image('feature_header'); } ?>

The above code is all you need to call the featured image for the page and the following code should sit in your functions.php file or be configured via a plugin in order to tell WordPress what feature_header actually relates to in terms of image size.

<?php add_image_size('feature_header', 960, 200, true); ?>

It defines the image size, sets the dimension to 960×200 and the ‘true’ portion tells it to hard crop which will guarantee that it is always that dimension by cropping after the initial resize rather than using a proportionate resize and providing an image within those limits.

You can get SB Uploader from the WordPress repository. Any ratings or feedback is welcome as are any feature requests. I hope to be able to write something to better deal with WordPress galleries before long as I am not satisfied with the way they work at the moment. Watch this space!

3 comments »

Posted in Personal Blog, Plugins, Plugins, Time Savers, Tutorials, Updates, Wordpress

Selecting the right theme for your WordPress site.

March 21st, 2013

Top-10-Wordpress-Plugins-300x300I spend a great deal of my time writing new themes for people by design. I work closely with graphic designers who make bespoke layouts and imagery for me to work into a WordPress theme. However given the financial climate these days a fair few people are asking for a more cost effective route instead. Over the last few months I have been offering a stock theme option for my clients who want something a bit different on some pages on their site but a generally clean and professional look everywhere else on their site.

So where do you go to find these themes? Well Google of course! If you have ever looked at the WordPress theme repository you will note that the either face is shockingly hard to use to find the theme you want and of course because they are all free the chances of finding X other sites using the same layout is very likely indeed.

Certainly when looking for any type of WordPress addition I head over to google and start to search around a few of the plethora of top X sites listing themes and plugins that have been recommended by that particular author. I find these types of site extremely useful because not only do you get the sales pitch which can be duly ignored but you also get a real persons take on the theme or plugin and its usefulness in their situation.

You will find these sorts of posts exist in many forms including those genre or industry specific. I use these sorts of posts when looking for jQuery plugins (sliders etc) and plugins too. It’s good to know what other people think in these situations. I actually bought a theme called Branded the other day off of the back of one of these recommendations. There is a huge amount of excellent work out there and the cost makes them an absolute steal!

A company of note when choosing themes and plugins would be Woothemes. I actually use their products a lot for my work and although not the most visually original they are clean, professional, usually responsive and has an excellent raft of plugins and companion scripts to make their offering the best I have seen yet.

In recent weeks I have used the likes of Theme Forest also for more unique looking themes for clients that want something a bit different. I actually bought a religious church based theme because I liked the calendar and wanted to use something similar for a client job. I have yet to use the theme itself but have pocketed it for future use!

In conclusion my suggestion if to open your wallet and spend 50-70 dollars on a decent premium theme and you can’t go far wrong. Then someone like myself can step in and provide you with your own unique customisation s meaning you have more in your budget for that custom calendar or ecommerce system you always wanted ;)

No comments »

Posted in Personal Blog, Themes, Wordpress

Costs of a basic website and how to go about getting one

October 17th, 2012

Piles-of-MoneyThis is something that people seem to be searching for so I thought I should write a post to explain. It seems that the general knowledge of websites and their costs is fairly low and therefore I shall explain.

There are four main costs when setting up a new website. These are Domain, Hosting, Design and Programming. I shall talk about each area in some detail.

Domain

The domain is the name of your site. My site is called currently sean-barton.co.uk but I intend to move it to tortoise-it.co.uk very soon. A domain is essentially a lookup service which turns  a IP address (a set of numbers to uniquely identify the server on which your website resides) into a name such as tortoise-it.co.uk. This is 100% necessary for you to buy. People charge varying amounts for domains and the cost will fluctuate depending on both the person registering it for you (the design agency or technical contact you are dealing with) and the domain registrar, the company which actually sells the domain to you and provides you with an interface for administration. My recommendation is to always register the domain on your own or with advice but perhaps not doing it via a technical person such as myself as it cuts out both complication in billing and of course overall control of the brand linked domain. I personally use 123reg.co.uk who charge £2-£5 for a .co.uk domain I think although, of course, there are a vast multitude of registrars around the internet. Once you buy your domain I recommend putting it onto direct debit or a card which you don’t think will expire any time soon because one of the most common causes of older sites going down is the owner forgetting to pay up each year for the name.

Hosting

I won’t go into too much detail here but I shall say that hosting is a massive area of the internet. Costs are annual although a lot of companies offer a pay monthly thing and normally accepting payments via Paypal. If you don’t have a Paypal account then get one as they are both free and ubiquitous in western society. I personally use Hostgator. use ‘tortoise25‘ in the coupon field for a discount. Yes I get a kick back but you also get a cheaper deal than their public prices, even with any seasonal sale they might have on. So what level of server do you need? They are so complicated right? Well 99% of the people on the internal will only need the cheapest deal that hostgator will offer for $8 per month. Forget that the price is in dollars as Paypal will do the conversion and charge you accordingly. However running a server isn’t entirely straightforward and therefore your technical contact or agency might offer to host on your behalf and bill you accordingly each year. This is generally a bit more expensive but it means you get more value and things like email management, crisis recovery and backups are handled accordingly. This is even more important if your livelihood is reliant on your website being up. A general price for a ‘managed’ (by someone like myself) hosting package capable of running any type of site with no imposed limits or quotas is around £100-£150 per year. It is not entirely important for you to have control of this as servers are interchangeable unlike domain names.

Programming

So you have somewhere to put your site. Now what?..

A website is written in HTML, the language of the web. You might have heard of it.. it’s been around long enough. However there are languages which people like myself use to generate the HTML of a site. CSS for styling, JS and jQuery for moving and dynamic elements and then on top of that all you have two of the most popular languages of the web PHP and ASP. The latter, ASP is antiquated and used only by those people who don’t know better. Support for it is low and software for websites written using it is generally horrendously and unnecessarily expensive. However.. PHP on the other hand (you can tell which I use by now I hope).. This is all largely irrelevant  but you need to be aware of the language names at least. ASP generally runs on a Windows server and PHP on a UNIX server. They are, however, interchangeable but they are the normal configurations. There is also SQL, the language of the databases of the internet. This comes in two flavours MySQL and MSQL for PHP and ASP respectively. All of these languages are free to use although ASP sites are generally both more expensive to develop and maintain on account of ASP developers asking a premium for their efforts in my experience.

Deciding what you want your site to accomplish will largely effect the cost. Right now I shall say anyone that charges by the page just walk away. Websites are not written by the page and therefore charging for a 3 page site differently to a 5 page site is misguided. The amount of effort that goes into a site is magnified with each template (or unique layout). You might find that your 50 page site includes a unique homepage layout and then 49 pages which share a common layout. To a developer such as myself we consider this to be two pages of effort with varying content.

There are a few types of site I generally meet… magazine/news, brochureware, ecommerce and bespoke. For the vast majority of sites we can use a base system called a CMS or Content Management System which puts a prebuilt user interface and administration system in place for someone like myself to ‘theme’ and extend with ‘plugins’. Those who claim to ‘hand code’ sites clearly know no better. Unless of course they don’t mean they use ‘static code’ and they mean that they don’t use a piece of software like Adobe Dreamweaver to generate their sites for them. It’s not a bad thing so much as it not being very effective and the results generally being fairly poor.

The CMS’ of choice on the internet right now are WordPress, Joomla and Drupal. The latter two being hopeless and outdated so I tend to use WordPress unless the client specifies otherwise in which case I convince them. WordPress is actually powering a vast corner of the internet at the moment. The range of plugins and themes available to allow a non technical person to put a site together is phenomenal. I got into WordPress a few years ago and have since then been making it do some very complex and very useful things for my clients. All the while at the end of the job they remain in full control of their sites and do not need to call me each time they want to change some text, add a page or upload something. All three CMS’ are free to use and there are both free and premium extensions for them.

WordPress has their own directory of ‘themes’. A theme is a set of files and images which can be applied to a WordPress site to give it the look and feel that you want. There is a plethora of free themes on the internet but mostly they are amateur efforts in both code and end result in my experience. Of course also using a free theme for your site means you don’t have that unique or branded feel to it. Themes come in varying shapes and sizes and of course qualities. Of course the ‘free’ aspect of this attracts people and so is an option. I’m not suggesting that all free themes are bad but the compatibility and support level will always be unknown to you. If you would like to try and make a site yourself then I recommend getting a premium theme. You need to pay for them obviously but the support will be better and the quality of work and compatibility is likely to be superior. I tend to recommend Woothemes as a premium theme supplier. They charge $50-$70 for their work or you can buy an annual thing for a couple of hundred and get access to all 97 or so themes they offer.

For those that do definitely want something unique for them the only path is to use a graphic designer. People like myself (developers) have good relationships with these sorts of people as we often work closely together. The job of a graphic designer is to take your vision (or help you build one) and turn it into a site design for someone like myself to then take and turn into a theme/site combination. Generally a designer will want to talk to you about your existing branding, logos, fonts and colour schemes and generally ask for examples of sites or chunks of sites you like with reasons/justification. They will then produce a set of ‘concepts’ for you to look at and then you would approve one before it goes to full design. Costs vary per designer. In my experience they generally ask for a similar amount of money to a developer such as myself although there is a huge range of prices.

A developer or technical person such as myself will be able to guide you through the entire process. You could talk to an agency who will be able to provide the full service from hosting for you to design and development and of course maintenance. A site generally if a design is done or a template being used should cost less than the average persons monthly wage or even less if ou specify you are on a budget. However what most people tend not to realise is that not wanting to spend a lot directly effects the end result. You can’t walk into a Ferrari dealership with £10,000 and leave with more than a brochure. It’s the same in this business. Frankly you get what you pay for although people in my profession will always be able to talk you through the options and find the right balance of cost to quality. Perhaps I shouldn’t use the word quality. It’s more the functionality you can have which might need to change. Designers, in my experience, tend not to charge more for more features.. only more time (which of course has a cost).

Ecommerce

Having a shop on your site isn’t as complex as you think. Yes it increases the cost by a not insignificant amount but using WordPress and a plugin called Woocommerce (which is free) you can have basic shop functionality without the need to rebuild your existing site. The thing which does cost money though is Payment Gateway integration. If you want to use your bank rather than Paypal and if there isn’t a prewritten module for it then you would need to have the interface written. This varies in cost dependant on who it is. The more popular ones are available as premium addons for prices ranging between £20 and £100. I tell my clients that a basic gateway at a guess will cost around £200 to integrate. Then depending on the level of documentation and support available work can commence. You might be tempted to go for a standalone shopping cart for your site and have a blog or content pages separately but this is only really recommended when you are going to have thousands of products and want a quite complex shop setup. Most people do not need this and the content capability and extensibility of a CMS such as WordPress should make up your mind in it’s favour. If you want to shop around (bad pun) for ecommerce platforms there are several free ones in use, the most popular being Magento but some older programmers using OSCommerce or Zencart. I recommend you stay away from these last two as they are nothing but trouble.

Bespoke

Sites which perform a complex action or have a purpose other than to show of your hobby/business or sell your products might be classed as a bespoke build. The above comments can mostly be thrown out in this case as each project is different and therefore each cost is going to be different. Either way it won’t hurt talking to someone with contacts and to help you flesh out your ideas.

Shameless self promotion

What sort of businessman would I be without the obligatory contact form at the bottom. You can get in touch using this form and I shall normally reply within a few hours if only to acknowledge receipt of your contact. I do not charge for quoting people and will be able to give a ballpark figure for some work based on a short conversation.

Your Name (required)

Your Email (required)

Contact Number (if relevant)

Where did you hear about me?

Where are you based?

Your Message

No comments »

Posted in Personal Blog, Tutorials

Tortoise IT Ltd is now open for business

April 19th, 2012

It’s been on the cards for a while this one but I have just arranged with my Accountant for my new company to open it’s virtual doors. Nothing will really change for me or this site for now although I have an excellent new theme to put live very soon and a WordPress Clinic to open!

3 comments »

Posted in Events, Important!, News, Personal Blog, Shameless Plugs, Statements and Rants

Donation buttons and self promotion in your plugins and themes.. yes or no?

December 14th, 2011

As regular readers might have noticed, I am a (more than) full time WordPress plugin and theme developer. I have spent the last few years doing this and have an intimate knowledge of WordPress. Because of this, like so many others, I have a base stock of plugins I tend to use for my clients’ sites which I use for a number of reasons.

The list of reasons tends to include the obvious things like ‘are they any good or not’ and ‘are they free’ (always a winner that one). However, one of my other criteria is to do with the existence of the other plethora of rubbish that some developers seem to chuck into their plugins almost as a matter of course.

This post was to do with donation buttons but I suppose that we can extend it to the following:

Automatic backlinking

When I looked at my sites XML Sitemap the other day I noticed that there was a nice little comment in there attributing the work to the guy that wrote the plugin. I find this incredibly annoying as, if it were an option in the plugin, it would almost certainly be turned off.

Donate buttons

I appreciate that plugins take time to write but little cheeky buttons that suggest they want $5 for a coffee is a particular annoyance of mine. I have one donate button and it’s on my homepage sidebar. This means that anyone wishing to give a donation can do but I never expect anyone to. The important thing is that whenever I go to the settings page on a plugin it’s not sitting there in a little box begging for some cash or, more suggestive, suggesting I look at their Amazon wishlist.

Flashing/fixed admin banners

I find that within some plugins people have gone as far as to write a nag box to show within the admin screens to ask for money or to show me a ‘sponsored’ news feed. Often the developer has copied and pasted some code to add this and managed to add it to that all roles can see it, not just Administrators.

News feeds

This one doesn’t bother me as much but I do appreciate an ‘off’ button. On the WordPress dashboard there are boxes linking to WordPress RSS feeds for plugin news and updates. Some developers like to put their little boxes on there too. If I were to allow people onto the admin backend of a site the last thing I would want to show them would be several boxes picking up content from RSS feeds I have no control over.

Social media buttons

The curse of social media now means that every man and his dog wants a Facebook or Twitter button on their site. I actually found myself considering getting a Twitter account the other day but then slipped out of that coma and came back to my senses. My personal feelings on people wasting their life posting ‘status updates’ aside, seeing these boxes splattered all over the admin systems that I use is as much of an annoyance as anything else. Social media sites are great for companies wishing to promote themselves and for people ‘getting back in touch’ (as often is an excuse given by Facebook fans.. what ever happened to email. Given it’s a new technology I know) and not to mention SEO but do I need a dedicated sidebar on admin pages for some plugins telling me what the developer ate from breakfast and is currently doing on the toilet.

HTML comment backlinks

I notice these all the time.. in fact I was speaking to a good friend about them last night when I mentioned I had written a major app which is being used by a few big name companies and he said that I need my name in there somewhere. I suppose my point is that if I have been paid to write something for someone then it’s their name that goes on it, not mine. It’s a little bit different with ‘free’ WordPress plugins where the author needs their credit but then again that’s that the Author Name and Author URI comment fields are for within each plugin and theme.. to attribute credit in a clear, consistent and unbiased/customer facing manner.

Forced suggested donations

I came across this idea when using a plugin this morning. I am working on a client site and wanted to remove a little blue box which keeps popping up suggesting I buy him a coffee or pay his mortgage or something. There was a convenient little button to dismiss the box which I clicked (who wouldn’t!) and it took me to his site which was splattered with both advertising, follow buttons and an explanation saying that if I were to pay him some money they he would ‘arrange for those boxes to flutter away’.

Security concerns

I have some concerns here.. in effect the developer has written a back door into the site (and he’s not the only one.. lots of plugins do it). He can easily log my site address or any other information sent with the request and note how often it’s being used. It’s stats heaven for the developer but rather concerning for anyone else. In effect in order for advertising to ‘flutter away’ he needs to add my site address to a list he has somewhere which will cause the advertising not to show. Feels a bit wrong to me.. thoughts anyone?

Conclusion

I tried to be impartial in this posting and intended to weigh up the pros and cons of this shameless self promotion (whoops) but clearly failed. It’s a shame that I really have to stop using, or just edit the code inside, some plugins because the person who wrote it feels that, for offering an open source plugin, they get carte blanche to advertise/nag/demand money from you until you jump through a hoop or two.

Plugins written for free should really be rated highly on the WordPress plugin directory. They should be talked about, celebrated and, as such, the developer will see both an improved site ranking/self popularity and most likely end up with more work because of it.

I have several plugins in the plugin repository myself and have offered tens of plugins on this site for free. In each one the only link to me or my name is the plugin author and site. The rest is on this site (sans social media and advertising and only the one small donate button if people really feel the need). I would love for a few more developers to take this approach as there are some really good plugins out there which I simply can not use out of the box because of one (or frequently more) of the afore mentioned reasons.

To see a list of the things I offer on this site then take a look at my downloads page

Ho ho ho and happy holidays everyone. I shall be working up until Christmas Eve undoubtedly but I hope to have written a new theme for this site by the n new year. Let’s see if it happens!

4 comments »

Posted in Personal Blog, Shameless Plugs, Statements and Rants, Wordpress

Tags:

Simple custom post type features for WordPress

July 15th, 2011

I have been using custom post types in WordPress for a long time now…. In fact each new theme or plugin I write I tend to integrate a custom post type and some supplementary meta boxes here and there. If you have no idea what i’m talking about then this article probably isn’t for you… however read on and I shall explain briefly.

Custom post types are wonderful for parts of sites that don’t generally fit into the standard Post or Page model. For instance WP Ecommerce (the most popular WP shopping cart) has just started using custom post types for storing their products… you will get the idea, products being a custom post type. If I say that they are a way of storing things in WordPress that can, if needed, provide a way of administering these objects as if they were a page like any other.

Adding them yourself requires some code and adding the fields that will appear on the page will require some more. This isn’t what I want to go over right now as there is an easier way. To get an idea of what I mean, see the following screenshots…

Note the bottom three, they are custom post types

This admin interface is generated for you with 0 effort.

“Products” is generated by WP Ecommerce and my theme added “FAQs” and “Photography”. The second screenshot shows the admin interface, similar to the post/page editor, which is generated and the meta boxes which can be added very easily indeed to make it appear that way. The way that these can be added without writing any code would be to use one of the ‘More’ plugins…. These are More Fields, More Types and More Taxonomies… all freely available WordPress plugins although I tend not to use them these days (I write them into my themes instead). Take a look though.

This article was really to outline what you do with the data within these types in the real world. Of course storing the data is easy, using it requires some imagination really. The post type items are stored in the wp_posts table and the fields you add as meta data are stored in wp_usermeta. You can easily retrieve the information using standard WordPress functions.

The following function can be used to get all of the photography items and store them in an Array of Objects for looping and output any way you see fit…

function get_custom_post_type_items($custom_post_type) {
	$args = array(
	'post_type' => $custom_post_type,
	'post_status' => 'publish',
	'posts_per_page' =>-1,
	'orderby' => 'post_date',
	'order' => 'DESC'
	);

	$posts = new WP_Query($args);
	$return = array();

	if ($posts->have_posts()) {
		while ($posts->have_posts()) {
			$posts->the_post();

			$post_id = get_the_ID();

			$sub_post = new stdClass();
			$sub_post->post_id = $post_id;
			$sub_post->title = get_the_title();
			$sub_post->permalink = get_permalink($post_id);
			$sub_post->content = wpautop(get_the_content());
			$sub_post->meta_data = get_post_meta($post_id, 'meta_data_name, true);

			$return[] = $sub_post;
		}
	}

	wp_reset_query();

	return $return;
}

You can use this function in your functions.php file in your theme to be called by a page template or a shortcode if you add one to return the items you have added as custom post types. I have added a single meta data item called meta_data in each row which gets a custom field from the custom post type item called meta_data_name. In my Photography example I would just have more lines like this to get the various items from my custom meta box

$sub_post->png_image = get_post_meta($post_id, 'png_image_url, true);

Another good example use of this function would be for a featured items slider that you often see at the top of websites. One or more pages might have a portfolio item slider or a rotating banner or something. In that case you would call my function from your header.php file then loop through it outputting the appropriate HTML per line before using something like a jQuery call to construct the slider.

When you understand the applications for custom post types you might be finding yourself using them in more and more creative ways. I wrote a custom meta box a while back to link custom post type items to each other across different types. This was to allow staff member types to be linked to team and office types and so on. Then using this association you can output something like a dynamic organisational chart using a shortcode or a custom page template without having to hard code a thing.

This is a thinker, I imagine, for some people. Get in touch with me if you want any help putting these custom post types in place and utilising them on your site.

4 comments »

Posted in Personal Blog, PHP, Themes, Time Savers, Tutorials, Wordpress

Want a website? Basic details on cost and what you are likely to be asked for…

July 14th, 2011

A lot of my clients seem to think, at least initially, that having a website built is a case of asking someone like me to write one and then their involvement stops. That is not the case as you are about to find out. This isn’t a rant or attack on people who don’t know the specifics of the web but hopefully will serve as a guide to those people or give other people like me a checklist to refine and give their clients…

First things first… Costs.

It doesn’t cost the earth to have a website written. A normal company is likely to want a presence on the net and that’s it. No need for huge fancy sites to be optimised to within an inch of their life and no need to even have a graphic designer involved. Of course you can do, and generally end up with a better site but if you want to keep things simple then it’s not necessary.

There are only really two ongoing costs for a website… domain name(s) and website hosting.

Domain Names

A domain name is very cheap indeed although costs do vary. In the past I have used a few registraars and people always have their favourites. I use Europe Registry for this site but have just registered www.letsboat.co.uk with 123-reg (aff link) for a grand total of £7 for two years.

Web Hosting

Many website developers such as myself will offer to host the site for you at £X per year. This is a good idea if you want a lot of support but ultimately it’s cheaper to do it yourself and pay a developer when (if) things go wrong. This site is hosted with imountain however I wouldn’t recommend them at all. It costs me $10 per month but I find it very slow here in the UK. I tend to recommend Hostgator (aff link) to my clients. All you need for your own website is their most basic package although I would recommend their Baby plan in case you want to host more than one site using the same account. you can pay monthly with most hosts although you only usually get the quoted prices if you pay for two or three years up front. Depending on your financial situation this might be worth doing. If you go to hostgator.com and use tortoise25 as the coupon code you will get 25% off the quoted price if it helps.

Website Development

No one, if they can help it, writes sites in pure code any more. They are a nightmare to maintain and generally not very good. Also, as the client, you end up paying for a developer to make the smallest change. This is where WordPress comes in. WordPress, a content management system (CMS), allows you and developers to write sites (like this one in fact) quite quickly and with a massive range of free themes and plugins to make sites do whatever you want them to. Galleries, shops, video players, etc… All doable without much more than a few simple steps.

Installing WordPress requires you to get a PHP enabled server, set up a MySQL database, FTP up the WordPress files found at WordPress.org, apply the theme, add some plugins and write the content in. Sounds like a lot but when you do it for a living it doesn’t take long to get something up there. However it’s kind of like car maintenance.. you think you can service it yourself and you know that, in principle, replacing a few engine consumables is an easy job and takes a mechanic only a couple of hours. Then you start the job and it takes two days and never does run right after that. See the parallel there? :)

That’s it…. you never have to pay for content updates and you can always contact me for advice/help. If you hadn’t noticed, I’m a bit of a WordPress enthusiast. But then why not when WordPress is used for a huge number of sites on the internet (50,000,000 I think was the last count I read).

What do you need to provide to a Website Developer?

Simple enough question to ask, hard question to answer really. Here is a very basic list…

  • Content
  • Look and feel
  • Gather resources to use

And then for any site with an ecommerce aspect:

  • Products
  • Payment processor (Paypal, Clickbank, Sagepay, etc…)
  • Gather resources for download or delivery

Let me expand on these…

Content is self explanatory. I recommend firstly thinking about how many pages you want on the site and then jotting down, in something like Word, the content for each page. Images to compliment text is always a nice addition but can be done later. Additionally with a domain and a site you might want to let people get in touch with you. Have a think about what phone numbers (if any) and email addresses you want public or if you just want a contact form.

Look and feel is something that will definitely need to be expanded on. If you have a look at a few themes around the internet. There are literally thousands of them out there, loads free and others premium. Either is ok and neither better than the other. WordPress has it’s own showcase of free themes (required to be free to be in the list!). Someone like myself will firstly ask if you want a graphic designer involved, at which stage this process will be escalated to another level of cost and complexity. However, if you want something basic then a free theme will do. There are a large number of ‘framework’ based themes for free out there which allow people to edit their theme without touching the code. They tend to be very basic but might be a good starter. Otherwise there are even more standard themes about which can be modified to suit if need be. I normally recommend that people give up to three themes from the directory they like and then a new theme can be made which incorporates the better features of each.

Gathering resources is really just a cursory note for you to gather any images or logos (your company logo for example) in digital form to be added to the site. They need to be as high a quality as you can find. Images like logos should really be in JPG, PNG or GIF format and be bigger than needed so they can be trimmed to fit for the site. You can make images smaller and retain quality but not make them bigger.

Ecommerce aspects really are similar… Products is just something, as before, for you to think about. The descriptions for the products, the pricing, images and ways of getting hold of them (postage, pdf, etc..)

Payment processor is what we call the way in which people are asked to pay for their items. Normally Paypal is the standard for small sites. People tend to have accounts via eBay these days anyway. Other types of processor are available but tend to incur monthly costs (£20/month I think for Sagepay). Paypal is the easiest if you want to keep ongoing costs down. The requirement to sell is that you have a premier or business account. To do it you just need to login and look at your account settings then jump the hoops to update your account. This simply involves linking a bank account to you Paypal account (takes a few days, best done in advance of being needed). Nothing official otherwise needed.

Gathering resources is, again, just putting together the images and the content for the products. There are several shopping carts for use for downloads and ecommerce within WordPress.

SEO

Perhaps the buzzword of the net these days. I’ve not yet met someone that hasn’t heard the acronym although often people don’t know what it means… only that they want it. Plugins exist for free for WordPress to allow you to add your site to Google and other search engines and to allow you to compliment your content with the right sort of data to get you noticed. There are quite a few guides on the internet to help you through this.

Summary

So what was the point of all that then? Well… hopefully now you shall know about the sorts of things you are likely to be asked for when wanting a website and will be prepared for your initial conversation with website developers if that’s the direction you want to go.

By all means get in touch with me to go over any project you have in mind or even just to get an idea of how much it would cost for me to do it all for you. Take a look at some of the sites I have done in the past on my Portfolio page or get in touch using either of my contact or get a quote forms.

No comments »

Posted in Personal Blog, Shameless Plugs, Themes, Tutorials, Wordpress

Tags:

PHP source code protection – the basics

April 2nd, 2011

If you have ever sold or considered selling your code/application you would most likely have thought, if only briefly, about stopping people from buying a copy of your code then passing it to their ten friends (disclaimer: not all people have ten friends! some have more (or less!)) for free.

‘Why not add a product key?’ you ask!

Well yes a product key would do the job and avert the efforts of a portion of these people but obviously when using an interpreted/scripted language such as PHP they will be able to open up your source code, remove any license checking code and then pass the ‘cracked’ version around as before. Generally it’s not hard to find this sort of code… simply look for any filenames which hint at ‘licensing’ or ‘auth’, open them up (usually very small files) and put a ‘return true;’ at the start of the key checking method.  As I said this method stops a large portion of people from passing it around so it’s still worth doing.

What about a ‘call home’ script?

Same story here I’m afraid but more convenient for the seller (and you can get some lovely stats on the people using your code). A Call Home script is simply a piece of code that runs on the client site (per page load? per admin page load? every day on a CRON job?) and in effect sends a request back to a central server run by the code seller (you?) to simply authenticate sites. If, for example, example.com buys a script from my_premiumscripts.com then installs it on their server… Every so often the example.com server will call the my_premiumscripts.com server and have the following conversation:

example.com (e): Dude?
my_premiumscripts.com (m): Dude?
e: So… I’m just checking in with you, everything ok?
m: Ah great stuff, yes I see you purchased a copy of my code. Feel free to carry on using it.
e: Brilliant!
m: Indeed. don’t forget to check in with me tomorrow though.
e: Ok bye!

Or they could say this:

example_dotcomsmate.com (e): Dude?
my_premiumscripts.com (m): Dude?
e: So… I’m just checking in with you, everything ok?
m: Who are you again?
e: I’m a new site you don’t know about. I got your script from a friend (torrent? friend? unauthorised reseller?)
m: Oh ok, that’s fine with me but you have to send me some money first before you can use the software.
e: What? Hey I just want to have a look at it for a few days (years)
m: Nope sorry, I am going to deactivate the software on your site now. Bye!
e: Oh ok, bye!

Ok I jazzed up the conversation a bit but you get the idea. Call home scripts work really well from a protection point of view but have one really major drawback… they require you, as the seller, to have a 100% uptime server and it requires either the client server or the clients users to each initiate a request to that server. This means that both your server is going to get a lot of, what can only be described as, logging traffic (useless to everyone really) and the clients (servers or client machines) are going to get a worse (slower) user experience because of it. That and if you ever decide to move server or domain for the script then there is a lot of admin to do.

Either way there is the potential for you lose out on potential lovely cash. What we need is to be able to use the product key method with a way of stopping people from getting at the source code. There are a few ways to do this, some more awkward than others (both for the purchaser and the developer). The two worth mentioning are:

Code Encryption

This is the daddy of code protection. If your code is protected by an encryption algorithm then people are unable to look at the source code no matter how resourceful. The real downside of this is that you have to force your users to install additional server software before your code will run on their server. No simple FTP it up and start using it type system; this method is likely to involve your server host and a support ticket or two. An example of this would be any system that uses Ioncube Loader which, I understand to be, the same sort of thing.

Code Obfuscation

This is the lighter and more manageable version of the above. Whenever you look at an obfuscated file it will appear jibberish to the reader. PHP can interpret it because it doesn’t care whether a variable or function/method has a name which is human readable or not. Obfuscation works by removing all whitespace, renaming functions and variables and swapping out ascii text for a different characterset/encoding which is not immediately obvious to a novice that it’s text. Often these scripts make use of nested loops, dummy methods and evaluated code (code as a string which has then had the eval() function passed over it. Base64 encoding is popular but very easy to spot and decode to it’s use is on the decline. No additional software is required to run obfuscated code, it’s just a pain when there is an error in the code and the developer, for example, is on holiday for the next month! The downside of this for the developer is that it can be decoded and reverted to something resembling it’s original form (minus original function and variable names) by simply working backwards. Well… it’s not simple at all but is doable! Many virus script writers use this method of hiding a scripts intention. I have had to decode a few myself and it’s not fun.

Recommendations

My only recommendation is going to be to use neither and just go with a simple product key. Yes you are going to get taken for a ride by some people who want to redistribute it amongst their friends but think about it… they can’t get any updates from you, no support and if their source of the code disappears then they might even come and buy from you in the first place.

The key is to constantly be working on your scripts/applications. Don’t settle on a single version for too long, encourage a good community around the work and most importantly don’t rip people off in the first place… if the price is reasonable then people will happily pay it. A cheaper price is also a nice reason to offer sightly less involved support. It’s also a possible avenue of further income, premium support etc..

The real issue with any form of code protection is that updates and critical fixes won’t work without the original developer putting a new package together and, often, the entire fileset being replaced. If something goes wrong and the developer is not available then the job can not be outsourced which causes more issues. This is why I would always recommend you stand behind a well written Terms and Conditions document which must be agreed before the software can be used. Generally a block in the code is a challenge to be overcome, a legal document that requires signing and makes you liable is not!

Thanks for reading!

nb: example.com, example_dotcomsmate.com and my_premiumscripts.com are fabricated and although they might exist have no relation to the content in this article.

2 comments »

Posted in Personal Blog, PHP, Teaching, Tutorials, Wordpress