I’ve gone a week without blogging, that seems like a lot given how much I’ve been updating the last few months. Why? Glad you asked.  I’ve got a lot going on.  Oh, you want to know what? Okay, fine, I’ll tell you.

• My love, neigh obsession, with Full House has taken a step further.  I’ve now built and have been updating a website lovingly called What The F*#k, Full House?! (http://www.wtffh.com). I’ve been pointing out fun bloopers, mishaps, and continuity issues with the show since about a week and a half ago. And it’s fun. Stupid, yes, but fun.
• I’ve also been spending a lot of time doing some code updates for a website for a fantastic charity that I work with: Boston Bakes for Breast Cancer (http://www.bostonbakesforbreastcancer.org).  They’re kick-ass, and you should support them.  Not by donating money (though that’s cool, too), but by buying desserts.  What happens is kind of genius: you (the consumer) go to a participating bakery or restaurant and buy a dessert at any point during the week in May.  That bakery or restaurant turns around and gives the money to Boston Bakes. Who then gives it to Dana Farber.  In 2011 they were one of the top donors in terms of percentage of money raised being donated (no operating costs, etc. taken out of the donation money).  It’s pretty awesome, and I’ve been working with them since 2010. (MJJ Designs, my company, built the website, and have been maintaining it ever since.)
• I started writing a book.  Well, that’s not entirely true.  I wrote a book.  It’s done, and has been done for a couple/few weeks now. (I can’t remember when I finished.)  I’ve sent it off to my buddy who does copy-editing to do a first draft proofread for me.  I’ve also been working on the website for the book.  My plan is to self-publish it through iBooks, Barnes & Noble and Kindle.  They all take a pretty big cut of the money, but I don’t mind. I’m not doing it for money.  Why am I doing it? I have no idea.  It seemed like a good idea at the time.  Note: please don’t ask me if you can read it, it’s not ready yet.  When it is, I’ll gladly refer you to where you can buy a copy though.  It’ll be reasonably priced, I promise. And if you ask nicely, and I like you, I’ll probably just give you a copy. 
  Double note: this is also the first time I’m telling anyone, really.  Though indirectly, you should feel special that you know.  I don’t know why I haven’t mentioned it, but now you know.
• I’ve been planning the rest of my Vegas Vacation slated for the end of June into July.  Probably not the best idea to go out there then, as my skin will cook off of my body. But so what.  I rented a big house just off the strip as it’ll be cheaper than renting multiple hotel rooms for everyone that’s coming.  Should be a great long weekend, and I’m looking forward to it.  I haven’t been on a vacation in five years, and I’d say it’s well deserved at this point in my life.
• I had brunch with my dad and Megan yesterday, which was interesting.  It was the first time I’d seen him since he moved way out to Fitchburg, which if you’ve never been, is like 49 hours away. (Okay, that may be exaggerating a bit, but it’s still really far away.)
• I have a ton of to-do tasks in my task manager for this week, and they’re glaring at me right now.  I hate being responsible, I really really do.

There you have it, a nice orderly list of what’s been going on in my life.  Don’t you feel better about yourself?

As you may (or may not) know, LiveUniverse is a company that provides the ability for website owners (ie; me) to put ads on their site, and make money from it.   Rather than going out and trying to sell ads yourself, LiveUniverse sells them for you, and pays you when you put them on your site. Simple, right?

Not so simple.

In August of 2007, I was contacted by Rob Ellis, who was a “VP” at Peerflix Media.   He promised that we’d make money with our website MovieSnobs, and all we had to do was put an ad on the site, and they’d pay us a monthly fee.   Seems easy, right?

Well, we signed the deal, got our bonus check and things were perfect.   Until LiveUniverse bought Peerflix Media in August of 2008.   (“Publishers” were not notified ahead of time, we were just sent an email letting us know it happened.   I got mine August 11th, 2008.)

Our account manager (if you can even call her that) assured us that our relationship would continue, and we’d be paid the same amount.   She was unsure if there’d be a delay in payment for July or not, but would let me know.

I e-mailed her once every three weeks until November 3rd, when her e-mail no longer accepted incoming mail. (Along with any other @peerflix addresses.)   I tried calling Rob Ellis, the “VP”.   His phone number was disconnected.

I shut down the Peerflix ads on October 31st.   I ran them in July, August, September, and October, and LiveUniverse owes me for those four months.

No one from Peerflix or LiveUniverse has responded to a single message I’ve sent about this.   Another publisher had luck getting the moneys he was owed, by putting up an anti-LiveUniverse website.   It seems the only way to get any attention, is to make net-waves.   So, LiveUniverse, you twisted my arm.   I’ll be sure to spread the word about what a horrible company you are to everyone I know.

If I had the money to start a class action suit against you guys, you bet your asses I would.   But I’m Mr. Lowely Blog owner, and you’re Mr. Big Corporation.   No doubt who’ll win that monetary battle.   I assure you though, I’m not going to give up until I’m paid every cent I’m owed.   And if you think you can bully me to stop telling people that your company sucks… good luck.

To sum up, if you’re a blog owner, stay away from LiveUniverse.   They’ll inevitably screw you in the end.   Just Google it, there’s hundreds (if not thousands) of us former Peerflix folks that got screwed out of money.

I ask one last time: Peerflix/LiveUniverse; pay me my God Damned money.

I got tired of the old design for this site, so I updated to a new theme.   Still modifying it completely, but here it is.

Also, I had to move the photos from the old gallery into a WordPress powered one, which was a pain.   So, while the images now have the ability to have titles and descriptions, they mostly don’t (aside from the RockBand BandMate gallery).   I’ll be doing that over the next few weeks/months, and will do it as I add more galleries.

Hope you enjoy the new design as much as I do.   I’ll probably get bored with it in a few months, anyway. So if you hate it, come back in a little bit, and there’ll most likely be something new.

If you’re like me, and run a bunch of WordPress sites, you get annoyed when a new release is available, mainly because it takes so long to upload all of the files.   Also, if you’ve modified any of the core code, you don’t want to have to re-do that (also, like me.)

I’ve gone through and pulled out the files from 2.6.2 that have been changed, and are therefore part of the upgrade.

2.6.2 Changed Files Zip
2.6.2 Changed Files RAR

Both contain the same files, but depending on whether you prefer zip or RAR, you’ve got the option.   The compressed files contain only those files that have changed, and need to be uploaded:

• wp-login.php
• wp-settings.php
• wp-admin/css/press-this-ie.css
• wp-admin/import/textpattern.php
• wp-admin/includes/image.php
• wp-admin/includes/template.php
• wp-includes/formatting.php
• wp-includes/pluggable.php
• wp-includes/post.php
• wp-includes/query.php
• wp-includes/version.php
• wp-includes/widgets.php

Just upload those files, overwrite your existing ones, and you’re good to go without waiting forever for the ten zillion other WordPress core files to upload.

Working for a fairly large webhost, I often see people who got “hacked”, and their websites destroyed.   I often laugh, because people don’t often get “hacked”, but often simply have their password guessed, which gives the “hacker” full access to your site, account, and files.

98% of the time, that’s the case.   Given, there’s always the chance that someone got root access to your server, and really did “hack” you, but that’s very rare in today’s day and age.

So, I often laugh, until it happened to me back mid-June.   I noticed I couldn’t load the stats pages for any of the sites in my hosting account (of which there are quite a few), so I contacted my host.

Their response was “The page won’t load because it’s 0kb”, a file size of zero? That stats package has worked for years on some of my domains, I thought that was odd.

So I uploaded a new version, and went on about my business.

Hours later, I realized I should go through FTP, and look for other files that had been modified recently.   Sure enough, every index.html and index.php file, in every domain, in every subdirectory had been modified.

The “hacker” (read: bored kid in some random European country) added some code to all my pages that was supposed to redirect a visitor to a spam site.   Luckily, he did it wrong, and none of my visitors were affected.

Needless to say, I was bullshit.   I spent a few hours going through, and removing all of the code, by hand.   I got annoyed, and finally asked one of the guys who works for me, for help.   He wrote me a nifty little bash script that I could run.   Luckily, my host gives me SSH access, and I managed to run it against my entire account, and clean out the rest of the modified files, without issue.

The reason I got hacked? Simple. I had a stupid, easily guessable password.   Exactly what I laugh at our customers for.

So, I panicked.   I went in, and first changed my hosting and FTP passwords.   I then thought about how to change my MySQL password.

The problem with that is complex, but follow me.   If I change the password on the MySQL server, my sites will go down, until I update them one at a time.

If I change my password in the sites, they’ll go down until I change it on the server.   Follow?

So I opted to create a new MySQL user, with a new password all together.   I then (using the same find and replace code from earlier) updated my username in all my scripts, then my password, and voila, back up and running.

I then began thinking about how to protect myself, should this (or something worse) happen again.   I looked for scripts that I could run on the web server, to backup my sites and databases, but couldn’t find anything that would work.   I then stumbled upon HandyBackup, which runs on my computer at home.

It simply connects to your account via FTP, and downloads all of your files to your computer.   This is great, assuming you’ve got storage space to keep all those backups around.   If you upgrade, you can also have it burn to DVD automatically, but that’s costly, and not very effective.

So, each night of the week, I have the application connect, and download all of my changed files.   On Saturday night at midnight, it connects and downloads all of the files (changed, or not).   So, at worst, I’m a week out from a complete restore of files.   And any file that’s changed, I’m only 24 hours (at most) out from a clean working version.

It takes up quite a bit of space, because I host a lot of sites, however I think it’s worth it.   It’s also helpful for when you accidentally break some code on a page, and didn’t think to save a copy right then.   You just jump to your backup, and voila.

If you run any website that you “make money” from, or that “is my business!!”, you should take it upon yourself to do the backups, and not rely on your host to do it.   While most hosts do it anyway, some charge you to do the restore. (My company doesn’t, but the company I host with, does.)   You know what they say, if you want something done right, do it yourself.

It seems like every other week, WordPress releases a new version of their awesome software. That’s a good thing, unless you run multiple websites using WordPress.

If you’re in that boat, upgrading all of your WordPress sites might be a pain in the butt, but it’s extremely important to do so.

The main reason for these “dot releases” (ie; 2.5.1) are security fixes. Which means that when someone finds a way to “hack” your WordPress installation, the new release fixes that.

What’s that mean? Well, if you’re running a version that’s old, there’s probably a group of people out there that’ve found a security hole in it.   They can gain access to your account, and cause all sorts of problems for you.

For example, if you’re running WordPress 2.3.2, there’s a very simple “hack” that anyone with the power of Google can do, that can give them complete access to your Admin panel.   And well, you know what they do from there, including deleting everything on your blog, that you’ve ever done.

So, be sure to stay up to date. Always update plugins, always update core code. Always.

Don’t get me wrong, creating WordPress themes is not for the faint of heart, nor for the casual blogger who doesn’t really have a good grasp on developing websites. However, if you know your way around PHP and basic HTML, you should have no issues creating your own theme, or adapting a website into a WordPress theme.

Generally, themes go into the same location, regardless of your blog structure; /wp-content/themes. It depends on what your theme name is, as to what folder you put it in. However, each theme has its own folder, to be kept separate.

When you first install WordPress, you’ll get the “default” theme, which is a great place to start. Usually I copy that folder down to my desktop, and make a clone of it, to work off of.

A theme needs to consist of a few basic files, to make it work:

• index.php
• style.css
• comments.php

You can take it a step further, if you want to easily update/change aspects of the design, and add in a header.php and footer.php. For this example, we’ll use header and footer.

At the top of any existing theme’s CSS file (or when creating a new file), you need to always ensure that you’ve got some information to let WordPress know what the theme is. It’ll generally look like this:

/*
Theme Name: What do you want to call your theme in WordPress?
Theme URI: Where you downloaded the theme from
Description: any details?
Author: your name
Author URI: your URI
Version: You don’t need a version, but can put one in here if you want to.

General comments/License Statement if any.
.
*/

This will tell WordPress information about your theme, to display under the “Presentation” tab.

So, you now have your theme set up, but need the files. Why? Simple, to make the theme work. Here’s a quick run down of what each file does.

• index.php – this is the homepage of your WordPress. You can get away with only having an index, if you don’t want to create different pages for each place in your installation.
• style.css – the stylesheet for your design. You should be fairly comfortable with CSS by this point, if not, there’s a ton of resources available on the internet.
• comments.php – this is the template for what your comments page/form will look like. If you don’t have one, no one will be able to comment on your WordPress
• header.php – this file can be included at the top of all of your “pages” and “posts,” so that you can easily change something across all the pages, without editing each one. This is where you include the majority of your design.
• footer.php – same as the header.php, but goes after your content, instead of before. This is where you conclude your design that comes after the “content” or “body” of your site.

Generally, there are a bunch of other files you can include, too; 404.php, single.php, page.php, author.php, archive.php, search.php, etc.

Each page serves a separate purpose. I won’t get into too much detail, as to not confuse you. Here’s a quick example of what an index.php might look like, if you made it yourself:

<?php get_header(); ?>

<?php if (have_posts()) : ?>

<?php while (have_posts()) : the_post(); ?>

<div class=”post” id=”post-<?php the_ID(); ?>”>
<?php the_content(‘<br /><br /><div align=”right”>Continue Reading <?php the_title(); ?> »</div>’); ?></span><div align=”right”><br /><br />Posted by: <a href=”<?php the_author_url(); ?>”><?php the_author(); ?></a> on <?php the_time(‘F jS, Y’) ?> at <?php the_time() ?><br><span class=”postmetadata”>Posted in <?php the_category(‘, ‘) ?> | <?php edit_post_link(‘Edit’, ”, ‘ | ‘); ?> <?php comments_popup_link(‘Leave a Comment »’, ‘1 Comment »’, ‘% Comments »’); ?></span></td>

<?php else : ?>

<h2 class=”center”>Not Found</h2>
<p class=”center”>Sorry, but you are looking for something that isn’t here.</p>
<?php include (TEMPLATEPATH . “/searchform.php”); ?>

<?php endif; ?>

</div>

<?php get_sidebar(); ?>

<?php get_footer(); ?>

So, what does all that do? Pretty simple, I’ll break it down bit by bit:

<?php get_header(); ?> – this bit simple calls my header.php file to be included.
<?php if (have_posts()) : ?> – this is very important, your theme won’t work without it. It simple tells WordPress if you have posts, to do the following.
<?php while (have_posts()) : the_post(); ?> – if you have posts, show them on this page.

This next bit’s a bit more complicated, because there’s a lot of parts to it:
<?php the_content(‘<br><br><div align=”right”>Continue Reading <?php the_title(); ?> »</div>’); ?> – php the_content is what shows your post. The “continue reading part” will get shown if your post contains a “More” link in it. I’ve set this particular one up to show “Continue Reading This Post”, where “This Post” would be replaced by whatever I’m calling the post in WordPress.

Posted by: <a href=”<?php the_author_url(); ?>”><?php the_author(); ?></a> on <?php the_time(‘F jS, Y’) ?> at <?php the_time() ?><br><span class=”postmetadata”>Posted in <?php the_category(‘, ‘) ?> | <?php edit_post_link(‘Edit’, ”, ‘ | ‘); ?> <?php comments_popup_link(‘Leave a Comment »’, ‘1 Comment »’, ‘% Comments »’); ?> – This will simply show: Posted by: Mike (as a link to my author page) on 10/19/2007 at 12:01PM. Posted in Design, WordPress Tutorials, WordPress. Leave a Comment (or if there’s comments, it’ll show the number of comments already left.)

This bit: <?php edit_post_link(‘Edit’, ”, ‘ | ‘); ?> can be a bit confusing. What this does is simply show you a link that says “Edit” when you’re viewing your post, and you’re an admin on the blog. Other people won’t see it though, don’t worry.

<?php else : ?> – Very important to have, this closes the previous bit where we tell WordPress what to do if we have posts.

<h2 class=”center”>Not Found</h2>
<p class=”center”>Sorry, but you are looking for something that isn’t here.</p>
<?php include (TEMPLATEPATH . “/searchform.php”); ?>

Above is a simple include to a search form. In case someone tries to access a URL that doesn’t exist.

<?php get_sidebar(); ?> – includes a sidebar, if you’ve got one.

<?php get_footer(); ?> – includes your footer.

It seems a lot more complicated than it is, and there’s an infinite amount of variables, and things you can do with your theme. I’ll cover some more variables next time, and what they do. Hope this helped get you started.