Firefox might remember old 2FA logins


The third number has a dropdown featuring3 single numbers.

I'm big enough to admit when I make a mistake. A few days ago I had a bit of a rant on Mastodon about how PayPal was encouraging browsers to remember 2FA codes. I'd tried to log in to PayPal, went to enter my 2FA code and was presented with this: But, this isn't PayPal's fault! Let's take a look at the code behind each input: <input name="otpCode-0" id="ci-otpCode-0" aria-invalid="false" placeholder=" " aria-label="1-6" role="textbox" …

Continue reading →

Find the URl causing your WordPress Error


The Logo for WordPress.

PHP has some pretty good error handling and logging, but I do sometimes find it confusing. For example, look at this warning message: [18-Oct-2023 12:34:56 UTC] PHP Warning: Something bad happened in /wp-content/something.php on line 123 OK, so we can go to something.php and scroll to line 123 and try to figure out what's gone wrong. But we don't know which page, post, or URl caused the error. If the error only occurs on /page/test?input=6 and not /page/test?output=7 that would be handy…

Continue reading →

Auth0 - Adding Twitter Screen Names to a User with Actions


Auth0 logo. It looks very boring and corporate.

Grrrr. Auth0 have a nifty service to let users log in to your site using a social network. Users don't need an account with you, they can sign in with Twitter, Facebook, GitHub, etc. But there's a bug which is five years old. Auth0 doesn't show the screen name of Twitter users (e.g. @edent). There was a workaround using their "rules" product. But rules are being removed next month and we all need to transition to "Actions". Why? Because fuck you, that's why. Auth0 have decoded that fixing…

Continue reading →

Review: Runner Diver2 Bone Conduction Swimming Headphones


Product shot of some headphones being immersed in water.

The good folk at Nank (Naenka) have sent me their latest waterproof Bluetooth headphones to review. Wear 'em while you're in the shower, swimming, jogging, or just on an endless sea of Zoom calls about quarterly budgets. Unboxing Bone Conducting??! Yup! Rather than sticking speakers in your ears, these literally rattle the bones in your head to produce sound. It takes a little getting used to, but is rather pleasant. I also find it more comfortable than traditional in-ear products. It…

Continue reading →

Displaying internal linkbacks on WordPress


Screenshot of my website. The headline says "What links here from around this site." Underneath are three links.

I have written a lot of blog posts. In some of those posts I link to other posts on my site. What's the easiest way of displaying those internal incoming links? Here's what it looks like: Code All we need to do is search WordPress for the URl of the current page. Loop through the results. Then display those links. $the_query = new WP_Query( array( 's' => get_the_permalink(), // This post 'post_type' => 'post', // Only posts, not pages "posts_per_page" =>…

Continue reading →

Making a better audio shortcode for WordPress


The Logo for WordPress.

If you use WordPress, you can get a fairly basic embedded audio player by using the audio shortcode: [​audio mp3="/path/to/file.mp3"] I didn't particularly like how it was styled so - because WordPress is so hackable - I changed it! Now my embedded audio looks like this: 🔊 Location Based QR Codes - Introducing http://xmts.mobi/🎤 edent 💾 Download this audio file. It gets a nice border, a title, displays any attached image, and uses the native HTML5 audio element. Here's the code …

Continue reading →

Hiding malicious commands in copy-and-pasted text


The HTML5 Logo.

Quite often websites will encourage you to copy and paste commands into your terminal. There are a variety of reasons why this is bad - not least because someone could hide malicious code. That's usually done with a bit of CSS to make the evil command invisible, or using Javascript to inject something unwanted into your keyboard. Here's method that I hadn't seen before. Copy this code and paste it into your terminal to see your external IP address: Notice anything weird about it? Depending …

Continue reading →

Should Android's Dark Mode Invert Contact Photos?


Monochrome photo of Marylin Monroe. The colours have been inverted and it looks rubbish.

I don't know if this is a bug, or just the way the world works now. Several of the people who live in my phone use artistic black and white headshots. They look very cool. But my Android phone shows their image with inverted colours - so they look like pure shite. Here's what my very real human girlfriend looks like when I ring her to go for brunch: Come the evening, my phone switches to Dark Mode™ - so this is what she looks like when I ring her for a late-night booty call: What's c…

Continue reading →

Book Review: The Cuckoo's Egg - Clifford Stoll


Book cover - illustration of a person sat in front of a computer.

This book is outstanding. It's the mid 1980s, you're administrating a nascent fleet of UNIX boxen, and you are tasked with accounting for a 75¢ billing discrepancy. Naturally that eventually leads into an international conspiracy involving the FBI, NSA, and an excellent recipe for chocolate chip cookies. It is a fast paced, high-tension, page turner. There's also a sweet moral core to the story - as well as the somewhat saddening death of naïvety. It's hard to overstate just how fun this book …

Continue reading →

Use WP CLI to find all blog posts without a featured image - two methods


The Logo for WordPress.

This uses the wp shell command. It gives you an interactive prompt into which you can do various WordPress "things". One small annoyance is that it doesn't like multi-line entry. It treats every hit of the enter key as "plz run the codez" - so, at the end of this blog post, I've put the commands in copy-n-paste format. Once you've installed WP CLIP, go to the command line and run wp shell. You'll be greeted with an interactive prompt wp> Method One - Quick Search This command constructs a…

Continue reading →

Rewriting WordPress's JetPack Related Posts Shortcode


The new layout has 4 items, each boxed off, with a larger image and more distinct text.

I like the JetPack related post functionality. But I wanted to customise it far beyond what the default code allows for. So here's how I went from this: To this: Documentation The complete documentation for related posts is pretty easy to follow. This is an adaptation of "Use Jetpack_RelatedPosts_Raw to build your own list of Related Posts". Remove the automatic placement You can turn off the original "related posts" by adding this to your theme's functions.php: function…

Continue reading →

AI isn't a drill, and your users don't want holes


A confused little cardboard robot is lost amongst the daisies

There's a popular saying; "No One Wants a Drill. What They Want Is the Hole". It's a pithy (and broadly) correct statement. But I don't think it goes far enough. Let's apply the Five Whys method to the issue: No one wants a drill. What they want is the hole. No one wants a hole. What they want is a picture hook. No one wants a picture hook. What they want is art hanging on the walls. No one wants art hanging on the walls. What they want is a pleasant living environment. No one wants a…

Continue reading →