Trello coloured lists for Tampermonkey updated to v4.x

Coloured lists make identifying their purpose quicker at a glance
Coloured lists makes identifying their purpose quicker at a glance

This evening I updated a script I first wrote back in March 2014. I wrote about it on the old University of St Andrews web team blog.

The script, which runs in the browser using an add-on such as Tampermonkey, lets you define Trello list titles to search for, and then apply a background colour to it.

Continue reading Trello coloured lists for Tampermonkey updated to v4.x

Managing overlay icons for Dropbox and TortoiseSVN and TortoiseGit

I imagine like many involved in web development, I rely heavily on a number of version control applications: I use Dropbox, Subversion (SVN) and Git.

For years I’ve used the TortoiseSVN client for Windows. It integrates with the Windows Explorer shell making it quick and easy to manage your version controlled code within Explorer.

I like that I don’t need a separate full-blown application that acts as an interface between the code on my PC and the SVN repository; I like that I don’t need to use a command prompt; but I love that TortoiseSVN adds overlay icons to tell me the state of each file (is it up to date, changed, added, etc.?).

These folders are all up to date, and in sync with the SVN repository.
These folders are all up to date, and in sync with the SVN repository.

Recently I’ve started using Git at work and so I’ve also installed TortoiseGit which does something similar.

This is the Bootstrap repo cloned to my PC.
This is the Bootstrap repo cloned to my PC.

And of course Dropbox does the same: it shows you which files have been synchronised with the cloud, and which are in the process of uploading.

My Dropbox folders are up-to-date, synchronized successfully with the Cloud
My Dropbox folders are up-to-date, synchronized successfully with the Cloud

The problem

The problem, though, is that each of these applications uses multiple overlay icons but Windows only uses the first 15.

TortoiseSVN and TortoiseGit both use the same nine icons:

Nine folder, each has an icon on top of it such as ticks, crosses or pluses.
TortoiseSVN and TortoiseGit both use nine icons.

Dropbox uses eight icon overlays. If you have OneDrive installed (which you will if you use Windows 8 or above) then it uses three. And Windows itself uses a few to indicate offline files or enhanced storage.

That’s 22 icon overlays, and like I said: Windows only uses the first 15.

So, inevitably you end up with some icons missing, and depending on which these are it can make life just that little bit harder when trying to figure out quickly whether a file is in sync or not, or whether it’s not even been added.

That means you need to make a choice about which icons you want to use and which you don’t.

How to fix it

The most straight-forward way to do this is by editing the Windows Registry.

The icon overlays can be found in the following key:

Computer \ HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Explorer \ ShellIconOverlayIdentifiers

It turns out you can safely rename the folders which will reorder the icons. The folders are just containers for the real information contained within them.

1. Backup

Export (backup) the ShellIconOverlayIdentifiers folder in its entirety, in case you need to restore it later.

2. Prioritise which icons you need

My current preference is for the following:

  1. 1TortoiseNormal
  2. 2TortoiseModified
  3. 3TortoiseConflict
  4. 6TortoiseDeleted
  5. 7TortoiseAdded
  6. 8TortoiseIgnored
  7. 9TortoiseUnversioned
  8. DropboxExt1 (green Synced)
  9. DropboxExt2 (blue In progress)
  10. DropboxExt5 (red Sync problem)
  11. DropboxExt7 (grey Folder not synchronizing)
  12. EnhancedStorageShell
  13. SkyDrivePro1 (ErrorConflict)
  14. SkyDrivePro2 (SyncInProgress)
  15. SkyDrivePro3 (InSync)

You can use whatever naming convention you prefer. I rename the original folder names with a number prefix and an underscore, e.g. 01_1TortoiseNormal. Folders that I want to drop to the bottom I prefix with a simple x, e.g. x5TortoiseReadOnly.

UPDATE: Some users are reporting that they prefix with a space as this appears to be the trick that OneDrive/SkyDrive has used.

In regedit it looks like this, with the unprioritized icons dropping to the bottom of the list.

List of registry keys
List of registry keys

3. Restart Explorer

  1. Close any Windows Explorer windows.
  2. Press Ctrl+Shift+Esc to open Task Manager.
  3. Look for Windows Explorer listed under “Background processes”.
  4. Right-click it and select “Restart”.

Your taskbar will disappear a couple of times as the Explorer process is restarted, but you should now see all the overlay icons you want within your folders.

(Currently I’m having issues with OneDrive — formerly SkyDrive — but as I don’t rely on it for too much I’m not that bothered, to be honest.)

Backpack hack

Cabin Max Tallinn
Cabin Max Tallinn – Flight Approved Backpack for EasyJet & BA hand luggage

About a year ago I bought myself a new backpack, the Cabin Max Tallinn, for about £25. The reviews were favourable (average of 4/5 stars) and when it arrived I was delighted with it: mainly because it was more compact than the large rucksack that I bought for a trip to California about a decade ago.

I packed it and headed off to Glasgow and then London to seek my fame and fortune attend the first NYCGB Alumni choir singing day. It was a timely opportunity to road test the bag.

That four day trip identified two main issues. This wasn’t quite the bag that I thought it was.

However, I don’t like throwing stuff away, and I don’t like sending stuff back because it’s not 100% what I want it to be. This bag was about 95% the way there. I like the whole computer hacker culture (not to be confused with the illegal ‘cracker’) so…

Open zipped pocket

Zipped pocket that I've now sewn up
Zipped pocket that I’ve now sewn up

The first issue was that in the middle compartment there was a small, meshed pocket with a zip. I looked at that and thought it was the perfect size to store a passport, for example.

There was one small snag: the top of the zip wasn’t sewn down. So even when the zip was closed you could still slide items into the meshed pocket beneath the zip.

Who designed that?! It was like a shirt pocket with a redundant zip sewn into the top seam.

I wrote to Cabin Max and asked if this was a fault or a feature. It turned out to be a feature. I told them this was ridiculous and whoever it was I corresponded with agreed and said that she would pass on my feedback.

So I got my sewing kit out and completed the job: I sewed the zip down so that when the zip was closed it was… well, closed.

No inner straps

Cabin Max Tallinn inner straps
Cabin Max Tallinn inner straps

It wasn’t until a later trip last year that I realised there was another problem: if I didn’t pack the back completely full (as I had done for the London trip) then my clothes and whatever else I put in the large, main compartment just rattles around in there.

What this bag was missing, that every other rucksack or suitcase I own has, were straps inside that would allow me to tie down whatever I place into the main compartment.

So today I added my own. Having bought a couple of quick release tie-down straps online last week—the kind that people use for strapping things to their golf caddies (I believe)—this evening I measured them up (using the straps in my giant rucksack as a template) glued them in and sewed them down. Job done.

This weekend I’m heading to Sheffield for the second NYCGB alumni concert. I’ll report back how I get on with my two alterations to my bag.

My mouse pointer kept getting stuck between monitors in Windows 8.1

My mouse pointer kept getting stuck at the edge between monitors
My mouse pointer kept getting stuck at the edge between monitors

A couple of weeks ago I noticed a strange behaviour with Windows 8.1. I have two monitors and whenever I tried to move the mouse between them my mouse pointer got stuck in the middle.

I would have to back up the mouse pointer then move it really quickly to get over the ‘hump’, and reach the next monitor.

Not the charms bar

At first I thought it may be caused by the Windows 8 charms bar. So I switched off the top-right corner navigation under Charms bar > Settings > Change PC settings > PC and devices > Corners and edges.

But it turned out not to be that. The mouse pointer blocking behaviour continued.

Not ModernMix

My attention then turned to ModernMix™, a Windows 8 application from Stardock that allows Modern (Metro) apps to run in a standard window on your desktop.

I had noticed this behaviour only after I had installed ModernMix, so I reasoned that it must have caused it. And sure enough uninstalling ModernMix seemed to stop the behaviour… until I rebooted the PC.

But I didn’t discover this until after I had emailed Stardock support.

Registry hack fixes it

Stardock support were incredibly helpful. The following day I received this reply:

While I can reproduce what you are seeing, I can do so without MM installed. It seems it is a thing with 8.1:

http://winaero.com/blog/fix-mouse-pointer-sticks-on-the-edge-when-moving-between-multiple-monitors/

Please let us know if you should have any further questions/concerns.

And sure enough, the Winaero blog had the solution:

  1. Open Registry Editor (Ctrl + R, then type: regedit)
  2. Navigate to HKEY_CURRENT_USER \ Control Panel \ Desktop
  3. If there is not a DWORD (32-bit) Value called MouseMonitorEscapeSpeed then create one and assign it a value of 1.
  4. Navigate to HKEY_CURRENT_USERSoftware \ Microsoft \ Windows \ CurrentVersion \ ImmersiveShell \ EdgeUI.
  5. If there is not a DWORD (32-bit) Value called MouseMonitorEscapeSpeed then create one and assign it a value of 1.
  6. Reboot Windows, or restart the Explorer shell.

Hacked (pt.3) or how to clean a compromised WordPress site

The word 'hacked' within ones and zeros.
Source: iStock (10623991)

This is the kind of post that I’ve thankfully not needed to post for over nine years. Today one of my WordPress sites got compromised.

It all began with an email this afternoon from AntiVirus a WordPress plugin that scans your theme templates for malicious code injections. The email read:

The daily antivirus scan of your blog suggests alarm.

I had to laugh at the phrase “suggests alarm”. But after I laughed, I accepted their suggestion and for a few moments felt alarm, before realising that panic was no use and besides, I knew what to do.

Two candidates

I’m still not 100% sure what caused the code injection but I currently suspect two potential sources of infection:

MailPoet

I may have been one of 50,000+ victims of the MailPoet vulnerability that was made public days before I went down with viral meningitis! I had that

As the MailPoet site states:

There was a security issue in all the versions of MailPoet lower to 2.6.8, this security issue was making your site highly vulnerable (blog post).

It can really only have been a plugin vulnerability as I have to manually unlock FTP access whenever I want to upload anything. So it had to be an ‘inside job’. And I had MailPoet (formerly WYSIJA) installed that account.

Outdated theme

Alternatively, it may have been a premium theme that I was using that had the Slider Revolution plugin embedded. This was reported to have a critical vulnerability last month.

I thought I had patched it…, but, perhaps with my meningitis-muddled head I didn’t do it properly.

How to clean an infected WordPress site

Whatever it was, it injected a bunch of obsfucated code into the top of all the PHP files on that site. A give away was that in the WordPress plugins screen all the plugins were disabled and reporting “the plugin does not have a valid header”.

If something similar happens to you, then you might find the following steps useful:

  1. Change passwords for:
    1. WordPress admin
    2. FTP
    3. MySQL database
  2. Backup all the files on the site. (That took ages!)
  3. Delete all WordPress core files including themes and plugins (Do not delete user-uploaded content, e.g. images, PDFs, etc.)
  4. Download clean installation of WordPress.
  5. Upload clean WordPress files (except wp-config-sample.php).
  6. Rename wp-config-sample.php to wp-config.php, update with database details and upload.
  7. Upload a clean version of your theme (remove themes that you are not using).
  8. Install and activate required plugins including antivirus and security plugins.
  9. Check other PHP files for compromise, not just WordPress files.

I found this post on the WordPress support site useful: I am getting hacked evry two weeks? Help please. There are some useful links listed on how to clean a WordPress installation.

The main lesson for me to learn from this episode is to make sure I never get viral meningitis again when there are two (or more) critical vulnerabilities in the wild!

Oh, yeah, and always keep your WordPress themes and plugins updated… and if in doubt just delete them before they can cause any problems.

Update

Sunday 19 October 2014

It looks like, based on this blog post from Sucuri WordPress Websites Continue to Get Hacked via MailPoet Plugin Vulnerability that the source of the infection was indeed MailPoet.