And Now, A Word From Our Reader(s)

At least, I hope there’s more than one out there.

Yes, at long last I’m launching the comment system. That’s it down at the bottom of the page. What, you don’t see it? Well, it only appears on individual blog posts. If you are reading this as a list of several (which is what you get if you click on the Musings link) just click on the title above and you’ll get this post on a page of its own, with comments below and a large green form for posting new comments under that.

Writing this took MUCH longer than I thought it would. And there are still a number of things that aren’t quite the way I’d want them, and which I’ll eventually fix. Until then, hopefully it will work without too many glitches. There are still a few bugs I haven’t tracked down (if you get a “database error” when trying to post, do a preview first, then a post and it should work. That one’s intermittent and I haven’t been able to recreate it on my test system).

Assuming this works (or mostly works) I now have the same functionality I had back in June before I started to move off iWeb. And aside from a few Construction pages I’m still working on, I have all of the content live again too. It’s been quite a diversion, but I hope I never have to do anything like that again. Fortunately this new website should be easily portable if I ever need to change hosting providers, and my current one, Little Oak, is excellent so I shouldn’t need to.

If for some reason commenting doesn’t work for you, drop me an email using my address on the About This Site page, and I’ll see what I can do.


How it Works


It’s pretty simple. You can post anonymously or using a name with an email address. The latter creates an account, and you can leave it like that (needing to know only the name and email to post) or add a password. See the Posting FAQ for additional info. To post your first message:

1) Pick a name you want to comment under, and enter that and your email address. The email will be stored internally but not displayed.

2) Type in a comment. Review it with “Preview” if you want, and when it’s done click Post. Names and comments can use just about any Unicode characters (even Japanese) and can be mixed case and names can include embedded blanks (“Joe Smith” is the same as “joe smith”, and either is legal).

3) When prompted to re-enter your email, type the same email address in the original field (that can happen on a Preview or Post). At the same time, select the icons from the list that’s now being displayed (there’s a checkbox under each image; just click on the ones under pictures of trains). That’s to separate the humans in the audience from the spambots. I rather doubt anyone’s bothered to create a spambot that knows what a train looks like, and I figure my readers are probably pretty adept at distinguishing trains from flowers and random other images.

Note: apologies to any sight-impaired readers; I’m aware that visual systems like this are a real pain for you. I have some plans for a method to supplement the pictures with audio cues, but that’s going to be a future augmentation and likely not any time soon.

4) After the posting is made, you can see it on the list above the form. You’ll note there’s an edit button there. That’s live for 24 hours after posting. If you click it, the current text is placed in the editing box, and you can edit it, preview it, and Store it (the Post button became a Store button). If you change your mind, the Edit button up on the list of messages is now a Cancel button, or you can just close the window. Hitting the backarrow probably works too, but I haven’t tested that kind of thing extensively.

5) The other thing you’ll see after posting are some fields and buttons. You’re logged in now, and can edit the account you just created. If you come back later, you can log in again using your name and email with the Validate button. Or you can set a password now, and then to log in you’ll need to Select “Name with Password” and enter the name you used to post with and the password you set, which is a bit more secure.

Note: please don’t forget your password. There’s no password recovery feature, so you’d have to talk me into removing the password so you could log in via name and email, and I really have other things I’d rather be doing.

You don’t need to log out, just close the browser window. If you’re using a public computer, clear any history after closing the window to make sure someone can’t replay your session (the authentication credentials will stop working fairly soon after you stop using the computer, but not immediately).

One thing to be aware of: moving to another page, including another page you could comment on, logs you out (yeah, one of the things I need to fix).


Other Features


You’ll see a “Mark as Inappropriate” button on some posts. For a limited time after posting that’s live. If you think a post is spam or flamebait, you can mark it. Enough marks from different people and it gets locked and hidden until I review it. Please don’t use that button if you merely disagree with the poster. Hopefully we’re all adults here (mentally, regardless of calendar age).

Anonymous posting is also possible, if you don’t want to create an account. Just select Anonymous, the third option in the set of authentication methods. When you post as anonymous your post is hidden until I review it, and once it appears you can’t edit it, but all that is listed on it is the name “Anonymous” and the country from which it was posted (internally I store address information to let me deal with abusers).

Posts can be made on any Musing for two weeks after it goes up. Beyond that, they’re locked and you can only view the old ones. As a one-time thing, I’ve enabled posting to all of the Musings put up since the start of the year for that two week period, so you can comment on any of the recent ones.

There are two ways to add an avatar to your posts (as long as you aren’t Anonymous): you can use a Gravatar or a Pavatar (the latter is a bit hard and only works if you have your own website; it’s there for people who don’t like using services like gravatar.com). I recommend using a Gravatar if you want one, it’s dead simple to use. Just go to gravatar.com and follow directions to create a gravatar for the same email address you used to post. Because Avatars are associated with your account (through either the email or website name you give), the same one will appear on all your posts, and if you change it then it will change for all of them.

There’s a Location for each post that defaults to the country associated with the IP address you posted from. If you don’t want that to appear, set the Location string (yet another thing associated with your account, which will appear on all posts). Everyone will then see your location string rather than the country (well, everyone but me; I can see both along with your IP address).

It’s been tested from Firefox and Safari on a Mac, Safari on an iPad, and IE8 on Windows XP.


Why I did it this way


Native stubbornness coupled with a congenital inability to estimate work required? I don’t know; it seemed like the “easy” solution back in September, and by the time I realized it wasn’t I was up to my elbows in PHP and wasn’t about to change course. The worst part was that I had something working early on, which only encouraged me to “finish” it. And I kept adding “essential” features (like Avatars; I spent two weeks on that, what was I thinking? Did you know attack code could be hidden in a GIF? I didn’t, until I ran across advice on how to remove it and felt compelled to implement that to clean up any avatars that might contain it).

The original idea was that I’d use some public domain code (there were a couple of PHP scripts for commenting systems out there). I gave up on that after a quick review convinced me that they weren’t very well written (extremely weak web security that made them likely to be vulnerable to all kinds of cross-site or similar attacks). The normal RapidWeaver approach for blog comments is to use a third-party service, but I didn’t like either of the two options. Another alternative was to install Wordpress (the code, not the service) but that seemed overly complex and had far more features than I needed, plus I’d need to convert all my musings to its format.

So instead I said “I’ll write one, I know HTML and CSS, and it’s just a little PHP script and I always wondered how MySQL worked...” Oh yeah, you’d think after all these years I’d have learned better.

On the plus side, I now know PHP very well (another skill of dubious value) and can actually write a database query that joins multiple tables. Oh, the fun never stops...

We now return to our regularly scheduled model railroading. I think I’m going to take a vacation from the commenting system development (unless something major breaks) and try to really get some work done on the railroad. I have some scenery to make, and a couple of kits to build, not to mention the long-overdue expressway project and the DCC electronics. Time to focus my energy on some of those things.