WordPress custom menu fields

I’ve packaged-up a plugin that I wrote a while ago for a project that I worked on which required a WordPress site’s menu items to have a separately addressable excerpt field which could override the linked page’s in-built excerpt.

The plugin that I’ve now released was half of the resolution to this requirement, which allows for simple programmatic field additions to the menu system.

Custom Menu Fields is available at the plugin repo.

To use this plugin all one needs to do is install and activate the plugin as normal and then include a snippet like below in their theme’s functions.php (or custom plugin code. Just be sure it loads earlier than the init action!):

<?php add_action('init', 'menu_excerpt__add_menu_field'); function menu_excerpt__add_menu_field() { if (!is_callable('bh_add_custom_menu_fields')) return; bh_add_custom_menu_fields(array( 'excerpt' => array( 'description' => 'Excerpt', 'type' => 'textarea', ))); } ?>

Now you can get access to the ‘excerpt’ field by using the attribute on the menu variable you assign when you get the menu from WordPress.

e.g. to print the excerpt created above:

$menu = wp_nav_menu('theme_location' => 'your-theme-location-name', 'echo' => false); print $menu->excerpt;


We all receive them, and we all ignore them, but sometimes they can reveal interesting things. e.g.

Don’t you love spams that come from a n00bie spammer who just paid for access to a “one-click spam everyone” tool, but didn’t read the documentation? What follows below is a true spam that I received today with no alterations whatsoever (excepting the headers which I’ve removed from the top of the message to try to reduce its size a bit – they have no bearing other than to detail how Google delivered it. The subject is an interesting one, because I didn’t know “Lucas” was in a “Star Wars legal fight”. However, the important bit to note about the email is the address they try to send me to.

Subject: Lucas loses Star Wars legal fight
Date: Sat, 30 Nov 2013 21:58:47 +0400
From: "::Pharmacy Exspress::"<>
Message-ID: <>
X-Priority: 3
X-Mailer: PHPMailer 5.1 (
MIME-Version: 1.0
Content-Type: multipart/alternative;

This is a multi-part message in MIME format.
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="iso-8859-2"

 The new joy of ssex life!!!Solutions for providing a volcano power to you in bed. Your girl will be amused with how steady and wooden your bone-on is! This is a super pilule for every man!http://ssseexkxual.{dom}/?vdvbvivgvfvedj

Content-Transfer-Encoding: 7bit
Content-Type: text/html; charset="windows-1250"

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
  <body bgcolor="#ffffff" text="#000000">
    <CENTER><DIV style="margin: 0 auto;text-align:center;width:350px;"> 
<DIV>The new joy of ssex life!!!</DIV>
<hr width="200">
<FONT face="Tahoma" size="2">Solutions for providing a volcano power to you in bed. <br>Your girl will be amused with how steady and wooden your bone-on is! <br>This is a super pilule for every man!</FONT>
<hr width="200">
<A href="http://ssseexkxual.{dom}/?vdvbvivgvfvedj"><B>http://ssseexkxual.{dom}/?vdvbvivgvfvedj</B></A>


Yes, folks, it really is the age-old “I’m too stupid to fill out all the replacements properly when mail-merging” problem. Only in this instance it successfully prevents me from looking a fool by clicking the link and signing up to whatever they’re advertising and not receiving anything other than a hefty bill from fraudsters. Wait, stop looking at me like that; it only happened that one time!


Virtual-host setup for client development sites

What follows is a response to many requests about how to set up a local environment of WordPress.

The manual way

This first list is how my colleagues taught me to set up development sites on my local PC such that each client gets their own URL which maps to This keeps WordPress happy and makes isolation simple and effective.

  1. edit /etc/hosts (or on Windows c:\windows\system32\drivers\etc\hosts) and add an entry for <client>.dan utilising a unique top-level-domain and pointing it to
  2. create an, or copy an existing, apache virtual-host configuration for the new development domain and point it to wherever you want to keep your client’s development site
  3. unzip WordPress to the filesystem location you set in your apache virtual-host configuration
  4. navigate to http://<client>.dan/ and run through the WordPress installation routine

After following those four steps you now have a working WordPress installation under a potentially unique domain name to test your code and design as you build it.

The automated way

So, you’re asking what’s wrong with this setup given its numerous advantages? Well, consider mobile web development work where you need to test your development site on a physical handset. You could try to find some way of forcing the in-built web browser of the phone to reach http://<client>.dan/ via your PC’s Local Area Network IP Address. That is, however, time-consuming at best, and at worst will need a custom development effort into a wrapper application which you create yourself with no intention of releasing or supporting just to view an in-progress site.

Here we go, how I set up my development sites:

  1. unzip WordPress into /data/<client>/htdocs
  2. navigate to http://<client> and run through the WordPress installation routine

Wasn’t that a lot simpler?!


My way solves the problem I highlighted above of testing the client site on a mobile device because I created a resource record in the Domain Name System (DNS) which points to my local PC’s current IP Address. I can change this at will when I develop on a different network, and all client sites update en masse. (The record has a 5-minute Time to Live which allows for updates to happen very quickly unlike the rest of my DNS records which all take 24 hours minimum to update.) Using a DNS-based approach also means I don’t need to edit my hosts file for every site I want to develop.

Apache is the second part of the equation. I get around the issue of having to create a new virtual host configuration for each client by utilising Apache’s mod-vhost_alias, which allows for using part of the requested domain name in the path used to serve each site’s files.

My one and only apache virtual host configuration file is below:

<VirtualHost *:80>         ServerAlias *         VirtualDocumentRoot /data/%1/htdocs <Directory /data/*/htdocs>                 AllowOverride all                 Order allow,deny                 Allow From all                 Options followsymlinks <Directory>         ErrorLog logs/error_log         CustomLog logs/access_log combined </VirtualHost>

This configuration tells apache that we’re serving all development sites from /data/<client>/htdocs where <client> is taken from the domain name used to reach the web server, i.e. http://<client>


SSH connection rate limit bypass

I’ve got a client who uses a third-party for their hosting and not allowing my company to do so ourselves. A problem arose recently due to this third-party having instituted a rate-limit on TCP Connections such as SSH and HTTP along with fail2ban. Because it’s a third-party, and we’re not contracting them ourselves, it’s difficult to get information about exactly what triggers the rate limit blocking.

Now as part of my work for this client I need to update their site from time-to-time. For this I use a scripted deployment which uses SSH and RSync to copy files to the server and move them into place. This script uses several dozen short-lived SSH requests in the space of about a minute to do its work. You can see where I’m going here, right? These several dozen requests are enough to cause the block to shut me out mid-way through my deployment leaving my client’s site in an inconsistent state.

This is where SSH Pipelining comes into play…


So SSH allows for a little-known mechanism that creates a SSH connection and then detaches from the console leaving the connection active but in the background. The relevant incantation is:

ssh -nNf -o ControlMaster=yes -o ControlPath="$HOME/.ssh/${HOST}.sock" ${USERNAME}@${HOST}

This isn’t especially useful as is but becomes powerful when you start to re-use the connection for a scripted operation. To run a command on the remote host through the already established connection, you would call SSH thusly:

ssh -o ControlPath="$HOME/.ssh/${HOST}.sock" ${USERNAME}@${HOST} /path/to/command

And the only piece left missing is RSync:

rsync -e "ssh -o ControlPath='$HOME/.ssh/${HOST}.sock'" -rz --delete local/path ${USERNAME}@${HOST}:remote/path

Once you’re done with the connection, you can close it with:

ssh -O exit -o ControlPath="$HOME/.ssh/${HOST}.sock" ${USERNAME}@${HOST}

30 and Flirty?

I’ve reached the grand old age of 30 years young. I’m wondering if the term “30 and Flirty” as featured by Jennifer Garner in the movie “13 going on 30” is a suitable term to give to a person of a certain age who happens to find themselves single. I don’t mind the odd flirt every now and then, but truth be told I don’t know when I’m doing it. Flirting has always been a grey area for me, and, with many girls as friends in past life, I think I’ve been flirty with all of them all the time. Which has inevitably left me being accused, on occasion, of trying to take other people’s partners despite that being far from my mind.

And then we get to today, where I’ve found myself at half-way to the new fifty, single, with no children, looking around and seeing everyone around me is already attached and forking off sprogs. Both my Brother and Sister are married-off to partners they’d both been with for ages by the time they’d got to this milestone age. Have I been left on the shelf or am I my own worst enemy when it comes to love?

Answers on a postcard.

So, it’s all bad then? Well, no, not quite. I have a job that I love and colleagues that are awesome. Plus, I have Bowl Hat and the ventures related to that to keep me occupied out-of-hours. While I love Bowl Hat and hope that one-day I can make it self-sustaining monetarily I do need to pay the bills, and so I have left this site, related ventures and their trickle of income to languish while I establish myself at my “place of regular employment”™; they must and will always take precedence over my personal projects.

As to work, I’ve now got several projects that I can cite on my personal portfolio, but it would probably be morally objectionable to put them on here, plus I’m not allowed to divulge specifics without prior approval. Instead I’ll leave you with some juicy soundbites. At Bang Communications I have been/am part of the team that produced/es: a national (British) election information website, several multinational infomercial sites, a heavily-used web-app stakeholder management system, several intranets for various clients including governmental, and large international public-sector websites.

As you can see, I’m involved with some heavy hitters! My main work at Bang involves WordPress regularly and Drupal intermittently when specifically requested.


Adobe: WHY?!

The topic of this post begins with Adobe. And ends with more frustration.

Yes, I’m fed up with Adobe claiming to be the Web Developer’s go-to guy for software to enable advanced techniques in building the future Web. I’m fed up with them claiming that and then conspicuously ignoring a large part of the developer market who use Linux as their main operating system of choice.

This rant comes from spotting the release into the wild of Edge Reflow a tool to aid the development of responsive websites. Windows [tick]; Mac [tick]; Linux [huh?].

While I appreciate that most of the Design community run Macs and OS X on their workstations, developers invariably don’t. And in my experience, they don’t run Windows either. So, as Edge Reflow has no export ability, and Edge Reflow doesn’t work on the developers’ workstations, Adobe seems to think the way forward is for Designers to copy and paste CSS code (presumably into an email?) so that a Developer can re-create their hard-crafted design!?!

A Designers’ job is to design, not mess about with code! Yes, I appreciate some designers can code, but that isn’t a requirement for the job, just like design isn’t a requirement for a programmer’s role. Coders code, and Designers design! Expecting, nay REQUIRING, cross pollination of role between the design and code is going to leave the boss wondering why he employs two people to do the job when his designer, who has learned all the code to be able to convey his design to the developer, can do it all himself. Thereby leaving the Coder out of a job.

Adobe is achieving three things:

  1. reducing market penetration potential, and therefore revenue, of Edge products,
  2. alienating their Designer market by requiring them to learn code, and,
  3. putting Coders out of jobs that they’re much more suited to do than their Designer counterpart.

Here ends the rant. My message to Adobe is simple: either embrace the development community or get out of web building altogether!


Followup – Freedom and Net Neutrality

This post is a follow-up to my post of February 2011 in which I talk of the potential issues of Net Neutrality sparked off by the Egyptian regime of the time cutting off the Internet in an attempt to control its populace.

The Pirate Bay

Several ISPs have recently been forced by the British Courts to use technology, that they own for controlling child pornography passing over their networks, to prevent users of said ISPs from accessing The Pirate Bay bit-torrent indexing site. This is a victory for the RIAA and BPI et al in the fight against piracy. However, the implication is that ISPs can be forced to block access to arbitrary websites, and they have proven the technology is implemented which is able to do so.

Net Neutrality

The gloves are off now, and the ISPs are potentially going to take this as a signal that they can arbitrarily block random web assets which they unilaterally decide are inappropriate. Alternatively the governments of the world may see the potential to legislate more blocks in law using weasel-words in the legalese to create broad strokes which allow blocking completely unrelated and otherwise legal web properties for no reason other than somebody somewhere finds it distasteful.

Editorial Discretion

Another issue raised recently was that of Verizon’s petition to the US Government that requests the company be allowed what it termed as “Editorial Discretion”. The premise is that an ISP should have the same control of what a user sees on-line as a newspaper has over what a reader sees in the paper. This needs to be squashed as quickly as possible by the public at large, but I fear that most will be apathetic and ignore the issue. The same wouldn’t be true if the telecoms companies started arbitrarily censuring our phone-calls to one-another based on what we say during the call. And that is what this all amounts to; unilaterally deciding what somebody may or may not do, read, or view on-line is tantamount to censorship. We don’t trust our Governments to censure our media on behalf of the “public good” so why should we trust corporations to do the same but for their own profit and that of their shareholders instead of the public good?!


Poken Verboten

Achtung alles lookenpeepers. Das computen machine is nicht fur gefingerpoken und mitten grabben, Das easy schappen der springenwerk, blowen fusen und poppen corken mit spitzen sparken. Is nicht fur gewerken by das dumkopfen. Das rubbernecken sightseeren keep hands in das pockets, relaxen und watch das blinken-lights.


Computing for an older generation

I came across this video and just had to share it with someone, but I had more to say than would fit into Facebook or Twitter (and who uses Google+?!)

I love that he is so excited that he can barely speak. It’s great that someone from one of the older generations (read: alive before the 1990’s) can get into and find uses for technology that kids take for granted.

With “tablets” and smart phones (iPhone, iPad, Android, and others) the whole landscape has shifted to a point where a computing device can be used by anyone without any prior computing experience or training. Finally, we’re at a point where technology is becoming a facilitator rather than something for only for geeks. These devices are delivering on the unspoken promise that the founders of the internet made to the world; information will be freely accessible by everyone, anywhere, and at any time.

Blog vs

I run a Wi-Fi hotspot using the ChilliSpot software. I have tried both and’s billing services, over the course of two (2) years with about one (1) year on each service. I, unfortunately, did this backwards by moving across to Coova about a year ago in the hopes of finding a more manageable service. I am now going back to has the benefit feature of allocating people a username and password which they may use. This is instead of Coova’s insistence on creating new access codes which the user must check their email for before they disconnect, or they will have to buy more time to regain access again., however, last I used the system, did not allow easy reimbursement to a user following a prolonged network outage. By which I mean when most a user’s access time has elapsed before services come back online., by virtue of tying directly into your PayPal account allows for refunds in the standard PayPal way. also allows for arbitrary access granting via one-time access codes without requiring any further payments. (I am unsure whether does this but hoping for pleasantly surprising information to the contrary.), by utilising a proper payment processor instead of relying upon PayPal’s system, has more of a professional e-commerce feel than’s system. This improves the image of my company.’s reporting features are particularly good and surpass’s by a long shot!

Plus, allows remote monitoring and command execution on my Access Point(s) with no extra configuration required.

All-in-all I prefer for the more professional system when comparing to and will be glad once I get the transition back sorted.