Author: Ipstenu (Mika Epstein)

What They Don’t Tell You

I wear a lot of hats in the Open Source World. I help teams. I represent and direct others. I herd the cats of software. I allow my name to be known. People talk about how we’re doing a good job, working hard, working together trying to make things better. They talk to you about the wonderful feeling of success that comes with releasing a product. They tell you about the joy, the friendships, and the community.

Well. Here’s what they don’t tell you.

They don’t tell you about the bad days.

They don’t tell you about the week you will spend being blamed and slandered and lied about in blog posts and on Social Media because people know half of thing.

They don’t tell you about the fact that you can’t speak up and defend your actions because it’ll make things worse.

They don’t tell you about the subtle misogyny that makes you wonder if it’s there at all.

They don’t tell you about the gut churning nausea you’ll feel about turning on your email and watching wave upon wave of hate-mails come in.

They don’t tell you about the dick pics and come ons.

They don’t tell you that even when you can explain yourself to your friends, you’ll have to make sure they know not to speak up on your behalf because it won’t help.

They don’t tell you that you can make it worse by being outspoken.

They don’t tell you that crying will make people feel they’re right.

They don’t tell you that people won’t even consider that their words cut you to your very bone.

They don’t tell you that even if a great many people respect you, it doesn’t make you feel any better.

They don’t tell you that someone will say ‘it’s all in your head.’

They don’t tell you that you will have to wait it out.

They don’t tell you that you will have to suffer.

They don’t tell you that the phrase “Just joking!” doesn’t ease the wounds.

They don’t tell you that even with all the support in the world, there are days you will feel absolutely, 100%, alone in your community.

All those good and wonderful things? They’re true. And I wouldn’t change the past if I could. Contributing to open source has enriched my life in many ways. It’s taught me more about myself that I could have imagined. It’s taught me how much I can stand and take though. It’s taught me that sometimes, somedays I will stand with my name and my work being spoken ill of, with my actions being second guessed and criticized, and I will have no succor or recourse.

I will have to stand there and take it and wait and say nothing and do nothing except the best I can do.

What’s the point of this? There isn’t one. This post isn’t a cry for help or a request for my friends to come to my defense. It’s a reminder for all of us that these things happen, and there will be days we feel worthless. Where we feel beaten down and angry and that we want to cry or do something and we just can’t because we know in our hearts it will make things worse.

But maybe the point is this.

I feel that way too. Everyone does.

So you’re not alone at all.

Comments on this post have been disabled.

9 September, 2016
Updating Multiple Posts’ Meta
I had 328 posts that I needed to add a meta field value to. Thankfully they all had the same value at the moment, so what I really needed was to tell WP “For all posts in the custom post type of ‘show’ add the post_meta key of ‘tvtype’ with a value of ‘tvshow’.”

That sounded simple. It wasn’t.

Googling “Updating multiple posts” or “Bulk Update Multiple Posts” (with WordPress in there) was frustratingly vague and told me to do things like the bulk edit from the post lists page. Well. Sure. If I added my post meta to the bulk editor (which I do know how to do) and felt like updating them 20 shows at a time, I could do that. Heck, I could make my page list 50 and not 20, and do it in 5 ‘cycles.’

But that wasn’t what I wanted to do. No, I wanted to figure out how to do it faster forever, so that if I had to update 32,800 posts, I could do it in the least CPU intensive way.

PHP

If I was to do this in PHP, it would look like this:
```
$ids = array(
	'post_type' 	=> 'post_type_shows',
	'numberposts'	=> -1,
	'post_status'	=> array('publish', 'pending', 'draft', 'future'),
);


foreach ($ids as $id){
    add_post_meta( $id, 'tvtype', 'tvshow' );
}
```
I picked add_post_meta instead of update_ because while the update will add the meta if it’s not found, I didn’t want to update any of the shows I’d manually fiddled with already. And to run this, I’d have to put it in an MU plugin and delete it when I was done.

Which… Yes. That could work. I’d want to wrap it around a user capability check to make sure it didn’t run indefinitely, but it would work.

WP-CLI

Doesn’t a nice command line call sound better, though? Spoiler alert: It’s not.

I knew I could get a list of the IDs with this:
```
$ wp post list --post_type=post_type_shows --fields=ID --format=ids
```
That gave me a space-separated list

And I knew I could add the meta like this for each show:
```
$ wp post meta add 123 tvtype tvshow
```
But who wants to do that 328 times?

The documentation for wp post meta update said “Update a meta field.” A. Singular. Now it was possible that this could be for multiple posts, since the information on wp post update said “Update one or more posts” and “one or more” means one or more. But the example only had this:
```
$ wp post update 123 --post_name=something --post_status=draft
```
Notice how there’s no mention of how one might handle multiple posts? In light of clear documentation, I checked what the code was doing. For the update function, I found this:
```
	public function update( $args, $assoc_args ) {
		foreach( $args as $key => $arg ) {
			if ( is_numeric( $arg ) ) {
				continue;
			}
```
The check for if ( is_numeric( $arg ) ) is the magic there. It says “If this is an ID, keep going.” And no spaces. So the answer to “How do I update multiple posts?” is this:
```
$ wp post update 123 124 125 --post_name=something --post_status=draft
```
Great! So can I do that with post meta? Would this work?
```
$ wp post meta add 123 124 125 tvtype tvshow
```
Answer: No.

So I took that list, used search/replace to turn it into 328 separate commands, and pasted them in (in 50 line chunks) to my terminal to update everything.

Yaaaay.
7 September, 2016
Optimizing Post Meta Search
While I’m currently using Adam Balee’s technique to add more custom meta to my search results, it had one flaw to me.

See, his search added all the post meta, and really I didn’t want that. While I’m still deep in the woods of getting ElasticSearch to prioritize for me, what I needed was for the search to only look at specific post_meta fields. And for that, I needed to change the search query just a little bit.

The original code has a section where it updates the Where clause:
```
	$where = preg_replace(
		"/$\s*".$wpdb->posts.".post_title\s+LIKE\s*(\'[^\']+\')\s*$/",
		"(".$wpdb->posts.".post_title LIKE $1) OR (".$wpdb->postmeta.".meta_value LIKE $1)", $where );
```
Now originally I thought I could just add on to that, but for just changing it to this didn’t work:
```
	$where .= OR (".$wpdb->postmeta.".meta_value LIKE $1);
```
That’s because there’s no way to know what $1 is. I tried this as well but it didn’t work:
```
	$where .= " OR ( ".$wpdb->postmeta.".meta_value LIKE '%".$wp->query_vars['s']."%' )";
```
So accepting I would have to keep using preg_replace I thought about what I was searching and what I wanted. I didn’t want the search to show every character with the tag ‘homosexual’ for example, because that was a custom taxonomy and people can look for that if they wanted to see all the homosexuals. That meant I trimmed down the list of meta fields I needed to search.

My final result was this: chars_actor, shows_worthit_details, shows_plots, shows_episodes, shows_realness_details, shows_quality_details, and shows_screentime_details.

I left out the metas for ratings, because all that would do is mean if you search for a ‘5’ for example, you’d get all the things rated five without enough context. (That reminds me I need to code in a way to sort shows by rankings…).

Anyway, my code looks like this:
```
	$keys = "'chars_actor', 'shows_worthit_details', 'shows_plots', 'shows_episodes', 'shows_realness_details', 'shows_quality_details', 'shows_screentime_details'";

        $where = preg_replace(
            "/$\s*".$wpdb->posts.".post_title\s+LIKE\s*(\'[^\']+\')\s*$/",
            "(".$wpdb->posts.".post_title LIKE $1) OR ( (".$wpdb->postmeta.".meta_key IN ( ".$keys." ) ) AND (".$wpdb->postmeta.".meta_value LIKE $1)  )", $where );
```
That change is in the OR clause, where it says “OR if the post meta key name is in my list of keys, AND has a value like my search, then add to the results.”

I feel it’s a little clunky, but it works.
5 September, 2016
The Time and The Place

It was the day of a big release. A major release. A release that had been announced weeks, if not months, in advance. Everyone who was anyone knew that today was the day. So why not publicly drop the news of a major issue with the project in the middle of that release?

It was the middle of the development meeting. Everyone was talking about issues with a part of the project. They were deep into the hell that is debugging and backtracking and arguing if things should be fixed or simply noted. So why not ask for help about an issue one user was having?

This is not about WordPress. Well. It is and it isn’t. It’s about understanding who you are, where you are, and what’s going on around you. It’s about awareness and acceptance. It’s about being a part of something greater than yourself.

This is about common sense.

In Festivus, there’s a time and a place for the airing of grievances. In Judaism, we have a time and place for atoning for sins and forgiving others. While you certainly can do these things at any point in time, the purpose of having set and established periods for them is to prevent people from being derailed, to stop breaking the flow.

The time to report a security issue (which should never be ‘in public first,’ IMO) is not the middle of the release meeting. The time to report petty theft is not while your Manager is giving an announcement. The time to tell everyone that Beyoncé’s video was better is not while Taylor Swift is on stage giving her acceptance speech.

Those moments are rude, inconsiderate, and disrespectful.

It doesn’t matter if you’re right or not because yes, Single Ladies was a magnificent video and Beyoncé was robbed, it matters if the right people will be able to address the issue without causing harm to everyone else.

No one is more or less important than anyone else. Saying ‘everyone’s special’ is just another way of saying no one is. As painful as that can be to hear, it’s true. Instead of arguing that ‘us’ are more special than ‘them,’ which is purely subjective anyway, we should look at the magnitude of the work we do. Who will be harmed by the choice to publicly state something now?

The good of the many often is more important than the good of the few, or the one. That doesn’t mean you should not confront people in public. It means you should not do so recklessly. It means that you should not speak up without consideration of who you are, where you are, and when you are. It means you must be prepared to accept the consequences of your actions.

If you decide the best place to speak up against a politician is at his rally, you must accept that you may be throw out. You must accept that protests may end with your arrest. You must accept that being vocally against a decision or an action may result in you being publicly talked back to and possibly shunned.

At the same time, you cannot be afraid to do these things. You should speak up against wrongs. You should speak up against bad decisions. You should tell your manager that they’re making a bad choice. But you cannot do those things blindly or ignorantly.

It’s human nature to want to be a part of a group. We’re herd animals. We like the safety it affords us. We like the security. We crave it. So when we achieve acceptance into an ‘inner circle’ we want to protect our standing and not be cast out, and that can cause a bit of a Status Quo mentality.

Some members of the group will always be the ones to shake things up. They will be the ones to speak against the majority, to stand up and say “This is wrong and here is why.” They’re the ones who are brave enough and strong enough to accept the consequences of their actions. They don’t walk into a room, interrupting everything and everyone, to announce something.

They don’t get a free pass, however. They accept the consequences. And the effective ones make sure that when they choose to speak up, they do it in the right place, at the right time, with the full respect given to their group and community. And if they don’t, well again, they know what they’re getting into.

I can’t tell you to speak unafraid. That would be incredibly unrealistic. But I can say to speak boldly and to think about the consequences of your actions. And I can tell you to ask. “Will there be a post-mortem of this deployment where we can talk about improvements to the process?” Ask. “I know this is a meeting, and I apologize for interrupting, but I have a security issue. Where would be the right place for this?” Ask.

2 September, 2016
HTTPS and HSTS
HTTP Strict Transport Security (HSTS) is a standard to protect visitors by ensuring that their browsers always connect to a website over HTTPS.

Basically you have your server say “Everyone who accesses my server should use secure connections.” This matters because it prevents man-in-the-middle attacks that change HTTPS to HTTP and steal your credentials. Bad days. If you are using HTTPS/SSL on all your domains you should totally enable HSTS.

Okay, great. How?

Well if you have one domain, this is as easy as tossing this into your htaccess:
```
 <IfModule mod_headers.c>
    Header set Strict-Transport-Security max-age=16070400;
 </IfModule>
```
But … I have 20+ domains on this server. That would suck to have to edit! In fact, this is really closely related to my issues combatting referrer spam server wide. This stuff isn’t always obvious. For cPanel, I just added that code to my pre_virtualhost_global.conf file, same as I did for a certain referrer spam company.

If you’re using NGINX, you should read their blog post on the subject for full details but the basic code is this:
```
server {
    listen 443 ssl;

    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;

    # This 'location' block inherits the STS header
    location / {
        root /usr/share/nginx/html;
    }

    # Because this 'location' block contains another 'add_header' directive,
    # we must redeclare the STS header
    location /servlet {
        add_header X-Served-By "My Servlet Handler";
        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
        proxy_pass http://localhost:8080;
    }
}
```
And if all else fails and you can’t set this on the server, you can always edit your .htaccess or nginx.conf file locally.
31 August, 2016

Post Meta, Custom Post Meta, and Statistics

I do a lot with weird stats. I do a lot with CMB2 and custom meta. I do a lot with CMB2 and weird post meta.

Is it any surprise I wanted to add my new year dropdown data to my site for some interesting statistics?

Of course not. But I started small. I have a saved loop called $all_shows_query

// List of shows
$all_shows_query = new WP_Query ( array(
	'post_type'       => 'post_type_shows',
	'posts_per_page'  => -1,
	'no_found_rows'   => true,
	'post_status'     => array( 'publish', 'draft' ),
));

This really just gets the list of all the shows and holds on to it. The meat of the code runs with this:

$show_current = 0;

if ($all_shows_query->have_posts() ) {
	while ( $all_shows_query->have_posts() ) {
		$all_shows_query->the_post();
		$show_id = $post->ID;
		if ( get_post_meta( $show_id, "shows_airdates", true) ) {
			$airdates = get_post_meta( $show_id, "shows_airdates", true);
			if ( $airdates['finish'] == 'current' ) {
				$show_current++;
			}
		}
		// More IF statements are here.
	}
	wp_reset_query();
}

As mentioned, there are more if statements, like if ( get_post_meta( $show_id, "shows_stars", true) ) {...} which gets data for if a show has a star or not. And if ( get_post_meta( $show_id, "shows_worthit", true) ) {...} which checks if a show is worth it or not. I was already doing a lot of this, so slipping in one more check doesn’t hurt.

To show the data, without Chart.js, it looks like this:

	<h3>Shows Currently Airing</h3>

	<p>&bull; Currently Airing - <?php echo $show_current .' total &mdash; '. round( ( ( $show_current / $count_shows ) * 100) , 1); ?>%
	<br />&bull; Not Airing - <?php echo ( $count_shows - $show_current )  .' total &mdash; '. round( ( ( ( $count_shows - $show_current ) / $count_shows ) * 100) , 1); ?>%
	</p>

With Chart.js, it looks like this:

<canvas id="pieCurrent" width="200" height="200"></canvas>

<script>
// Piechart for Currently Airing Data
var pieCurrentdata = {
    labels: [
        "On Air (<?php echo $show_current; ?>)",
        "Off Air (<?php echo ($count_shows - $show_current ); ?>)",
    ],
    datasets: [
        {
            data: [ <?php echo '
	            "'.$show_current.'",
	            "'.($count_shows - $show_current ).'",
	            '; ?>],
            backgroundColor: [
	            "#4BC0C0",
	            "#FF6384",
	            "#E7E9ED"
            ]
        }]
};

var ctx = document.getElementById("pieCurrent").getContext("2d");
var pieTriggers = new Chart(ctx,{
    type:'doughnut',
    data: pieCurrentdata,
    options: {
		tooltips: {
		    callbacks: {
				label: function(tooltipItem, data) {
					return data.labels[tooltipItem.index];
				}
		    },
		},
	}
});
</script>

Right now the data’s a bit off, since I’ve only updated 200 of the 325 shows, but it’s enough to get the information.

29 August, 2016

Author: Ipstenu (Mika Epstein)

What They Don’t Tell You

Updating Multiple Posts’ Meta

PHP

WP-CLI

Optimizing Post Meta Search

The Time and The Place

HTTPS and HSTS

Post Meta, Custom Post Meta, and Statistics