Koree Monteloyola

Hardcore Wordpress fans please don't stone me to death. XD

I am writing this article so I can easily refer my clients to this post in the future.

What I found out when I tried to create a customized inquiry form with CAPTCHA for a client was, Wordpress does not implement or allow $_SESSIONS for 3rd party WP plugins (by default). So, initially I ended up displaying the image for the CAPTCHA perfectly fine but it does not verify the user's  CAPTCHA input against the text on the CAPTCHA image.

This discovery led me to create a contact form that implements CAPTCHA but does not use PHP sessions. You can download "Kontak" for Wordpress.

Just so you can understand this limitation better, I'll explain it further. In PHP coding, we have what we call “sessions”, we use this to keep a user’s information while still logged in - regardless of how many pages a user visits within the same domain. The user's data would not expire as long as the session is alive.

In Wordpress this method is applied to the core WP codes using cookies, by default all front-end 3rd party plugins would not be allowed or piggy back on WP sessions. That's the reason why most (contact) web forms in Wordpress do not have CAPTCHA.

BUT...but there is a hack to enable sessions in Wordpress, check this article - Wordpress and Sessions.

And being a cautious developer that I am, I would say that you too should be cautious if you want to apply this hack. Wordpress designed their platform this way for security reasons.

Consider this example: if I were a naughty WP plugin contributor, who studied a specific WP plugin so I can sniff or hack the data using sessions, there is nothing preventing me to do that since PHP sessions is already enabled in your site. Although a code ninja should've anticipated this kind of attacks and decides to encrypt the user's data; in this case, we can still say that enabling sessions for Wordpress would still be good.

To drive my point to home, in Wordpress if you don't want to use sessions you have to rely on cookies or any other method that would work in lieu of PHP sessions. So what do sessions have to do with eCommerce sites? First a user's info should have to be retained for every page that the user visits while he/she is still logged in the site/shopping cart. Second, some of the info like credit card information is better relayed between pages using sessions rather than cookies.

Most of the eCommerce plugins for Wordpress use Paypal, if this is your chosen payment gateway, we'll good for you because you'll probably find a suitable eCommerce plugin for your Wordpress site. (read the comments below about this)

In my opinion Wordpress is the excellent platform for information systems, but if we're going to talk about e-commerce, hmm maybe you should consider using Joomla or use a different shopping cart platform and link it to Wordpress, but membership for different platforms would not be synced (this depends on the platforms being used as well).

I know you’re looking for economical and fast solutions, but you have to make some sacrifices and be careful if you want to enable sessions in Wordpress.

I would appreciate readers' comments that would enlighten me regarding this topic.

Kontak is a Wordpress contact form plugin that has the following features:

• Coded in HTML5
• Enable/Disable Captcha
• Captcha is not using PHP sessions
• Customizable fields: 
  • Subject for email
  • FROM and TO email headers
• (Optional) Customize CSS.

How to install Kontak web form plugin for Wordpress

1. Go to WP admin site to install plugin and activate
2. Click on the "Kontak" link at the bottom left navigation/menu
3. Customize the following required field values: FROM and Recipient's email
4. On the page wherein you want to see the contact form just paste the value that's in the "Shortcode Name". The default is "[kontak-web-form]".
5. Test and enjoy.

Download Kontak web form

View demos: 

• http://racketroll.com/wp-plugins/
• http://www.onegirlfactory.com/

For inquiries or violent reactions, feel free to use the comments below.

And by the way, this is my first time to release an open source software, I know there's much to learn.

Cheers!

I was invited by my former college professor (sir Rico Teodoro) to be a guest speaker to an Android Technology seminar for a small group of students at Adamson University (Metro Manila, Philippines). It was held this afternoon.

One of the fun parts was when I switched to this slide :)

Yup, I put my design there so everyone (in the seminar) can see its full "projected" glory. I know, I know it was a shameless plug. hehe

These are just some of the things that I discussed during the seminar:

- General information about Android (History, Features, Security,Design)

- Setting the general environment configuration for Android development (System Requirements, Android SDK, Android Virtual Device, Eclipse, ADT)

- Discussing HelloWorld app, installing and testing in an AVD or emulator

- Exporting an Android project

- Creating a keystore

- Creating the HelloWorld.apk file

- Using adb to see the devices

- Installing the HelloWorld.apk file to the emulator and Samsung Galaxy Tab.

We ran out of time to discuss other Android projects, and I ended the seminar with a statement made by Richard Stallman about supporting Android to protect our privacy.

I hope I was able to deliver what they needed to start coding.

Thanks to sir Rico for giving me the chance to share what I know. God Bless.

In many ways Unified Process is very similar to the classic Waterfall model, although, because of its flexibility it can be customized to be used as an agile software development process. Considering its inherent versatility as a factor, various organizations can implement Unified Process to work on different types of applications, involving people with different skill levels, in different complexities. There is really no definite or limited steps on how it should be implemented, its application would depend on how an organization decides to use it.

The core of UP's framework has the following attributes:

1. Gather knowledge on the project that should be done
2. Assess the needs of the client and build a list of project requirements from the gathered information
3. Analyze and design the project software
4. Implement the design, testing and deployment

These attributes are applied to the four phases of a Unified process project.

Each phase can be iterated per workflow as the software lifecycle moves through the phases. The adjustments occur by controlling the number of iterations in each phase; iterations are determined by the organization and complexity of the project.

The four phases of Unified Process are:

• Inception deals with data gathering and project planning
  • Possible tasks/outputs:
    • requirements workshop
    • vision and risk list
    • use case model
    • supplementary specifications
    • prototyping
• Elaboration deals with the iterations to be done during the project cycle based on the defined project / software architecture
  • Possible tasks/outputs: 
    • short iterations of testing, programming, designing
    • requirements workshop
    • refining vision
    • refining the process and technical environment
• Construction is the phase wherein the project software is actually built and extensively tested. The documentation should also be finished under this stage.
  • Possible tasks/outputs: 
    • short iterations of testing, programming, designing
    • stakeholder evaluation & steering
    • minor evaluations
    • create all documents
    • alpha testing
• Transition is the phase wherein the project software is declared as complete and delivered to the client for deployment.
  • Possible tasks/outputs: 
    • beta or release candidate testing
    • stakeholder feedback
    • final programming and documentation
    • deployment

Figure 1: The iteration is enclosed within a rounded rectangle. | Horizontal: Phases of Unified Process; Vertical: Core Workflows

Personally what I really like about Unified Process is I can use this very simple and flexible cycle as an agile software development process - even for complicated projects.

And I guess this is just one of the reasons why Unified Process is one of the most popular agile processes used today.

Reference:

Agile Software Development Processes A Different Approach to Software Design bye Everette R. Keith;

"This is why you should support Android (not Google, but Android), even if you prefer the iPhone. This is why you should support Linux, even if you use Windows. This is why you should support Apache, even if you run IIS. There's going to be a point where being Free/open is no longer a fun perk, but a necessity."

- quoted from Richard Stallman Was Right All Along

I agree and like to think that there is freedom in free software, and money in proprietary software and/or developing for someone else. So where does this put a PHP web developer, like me?

Honestly, even if I really love the idea that I can spend most of my waking days building free software and experiment with solar power, in reality I have bills to pay. So I have to balance this out and if I'm lucky I can build my own platform, with that being said, I need to learn a new programming language this year.