This is the “Suggest a Climate Link Interface”. It’s still in development. This is how it currently works:

1. Visitors enter a link, suggest a general ‘topic’, ’source’, provide a brief description and a few tags that might be used to search a database. (Tags are optional. Topics are subjects like global surface temperature, sea ice, etc. Sources refer to things like blogs, newspapers, the IPCC, think tanks and etc. )
2. After they enter the link, the link is stored in a database and listed as ‘pending’. At some point, I will notice the pending link and check it. If it’s ok, I’ll approve the link (and possibly edit the topic, source or add tags); afterwards, the link will appear on the the climate links page and also be accessible from the topics list.
3. The climate links page which is currently just a flat list. I’ll write a script to sort by category later on. Creating searchable sorted lists is the point of using a database instead of just manually adding links.
4. You can already do a little drill down to see all links in a particular topic by clicking the “topic” or “source” link at the climate links page.

Bleg for input!

• You can already enter links. So feel free to do so. (I can’t seem to add Bjorn Lomborg’s site. I need to figure out why. If you don’t get the “Thanks for submitting a link” message after submitting, leave a note in comments.)
• If you have a link that doesn’t fit a source or topic category, post a comment and suggest the link along with a category or type. I can add the appropriate source or topic on the admin side of the blog.

I’m hoping a few of you will test and let me know if you have problems. (If you do, do complain in comments. That will a) let me know so I can fix the problem and b) alert other users not to enter too many links!

The blog owner (i.e. I) can select which languages to offer her (i. e. my) blog in. Then users can click to obtain a sort of translated page. Based entirely on preconceived notions of where climate-blog addicts live, I picked a number of European languages, then threw Hindi into the mix.

If you click a language you can actually understand, the results can be sort of humorous. Below, I have posted the translation into French of the first paragraph from yesterday’s post:

J’ai été bummed que je ne peux jamais scoop Roy Spencer sur les anomalies de température UAH. J’ai secoué mon cerveau à essayer de comprendre comment je peux sortir avec une sorte de “première” lecture de la température de mois. J’ai examiné un certain nombre de stratégies:

It’s interesting to learn the idioms “être bummer” and “pouvoir scooper” have penetrated the French language. And such a novel conjugation for an ‘er’ verbs!

The various translations for the first paragraph include:

1. Spanish: “He estado bummed que nunca primicia Roy Spencer “.
2. Italian: “Sono stato bummed che non può mai scoop”.
3. German: “Ich habe bummed, dass ich nie SCOOP”.
4. Russian: “Я был bummed что я никогда не совок Рой Спенсер на грн температуры”

Those of you who want to have fun learning how far the verbs “scoop” and “bummed” have penetrated foreign languages can click the other buttons.

(If you are the first to click, this warming will appear briefly, “This page has not been translated yet. The translation process could take a while: in the meantime a semi-automatic translation will be provided in a few seconds.”)

If any native speakers are disturbed by odd translations, there is a multi-click method permitting them to suggest a better translation. Find “Back to Translate” link at the top of a translated page; click. Then enter the mistranslated text. Google will translate it again, and also provide a link to “Contribute a better translation”. Click that. Then provide the improved translation.

With some luck, Google will eventually know how to translate all slang and idiom, including words like “shank-a-potamus”. Better yet, the Google translator will help us discover the correct realclimatespeak to ‘common english venacular’ translation of “a few years” particularly when surrounded by text that specifically mentions the year 2007 twice, including an introduction that emphasizes that the new report is “the most important update of climate science since the 2007 IPCC report” and, moreover, is posted on a group blog established in 2004.

Oddly, when I first read RC’s introduction, I noticed the 2007 AR4 was specifically mentioned by the RC authors, so I assumed “Some aspects of climate change are progressing faster than was expected a few years ago” would use

1. “are” to mean “are (present tense) currently observed to be progressing” rather than “can be shown to have progressing more rapidly than the 2001 TAR model hindcasts post-dicted for historic periods predating the TAR” (but oops. Our writing now suggests we did’t bother to compare this aspect of the hind cast to the existing measurements back when we wrote the TAR and disseminated our projections. )
2. “faster than was expected a few years ago”, to mean either a) faster than was actually predicted/projected in the 2007 AR4, and/or b) faster than what was readily available data disclosed in the 2007 AR4.

However, it appears the phrase means something . . . else. If anyone can suggest the correct translation for the google “realclimatespeak” to “common English venacular” robo-translator, please do.

Script Injection

Thank you Stuart and Jonathan for alerting me that their browsers warned them that my site hosted malware. Stuart was the first to alert me and Jonathan gave me the tip that the problem was somethign to do with “odmarco.com”. I hunted around, and found a link to odmarco.com after the html closes in wordpress.

I knew I had to get that out. But how?

My first bet was this was caused by a new plugin…wrong!

So, then I checked the index file of my theme. That’s editable from inside the wordpress plugin panel. I found a script injection in that index.php file. I removed it.

That should have fixed it… so I thought. But no. The script was still in some of my files.

I switched themes: Still there.

So, I went to Dreamhost and checked the fulll wordpress installation, looked at the /index.php file and found that somehow a image had been added after the closing html tag in the file.

If you are a blogger, I advise viewing your file source, and looking for “odmarco”. If it’s there, you’ll need to examine your very short /index.php file at your hosting service and your theme. If you find an iframe at the end of the file, similar to the one I circled above take it out.

For anyone who wants to search the web or help other bloggers, you can view their source and see if you find a string resembling their content: odmarco.com/arwe/?736361acd09ca9717c9462514beb5205

I don’t know when or how malware was introduced, but I suspect a Script Injection Attack. To help me detect any future hacks quickly, I have installed “Paranoid”

Update

Googling around I discovered:

1. The problem may (or may not) originate with some bug at Dreamhost that permits attacks. (People like me could be helpful and make load of files not-writable. But.. well.. customers don’t always think of these things.
2. The script supposedly tries to exploit a problem with Adobe Acrobat. I don’t know what it does.
3. The script is injected on html files and some php files. I have it totally off my blog and this site. I sent a note to Dreamhost because my knitting site is totally infested, and I’m not sure how to quickly get it off the static php files. All the html sites on my knitting blog have mod-dates of May 28, which means the script hit my sites on May 28.

Update II

You have to do more!

The script managed to add that bit of code to every single index.php and index.html file at my site. This means it’s sometimes in various plugin files, templates etc. To protect visitors, one should get them all out, no matter how unlikely they are to ever be loaded.

Fortunately, a nice script is available here. To run it, I:

1. Changed the name of the string after the bit of code that says: protected $string_to_clear = ‘XXX’; You need to put the string you want found and between the ” where I placed XXX. Odmarco is changing their string from time to time.
2. Save the file as with some useful name like “clearOutJunk.php”.
3. Upload that to the top directory of your site. (I put it right up under rankexploits.com.
4. Point your browser to http://yourdomain.com/clearOutJunk.php . The script will pause while it’s reading every file in every directory. It will echo names of files and tell you if it found anything. If it found the string you told it to eliminate, it will remove that string from the file and replace it.
5. This worked like a charm.

Update II

Other issues remained. Dreamhost advised me that I should search all my files to find anything that had been installed or modified recently. (Evidently, the hackers like to hid file with innocuous names and just re-install later!)

I found two batches of suspicious files. One set of changes were made on May 28. Those changes are what alerted Jonathan and Stuart. But another set of changes were made way back on April 7. That’s sufficiently far back that you can’t count on Wordpress having old enough back ups to just replace all old files with new ones.

Anyway, I ran the script discussed above to clean out the injected script from all html and php files containing that. I also searched for all files from April 7, checked they weren’t right and deleted those. I also checked looked at everything between April 7 and today and deleted anything and everything I no longer need.

I should be totally clean now.

Is this enough to ensure the blog is properly saved? No.

Only the text for blog posts and comments are stored in the database. However, my blog (and most climate blogs) frequently display linked images. I self host most my images; this means most images are stored on my hosts server. If that server went down and neither my hosting service nor I backed up my files, some content would be lost.

Lucky for my, my hosting service does back up their servers. So, I mostly count on my host to maintain backups for the site. But, I had a problem with a hosting service many years ago which left me a bit paranoid about hosting services.

To ensure my images aren’t destroyed, I manually back up the most recent month’s entry in the wp-uploads folder in the wp-content directory for wordpress. How often? Well.. not often enough. I back up the previous months uploads the beginning of each month; I store these at home on my mac.

If my hosting service lets me down, I might, theoretically, lose 1 month’s worth of images. However, for the most part, after about a week of aggravation, the blog could be reconstituted on a new host with little loss.

Meanwhile: Let’s all hope Climate Audit gets their hardware issues sorted.

Most things worked just fine. However, the display on the admin side goes wonky. See how the sidebar extends over the text describing plugins?

Figure 1: Plugin Control for WP 7.2.1

I had no problems upgrading my knitting blog to 2.7.0. The admin panel is totally revamped but, at least in my case, upgrading went smoothly in all ways. I had no difficulties with plugins, themes, or anything. (I have read some bloggers did have problems with 2.7.0. You can google to find work arounds for that issue.)

My advice: If you’ve upgraded to 2.7.0, wait before upgrading to 2.7.1 Give Wordpress time to iron out the bugs or bloggers time to report a work around for pesky issues.

Some of you will recall I wrote a first draft of a troll control plugin, which would display comments from trolls to the troll, but not others. However, I discovered that method used too much CPU when comment threads were long. So, I devised another method which used less CPU. This was given the development name of “Troll Control 2″.

The only difficulty was both methods prevented me from using the wp-cache plugin; the result was slower loading pages, and greater CPU use. So, I used Troll Control 2 from Sunday morning to Monday afternoon. Soon after… well.. ya’ know. I reactivated the plugin last night.

As I want to leave the plugin active for at least a week, I examined wp-cache, and I think I found the method of dealing with the troll. I’ve tested this by labeling and unlabeling myself a troll, and activating and deactivating cache. However, because of the vagaries of self testing which requires me to not only clear the wordpress cache but that on my local machine, I’m always afraid I goofed.

So… if you are blocked from viewing or posting comments, and you are not the troll, click the contact link and let me know.

These visitors are known as “Trolls”. They are difficulty to deal with.

To make it a little easier to deal with the occasional troll my blog attracts, I have written and inconvenient to use Wordpress plugin. The benefits of the plugin are, after you upload and activate the plugin:

1. For the first “N” minutes, the comments from individual trolls will display to the troll only. After that, they will display. This permits the trolls to participate in conversations to some extent, but also gives you time to edit or delete the more egregious aspects of the comment.
2. You can add multiple trolls.

The inconvenient features of this plugin will be obvious: You need to manually edit your theme and some of the plugin code.

Steps to use plugin

1. Click to download the plugin Troll Control Plugin (zipped).
2. Unzip the plugin. Near the top of the plugin find a block of code that looks like this:

   // edit parameters in parameters in the next four lines block to match any INDIVIDUAL troll.
$the_troll_names=array('Troll','Troll Sock Puppet');
$the_troll_email=array('troll_email@gmail.com');
$the_troll_IP=array('99.99.99','77.77.88.13' );
$the_troll_opt['the_troll_minutes'] =300;
 

$the_troll_opt['IPs']=$the_troll_IP; // don't edit.
$the_troll_opt['the_troll_name']=$the_troll_names; // don't edit.
$the_troll_opt['the_troll_email']=$the_troll_email; // don't edit.
array_push($the_trolls_parameters,$the_troll_opt); // don't edit. this adds your troll with all his descriptors to the list of trolls
// END BLOCK.

3. Edit the first four lines to identify your troll. If your troll visits using the name “Mike” change array(‘Troll’,'Troll Sock Puppet’) to array(‘Mike’). Edit the emails, and IP addresses accordingly. You can have more than 1 identifier in any field.
4. Decide how many minutes you want to delay the troll. I set 300 minutes as the default. This way, I can go to bed at night and reduce the risk of troll eruptions. Don’t delay more than 3 days. To save CPU the plugin skips comments more than 3 days old. (If someone needs to be delayed more than 3 days, you should just ban them.)
5. If you have a second troll, copy the whole block, re-paste, the edit.
6. Save the edited file.
7. Back up your version of WP. (All instructions for uploading plugins say this as a precaution.)
8. Upload into your plugins directory and activate. It will seem nothing happens.
9. Visit the design to edit your Wordpress theme. Open your comments.php file. Find the “foreach” statement (or whatever php command your theme editor used. Add two lines of code to set a value a variable I named $block. It should look sort of like this:
   
   foreach ($comments as $comment) :

   if(function_exists('Check_The_Troll') ){$block=Check_The_Troll();}
else{$block=0;}


   Now, find the bit of code that actually displays your comment author, email, comment numbers and the comment. Wrap an “if” statement around that, sort of like this:

   if($block!=1){
PUT All CODE TO DISPLAY COMMENTS IN HERE
}

   If done correctly, the troll control rules will now be enforced. If you don’t know any php, and can’t tell where php code starts and html code begins, get a friend to do this for you.

When this is running during the “troll time out” period, the blog owner will see the troll comments, along with some information added to let you know it is a troll comment. The troll will see the comment and will think others are seeing it. No one else will see the comment.

If you don’t answer the troll, this functionality enforces the “Don’t feed the troll” rule. If this plugin is not enough to deter your particular troll, you will need to escalate to banning the troll.

After I’ve fully tested this inconvenient plugin, I’m going to create a user interface to help bloggers add and subtract troll data more easily. However, users will always have to edit their theme a little. I’ve also modified the “get_recent_comments” plugin and “subscribe_to_comments” plugin to further isolate the troll. I’ll explain those modifications when this is perfected.

Do me a favor!

This plugin is currently running at my blog. I tested it at my testblog, but there are always limits to self-tests. You could help me test the plugin by entering a comment and claiming your name is “Troll” or “Troll Sock Puppet”. Then email a friend and ask them if they can see your comment.

Report back!

Update
1:07 pm. It looks like a number of Troll Sock Puppets have appeared. Thank you. I noticed the comments were properly “disappeared” in comments, but appeared under “recent comments” in the sidebar. I modified the recent comments plugin and now I don’t see them there either.

1:23 Comparison of comments seen by admin and by non-troll visitor. (Click for larger.)

Figure 1: Comments as seen by logged in administrator.

Figure 2: Comments as seen by non-trolls.

1. A wide center panel to show large images.
2. Three columns, each at least 160 px wide so eventually, I can shove in various ads, feed buttons, links etc. I like them even wider so aging eyes can increase the font size and still read the content. (I use the ad money to pay the server charges. It worked at my knitting blog; it’s might work here too. )
3. Recent comments / trackbacks showing.
4. An edit function so users can edit their comments for five minutes after they comment.
5. A fairly large comment entry box.
6. Comment numbers so people can cite previous comments.
7. Links to commenters’ web sites with “follows” to those who comment frequently. (I need to tweak this.)
8. Ensure images in previous posts continue to float the way I intended!
9. Include html tips for commenters. (I need to get this implemented.)

So far I have most of that implemented. But, I’m also taking suggestion (provided they aren’t to difficult to implement.)

Appearance Issues

One difficulty with web sites is they look different on everyone’s screen.

Commenter ‘fieldnorth’ kindly posted a link to http://browsershots.org/ which lets me examine screen shots from a wide range of browsers. I know my theme is fairly wide– to accomodate large images. But, at least it’s not positively broken on any I’ve examined so far. But there is no substitute for asking viewers whether or not they can read the blog!

So, let me know if it looks dramatically different on your screen. To help me fix problems, do be specific if possible. Here’s what the blog looks like on my screen.

For today, I have various “containers” outlined– this helps me identify the source of problems. They’ll go away in a few days. But, it would be great if you could tell me if you see text flowing outside those boxes. Problems with CSS can result in odd behavior– like missing sidebars, missing content, text flowing outside the boxes etc. If you see any obvious glitches, describe them– and tell me what browser you are using!

I had quite a bit of work to do, dealing with mixing from a jet emerging from cyanide containers, so I couldn’t organize a real post. But, I decided to take a little time out to write a new plugin, which has the working name: “Slow Down Boris”.

What this plugin does will do when it’s finalized is:

1. Count how many comments a known frequent commenter has left in the past “N” hours. The tally will start at “0″, increase by 1 when a comment is made by the “frequent commenter”, and decrease by 1, if someone else responds.
2. When a frequent commenters tally hits “3″, the plugin will hide the text in that comment from other users for several hours. Meanwhile, plugin will tell the frequent commenter to slow down, but let them see their own comment.
3. If another user comments, the “count” for the frequent commenter will decrease. So, this should slow down any debates involving more than one person.

I may adjust the algorithm, and I’ll be creating an option panel so other bloggers can use it. So, if you have suggestions, fire away. Meanwhile, if you notice glitches, let me know.

This plugin is dedicated to my Muse of the day: frequent commenter Boris. I value Boris’s comments, but like many enthusiasts of “climate blog wars”, he gets a little carried away from time to time and forgets to let other people take their turn posting.