I don’t know about you, but I’m a bit of an eco-fan myself, and I get really mad reading these constant reports that suggest world leaders won’t come up with a satisfactory way forward at the Copenhagen conference in early December.

It’s great to see world leaders making pledges before the conference, but nobody seems to be taking the size of step that scientists are saying we need to… it all seems politically driven, leaders striving to look good within their country, and within the wider community. Already it seems to be clear that they’re going to come away from the negotiations with a non-legal agreement at best.

I’d really like to see a country have the guts to stand up and signup to cuts of at least the size estimated by scientists, and be done with it. Sod the wider world, and trying to get the agreement of every leader in the world to tidy up their own acts… just take the step forward and lead by example. There seems to be far too much worry about some countries not pulling their weight, and then getting a commercial advantage over greener countries. Well at least from an imports perspective, there’s a very simple answer… bring back trade barriers. They were abolished in most countries to allow for “free” trade, but in my view, if some countries aren’t pulling their weight, this is an easy answer… add a trade barrier to imports of goods from countiries based on their “population per head” type of stats. Fair enough, this doesn’t help exports, but there are a lot of countries that want to make positive change; such a bold step would give a commercial benefit to countries who bought into large scale change.

Here’s hoping the EU, US, or another big player takes such a large step, to put pressure on others to follow suit.

Why the heck is it that ISP’s feel the need to dictate to us the ports we should and shouldn’t make use of?

I say this having just spent near-on a week of frustration wondering why the BeachyUK server hated me and refused to send my mails! After finally finding some time to sit down and diagnose the issue, I’m really irritated that it seems my wonderful new Broadband provider (O2) have taken it upon themselves to block Port 25, to encourage me to send mail via their servers.

Quite apart from the fact that the choice of server I send my mail through is my own decision, I fail to see the benefit here to O2, they’re actually encouraging me to put more load on their SMTP server rather than use my own… hmm, maybe they have an interest in the mails I’m sending

So for anyone out there with the same issue with O2 Broadband (or another overly obsessive ISP), if you have control of your server, just change your mail sending port to an alternative port (and do the same on the server that’s receiving the mail, and hey presto, you’re back in business, despite the efforts of your ISP!)… otherwise, you’ll need to use your ISP’s relaying SMTP mail server to send mails, or you can use your mail servers SSL port, and send using SSL.

One finally thing actually… searching the Internet, I found a lot of sites (in fact, even O2′s help section), saying to use “smtp.o2.co.uk” for outgoing mail if you’re an O2 Broadband customer, this however is wrong for this use. The afore-named domain is for O2 mail users. If you’re looking to relay mail on behalf of your own domain you need to use “relay.o2broadband.co.uk” (no authetication required, and the mail will be seen to come from your domain name).

Somewhat off the usual topic of this blog, but when we came across Spotify, we were extremely excited…

So what is it? Spotify is a new music streaming service. It can be downloaded for free, and features artists like The Killers, Lady Gaga, ColdPlay and other major artists, as well as independants.

Spotify can be used completely free because it will occasionally (roughly every 20 minutes) play a short advertisement in-between songs. This means the artists are properly creditted for their work, whilst you get to listen to whatever music you want to, absolutely free. In our experience, these were extremely targetted adverts, so very relevant, for example, while listening to The Killers, we received a Sony advert of 29 seconds, which advertised the Killers latest album.

This application is a very exciting move. The GUI is similar to that of iTunes, and the music choice is extremely good and comes with suggested similar artists.

If you haven’t tried it already, then signup today and give it a go… we’re loving it!

For a long time now I’ve broadcast that the “secret” to making easy money online is to be dishonest. Sadly there are those out there who have no ethics, and scamming for them is a way of life.

The UK Government is now seeking to take these scammers on at their own game. Looking primarily at “miracle” health product, the government is seeking to educate Internet users by catching their attention with sites similar to that of real scams.

Read more on the Guardian news site:
http://www.guardian.co.uk/society/2009/feb/20/internet-diet-scams

Do you ever provide feedback to businesses you’ve bought goods or services from online? No? Well you maybe missing out on a backlink or two then.

Take a look at some businesses testimonials/feedback pages, and you’ll find that many, services businesses particularly, provide a link to the website of the people providing feedback.

So next time you’ve had a good experience with a business, drop them a mail with your feedback, and URL, and see if you can get a backlink out of it!

Moudi

Some of you may have noticed the appearance of a Liberty Reserve icon on the site recently. We have recently decided to start accepting Liberty Reserve payments in addition to our usual payment methods of UK Cheque or PayPal/Credit Card when paying for our Web Hosting packages.

Liberty Reserve is an e-currency provider that has been around since 2002, and has made a name for itself as a trustworthy e-currency.

For more information on Liberty Reserve, please visit http://www.libertyreserve.com

I can now confirm that our datacentre move is complete. We’ve relocated to a larger datacentre more capable of handling the expansion we need. The new datacentre was a key part of enabling our expansion, but also in increasing reliability of the services we provide.

I’d like to thank all of our customers for their patience in this move.

Whether you’re looking to sell some advertising space, sell your domain, or just fancy knowing…. many of us wonder what our domain is really worth.

Here’s a great tool that applies several criteria to come up with a value it deems your domain to be worth:

http://www.dnscoop.com/

It looks at:

• Domain Age
• PageRank (and whether its a valid PageRank)
• Inbound Links
• AlexaRank
• Number of other Domains on same server

In truth, the best way is probably to search for similar sites that are for sale, and see what they end up selling for. But this is a far quicker, and more fun way! One thing we think this doesn’t look at, that is important, is keywords in your domain name.

BeachyUK.com is apparently worth a disappointing $390… with $3 per month possible from links… certainly has us wondering

If you’re looking to have user’s, or maybe just yourself as “Admin” log into your site, PHP is a great way to do this.

In this post, I’ll take you through creating a basic user authentication system using PHP. To ease understanding, I’ll store the user information (username and password) in the script for now. Once you’ve got this looking, you should consider adding code to lookup the user information from a database, this will make the script very scalable.

The Login Page

Let’s start with a basic HTML page with a form to post our users information to us.

<html>
<head>
<title>Login Page</title>
</head>
<body>
<form method="post">
<table width="100%" align="center">
<tr>
<td width="100">Username</td>
<td><input name="usrnme" type="text"></td>
</tr>
<tr>
<td width="100">Password</td>
<td><input name="passwd" type="password"></td>
</tr>
<tr>
<td width="100"> </td>
<td><input type="submit" name="LoginButton" value="Login"></td>
</tr>
</table>
</form>
</body>
</html>

This basic HTML page will now act as our login page. You’ll obviously want to make it fit the design of your site, once setup.

Note that there is no form action, this is because, by default your browser will submit to the input page. This way, we can configure the login script into the same page, to warn users when they’ve failed to input information correctly.

Note also that I have set the form method to “post”, this is important as the alternative (“get”) displays the input information in the address bar, and will therefore display, and record in the browsers history, the users information, including their password.

Checking the User Information
At the start, I mentioned that this post will keep things simple, and lookup a password that is stored within the script itself. I would strongly recommend you consider using a database to store user information rather than storing it in a script, even if its only one user today, it will give flexibility to your site, and allow you to reuse your work on other logins that may need many users.

So, we’ve now got a basic login page which posts the username (as “usrnme”) and password (as “passwd”) to the login page again. So now we crank out the PHP to check the user information.

<?php
// Start a PHP session - This must be the first thing you do
session_start();

// Check if user is already logged in - if so, send to default page for a logged in user
if (isset($_SESSION['usr_logged_in'])) {
include ("loggedin.htm");
exit();
}

// Check for posted form (i.e. that user has submitted the form, and not just arrived at login screen for first time
if (isset($_POST['usrnme']) && isset($_POST['passwd'])) {

//Script Improvement - In this position you should consider a database lookup to gather user information for the provided username ("usrnme"). In this example, the user information is hard-coded as below:
$correctusr="admin";
$correctpwd="letmein";

//Check Username and Password matchs expectation - dropping both to lowercase for non-case-sensitive check
if (strtolower($correctusr) == strtolower($_POST['usrnme'])){
//Correct Username - Check Password
if (strtolower($correctpwd) == strtolower($_POST['passwd'])){
// The username and password match
// Set a session variable so further pages know this user is autheticated
$_SESSION['usr_logged_in'] = strtolower($usrnme);
// After login we move to the main page for logged in users
include ("loggedin.htm");
exit();
}else{
// Incorrect Password - don't declare it was password, as this could help a hacker
$error="Error: You entered an invalid username/password";
}
}else{
// Incorrect Username - don't declare it was username, as this could help a hacker
$error="Error: You entered an invalid username/password";
}
}
?>
<html>
<head>
<title>Login Page</title>
</head>
<body>
<form method="post">
<table width="100%" align="center">
<?php
if (isset($error)){
?>
<tr>
<td width="100">Error:</td>
<td>An incorrect username or password was entered. Please try again.</td>
</tr>
<?php
}
?>

<tr>
<td width="100">Username</td>
<td><input name="usrnme" type="text"></td>
</tr>
<tr>
<td width="100">Password</td>
<td><input name="passwd" type="password"></td>
</tr>
<tr>
<td width="100"> </td>
<td><input type="submit" name="LoginButton" value="Login"></td>
</tr>
</table>
</form>
</body>
</html>

Essentially the above is the same as before, with two pieces of PHP added. The first checks the posted information for valid user information, setting a session variable and passing the user to the logged in area if valid, or setting the $error variable if not. The second then sits within the HTML, and displays an extra row, with the error message, if set.

What the first piece of PHP also does is check whether the user is already logged in (by checking if the session variable is in-fact already set). This might occur when a user returns to a bookmarked page, or uses the back button. In these cases, we forward the back to the logged in page, so they don’t have to re-login (not essential, but improves the user experience).

Note that the first code line is “session_start();”, this is vital, as any lines appearing before it (including blank lines) can result in the page headers being set, which results in an error like the below. This can be avoided by ensuring the “session_start();” is the first line of code in the file.

Warning: session_start() [function.session-start]: Cannot send session cookie – headers already sent by (output started at /home/exampledomain/public_html/login.php:29) in /home/exampledomain/public_html/login.php on line 15

This is an amazingly common PHP error, and yet is easily avoided. just start the file with a PHP open tag (“<?php”), and carriage return, and then your session_start command.

Keep checking

In the example above, we sent the user to another page once logged in, and logically the user may have multiple pages available to them as a logged in user. So we need to verify that users aren’t accessing these pages directly. We also need to be able to identify the user once at these pages (in-case personalised content is required. Well this isn’t too painful as we used a session variable to store the username once correctly logged in.

Session variables can only be set by the server, so this is hugely safer than any Javascript login metho… scarily employed on some smaller sites that don’t realise its a Client end language and hence open to easy abuse.

Here’s an example page that might feature in our logged in area:

<?php
// Start a PHP session - This must be the first thing you do
session_start();

// Check if user is already logged in - if not, send to login page
if (isset($_SESSION['usr_logged_in'])) {
include ("login.htm");
exit();
}

?>
<html>
<head>
<title>Members Area</title>
</head>
<body>
Welcome <?php echo($_SESSION['usr_logged_in']); ?> to the logged in area!
</body>
</html>

You’ll notice, this page is almost identical to the top of the login page, as it once again opens the session, andreviews the session variable. This time however, we’re looking to see if the session variable has not been set.

If $_SESSION['usr_logged_in'] is set then we have a logged in user, and can display the page. If not, we return them to the login page, to login. The beauty of using the username as the variable content is that it can now be used to lookup user specific information to be displayed. You could, of course, use a separate session variable for storing the username, or any other piece of information you wanted to make available to each page (e.g. account number, real name etc..).

Log Out/Log Off

PHP Sessions do expire, but it is good practice, and better security for your users, if you provide a logout/logoff option.

As we are using the Session Variable $_SESSION['usr_logged_in'] to check for a users logon status, we simply need to unset this variable to log them off. We do however need to remember to open the PHP session before we try to unset the variable (as the variable is held against the PHP session).

Our final script therefore looks something like this (logout.php):

<?php
// Start a PHP session - This must be the first thing you do
session_start();

// Unset the Session Variable, if exists
if (isset($_SESSION['usr_logged_in'])) {
unset($_SESSION['usr_logged_in']);
}

include ("login.htm");
exit();

?>

In the previous post I talked about the importance of backlinks. So here’s my tips for securing for good backlinks for your site:

• Submit your site to web directories
  There are a huge number of web directories around. Submitting to the larger directories (like dmoz.org) is easy, but to really get the benefit, you want to be submitting to a large number of web directories, and this needs to be done automatically.There are many pieces of software, and websites, out there that will submit your site to many web directories on your behalf, some charge a fee, and some don’t. They will cover a huge range of different directories.As BeachyUK offers a Search Engine, and Web Directory Submission service, I’d best mention that now… but there are many others too.
• Buy expired domains
  This is a surprisingly large business, so it must work. We don’t have any experience of this ourselves, as we consider it a short-term and improper practice (can you tell we’re English?!). Basically, it’s based on the fact that websites don’t update their links regularly. So if a website expires with a lot of backlinks to it, the new owner will benefit from these backlinks, even though they pre-date the owners use of the domain.
• Forum Signatures – Yours or buy
  Far too few webmasters make proper use of this. Simply join forums, add a link to your site into your signature, and get stuck in… each time you post on the forum, you’re adding a backlink to your site!For best effect, join relevant forums, and get really involved in the community of the forum. You’ll earn some good backlinks, but will also earn potential custom from the forum, based on the value you’re adding there.
• Link to your site from your social networking profiles
  Particularly where profiles are publicly available (the same is true on forum profiles), adding a link, is another potential backlink.
• Exchange Links
  Most common, people either join Link Exchange sites (where two parties agree to link to each other), or you agree this through a forum, or personal exchange of e-mails. I favour an e-mail to targetted sites, choosing sites of a similar PageRank to yours (otherwise there’s little in it for them), and clearly pointing out the similarities in your customer base.
• Buy links
  Links are always up for sale. You can shop around on dedicated sites, or approach a site directly. Just be careful to ensure you are getting a backlink from a higher rank site than yours, and that it isn’t marked as “nofollow” (which means many Search Engines, like Google will not count the link as a positive backlink).

What are your tips on getting more/better backlinks?