Are You An Options Trader?

Learn how to

  • Reduce Risk

  • Create Monthly Income from Option Trading

  • Get Access to Free webinars and training

  • Just enter your information below and click "Get Updates!"

Get Tom's updates and a free account at Capital Discussions.

Category Archives for "Programming"

October 2, 2011

Out with Captcha – In with Dynamic Checkbox

I had a great tour of Reedge today. Reedge is a two year old company offering website testing on steroids. Wow is it easy and fun to setup a test!


Dennis (the CEO) gave me the tour and did a fantastic job of analyzing the website at One thing he pointed out was the optin form used a Captcha and that reduces the conversion rate. Captchas are popular but display hard to read text that frustrate users trying to submit a form. While Captchas do reduce spam, they also reduce submissions from customers and prospects.

Dennis suggested using dynamically generated checkboxes. He recommended this great page showing the pros and cons of Captchas versus checkbox

Because we don’t use wordpress, I had to write my own javascxript.

This isn’t a terribly difficult task; however, good developers “borrow” code whenever you can. I found this post from Jeremy Bililck from 2008 which basically had everything written for me 馃檪

I just had to add some divs and formatting and server side processing to make it all work.

I have these CSS styles defined:

.displayinline {display: inline;}
.fontsize10pt {font-size: 10pt; }
#addcb {width: 20px;}聽

This is the HTML to contain the checkbox and text shown to the visitor:

<div class=”fontsize10pt” align=”center”> <div id=”addcb” class=”displayinline”></div> I am not a spam bot. </div>聽

Here’s the javascript to create the checkbox:

<script language=”JavaScript” type=”text/javascript”> var checkbox = document.createElement(“input”); checkbox.type = “checkbox”; = “verifycheckbox”; checkbox.value= “1”;

var div = document.getElementById(“addcb”); div.appendChild(checkbox);

checkbox.checked = false; </script>

All you have to do once the form is submitted is to check for the existence of form.verifycheckbox. If this variable doesn’t exist, the user didn’t click the checkbox so redirect them back to the form.

Pretty simple solution. This is much easier for a human visitor and spambots won’t see the checkbox.

I’ll monitor the performance of this technique and let you know how it goes on our live web site.

September 14, 2011

Thesis and DAP: Different Menus for Different Users

A client I’m working with needed access control for his WordPress website. I use the Thesis Theme for WordPress with Digital Access Passfor access control. The site I’m working on needed 3 menus: – Not logged into Digital Access Pass (DAP) – Logged in with limited access – Logged in with full access The site isn’t selling products, we’re just using DAP to control access to different parts of the website. We’ve setup two “products”: – Investors – Clients Clients have access to everything investors do. This access control is setup in the products area of DAP. The problem was trying to display different menus based on if the user was logged into DAP and if they were, show the correct menu for that user type. I setup three menus in WordPress for each of these states. As you edit each menu, you’ll see “post” in the URL to get the Menu ID you’ll need later:

Wordpress Menu ID

WordPress Menu ID

I use the Menu ID so I can edit the menu and not worry about having to change the custom_functions.php code. Next you’ll need the product ID’s within Digital Access pass. Navigate to the DAP > Products > Manage and you’ll see “Product ID” as the top entry for that product:

Digital Access Pass Product ID

Digital Access Pass Product ID

Now that you have the product ID and menu IDs, you’re ready to add a custom function to Thesis. Edit your custom_functions.php file:

function custom_wp_nav() { 
  $session = Dap_Session::getSession(); 
  $user = $session->getUser(); 

  if ( !Dap_Session::isLoggedIn() && !isset($user) ){ 
     wp_nav_menu( array('menu' => '6' )); //Main Menu (not logged in) 
  } elseif ($user-&gt;hasPaidAccessToProducts("3")) { 
     wp_nav_menu( array('menu' => '5' )); //Client menu 
  } elseif ($user-&gt;hasPaidAccessToProducts("1")) { 
     wp_nav_menu( array('menu' => '7' )); //Investor menu 
  } else { 
     wp_nav_menu( array('menu' => '6' )); //Main Menu (not logged in) 
add_action('thesis_hook_after_header', 'custom_wp_nav'); 

So we can see in the code above, the MenuID’s are used in the wp_nav_menu function calls and the ProductIDs in the “hasPaidAccessToProducts” DAP function call. Here’s what each menu/user state looks like: Not logged in

Not Logged in - Menu ID 6

Not Logged in – Menu ID 6

Logged in as “Investor”

Investor Menu ID 7

Investor Menu ID 7

Logged in as “Client”

<img class="size-full wp-image-318" title="Client – Menu ID 5" src="" alt="Client – Menu ID 5" width="585" height="27" srcset=" 585w, http://2dfki13vyv203m3zxk2nuxio.wpengine.netdna-cdn oxycontin×14.png 300w” sizes=”(max-width: 585px) 100vw, 585px” />

Client – Menu ID 5

This was a perfect solution for the website we were building as we weren’t selling tons of products and only using DAP for user management for two different access levels. Of course we get all of the benefits of using DAP like being able to send emails to each type of user, etc. If you don’t have Thesis and Digital Access Pass, you can find them here: – Thesis Theme for WordPressDigital Access Pass I hope this code example can help a few people. Let me know if you have any better ways to do this or suggestions for improving it.

July 31, 2011

htaccess Generator for IP Addresses

I was looking for a way to secure my <a href="http://www.wordpress this”>WordPress sites easily. Since my server only has a few IP addresses and I don’t want to buy and install SSL certificates for each web site, I was looking for an easy way to secure my WordPress Admin area.

Using htaccess files to secure your web site

I’m a big believer in using sever-side security tools. You can easily add an .htaccess file to any Apache web server web site for quick server-side protection. This is a simple text file used to tell Apache how you want to secure your files or folders, among other things you can use .htaccess for.

The two main ways I use server security is to restrict by user authentication or IP address restrictions. Because user authentication involves a username and password, unless I control the password, I don’t know if the user actually is using a secure password. I suspect people are creating better passwords these days, but if you don’t have a tool to help you remember passwords, people generally create passwords that are easy to remember…and easy for hackers to figure out!

If you like to use passwords, I highly suggest using this online site to generate REALLY good passwords: GRC’s Perfect Passwords

I will take a random selection of the middle row to generate REALLY secure passwords.

I prefer using IP address restrictions for security

Even as good as GRC’s passwords are, I still prefer using IP addresses to restrict users from my admin pages. This approach is great if you have a static IP address but you do need to keep updating the .htaccess file with updated IP addresses if your IP address changes. I needed an easy way to re-generate that .htaccess files.  There are a few htaccess generators online but I wanted something customized for me so I wrote one this afternoon.  You can access it here:

Here’s what it looks like:

This htaccess generator is very simple to use.  You enter in a list of IP addresses (one per line) and what action you want to take and generate the code, either to ban the list or only accept that list of IP addresses.

After you run the code generator, just copy and paste the generated code into a text editor and save it in the folder you want to protect.

I store the list of IP addresses in a cookie in your web browser (NOT on my server) for six months.  The next time you come back to re-generate your htacces file, your list of IP addresses will still be there.


You can use the htaccess generator for your web server to protect or exclude a list of IP addresses quite easily.  If you have a dynamic IP address, you may need to keep updating your .htaccess file, but this generator makes easy work of that.  It’s a lot more secure than just letting anyone have a crack at your wordpress admin area!

June 2, 2011

The Google +1 Button Arrives

Google +1 button

Google recently released the +1 button. 聽I suppose facebook’s success with their “like” button can’t be ignored by Google. 聽Because it is Google, I would definitely add the +1 button to your own websites because you know Google is going to include +1 button data in their search algorithms.

What is the +1 button?

This is the Google +1 buttton description page for end users. 聽Google describes it as a button to say “this is pretty cool” or “you should check this out.” 聽Sounds like the facebook like button doesn’t it?

How do you put the +1 button on your thesis blog website? had a great post about adding a Google +1 button to your website. 聽They referenced a page in their user guide detailing the steps There was an error in the configurator link. 聽The correct url is

Here’s what the configuration tool looks like:

Google +1 button configuration tool

Note the “Advanced options”.

Google +1 Button Advanced options

The link to “More information on URLs and the +1 button” goes here.


Because this is from Google, I expect it to be widely deployed very quickly. 聽Google WILL consider this data in it’s search algorithms. 聽It’s good data for them to help figure out what page a search visitor is looking for. 聽I’d use it if I were Google. 聽You should too.

March 6, 2011

Get Meta Tags, Response Headers and Cookies

I wrote a small script to fetch some meta data for any web page. The script loads the Keywords, Title and Description meta tag values and compares to some guidelines from SEO guru Jerry West.

I attempt to display as many Server Response Headers as I can. I omitted some esoteric headers but if I get requests for them I can add them in.

Here’s what the results look like:

Title, Keywords, Description and Server Response Header Analyzer

Title, Keywords, Description and Server Response Header Analyzer

You can go to the page directly at