Basecamp is a handy little web based project management tool from 37 Signals. It is an ideal tool to put some basic manners on a project without adding too much complexity. It has such features as to-do lists, project milestones, messages, write boards and online chat functionality. Yes all this stuff can be done elsewhere, but this is an easy way to bring it all together into a little intranet. You can send logins to clients, co-workers, sub contractors and your mother so they can all see how hard you are working.

If you move up above the free or basic plan, there are additional tools available including time tracking (Plus or Max plans). I use this for some of my projects where I am charging on an hourly rate. I also use it on occassion when I simply want to book in my hours and see if I am making any money on a project.

Through the use of the API available for Basecamp, the clever fellows at Cornerstone Systems have developed a little desktop tool that allows you to record your time directly from the desktop. You can simply select your project and clock in and out as and when you need to. You can also record time directly against a particular to-do task which is what I normally do. This tool is called Project Recon.

Like Basecamp it is somewhat simplistic, but that is what I like about it. Sure it doesn’t have a lot of bells and whistles, it just simply records your time, but that is a good thing. You can concentrate on getting your work done without having to spend time trying to figure it out. If you find you can’t use it, you most likely have your monitor switched off. It really is that simple.

Project Recon 1.8 Screenshot of my World Domination project (still in beta)

Cornerstone have just released version 1.8 which is a major shift in how the application is presented to the end user. It is very different to the 1.3x version I had been using, the main change being 1.3x was simply an icon in the Windows notification area that popped up to let you perform the tasks. The 1.8 version has it’s own app window which allows for much more room to work, select items etc. I am still going towards the notification area to do stuff but that will pass.

If you already purchased project recon, 1.8 is available as a free upgrade. I had misread the date on their forum post and thought I missed the mailout for the upgrade. Within a few hours of emailing support, instead of being told to hang on for the mailout, I had been given my own personal link to download a copy of the new version.

So you not only get a handy time tracking tool, but there is some great support there too.

I have just recently switched this website from the Drupal CMS to Wordpress. Within the last 24 hours I have had the first symptoms of an irritation I have noticed on other blogs I mangage. Almost as soon as the conversion was complete, I had two suspicious user sign-ups. Suspicious in that they occurred in very short order for a relatively low traffic website, and guess what, they both end in “.ru”, the Russian domain ending.

Now I am not in favour of tarring everyone with the same brush, I am sure most Russians couldn’t give an Abkhazia about my blog, but there is something fishy going on. Another blog I managed has over 1,500 registered users, yet over 800 of those users have emails ending in “.ru”.

So what is going on here? Initial suspicion was that this was a way of attempting to place spam comments on the blog, but does not seem to pan out. Firstly, the Akismet plugin does not seem to have a problem catching comment spam whether the user is registered or not. Not that I could find any relationship between these “dodgy users” and the comments that had been placed into the Spam bin by Akismet.

So I haven’t worried too much about them since they don’t seem to be doing any damage.

As I mentioned earlier, this is a new blog. Comments have been open on it, but I have only just activated the Akismet plugin. So there were about 24 hours during which comment spam could have been placed on the blog yet it wasn’t, even by the suspicious new users. Strange huh?

It seems then that there must be another reason for these signups other than comment spam. They may be trying to exploit known vulnerabilities in older versions of Wordpress.

In any event, to see if I can cut this out, I have installed a new plugin, Register Plus, this has quite a number of nifty features around user registration which have been a bit lacking in Wordpress to date. The features I have so far activated are:

• Email address confirmation for new users
• Users can set their own passwords
• Custom logo on the registration page

There are a number of additional features worth checking out, but so far those are the ones I will be using.

I will see how I get on over the next few weeks and if successful, I will roll out the plugin to other Wordpress sites I manage.

My suspicion is that these “dodgy signups” are driven by an automated bot and this may well not be able to use the new registration form. If that fails, then I am pretty sure the email addresses are invalid and therefore the user accounts are not activated and will be removed after 7 days.

In the last resort, there is also a captcha feature, but I would prefer not to have to use that. Hate the bloody things!

Another blogger who doesn’t think much of the fake user signups is using the Sabre plugin, but I am going to see how I get on with Register Plus before employing yet another plugin that only does one specific task. They become a nigthmare to manage them all.

If like me, you are sometimes adding content created elsewhere to a Wordpress blog (in my case adding new articles to the website of a journalist client of mine), you might find yourself simply cutting and pasting the content and title into the Wordpress write post form.

One thing that has slightly miffed me is that I can sometimes place the cursor in the title field and then, for whatever reason, I might move it elsewhere, say to the post body etc. This may not seem like a big issue, but the permalink (the url given to the Wordpress post) can sometimes contain the words of your post title (this is often good for SEO purposes). This permalink is updated when you move your cursor from the title field to somewhere else on the page. It then takes the title and created a search engine friendly url with those words.

If you either did not put in the correct title, or as I often do, did not put in anything, the permalink may not therefore contain exactly what you want it to (you will see a preview of it in grey directly underneath the title field).

Up to now, I found this quite annoying as I had to then click the edit link and edit the permalink manually. Simply updating the title will not change the permalink. This might seem trivial, but Wordpress automatically formats the permalink for search engine consumption, removing punctuation marks and placing dashes between words. Doing this manually is a pain.

There is a fast and easy workaround:

1) Put the correct title into the title field
2) Click the permalink edit link
3) Hit ctrl A, then delete to select all and delete from that field
4) Hit save

And hey presto, instead of a blank permalink, it then goes back to the title field and takes your updated title.