Recover deleted AVI files from an SDHC card when you’ve emptied the trash, then repair them

Scenario: You’ve accidentally deleted a bunch of AVI files on an SDHC memory card. You’ve also emptied the Trash in OS X, which would ordinarily mean they’re permanently lost.

  • Install testdisk via Homebrew
  • Use mount to identify the disk format (in this case a FAT-32 partition from Keedox Trail camera)
  • Unmount the disk, diskutil unmount /dev/<whatever> (or you can open Disk Utility and use the GUI)
  • sudo diskutil (if you don’t run as root, chances are you won’t see the full list of drives)
  • Tell it to create a log when it asks you
  • The drive you want should be displayed without RO to indicate it’s accessible, select it
  • It’ll ask for partition type – for FAT-32 use Intel
  • Follow the rest of this procedure (you navigate to the correct partition, directory, the deleted files are in red, you press : (colon) to select them, then C to copy, choose a destination folder, etc.

AVI files not loading

I now had AVI files which were correctly named (apart from the initial _) and timestamped, but looked about twice as big as they should be and wouldn’t play due to unrecognisable header info.  They wouldn’t open in OS X Quick Look or VLC, DivFix++ kept giving me “Seek error” and trying to recover them by regenerating with ffmpeg:

ffmpeg -i input.avi -c copy output.avi

…didn’t work either.

The equivalent did work in mencoder though, and it’s very fast:

mencoder -idx input.avi -ovc copy -oac copy -o output.avi

I had a whole bunch of files (_ICT0001.AVI, _ICT0002.AVI etc.) for which you can use ‘find’ and a bash script:

find * -name '_ICT*.AVI' -type f -exec ~/ {} \; (test it on a single file first)

mencoder -idx $1 -ovc copy -oac copy -o repaired-$1

Let’s Encrypt news – client name change and auto renewals

Updated Wed 14 Sep 2016 (new installation guide URL, clarify name change.)

Let’s Encrypt have updated their getting started page, but the following may help anyone trying to understand the latest changes.

If you’re installing from scratch, use Certbot (see below) and start here.  You’ll get custom instructions for your operating system and web server – the client can now be installed via a package on newer systems.

The name

The client (now at version 0.6.0) from letsencrypt-auto to Certbot – to be precise, the project/ecosystem is still called Let’s Encrypt, while Certbot is the EFF’s certificate deployment client.

You’ll find that certbot-auto (a shell script) is an exact copy of the letsencrypt-auto, so all previous commands will still work.

The git repository has also been renamed – the old one is redirected.


You can update the location of your ‘origin’ remote in .git/config


You can now renew all your certificates at once.

# to test
~/letsencrypt/certbot-auto renew --dry-run

# to actually do it
~/letsencrypt/certbot-auto renew

There’s some clever stuff going on here:

  • It uses all your previous settings.
  • It renews any certificates that will expire within 30 days.
  • Afterwards you get a list of which were renewed and which were skipped (“not due for renewal yet”)
  • --dry-run  use staging server, so doesn’t count towards API limits.
  • “renew” is designed for unattended use.
  • Remember you still need to reload apache/nginx afterwards.

Example of a cron.weekly script you could use:

/path/to/letsencrypt/certbot-auto renew
service nginx reload

Small Gravity Forms plugin to resend notifications

Updated Tue 10 May 2016

Gravity Forms doesn’t return or record success or failure of emails, so you may find yourself having to resend them if there was a problem.

It is already possible to trigger notifications for form entries again via the WordPress admin interface, but it requires a lot of clicking should there be very many of them.  Also, although the Directory Columns option allows you to customise the fields displayed, the entry submission date/timestamp is not available here.

Here’s a very quick plugin which uses WP-CLI and the GFAPI to show you a whole batch of entries for a form and filter by start/end date (or date and time).

You can also view a summary of the main notification settings (from/to/reply-to addresses, subject line) for all (or selected) forms.

Full syntax/help is available with:

wp help gftuil renotify
wp help gfutil notifications

Install via GitHub

PHP mistakes to avoid: objects and references

This is a fairly crucial bit of object-oriented PHP, but I only found out about it today after x years, so it’s bound to trip someone else up.

Essentially, if you want to copy some values from an object, doing this is a very bad idea:

$a = new A;
$b = $a;

…because it’s not like copying a variable (passing it by value) where $a and $b are independent, $b is just a pointer to $a. So this:


…will remove foo from $a as well.

Wiser programmers than me may well be saying, “Why do you need to copy an object anyway?”, and indeed I can’t remember doing so before.

I needed it’s properties, so I could write a record of an API call to a logfile (but minus sensitive info like the API keys).  These were indeed removed from the log, unfortunately all the REST calls stopped working and it took a while to realise why.  get_object_vars (which chucks the properties in an array and leaves the original object intact) was what I should have used.

Note objects are passed as pointers, not as references, as explained in great detail here (read the comments.)

Tip: Firefox address bar, avoiding phishing scams

Paul Moore tweeted this demonstration of a rather devious phishing scam earlier, where someone has taken advantage of the fact a capital I can look virtually identical to a lower-case L in sans-serif fonts* (and therefore a hacker can register a domain with the incorrect spelling and provide a link that tricks people.). Letters can also be paired: an adjacent r and n make a convincing m if you’re not looking closely.

There is some protection in browsers against this nowadays: as soon as you press return (though not as you type or paste the URL in) the entire address is converted to lower case. In Firefox, the domain is highlighted in black while the rest – including, crucially, any subdomains that precede it – is greyed out, providing a further hint to the site’s real identity.

It’s common for phishing scams to use multiple subdomains to make you think you’re on the genuine site – e.g

You can go a step further.  The Firefox address bar can be customised via the userChrome.css CSS file –on a Mac you need to go to ~/Library/Application Support/Firefox/Profiles/[your profile]/chrome and create a copy based on userChrome-example.css

Add the following and restart:

#urlbar {
    font-size: 21px !important;
    font-family: serif !important;

This will make the font bigger and use the default serif font rather than a sans-serif one.  I and L are easy to distinguish and, for web developers, having a larger typeface probably helps, regardless of how good your eyesight is – we look at URLs more often than most people, after all. It ought to reduce the number of typos you make.

Firefox address bar

There are Add-ons that do similar things if you don’t want to write your own CSS.

GDS, the Government Digital Service, use a specially designed sans-serif font called New Transport based on Kinneir and Calvert’s work on British road signs.  Note the legibility clues, especially the curve at the bottom of the lower-case L.

Over time we’ve recognised text inputs are better when they’re bigger and made it easier for users to change the zoom level, but the address bar has remained resolutely small and in a font that’s not as legible as it might be. Perhaps we should fix that.

* It can happen the other way round too (in this case it was Sky’s fault for forcing a screenshot into the wrong aspect ratio, making a lower-case L slightly fatter and easily mistaken for a lower-case I, particular after it’s been bounced sent through the vision mixer and the presenter has to read it off a screen several metres away.)

Apple launch Safari “Technology Preview”

Equivalent to Chrome Canary and Firefox Developer Edition. Fortnightly updates. Requires 10.11.4 (El Capitan).  New features that interest me:  javascript-based clipboard cut and copy (not paste) and improved Content Security Policy support.

What’s encouraging is this may mean Apple are allocating greater resources to Safari development.