Blog

FillLPG for Android is dead .. long live FillLPG for Android

TLDR; The FillLPG for Android app has reached end of life and no further development or maintenance will be undertaken. It will remain in the Play Store for as long as the third-party FillLPG website remains online but I have no control over that.

The FillLPG for Android app was initially developed to scratch an itch – I had an LPG powered vehicle (I don’t anymore) and had stumbled on to the FillLPG website. I responded to a request from the website owner for someone to write a mobile and thought it would be a good little project to get started in this arena.

It has proved itself to be just that, initially written in Java and then migrated to C# using Xamarin this little app has helped me keep my skill levels up – or at least it did.

Background

First, a little background on how the app actually works (don’t panic, nothing too technical).

One thing to bear in mind here is that the FillLPG website is nothing to do with me or On The Fence Development. I have no access to the source code, database or server it is running on. I only have access to a specified data feed from the site.

The Android app contacts the FillLPG website for all its data and also sends updates back to the main website. The website database is what we call ‘the single source of truth’ and does not, in any way belong to me or On The Fence Development Ltd.

The app cannot display data that may exist on the website but which the website does not expose via the data feed, e.g. opening hours. This feature has been requested many, many times and I have passed these requests to the FillLPG website developer but the data has never been included in the payload sent to the app. If it’s not in the payload, the app can’t display it – simple as that.

So, basically the app is just a portal into selected data from the main website – that’s it. It fetches data from it and posts data back to it.

Now, the FillLPG website also has an ‘Ideas’ board where users can send feature requests etc and this was quite active with some useful ideas coming in, including the ability to indicate stations that were Disabled Friendly or had ‘Safefill’ facilities. Great ideas but unfortunately they were never implemented by the website so the app cannot display this information.

Previously Planned Development

In a previous post I mentioned starting development a new version of the app and even an iOS version being in the pipeline. Well I’m sorry to say that the investigations into this have partly led me to the decision to cease development altogether.

The problem is that I do not control the data or the service that provides it. On top of that there have been numerous unsuccessful attempts to contact the FillLPG website developer over the past year or two. How can I commit time to the development of apps which is heavily reliant on a system I have no control over and could shut down at any time?

I was considering the creation of an ‘intermediate’ webservice that would pull data from the FillLPG website in the same way that the app currently does. This would be stored in a new database under my control. I could then add new data fields for the features requested on the Ideas board. The app would then connect to this new webservice for it’s data.

The problem here is that this is not my data to do as I please with – that’s not the agreement I have with the developer of the FillLPG website. I also would not have user data so if the FillLPG website went away then I’d still have problems.

The straw the broke the camels back

My decision to cease any further development and maintenance was reinforced last night when I received an email from a disgruntled user:

Hi, now 6 weeks or so since I last contacted you regarding FillLpg app, and nothing seems to have changed, still “unable to connect to FillLpg Web Servers” whenever you try to update. Seems that the app is getting useless as it now quite out-of-date given the number of lpg stations closing down, shame really, it WAS pretty good and useful.

Update [22/12/2018]: I think it is only fair to point out that this user subsequently contacted me to let me know that he had located the problem and that it was nothing to do with the app. It turns out it was AdGuard which was blocking the apps access to the internet. A quick configuration update and he was back up and running.

This is typical of the emails I receive regarding the app and reviews submitted to the Play Store – although some of the 8500+ active users do take the time to leave a positive review (but not many).

Receiving 1 star reviews for problems that I have no control over is very frustrating but then I suppose the app is out there and the Play Store has a mechanism for review/feedback so it takes the hit, not the website that is feeding it or the FillLPG community that is maintaining the data.

Going forward

Consider what would happen if the FillLPG site was taken offline – permanently or temporarily. The app would have no access to the database to fetch or update station details.

As it stands the domain registration only runs until mid-June next year so if the current owner doesn’t renew it then the site will essentially fall off the internet. If that comes to pass then I will pull the app from the store as there would clearly be no point in its existence.

For now there are over 1700 stations reaching from the UK into Europe and beyond and over 500 prices have been updated in the last 30 days. People are clearly finding the app useful. So the app will remain in the Play Store and any future reviews will just get a link to this post. Whether they read it or not is down to them.

Your app does not support Andorid Pie!

I receive a lot of SPAM regarding the FillLPG mobile app, mainly offering to increase my install numbers and ratings, but today new approach appeared in my Inbox.

Screenshot showing email in mobile client

Hi there,

I was reviewing your app FillLPG – LPG Station Finder, and it looks great. But it appears the app does not support new Android Pie.  Without it, more than half of the users cannot use the app properly. I am an app developer and I can update your app in a couple of days if you want.

Thanks

Jon

It may not be obvious but this is just SPAM, sent by a bot and I doubt that anyone called ‘Jon’  is actually involved in the process, let alone reviewing my app.

The reason I can be so sure of that is threefold:

  1. The app does support Android Pie – or rather Android Pie supports it! As it stands the app doesn’t use any features that require this level of the SDK so doesn’t need any special coding. I have a Google Pixel 2 XL, running Android Pie, and it’s been running the app fine for months.
  2. The claim that ‘more then half of the users cannot use the app properly‘ is obviously targeted at people who are not in the mobile development space. Looking an the Android distribution dashboard it is clear the Android Pie is still in it’s infancy – with a distribution of less than 0.1% it doesn’t even make it onto the chart! Not surprising when only a small handful of phones, including the Pixel 2/XL, are actually running it.
  3. Finally, the email says that the app ‘looks great’ – which, I’m afraid to say, it doesn’t! It looks dated and is in need of an overhaul (which is on the cards in the New Year). Maybe the email is just trying to appeal to my ego – but then again I doubt it.

So yet another scam email trying to fleece the unwary of ‘a couple of days’ of development time for some questionable updated along with, undoubtedly, the loss of control of their source code and God only knows what hidden costs.

I obviously didn’t respond but there are plenty of apps out there that have been written for companies with no internal development resource and these are the real targets of this type of scam. I’ve written apps for a number of clients in this situation.

Using the ‘scatter-gun’ approach they are bound to find a few unwary app owners out there who may just be taken in by this. And herein lies the problem – to make this kind of thing worthwhile when the response will be quite low, the returns need to be high from each victim!

Caveat Emptor!

PersonalEncrypter – New and Improved

A couple of months ago I updated the PersonalCLI project to remove information leakage in the form of the original filename of the encrypted data. In my original post about this project I eluded to updating it to move away from the Microsoft encryption libraries and to implement the libSodium library instead.

Well, I’m happy to say that I’ve found some time to do this and moved to .NET Standard at the same time – yep, the future is here.

The initial project was really a quick and dirty exercise to demonstrate the ease with which these applications can be developed. It didn’t really lend itself well for extension – it was only meant to be a proof of concept after all.

In the new project I have created a class library to handle the mechanics of the encryption and a separate project for the CLI. There is also a skeleton project for a UWP desktop application which I’m currently working on (and committed in error – but hey, I’m only human). The UWP application will be initially aimed at Windows 10 but the ultimate aim to for a version of this project to be installable on just about any platform, e.g. Mac, Linux, iOS and Android.

Note: The libSodium project uses a different encryption algorithm to the Microsoft libraries so it will require a new key pair to be generated.

So, I’m now working on the UWP application which may even find it’s way onto the Microsoft Store (if they’ll have it) – afterall, that’s the aim isn’t it – to get encryption into the hands of the masses so that they can have some semblance of privacy.

I’ll be pushing updates to the public Github repo and announcing major milestones here so …… watch this space!

Online Tool of the Month – FakeNumber.org

I don’t know about you but I get a little hacked off when I want to sign up for a simple something but have to give up so much of my personal data that I sometimes just look elsewhere.

Now I’m not talking about my name or even my email address, but why would a service want my home address when I’m not going to be sent any physical goods or my telephone number …. at all? Depending on the service/company I may see the need for this information and will provide it if it is really needed – but a lot of the time this information is just going to be sold on or used for sales calls that I neither signed up for or wanted.

With email it’s quite easy and like many people I may use email aliases on my domain, e.g. randomname@onthefencedevelopment.com when I know I’m going to receive relevant emails and randomname@mailinator.com when I know it’s pretty much just an activation email or whitepaper link that will be sent.

I can make up a postal address which will actually go nowhere (I have actually used the address of the company I’m subscribing too in the past) but what about the phone number?

Well, I could just spin one of the top of my head but what about the poor devil who may be at the end of that random, but valid, number?

Well, that’s where Fake Number comes in.

Using this simple tool you can generate numbers which are guaranteed to be non-working (but will pass any format validations that a site may implement).

You can generate numbers for US, UK, Canada, Australia, Hungary and Iceland.

Depending on the country you can generate landline, mobile or freephone numbers and know that they are not going to end up with someone being swamped with called because your data was sold on.

On The Fence Development – What’s All That About Then?

I’ve been contracting for over seven years now and during that time I’ve had  a number of clients, friends fellow contractors ask me “…why ‘On The Fence‘? What’s that all about??”.

Ignoring the fact that the blog I initially hosted on this domain was about my experiences with Linux and Open Source while working day to day as a .NET Developer using Windows, I think that the name fits – it’s all about not putting all your eggs in one basket as it were.

I think that there is quite a wide line between trying to be a ‘Jack of All Trades’ and a ‘One Trick Pony’ and as a Contractor I think that this is a good place to be.

Some will disagree, Jon Sonmez of Simple Programmer certainly advocates specialising and he’s retired in his 30’s so maybe I’m the one who’s wrong here. But while I can see the merits in this approach and it worked out well for Jon, I don’t think that being ‘the expert in the Xamarin.Forms Grid control‘ is going to get me that far (that’s not to say that the Grid control is a trivial thing of course).

I also don’t think that trying to be a Guru in Desktop, Web and Mobile development  is viable either. We all know that this would be virtually impossible to achieve with the technology shifting under us all the time.

I do however think that to be a viable option as a contractor you need a good foundation knowledge, spread of skills across various technologies and a desire to learn as you go (let’s face it – nobody can know it all).

So that’s what I aim for.

I have experience with Desktop development using WinForms, WPF and am starting to look at UWP.

On the Web development front I am currently working with a client who has an ASP.NET WebForms application and another using MVC while a freelance project has me ramping up on ASP.NET MVC Core development on a Linux host.

With Mobile development I am all Xamarin, whether it’s the native flavours for Android and iOS or Xamarin.Forms. Hooking these up to Azure (or ASP.NET WebAPI Core) backend is also within my skillset.

I’m always looking to keep my skills up to date, while able to support existing deployments using older technologies – and even migrate them forwards should that be the desire.

Online Tool of the Month – unminify.com

Minification and bundling of Javascript and CSS files is obviously a good idea when you are deploying your websites to production – but if you want to use a third-party, minified, resource and want/need to look at the unminified version – it can be a bit of a pain.

I recently purchased a theme for a website which came as a set of CSS, Javascript and image files. There were a number of pages which demonstrated the theme and it was pretty much what I wanted – but not quite, I needed to make a few very minor changes.

These changes were limited to styles which specified ‘hero blocks’ with image backgrounds. I didn’t need a block with an aircraft in the background – I needed one with a camper van.

Now I could have simply renamed my images to match the existing assets, but when they are called something like ‘airplane_x500.png‘ I don’t think that’s a great idea. I certainly would not do it in code – create a class file called airplane.cs and implement a camper van inside it!

So, I needed to update the CSS – and herein lies the rub. The CSS file in question was minified (others did have the original version in the bundle – this one did not).

I could have contacted the designer and request the unminified asset but I really didn’t want to go through the hassle of this with no guarantee of receiving the file.

Enter Unminify.com, a simple website which does exactly what it says it’s going to to – take minified resources and reverse the minification process.

The UI is pretty simple and self explanatory – simply paste your minified text into the central text area….

… click the Unminify button …

Job Done 🙂

Online Tool of the Month – SelfSignedCertificate

In this day and age everything needs to be encrypted to prevent nefarious access to our data. Whether it’s our banking or medical records, our online email inboxes or our browsing and searching habits.

So, when developing websites or APIs I always start with an SSL enabled configuration – and in Visual Studio that’s a pretty easy thing to do, it’s just a checkbox really.

When deploying websites to production servers I, like millions of others, use LetsEncrypt to generate and renew my SSL certificates.

But what about that gap between Development and Production? I am of course talking about ‘Test Servers’.

I’m currently working on a few ASP.NET Core projects that will ultimately be deployed to Linux servers and in order to test this type of deployment I normally like to use a Virtual Machine (VM). This give me good flexibility and allows me to deploy to locally hosted systems with the ability to easily rollback configuration changes etc through the use of snapshots.

But what about the SSL certificate? I can’t use LetsEncrypt because the VM won’t be externally accessible for their system to interogate and validate. What I need is a Self Signed Certficate that I can install on my development system and the VM.

With a Self Signed Certificate in place I can deploy and test my software using SSL thus ensuring that the Test environment matches Production and that there are no sneaky bugs loitering around.

Now – you can use a Powershell command like this:

New-SelfSignedCertificate -DnsName "www.onthefencedevelopment.com" -CertStoreLocation "cert:LocalMachineMy"

Or an OpenSSL command like this (if you have OpenSSL installed):

openssl req -x509 -newkey rsa:4096 -sha256 -keyout mysecurecerti.key -out mysecurecertificate.crt -subj “/CN=onthefencedevelopment.com” -days 600

But do you really want to have to look up all the command line parameters every time you need a certificate? Of course not.

Enter the Self Signed Certificate Generator (https://www.selfsignedcertificate.com/) which will generate a suitable certificate with a single click on the mouse.

Simply navigate to https://www.selfsignedcertificate.com and enter the domain you want to generate the certificate for and click the big green Generate button.

The tool will then display a page allowing you to download the certificate and key files as well as providing additional information about configuring the Apache web server to use the new certificate and how to generate the same certificate from the command line (if you really wanted to).

Now, assuming that you have configured your system recognise the domain, e.g. edited your hosts file, and even though your web browser will complain that it cannot verify the origin of the certificate you should be able to navigate to your website using HTTPS, e.g. https://mytestsite.onthefencedevelopment.com, and it should work just fine.

If you really wanted to keep your browser happy you can export the certificate via the browser and import it into your local certificate store. There are plenty of tutorials out there on how to do this but this one is as good as any other I’ve found.

So there you have it – generating Self Signed Certificates the easy way.

Personal Encryptor CLI v1.1.0 Released

It’s been a good seven months since I released the initial version of the PersonalEncryptorCLI project and in that time I’ve had more than a handful of emails asking me about the utility. Most of these were asking if I could/would be creating a Desktop version, i.e. something with a GUI. It seems only geeks like the Command Line – who knew 😉

Well the answer is yes, but I needed to clear the remaining issue that I had identified with version 1.0.0 – the need for the recipient to know the context of the encrypted content, i.e. whether it was a text file, an image or a Word document.

This was due to the initial release of the utility requiring the filename to be specified during the decryption process – including it’s extension. Now, if the user didn’t know that it was a Word document, how would they know to specify a filename with a .docx (or .doc) extension?

Sure, the sender could include that in the email (or some other mechanism) but this is information leakage and this could potentially assist so-called ‘bad actors’ in determining the contents – regardless of whether they would access the actual contents or not.

Well, today I managed to get a couple of hours to test update the code to include the original filename in the Encrypted Packet (the value being encrypted of course). During the decryption process this value is extracted and used to create the file for the decrypted data to be written to.

There have been a couple of tweaks to the project Readme.md file to handled the changes to the command line options for the decryption operation but it’s fairly trivial – just dropping the filename from the output path parameter.

“But what if I have encrypted packages that were created with the previous version – which don’t contain the filename?”

Don’t fret – I have a few of these too so the code will use a temporary filename in this instance (hopefully you remembered/know what the file was!).

I’ll be decrypting my now-legacy data and re-encrypting with the new version of the utility – you may want to do the same 😉

You can access the main project page here or the new 1.1.0 release here.

Now that the desks are clear – I can turn my attention to the Desktop client which may or may not look something like this:

Another Xamarin Forms app about to hit the App/Play Stores

Smite is a wooden garden game based on a Northern European game and played around the world.

If you think of a combination of skittles and boules you’ll be pretty much there – but not quite, there are a few twists.

Each player will take turns to throw a wooden ‘smitter’ at 10 numbered wooden pins, arranged in a similar manner to those in 10 pin bowling.

  • Knock over a single pin and you score the number on that pin.
  • Knock over two or more pins and you score the number of pins that fall; knock over four pins and you score four points.
  • Before the next players turn the pins are stood back up but remain where they fell, they are not returned to their original location.
  • Miss all the pins three turns in a row and you are ‘smitten’ and out of the game.
  • If any players score exceeds 50 points they are returned to 25..!
  • When a player scores exactly 50 points the game will end when the round completes – all remaining players will complete the round. There can be more than one winner!

It sounds simple but when the pins start to spread out the game becomes much harder – I can personally attest to this, as can many members of my family..!

Keeping score is not difficult but games can go on longer than expected and you soon find yourself scrabbling around for scraps of paper to continue the scoring.

Having run out of paper on many occasions I decided to create a simple app to keep score and apply the simple rules above. The ability to take player photos to use as avatars and ensuring that game state is saved when the app is backgrounded (lunch and dinner frequently interrupt a ‘a few quick games of Smite’) add some nice functionality and coding challenges.

Written using Xamarin.Forms there are Android and iOS versions of the app with around 95% of the code being shared – only a couple of small platform specific classes were required.

I currently have a few testers looking at the release candidate version – with a few more being recruited at the upcoming Smite World Championships.

It’s a pretty straightforward app and nowhere near as complicated as the likes of my other apps, FillLPG or Motorhome Stopover, but I fully expect to have a few bugs to fix and features to add.

Online Tool of the Month – ExtensionMethod.Net

OK – not really a tool, more of a resource but I hope you will like it.

As you may know my language of choice is C# and since version 3.0 developers have been able to add functionality to existing types without actually modifying the type itself by using Extension Methods.

We are all used to the String methods such as ToUpper() and ToLower() – but what if you wanted to truncate a string to a specified length and apply a ‘…’ suffix?

Well, you could of course write a private method in the class you want to perform this operation or create a static class with static methods to do the job for you. Both perfectly valid ways of achieving the same result but extension methods are somewhat cleaner in my opinion (if you ignore the ‘they are’t object oriented’ argument).

Now you can read all about Extension Methods using the above link but as with things like RegEx, there is not always a need to reinvent the wheel and the ExtensionMethod.Net website is basically a collection of user submitted methods which address common needs (or even the not so-common ones).

The site isn’t limited to just C# methods either – there are submissions for VB, F#, Swift, Kotlin and Javascript.

You can search or filter the methods by language, target object (e.g. System.String) and author.

Once you have found something you like you can view the code and, most of the time, see usage examples.

From there it is just a quick copy/paste to bring the code into your project – where you will more than likely want to tweak it slightly (because that’s what we do right?) and you’re good to go.

N.B. If you like the sound of the ‘Truncate’ method I mentioned above, you can find it here.