The rewrite is live!

All right, I finally dotted the last i (robust data import from v1) and crossed the last t (automated database backups), so last night I finally cut over Eardogger.com to the rewritten version, which is cheerfully chugging away in shared hosting.

You basically will not notice a difference!! Which was kind of the goal. All your stuff is right where you left it. But for the record, here's what's actually changed:

• I had to log everyone out, as a one-time disruption. Pardon the dust.
• Dark mode!!! It's strictly automatic, so if your device is in dark mode then so is Eardogger.
• New controls on the account page: Change/delete email, remote logout, and delete account.
• If you had an ancient non-personal bookmarklet that was still somehow working in fast mode... sorry, please generate a new one. 😓 I disabled cookie auth for bookmarklets because it stopped working in a bunch of places anyway, and dropping it made things simpler and more secure, so bookmarklets have to use token auth now. Any bookmarklets generated since late 2021 are unaffected.
• I tightened up some dank web security stuff, adding anti-CSRF protections to all the "plain" web forms. It wasn't really a useful attack vector for this site, but, good practice anyway.

...I think that's all of it, in terms of anything externally visible. Most of the effort was in learning multiple new toolkits, making all behaviors match my existing test cases (thanks for the tests, Past Nick!), and doing from-scratch implementations of a couple things I was previously using off-the-shelf libraries for (login and session management).

What's the payoff? Well, ask me again in four years. But also, the toolkit I used for all this is pretty rad, and I think it's gonna empower me to do some interesting little projects over the next couple years. For example, I found myself wanting a dead-man's switch of some kind for monitoring my automatic backups, and it occurred to me I could actually build something pretty simple that reports weekly summaries to my RSS reader, using a bunch of the same ingredients.

One thing I'd really like to know more about is how widespread fcgi support actually is, among old-school web hosting providers. I reached for it because I knew it was enabled by default on my host, so it's perfect for my own shit, but I'd want to know the lay of the land better before trying to ship reusable software that exploits it. Like, I had an idea to try and make a lightweight webcomic CMS, but that's only interesting if people can actually RUN it, you know? Anyway, this sounds like an utterly frustrating research project that I'm likely to put off as long as possible.