Archive for the 'General' Category

Switching from Scriptalicious to Mootools

Recently, I inherited a website that was using Scriptalicious and the Prototype.js libraries, Asylum.com. Unfortunately, the larger group that I work for has standardized on Mootools. Because the site was built by contractors, and not internally, no guidelines on a JavaScript framework were communicated to the contracting company.

After inheriting the site, I found no immediate need to switch to Mootools. But as the business development team began adding features to the site, and wanting to integrate features available from the other AOL Entertainment sites (AOL Music, AOL TV and Moviefone), it became necessary to reconcile the JS library differences between sites.

As you probably already know, Scriptalicious & Prototype.js cannot co-exist with Mootools. There are many reason why this is, but the main concern is the conflict in name space. Both Scriptalicious and Mootools utilize the $() functionality as well as many other similarities that cause these libraries to not play well together.

My first priority was identifying what was going to break if Scriptalicious was removed. Step one was contacting the contractors who wrote the code in order to provide some background. With their help and a simple text search, I identified 15 functions that were relying on Scriptalicious. Not horrible, but easily a week’s worth of work. I would have to rewrite or convert these functions in order to provide the exact same functionality. Additionally, there was the opportunity to make some minor tweaks that would improve the user experience.

I wanted to utilize Mootools classes so that my rewrite to Mootools would be reusable for other members of the AOL Entertainment Front End Development [FED] team.

Typically, including half-a-dozen or more, independent, JavaScript class files (broken down one class per file) would be unwieldy and highly undesirable. However, AOL has written an amazing backend process that concatenates individual files into a single object that is stored on our Content Distribution Network [CDN]. Apache offers a similar plugin called mod_concat written by Ian Holsman. AOL calls its proprietary functionality the merge tool.

With this powerful tool, Front End Developers can breakup JavaScript (and CSS) files into easily readable, and highly specific files without fear of adding overhead to page load times.

With these tools (Mootools and the merge tool) I would be able use a Java-like approach for development. Perfect, now to the details. It was my goal to not require any HTML markup changes. I was determined to only need to switch the JavaScript functionality. As always, this was easier said than done.

I decided to work on the most complex features first. There is a promotional slider at the top of the page that uses a tween effect to move the CSS left position. I wrote this tween class to provide the same functionality.

The second piece is an Ajax style menu flyout. In the original implementation, it was possible for multiple instances of the flyout to be created. I attempted to resolve this by tying the flyout to an Id and looking for that Ids existence. If it’s already created, use it, otherwise create it. It’s not bulletproof, but it prevents multiple appearances of the menu. I also used the Element.store() method that is new to Mootools 1.2. It’s very cool and very fast. Read more about Element Storage here.You can find my class here.

The third class I created is very specific to the blogging software we use. I’ll spare you the details.

Much of the other code was extremely specific to the Asylum design and did not necessitate the creation of a Mootools class. Head over to asylum.com and check out the changes, if you have been before you probably cannot tell a difference - that’s the point - but now I have something I can build on!

Published
by
gregory
on September 3, 2008
in General, JavaScript and Mootools
. Comments

Open or Create a file in Terminal to Coda

I have recently started using Coda by Panic (the people who make Transmit). I have to say I really like it. I have been a die hard BBEdit fan for years and was hesitant to make the switch. However, a co-worker was talking up Coda and mentioned that it had auto-complete - a feature that has been sorely lacking from BBEdit.

The switch turned out to be fairly painless. One feature that I really missed from BBEdit was the ability to create or open files from the command line simply by invoking the following

$: bbedit -c myFileToOpen

Sadly, Coda didn’t appear to have the same functionality. I contacted the Coda team, they liked the idea and planned to look into it, but I am way too impatient to wait. In the meantime, I decided to write my own little bash script that I named ‘coda’

#! /bin/bash
if [ "$1" = "" ]; then
	echo “Please specify a file to open or create”
	exit 0
else
	for ARG in $*
		do
    	            touch -a $ARG && open -a Coda $ARG
		done
	exit 0
fi

By using touch, I am able to create a file if it doesn’t exist. I pass the ‘a’ argument, but not the ‘m’ argument so the timestamp doesn’t change for already existing files. After touch works its magic, the open command opens the file in Coda. I am running a for loop over the list of arguments in order to allow a list of files or a wildcard as well as a single file to be passed into the script. Sweetness! I threw this little script in my bin folder and set it to executable using chmod +x. Using the script looks like this

$: coda myFileToOpenOrCreate
$: coda *.txt

Published
by
gregory
on August 30, 2008
in *nix, General and Projects
. Comments

Daffodil Shop Launches

For almost a year now I have been speaking with my godmother about doing a website where she can sell her crafts. And I happy to announce the site launched on Sunday. Check out daffodilshop.com.

We have yet to really drive any traffic into the site, but I think it turned out well. The site uses a great Wordpress plugin I found called WP e-Commerce. It integrates with Google Checkout as well as PayPal, making the job a snap.

Published
by
gregory
on August 18, 2008
in General and Projects
. Comments

How Effective is Your Website?

The Institute for Dynamic Educational Advancement [IDEA] recently completed a study regarding online experiences. The report is an excellent read. The three groups surveyed were non-for-profits, designers and visitors (the general public). Although commercial businesses were not directly included in the survery, it’s still a great analysis on how user’s perceive web interactions and what visitors expect in their online experience.

By at least one point on a five-point scale, visitors have higher expectations of effectiveness than designers

An effective site was measured by three indicators. User enjoyment, relative ease of finding information on the site and users ability to navigate. Effective sites provided an enjoyable experience, allowed easy access to information and kept users from getting lost inside the site.

Regarding navigability, the study suggests that designers have an inherent misperception that their designs are understandable and easy to use, but the general public felt otherwise. Site visitors wanted sites to provide “personal navigation aid”, essentially a site concierge in order to help users find content quickly and easily. 

Other interesting findings in the study are that designers are too optimistic about visitors ability to maintain orientation within a site. Also, the general public considers the entire World Wide Web an information source rather than a particular website.

Overwhelmingly, visitors want their information fast. There is nothing new about this idea, people want their information quickly. Most organizations with sophisticated enough tracking software understand user bailout. However, in the age of broadband, designers and developers are often undeterred to build bloated, slow experiences claiming it will provide a richer user experience. Additionally, designers claim connection speeds are already fast and getting faster, the general public does not share these views.

Amazingly, the study did not pose a question regarding speed of access. It found speed of access was important to visitors through the typed comment area.

I encourage everyone to read and refer to this report, here is the link again.

Direct link to the complete study [pdf]

Published
by
gregory
on July 23, 2008
in General
. Comments

Sorry, I have a meeting

The mighty meeting, great time suck or critical ally in staying a project’s course?

As a junior employee at my first job after college I was rarely, if ever, invited to meetings. After a few months of work this changed. First, it was the morning meeting. This meeting ensured all team members were focused on the goals for that day.

As my responsibilities changed from daily work to long term / special projects I started attending kickoff meetings and project status meetings in addition to the morning meeting. For the most part, these meetings were necessary to keep management apprised of my status. Around the same time, co-workers started realizing I could help them get their ‘pet’ projects into production, which brought on more meetings. These extra meetings, often called by one co-worker that I didn’t directly report too, usually consisted of a lot of “what-if” type comments and “wouldn’t it be neat” ideas. 

After a few of these meetings, the manager I reported to called me into his/her office and informed me that I worked for him/her and not to spend my time on requests that did not come from him/her. This made sense, but it didn’t stop the extra meetings.

A manager told me at a later job, “Meetings are a tool for people to justify their existence”.

By the end of my tenure at my first job, my calendar contained many meeting requests, which I always attended, but they didn’t do much to enrich or enlighten me.

As I moved into my second job, I tried to stay off the meeting radar as much as possible. I had an amazing manager who asked his team to attend project kickoff meetings in person and take additional ones over-the-phone. Brilliant, I could tune into the meeting when needed and focus on coding the majority of the time. Sadly, this made meetings longer. Co-workers asked me questions, but I would be only halfway listening. This necessitated that the question be repeated, which slowed the meeting’s pace. 

After a marathon install call of 9 hours, the over-the-phone meetings fell by the wayside. My company was trying out a new way of practicing agile development. It was called the scrum meeting. The idea was short daily meetings to keep the team on the same page. The new meeting format also came with a new practice of product management writing brief project requirements. The real beauty of the meeting, developers could ask senior product managers exactly how they wanted specific features to work. 

For instance, when we were building the comments module, we asked simple questions. How should the comments be sorted? Should the newest be at the top or the bottom? Should comments be threaded? Should character limits be enabled on comments? The development staff had the ear of the product lead and our questions could be answered in seconds. 

When primary development ended, and went to Quality Assurance [QA], the meeting dynamic began to change dramatically. QA had bugs we needed to fix, developers had questions about bugs and the product team needed to make sure the project was on schedule, which makes sense. The meetings were painful, but they were critical to a timely launch.

The real issue was when these scrums went on for months. It formed a long term pattern that began to wear on all parties involved. 

After a few months, meetings had become so numerous and long people began proposing ideas to curb the sheer number of meetings. My favorite suggestion was the monthly meeting budget. The project management team and product team would be allowed a certain number of hours for meetings per employee. Obviously management and upper management would need larger allocations than developers and junior employees, but it’s a sound concept.

Other ideas included meeting length limits. Meetings could only be 15 minutes long. Many employees were willing to try anything in order to avoid 2 hour long meetings where they were only needed or engaged for 3 minutes.

As you probably guessed, these ideas were never implemented. Within a few months, I decided to leave corporate life in favor of a startup. Startups are nice, if you only have 3 employees in your company, meetings are very short and informal. If you work for an organization larger than 15 people, meetings are going to be a necessary evil, but how do we keep that evil in check. The following are some of my thoughts.

Untie Employee Value from Meetings.

As I wrote earlier in this piece, some employees use meetings as a way to justify their existence in the company. In quarterly reviews, total meeting time should be treated like a golf score, the lower the better. Now, this won’t always help to alleviate lengthy meetings, but it will keep employees attending as few meetings as possible. Meeting times should also be cross referenced with the number of project launches an employee has had over the previous quarter. If the number of successful launches is low and the number of meeting hours is high, something is dysfunctional. 

Keep Required Attendees At Meetings Low.

Everyone and their mother does not need to be at project meetings. More people means more chit-chat. Meetings aren’t the time to catch up with friends, save that for lunch and happy hour. 

Embrace Web 2.0.

Use wikis to communicate project details. Encourage developers to share their work early and often. This mentality goes hand-in-hand with the “don’t worry, be crappy” and launch  early-and-often development philosophies. The web is constantly changing. New web products need to be introduced to a community of users as soon as they are ready in order to get valuable feedback. Don’t allow teams to be a black box, transparency is important both internally and externally.

Know Your Employees, Know Your Project.

Project managers and managers should keep on eye on employee activity at meetings. If employees are bringing in laptops and ‘zoning out’ then they don’t need to be present. This doesn’t mean if employees don’t have something to say they aren’t needed, but if they aren’t listening and aren’t speaking they aren’t needed.

Trust Your Team.

This should go without saying, but I have seen inexperienced managers hovering over employee progress. If employees aren’t self-starters or aren’t living up to expectations it needs to be dealt with in other ways than micro managing. A manager’s greatest asset is his/her team. Let employees spread their wings and fly, good things will come or the unproductive employee will have to be addressed.

These tips won’t work for all projects. They are just a few ideas on making meetings less important than the projects. I have limited experience as a manager, but I have had plenty of managers and I know what I like and what I hate. What are your thoughts on handling meetings?


Published
by
gregory
on July 10, 2008
in General and Projects
. Comment

SVN Burned

I am in my last week at my current job. It’s time to check-in all the little projects and tweaks that are currently unfinished, or not ready for prime-time, into Subversion. My main concern, like that of any conscientious developer, is that I don’t totally pollute the head of the main repository with tweaks the rest of the team may not want to implement for days, weeks or ever.

I pulled out my SVN manual (svn help via Terminal) and started hunting for the perfect command. I needed something that would allow me to change my current working repository to a branch in the same repository. I have never needed to do this before so it was definitely going to be a learning experience. 

There are many svn commands, I count 30. My favorite is ’svn blame’ though I have never had the opportunity to use it, I just love the name. 

I found my command, ’svn switch’, and ran ’svn switch -h’ to get more information on it. You can find the same info here. I found exactly what I was looking for:

Update the working copy to mirror a new URL within the repository. This behaviour is similar to ’svn update’, and is the way to move a working copy to a branch or tag within the same repository.

Simple enough, I just needed to switch over to the branch and check-in my changes. Sadly, it didn’t go down quite that easy.

After I ran the ’svn switch’ command, svn stopped abruptly and complained that one of the files I had in my working copy had been deleted from the main repository. To verify this I checked out a totally separate instance of the project and discovered that the file had been deleted then restored in the same location with the same name. Subversion was unable to comprehend this and threw an error.

To verify if the switch command had been successful, I ran ’svn info’ in the root directory of the project and the other folders I had been making edits. I determined that the switch had been successful. The URL indicated my branch, which seemed reasonable, so I proceeded to check-in my files.

Later that day, a co-worker was getting ready to push a few small enhancements to production and updated his working copy only to find all my minor tweaks and edits polluting the head, and now his working copy. Holy crap, that’s a problem! I knew I had switched to the branch, so how had my changes magically shown up in the head of the repository?

I began combing the repository history and also searching on Google. The command I was using, ’svn switch’, runs as recursive by default. Plus, I had verified that the subdirectories’ URL had changed to the branch. After I restored the trunk to the planned and wanted revision, I took a deeper look at the problem.

It turns out that Subversion had switched many (but not all) of the folders to the branch. Also, it had not switched many of the files to the branch. Parts of my working copy were pointing to the trunk and parts of it were pointing to the branch. While this is a fairly cool and useful feature of Subversion, it’s not what I wanted in my situation.  

What I found even more perplexing is the files that had been switched to the branch were in no particular order. It was definitely not done in alphabetical order. I ran ’svn switch’ again on my working copy, which caused a little more confusion because files that had been commited into the trunk were now being deleted out of the branch. It was a fairly frustrating experience. Even more disappointing, this is not the first time myself or a co-worker has been burned by SVN.

At my next job, which is also an SVN shop, I plan to take a look at Git. I have looked at Git in the past, but because I was working in CVS or SVN shops, it seemed to painful to switch. However, a peer got me very excited about Git after running down some cool features. He also told me that Git has an SVN sync feature,  so you can use Git locally and still sync with a global SVN repository. I will save my experiences with Git for another post.

What’s your favorite revision control system?

Published
by
gregory
on July 8, 2008
in General, Projects and SVN
. Comments

Post Secret

During a recent happy hour, a friend told me about a site called PostSecret. It’s a collection of anonymous postcards where people divulge their secrets. The site is an extension of a book by Frank Warren called A Lifetime of Secrets: A PostSecret Book. The secrets are sometimes funny, sometimes sad, but always interesting, I found this one especially interesting, since I have ‘accidently’ given bad directions to tourist before, this one is just plain funny. 

Published
by
gregory
on June 28, 2008
in General
. Comments

Why Lev Grossman of TIME Is Wrong About WiFi Theft

In yet another totally sensational and incorrect article by TIME Magazine, Confessions of a Wi-Fi Thief, Lev Grossman expounds on the illegality of accessing unprotected wireless networks. The mere concept of this being illegal absolutely enraged me. Enough so to actually do some real research on the subject.

First off, let’s actually read this law that Lev cites. Title 18, Part 1, Chapter 47 of the United States Code, it doesn’t even to begin to cover wireless piggybacking. What it actually covers is the theft of data, whether it be personal or financial from government computers or other data that the government deems to be sensitive or a matter of national secuity. It does not in any way whatsoever make it illegal to piggyback off Internet connections.

This law is all about what data you access from a computer you aren’t authorized to use. So yes, if you piggyback on someone else’s wireless connection, and you actually steal private data, or attempt to extort that person or install a virus that causes damage, you are committing a crime, as to be expected. But if you just check your own email or surf the web for any publicly available data, you have NOT committed a crime. 

No wonder TIME and Lev didn’t bother to actually link to this law or cite how it applies. Instead Lev quickly moves on to the unethical nature of this activity. Let’s address the ethical issues later on.

So it’s definitely not theft. You aren’t depriving someone else of the use of their wireless router or signal. If anything, it’s trespassing, which is not theft. And frankly, WiFi Trespass isn’t nearly as sexy and sensational of a headline as the phrase WiFi Theft.

But let’s examine this trespass idea. Some will argue that accessing an unprotected network is like entering a house where the door is unlocked. I see it more as entering a piece of land that is private property, not a house per-say. 

In an article on Tech Dirt on the same subject, a fascinating discussion has been taking place. Readers have been arguing both sides of the issue with amazingly concise statements. An ‘Anonymous Coward’ wrote:

There are laws stating that if you want to enforce a “no trespassing” law on your property you must post highly visible signs all over the place.

This is totally correct. In order to enforce no trespassing, the landowner is the responsible party for clearly notifying a passerby of the landowner’s right to prevent that passerby’s access to said land. It is not the responsibility of the passerby to contact the landowner and find out if that land is open for public use. 

If you leave your wireless access point open and unprotected and allow it to freely broadcast it’s SSID, you are inviting people in.  And you are definitely not posting keep out / no-trespassing signs.

In my research, I was only able to discover one state, Michigan, where wireless piggybacking actually resulted in an arrest and successful prosecution, however, this was done under a Michigan law not a Federal law. The man, Sam Peterson II, charged and sentenced with this ‘crime’ received a fine and community service for the activity.  I also found a case of a 21 year old Alaskan man being arrested for wireless piggybacking, here, but I could not find any evidence that he was convicted of a crime.

The independent research Wood TV8 did after the Michigan man was charged uncovered this:

New York’s Westchester County is trying a different tack. Their local government said it’s up to WiFi subscribers to protect themselves against piggybackers

To date, no one has been successfully prosecuted for wireless piggybacking with the Federal law Lev cites. The example Lev uses is the one I linked to above in Michigan, though Lev incorrectly states it’s Cedar Springs, Mich, when it is really Sparta, Mich, or so I assume since the TIME article lacks even basic citation or links.

In Briton, at least one person have been successfully prosecuted for piggybacking on wireless connections. However, that is Briton, not the United States.

Now, onto the ethical implications of wireless piggybacking. I for one don’t find it in the least bit unethical. Many people I know intentionally leave their wireless access points open in order to ’share the love’ of Internet access. I personally choose not to keep my network open because of security and connection speed concerns. For many years, I left my wireless router open, but too many individuals piggybacking on my network caused it to slow to a crawl. The connection speed became so intolerably slow I was forced to close my network off from the public and neighbors. 

Whether your wireless access point is left open because you choose to share or your incapable of protecting it, it’s an open network and both strangers and friends should feel free to hop on your network and surf away.

Many thanks to Cornell for providing US Code and law online.

Published
by
gregory
on June 20, 2008
in General and Security
. Comments

Graph Jam

A friend sent me an awesome link to a site called Graph Jam. It’s very funny as well as a great time waster! Thanks Theresa, great find.

Published
by
gregory
on June 16, 2008
in General
. Comments

Here Are My Passwords!

With all these social networks asking for my email password in order to scrape my contact list, I thought I would just save hackers and would-be assailants the trouble and post a list of my passwords here for convenience. 

Okay, I want to be social. I want to play with the latest, coolest sites. But why on earth do all these Web2.0 developers have no clue about security and the fundamental rule, don’t share your password with anyone. There is an awesome post on this subject pertaining to Yelp here. And an even older post here

Down in the comments on the Coding Horror piece, a reader states that Gmail provides an API for gathering a user’s contacts. Sadly, it’s no help. While there is a contacts API in Gmail, you need to be authenticated to see it and authentication requires your password, so it’s no fix to the problem. I haven’t checked out the Yahoo! and Windows Live APIs because I don’t use those services. Maybe they have addressed this issue, but somehow I doubt it.

This whole password sharing roared back into my mind after recently joining ping.fm (currently in private beta) and I found them practicing a similar habit. Ping.fm wanted my passwords in order to provide updates to Plurk, Pownce, Linkedin and many more. I immediately voiced concern in the ping.fm forum. I was surprised to learn I was the first person to raise the issue.  Sean comforted me with that fact my passwords are heavily encrypted in their database and I can remove them at anytime. While this made me feel better, it’s still inherently flawed. 

When you join Facebook, they have a similar practice. Facebook asks for your email password in order to help find your friends. While Facebook should know better, at least their open development platform allows users to find their Facebook friends on other sites such as friendfeed by adding a small application specific to that site. You can find me on friendfeed here.

I’m just not sure who is more to blame, services such as ping.fm (sorry for picking on you Sean) who ask for passwords or services like Plurk and Twitter for not providing account level API only keys such as the one offered by Jaiku. As Sean pointed out in the forum discussion, it’s how these services build their APIs. And for those of us that are joining more social networks everyday, services, such as ping.fm, will have to exist in order to conveniently manage it all.

So Gmail, Yahoo!, Hotmail, Windows Live and AOL all need to get off their asses and build public APIs that allow me to access my contacts through a separate key other than my password. And sites like friendfeed, Plurk, Twitter, Yelp and Pownce need to follow Jaiku’s lead and provide an API key that is separate from my password. 

Here is that password list I promised.

  • thomas
  • arsenal
  • monkey
  • charlie
  • qwerty
  • 123456
  • letmein
  • liverpool
  • password
  • 123
Thanks to Modern Life for this list of Top 10 Most Common Passwords.
Published
by
gregory
on June 16, 2008
in General and Security
. Comments