MVC – Object Oriented Programming for the web

MVC (Model + View + Controller) architecture in web applications is not a new concept. It’s been around since 1979 and is widely in use around the web and was highly popularized with the growth of Rails.

When I was doing in Bachelor’s in Computer Science, I still remember trying to shift my brain from procedure oriented code to object oriented code and it took some practice to get my head around the concept (since the code would achieve the same result either way). I must not have realized or maybe my teachers didn’t drill the concept into my head enough, that OOP’s main point is to promote modularity and hence code reuse.

Regardless, after having to do the usual college projects like building an OS, writing an OpenGL app that emulates a train (that project is making me nostalgic and I probably haven’t seen the inside of the OpenGL Redbook since then), I managed to churn out a lot of object oriented code. After I graduated and started my first full-time job, working with ColdFusion (MX 6 at the time), I just got into the existing code methodology at my organization and continued to program mostly following a procedural pattern. ColdFusion had introduced OOP with MX6 and we used it occasionally in the form of custom tags (which does not compare to its capabilities today).

There have been many frameworks that promote the MVC pattern in Coldfusion in recent years but I finally took the dive with Framework/1 (aka FW/1) by Sean Corfield. I highly recommend FW/1 to any ColdFusion developer who is not using a framework or object oriented code. Even if you are developer using object-oriented code, a framework is worth taking a look at. There are many bloated frameworks out there which may be overkill for a small project or intimidating for developers new to frameworks, that’s why I recommend FW/1. Once you get familiar with the conventions, it is easy to use in any project you have (big or small). One advantage of the framework is that it provides a caching mechanism for your controllers and services. I will explain more of that in a bit. FW/1 pushes you to separate your code out into models, views and controllers. You can break the convention and Sean also encourages you to follow whatever makes you comfortable (although he frowns on breaking the MVC pattern). For instance, when I started, I wondered whether I had to use a bean factory (since FW/1 supports bean factories) and that would have been a bigger hurdle for me to cross but Sean encouraged to keep things as simple as possible (thanks for the advice Sean!).

In my first project, I strictly followed the FW/1 structure and good a deep understanding of how the services should work. After that project, I started creating my own models and calling it in real-time (because the FW/1 structure only queues service calls) and LOVED the framework even more. It is also quite easy to hack the framework.cfc (the core of FW/1) to make changes for your extraordinary needs. I also love the fact that it is hosted on GitHub which allows you to see others forks and makes it easy for anyone to make changes and submit pull requests.

One of the biggest and most obvious advantages of the MVC pattern is that you can just make a change in a single function in a model to apply the changes universally (across the front-end and the admin). Maintainability becomes a lot easier. A side advantage of it is that you usually catch bugs/errors a lot sooner. If there is a bug in a CFC, it is guaranteed to throw an error once the CFC is loaded compared to a bug in a remote CFM which might exist escape attention and by the time you find it, you won’t remember your code from the top of your head.

About the caching mechanism – there is an option to reload the application on every request (necessary during development) and there is also the ability to force a reload, should you so desire. This offers a performance boost to your app since it caches your controllers and models/services.

The introduction of Search Engine Safe URLs is also a boon and combined with the ability to add .htaccess rules to your site via Apache or ISAPI Rewrite or APE, it gets points for Search Engine Optimization as well.

I wasn’t really keen on posting such technical discussions on my site but I figured I would put it out there for any ColdFusion developers thinking about making the dive into using a framework or object oriented programming. Feel free to ask me any questions on Twitter or in the comments below.

Privacy vs Piracy

The recent debacle over the iPhone 4G leak and Gizmodo’s attempt to capitalize was on every tech news section the past couple of weeks. As you may have read, Gizmodo’s Editor Jason Chen’s house was raided and his computer equipment was seized. While, I think Gizmodo stunts were cheap and their website should get defaced (online equivalent of a punch in the face), I agree with Michael Malone’s opinion that big companies are almost totalitarian.

Despite the phone being returned and the possibility that Jason Chen could have been protected by the Shield Law, such brute force seems excessive. At first, I brushed it off since the scum got what the scum deserved. But if such incidents happen without much criticism or backlash, I fear the day when normal citizens get arrested for breaking “Terms & Conditions” or other Software license agreements.

Consider the possibility that your 12-year old son finds a copy of a pirated software on the Internet and installs it. Somewhere in the legal fine print, it states that "... you agree that you have purchased this software legally and if pirated, we warrant the ability to track you and punish you to the fullest extent of the law." Being an impatient 12-year old, your son ignores all 5000 words of the fine print and upon the first launch, the software company gets notified along with the user’s IP address that the serial number registered is a pirated version. The software company will promptly figure out the address based on the IP and arrest you, the parent (since the child is protected because of his age and it was the parent’s responsibility to monitor the child), who had no knowledge of this install. Or your computer gets seized and the cops discover the illegal music you downloaded years back and the software company sets the dogs err.. record companies go after you.

If incidents like Jason Chen’s home raid are ignored, this future will not be far… so Internet beware.

Social Media Benefits For Companies / Corporations

Social media is now an integral part of every company and brand. It is vital for companies to have an official Twitter account – whether it is a 1 person company or an extremely large company.

Zappos (now part of Amazon) is renowned for their customer service and their Twitter account is used by Customer Service Reps to quickly address questions and more often to receive compliments. This publicity is priceless! It gives social proof to potential customers and helps build Brand Equity.

Also, with Google search including the latest “tweets”, imagine a person who searches for Zappos and sees a tweet saying “Thanks for the expedited shipment @Zappos_Service“. I’ll bet that the CTR and the probability that the customer making a purchase is quite high.

When searching for web hosting services last year (2009), I looked at some of the web hosts Twitter accounts, asked questions, looked at their answers to other Twitter-ers and could instantly tell who were the most responsive and how effective their answers were. This and other reviews I read encouraged me to go with DreamHost and I often plug DreamHost in my tweets, like when I found I could set up Git, when I found out that they upgraded the Git to 1.7 (when my laptop still had Git v1.66) and when I am all round just happy with their service. In full disclosure, I just discovered today that I won a contest Dreamhost held where you had to tweet #Dreamhost and although I only tweeted about them once in the whole month they ran the contest, I won. And I NEVER win anything! EVER!
[I have to admit, I asked a friend to buy me not 1 but 2 lottery tickets today] Anyway, my point is that with users Tweeting the hash tag #Dreamhost it gets picked up as a Trending topic which is visible to users on Twitter as well as other sites that pick up the Trending topics. So, this is a great method to acquire new customers who will search for “Dreamhost” and see that people are happy with their service.

As an aside, I usually shop around every year for a new web hosting service and have tried everything from BlueHost to GoDaddy to 1and1 and some other crappy hosts and DreamHost is the first one that I have been delighted with and have decided to stick with (before I found out that I won the contest). Now that I won this contest, I feel even more obliged to stick with these guys. Thanks Dreamhost!

Another advantage of having a social media presence for consumers is that instead of having to dread at the thought of being on hold for half an hour before you can complain about a company or service, you can just tweet it (which takes all of 30 seconds and 1 minute if you try to fit it perfectly in the 140 character limit) and there is a good chance that the company will respond to you pretty soon but you didn’t waste the 29 minutes in trying to get a hold of someone or trying to find the right contact’s email address.
The advantage for the company is that they are held publicly accountable and when they respond, there is a good chance that your issue will be resolved and you will feel better and instead of complaining to others, you will praise their Twitter-ing CSRs and their service. As a consumer, I can attest to how responsive companies are – even big banks like Bank of America who quickly responded to some of my concerns with their HSA division.

Facebook on the other hand is not as helpful for companies with Social Media unless you are a “cool” brand that someone wants to be associated with. Think “Axe” but not “Tide”. Or “Apple” but not your grocery store – unless you are a “Whole Foods” fanatic.

The final advantage of a Social Media outlet is that users who are not tech-savvy enough to subscribe to your RSS feed have no difficulty in “Follow”ing your Twitter account which essentially replaces the need for an RSS feed. Said companies, should also “Follow” back the customers who tweet them or add them as a friend since it gives the impression of a real person who cares enough to follow them and not a company drone behind the Twitter account. You don’t need to read any of their tweets but just be sure to respond to their tweets in a timely manner. And please don’t over-tweet – or at least try to keep it to 5 tweets a day or risk being noise.

If you liked this post, you should follow me on Twitter. I dont over post.

How (not) to send Spam

A few weeks back, I got an interesting “spam” mail, see the screenshot and email text below.

Here is the email:

Hey,

The reason that I am emailing you is because the company that I work for is looking for people in or around Clearwater who would be interested in making a little extra income, working out of their home. We don’t require any selling, nor any phone calling; everything is done entirely online, and you will be paid within 15 days. You can do this either part-time or full-time – it’s entirely up to you.

We do not require that you have any prior experience; no educational or special skills are required, as we provide all training.

We actually prefer working with people online, because our experience has shown us that you guys are computer proficient, and are just, overall, easier to work with.

I don’t want to rush you into making a decision, but this same offer is going out to all people that I could find in Clearwater, and we only need a certain number of people.

So, if this sounds like something you might be interested in, you can check out our website right here, and I hope that you choose to apply.

Thanks for your time,

Human Resources
HJB Placement Inc.

A lot of the details are accurate and the blacked-out address is an accurate address of an office I know but the IP address that it claims that I registered with is a Local IP address (in the form of 192.168.XXX.XXX) which cannot be revealed to a website. I am very curious as to how this email was leaked and the only possibility I can think of is that one of the old PC’s at this office was picked up by some spammer company and my email + info was sold to them. The date in the image is a little suspect as well.

Has anyone else ever encountered this? The link in the email points to breakfm.com which by itself does not load but http://www.breakfm.com/203.php?zach_fluid@hotmail.com works and redirects you to http://www.ivanblogsecrets.com/campaigns/rgah/IF_1_new.php?linkid=425452&subid=110890. (Sorry, I am not linking to the actual links as I dont want to give them any link juice.)

Anyway, marketing companies – if you are doing this, please STOP! It is down-right creepy to display that you have so much information about a user (even if you do). This appears to be more of a high-level phishing attempt than a marketing pitch.

Google wants you to speak in Third person

You have probably come across several web sites where the owners / authors / companies refer to themselves in third person. While it seems odd, Google and other search engines require this.
Yes, it is an unofficial rule of SEO.

Consider the following example:
Back in the pre-SEO days, we used to link articles like this:
If you want to learn more about me, click here.

The previous method is detested now and below is the recommended method: Learn more about Eapen. (instead of Learn more about me).

This is important because, Search Engines identify the words you have used to link to an article or page and figures that the context is linked and therefore it is highly relevant to the page you have linked to. So, linking the word “here” or the word “me” does not benefit you or the search engine but linking “Eapen” lets the search engine know that if someone searches for Eapen, the “about” page link is relevant. Of course, “here” and “me” is also considered relevant by the search engines (but for all I know Google has exceptions built in to disregard these older conventions) but not by humans.

So, it is highly recommended that you re-word your pages and articles in third person and don’t consider someone to be conceited just because they refer to themselves in third person on their website (including me).

Location-as-platform is still too early

With a lot of location-as-platform services available like Foursquare and the geo-tagging ability in Twitter, I still think it is too early to succeed.

While these are great features and easily feasible with smart phones like the iPhone and Android devices – the biggest issue I see is the battery life of these phones. If I leave the GPS and Bluetooth services “on”, the battery life goes down to about 60% (no statistical backup to this amount) of what it was. So, I only turn on these services as I need them so I don’t run out of battery when I really need it. When batteries increase their life and the GPS sensors consume less power – then the potential of users leaving these services on increases and gives more potential to these location based services. And I don’t see the battery-life equation being solved for a couple of years.

Living in the TampaBay area which is not as “location” friendly as San Francisco for these kind of early-adopter services, I don’t expect any of my friends to use services like FourSquare and it doesn’t return any results for a “Tampa” search either. Twitter on the other hand would be more feasible for such a solution but I am not (yet) a Twitter addict who has to keep checking my updates on my phone.

In my opinion, Facebook has the greatest potential to utilize such a service. In the days when (1) battery life is better, (2) the iPhone can run applications in the background, (3) Facebook develops an application that tracks user’s locations and (4) smartly notifies users when their friends are around – the location-as-platform service will bear fruit.

A lot of users, including myself, have privacy concerns and I wouldn’t want Facebook advertising where I am and where I go all the time.

This is the scenario of how I see it work

• A user creates a Facebook event like “Gasparilla Parade 2012″ and tags the location in the event.
• Regardless of whether I accept the invitation or not, the Facebook application would run in the background and figure out if I am in the area.
  If I am in the area, it would prompt me whether I want to advertise my location for the “next X hours”.
• Same thing would happen with other users or even for users who have not been invited to such an event but if Facebook realizes that more than 2 friends are in the area, it would prompt them to advertise their location.
• Our phones would then alert us if there are friends in the area and we can meet each other and also manage to find each other on a street-level map because the noise would prevent us from being able to converse over the phone.

But knowing Facebook, they would probably start off this way and then Mark Zuckerberg would decide that it would advertise all the locations a person went to, all the stores they visited, the types of bars they frequented, the types of communal worship places they visited and would sell that information to advertisers and invade your privacy in every conceivable way. Honestly, I wouldn’t want my location to be advertised to everyone on Facebook who is sitting at home but only to users in the area of interest and without such fine-grained controls, I am not sure how effective this strategy would be.

Google Groups #Fail

If you are familiar with jQuery and follow their news, you would have heard that they switched from Google Groups to Zoho to host their forums / discussions. John Resig gives a number of points on the failures of Google Groups in his blog post and I can see why.

Since I joined several groups that I found of interest at some point, I had to some Google Groups cleanup. I removed several of the projects that I was no longer interested in and found a new preference “Do not allow group managers to directly add me to their groups” which was defaulted to being unchecked. I am not certain of this but my understanding is that it allows a group manager of any group I am a member of, to create a new group and add me to it.

It almost seems spamalicious to add that setting and defaulting it to “Yes, please allow Group managers to invite me to new groups that can spam me and pass my information to them”. When I cleaned up my groups, I thought I found a few groups unfamiliar and I am still not sure if it was just Group Managers who added me or if I accidentally joined the discussion forums at some point.

Check your settings and leave feedback on whether you also have the same settings.

PS. I also added the open-source Vanilla Forums v2.0 from GitHub and it looks very tidy and Web 2.0 unlike most of the solutions out there. You can see it at http://eapen.in/forum/

Yahoo #Fail

Trying to visit Yahoo News earlier this week – gave me a 404 error for a minute or so and redirected me to their homepage with the circled Google advertisement as the most prominent result. This is a great pick of sponsored keywords by Google to send Yahoo! users over to Google.

WaveSecure {Review}

After reading about WaveSecure via LifeHacker, I installed it but only got to try it out today and I am IMPRESSED.

Here is a brief overview of WaveSecure’s features:

• Backup SMS
• Backup Contacts
• Backup Call Logs
• Backup Media (selectively)
• Track Location
• Remote Lock/unlock/wipe
• Needless to say – Restore functionality

There are a lot of apps out there that will backup the SMS, Contacts, Cal Logs for the Android but its nice to have a single application that does this and more. What blew me away with this application is the “Track Location” and “Remote Lock” feature.

When you choose to “Track Location” via the website, it sends out a text message (encrypted/gobbledygook text) or MMS that seems to activate the WaveSecure application and if GPS is enabled uses that and if not uses the Wireless Tower Triangulation method to determine your location. I tried this and without the GPS enabled it found my exact location and without the GPS also it was pretty close. So, if you ever misplace your phone, you just need to visit this site and you will probably remember where you left it (in your car or at the gym). The technology that uses the SMS information is what impressed me the most!!! Now, I just wish the GPS had a 1 foot accuracy range so I could find my phone the next time it is hidden under a magazine or under some clothes so I can find it within my house instead of having to dial 5 times and hoping I can hear the phone vibrate or ring in one of the rooms.

Finally, the remote wipe allows you to wipe all your secure data of your phone (if you work for the CIA or if you are Tiger Woods and don’t want Elin to see any of the text messages/call logs when you forget your phone at home). You can easily restore the data after you recover your phone. The site also offers the option to lock your phone remotely which instructs the person who found the phone to call 911 to return the phone or if you know the secret PIN you can unlock it yourself.

It also has a “Lock & Alarm” feature which makes your phone wail (annoyingly!) and will embarrass any thief who hoped to get away with your phone. It also displays your emergency contact phone numbers (which it asks you for when you install the program) so you can call them and return the phone sooner. The next time my phone is on silent or vibrate and I cannot find it within my house, I plan on using the “wail” feature to locate it. You can also unlock the phone through the website as well.

So, if you have an Android powered device, I highly recommend WaveSecure and SlideScreen.

To www or not to www

As you can see, if you visit my website with www.eapen.in, you will be redirected to eapen.in (with a search-engine friendly 301 redirect, of course) and I really wish all websites would adopt this method instead of using the “www” since it makes more sense as it is the root domain. One of biggest annoyances is when the slow one finger typists (dad? mom?) have to type the “www” in a URL and punch in “w w w g [backspace] . g o o g l e . c o m ” instead of just typing “g o o g l e . c o m”.

The “www prefix” is just the old convention and is totally unnecessary. This saves 4 characters and for a message that includes links, this can save quite a bit of space. Twitter and other services that encourage smaller character limits, this is quite beneficial rather than having to employ a URL-shortening service. Even more useful is when users email links and when the email client hard-wraps the message at 72 characters, it often breaks the links. There is still a good chance that the link will break if your original URL had more than 76 characters. A lot of websites & webmasters do not know about canonical URLs and how search engines view a website as having duplicate content when a URL is accessible via the “www” and the “non-www” counterpart. (i.e. A search engine like Google sees http://mysite.com/buy-product1.html and http://www.mysite.com/buy-product1.html as 2 different sites with duplicate content unless you have canonical URLs entered).

As with all rules, there are always exceptions and I wouldn’t recommend this for large websites that need load balancing which are served up as www.website.com and www2.website.com although most of the bigger companies (like Google, Amazon) employ round-robin DNS to handle such traffic with just one domain and routing the requests to different servers/IPs.

One of the advantages of having the “www” is that in emails and URLs in SMSes is that it automatically hyperlinks the URL rather than using “http://” and in those cases, it actually saves a few characters. Either way, my preference for URLs now is without “www”.

tl;dr
Prefer not to use “www” in URLs