melbourne chapter

If you’ve ever had to deal with sending mail from a shared host you’ll know what I mean when I say it’s a pain in the ass!

Scenario:

In your shared-hosting environment all mail is sent to your host’s mail server  - as set in your DNS setup(i.e. mail.my-hosts-domain.com.au). And in all of your mail scripts, being the cautious developer you are, you have specified the return-path for (bounced emails) to a mailbox on your domain (webmaster@mydomain.com.au). Unfortunately it appears some of your users aren’t receiving your mail, while some are - but it’s turning up in their junk folder labelled as spam.

The Low-Down:

Apart from the obvious reasons, such as being blacklisted by an ISP/ host, or the very user, it’s quite possible your mail has been failing your host’s Sender Framework Policy (SFP).

Essentially, the SPF specifies who is authorized to send mail for the sender’s domain. So if there’s no MX record (domain mail server id) for your domain within the hosts very own DNS - which is often the case in shared hosting - your outgoing mail will be flagged (Received-SPF header:…”failed”) and in-turn be filtered as spam! I should note though, not all spam filters check for SFP validility. Currently I know Gmail does it, and although it is an annoyance at the best of times, SFP prevents spammers from spoofing mail addresses.

So what are the options?

In terms of mail turning up as junk mail, failed SFP may not be your only problem as spam filters check for a variety of other things too. But if your sure everything is the way it should be check your mail headers, there’s plenty of information to be found. For SFP issues look for the presence of the “Received-SFP:….” header. If it says  “failed”, you’ve got major problems, on the other hand if it says “neutral” it’s not so bad, depending on the severity of the spam filter your encountering “neutral” flagged mail should come through. For “failed” you could try appending the hosts domain name

me@my-domain.my-hosts-domain.com.auOtherwise the next best step is to contact  your host and enquire as to whether there is an MX Record for your domain.

If anyone has further comments on successfully sending mail from a shared hosting environment please let us know!

Sometimes referred to as ‘Spiders’ or ‘Web Crawlers’, Web Robots are automated programs which traverse the Web’s hypertext structure, retrieving a document then, recursively retrieving all documents referenced within.

In terms of web development, where most concerned with Indexing Robots, but there are plenty of proprietary and non-proprietary robots out there (see “what kind of robots are there?” - robotstxt.org) in fact there’s nothing stopping you developing your own.

Indexing Robots, such as the Googlebot, index web pages by using the following methods; reading HTML titles, reading the first few paragraphs within a page, parsing the entire HTML contents and weighting keywords, or reading META tags - FYI it has been indicated that very few robots index MEAT tags effectively.

Ultimately a Search Engine will search through the databases of HTML documents indexed by it’s robot to recall a list of relevant web pages based on a user query.

(more…)

As part of it’s Genuine Software Porgram Microsoft has started releasing an XP update which will potentially scan your computer for non-genuine Windows components. “After installation and reboot, they (users) may find their computers popping up an alert that reads: “This copy of Windows is not genuine; you may be a victim of software counterfeiting.” - Brain Kerbs, Washington Post.

Microsoft started releasing the Anti-Piracy update to Auto-Update users in the US on Tuesday and is now in the process of pushing the update out to users in Britain, Malaysia, Australia and New Zealand.

Using two popular database abstraction packages for PHP, PEAR::DB and Adodb, you are able to generate a unique identifier that is only issued once. It provides this ability by creating sequence tables that will return the unique ID and automatically increment the index. People familiar with MySQL AUTO_INCREMENT would be familiar with this behaviour.

This helps in many situations, such as creating order numbers or unique reference numbers/receipts. You can also use it for your row identifiers. Since the classes work on the idea of portability between different Relational Database Management Systems (RDBMS) you should be incouraged to use them so that you do not rely on individual methods of geenrating the next ID (such as using AUTO_INCREMENT). You can therefore allow the drivers included in the abstraction packages to handle the best implementation for the current RDBMS.
Depending on the flavour of abstraction classes you use, you can generate your unique key doing the following:

PEAR::DB (visit PEAR::DB or the PEAR::DB End user documentation)

PEAR is a very common database abstraction that you can download from the above site. You can simply extract it to a lib folder in your application and use it to execute all your SQL and manage your record set results.

Pear provides the API for working with sequences with the methods:

• integer createSequence (string $seq_name);
• integer nextId (string $seq_name, boolean $onDemand = TRUE);
• integer dropSequence (string $seqName);

An example for generating a unique ID through the API would be as follows:

< ?php
// Once you have a valid DB object named $db...
$id = nextId('mySequence');
if (PEAR::isError($id)) {
die($id->getMessage());
}
// Use the ID in your INSERT query
$res =& $db->query("INSERT INTO myTable (id, text) VALUES ($id, 'foo')");
?>

ADODB (visit ADODB or the ADODB Manual)

ADODB is another database abstraction that supports many different RBDMS. It is modelled off the Microsoft ADO database classes and provides a very extended package overall with many added benefits, such as Caching etc.

ADODB provides the API for working with sequences with the following methods:

• CreateSequence($seqName = ‘adodbseq’,$startID=1)
• GenID($seqName = ‘adodbseq’,$startID=1)
• DropSequence($seqName = ‘adodbseq’)

An example for generate a unique ID through the API would be as follows:

< ?php

// Lookup the value from the DB connection
$id = $db->GenID('mySequence');
if(empty($id)) die('Unable to generate sequence value);
 
// Use the ID in your INSERT query
$res = $db->Execute("INSERT INTO myTable (id, text) VALUES ($id, 'bar')");
?>

Ok, here is a basic one, I thought I would provide a quick overview of how the PHP number_format function works for presentation of numbers.

Invocation

string number_format ( float number [, int decimals [, string dec_point, string thousands_sep]] )

When you would like to represent a number to the user you can make use of the number_format PHP function. It accepts a number and a series of optional method parameters. Your optional parameters specify how you wish to present your number. You can either specify 1, 2 or 4 parameters (therfore not 3).
Examples

To display a 2 decimal place number (such as a currency) you can use:

// To display myValue (4.3123123123) as 4.31
print(number_format($myValue, 2));

To display a number with thousands represented by a ‘,’ and the decimal represented by a ‘.’ you can use:

// To display myValue (4500.131313) as 4,500.13
print(number_format($myValue, 2, '.', ','));

For those of you who use Smarty for presentation, you can invoke a simple decimal presentation via:

{$myValue|@number_format:2}

Using smarty you can pipe your input into various PHP methods. The above example demonstrates how the parameter $myValue gets piped as the first parameter to the number_format function, followed by the second parameter ‘2′. The above call is the same as our first example: number_format($myValue, 2);

Further Manipulations

If you are looking for rounding a number for use in an equation, you will want to have a look at the PHP round() function located here. An example would be:

<p align="left">// Makes a 4.326 become 4.33 in value.
$myRoundedVal = round($myVal,2);</p>

If you are looking for a quick way to pad with zeros (zerofill), use the (powerful) PHP sprintf() function. An example would be:

// Make a digit zero padded, such as 70 = '070' or 7 = '007'
print(sprintf("%03d", $myVal)); // Change %03d with %04d etc for more padded zeros

People considering learning more about online web accessiblity should have a look at 456 Berea Street blog written by Roger Johansson and the W3C Web Accessibility Initiative (WAI). These sites both outline the importance of website accessibility for the internet.

Below are more resources that will be relevant to website accessibility:

• w3c Web Content Accessibility Guidelines WCAG 2.0 - http://www.w3.org/TR/WCAG20/
• w3c HTML Techniques for WCAG 2.0 - http://www.w3.org/TR/WCAG20-HTML-TECHS/
• WebAIM Creating Accessible Macromedia Flash Content - http://www.webaim.org/techniques/flash/
• Australian Internet Industry Association Web accessibility online resources - http://www.iia.net.au/accessresources.html
• Australian Human Rights and Equal Opportunity Commission Website: WWW Disability Rights - http://www.humanrights.gov.au/disability_rights/webaccess/index.htm
• w3c XHTML™ 1.0 The Extensible HyperText Markup Language (Second Edition) - http://www.w3.org/TR/xhtml1/
• w3c XHTML Markup Validation Service - http://validator.w3.org/
• w3c CSS Markup Validation Service - http://jigsaw.w3.org/css-validator/

Your development environment is important to match the sort of environment that you wish to deploy on. Often the basic infrastructure of a webdevelopment company would have this sort of simplified deployment server environments:

- Development
Development server is usually either a the workstation locally for a developer or may be a development office server that is setup with the required apache environment. It is used so that developers can independantly develop and test without affecting other developers or destroying a client review version of the project.
- Staging
Staging matches the Live infrastructure/environment as close as possible. It may be used for formal testing (often there is a testing server, but sometimes staging is used) and review by the client. It will represent the version of the project before the project is moved to the live servers.
- Live/production
These host the live project in use for its intended purpose.

Often to achieve this process, installing Apache, PHP, MySQL, PhpMyAdmin etc can be quite a hastle - especially on several different machines and environments.
That may quickly make you think how am I going to quickly get my development and staging servers up? Surely that will take weeks of configurations to achieve? Well you would be right to initially feel that way, but you shouldn’t. There are many ‘quick install’ programs out there that allow us to quickly install and configure and Apache web environment instantly.
I have used variations of xampp and it is available in many different flavours for different operating systems. It is free for use. I have xampp running easily under a Win32 and Linux environment and the process is extremely quick and easy. There are also versions for Solaris and MacOSX. It is provided as a ready to go package that provides everything you need to get your testing/development environment up.

It also is very beneficial to PHP developers as it allows a option to switch between PHP 4 and PHP 5 with a simple script that can be run. Great for testing forward/backward compatibility.

You will need to first visit the Xampp Sourceforge File Listing and choose the packages required for your Operating System.

Windows

For windows this comes in two flavours, and two installation methods. At the time of writing this, xampp windows package was upto version 1.5.1.

The distribution for Windows 98, NT, 2000 and XP. This version contains: Apache, MySQL, PHP + PEAR, Perl, mod_php, mod_perl, mod_ssl, OpenSSL, phpMyAdmin, Webalizer, Mercury Mail Transport System for Win32 and NetWare Systems v3.32, JpGraph, FileZilla FTP Server, mcrypt, eAccelerator, SQLite, and WEB-DAV + mod_auth_mysql.

Xampp Windows is provided in a Lite (basic) version with minimal package configuration and a complete version with all the packages. You can either download the package in a self extracting .exe, a ZIP archive or a .exe style installer.

Installing the packages could not be easier, either extract or use the installer to install the Xampp package onto your computer. I like to use “\server\xampp” as an install location and I try to keep it the same on every workstation.

Once Xampp is installed you will want to go to the installation directory and run the Xampp-control. This control panel allows you to easily start and stop the various installed packages, such as FTP/Apache or MySQL. You can also tick the “svc” tickbox which will install xampp to the windows service list (Control Panel -> Administrative Tools -> Services) which will set the services to start automatically when you boot windows.

Then you need to point your web browser to http://localhost/. At this point you will be able to choose your language and perform various install tests to see if everything is running smoothly.

You will need to run the security recommendations immediately and configure your webserver with a password. This is a very important step.

Linux

Linux is very easy to install. At the time of writeing this, xampp linux was also upto version 1.5.1

The distribution for Linux systems (tested for SuSE, RedHat, Mandrake and Debian) contains: Apache, MySQL, PHP & PEAR, Perl, ProFTPD, phpMyAdmin, OpenSSL, GD, Freetype2, libjpeg, libpng, gdbm, zlib, expat, Sablotron, libxml, Ming, Webalizer, pdf class, ncurses, mod_perl, FreeTDS, gettext, mcrypt, mhash, eAccelerator, SQLite and IMAP C-Client.

You will simply need to download the package to you linux /tmp directory. If you are only accessing your server with Putty, and need a way to download the file directly onto your computer from the command line, connect with SSH and perform the following:

cd /tmp
wget http://nchc.dl.sourceforge.net/sourceforge/xampp/xampp-linux-1.5.1.tar.gz

The location of where you need to download the installation can be found by selecting a mirror to download the file from in Sourceforge.

Once that you have downloaded the package, execute the following under root previledge:

tar xvfz xampp-linux-1.5.1.tar.gz -C /opt

This command extracts a GZip Tar file to the /opt location. You install will now reside under /opt/lampp

Once the package has extracted you can now start the server. If you currently have any other services (such as previous Apache/MySQL services installed, this may fail. Turn them off using the appropriate “apachectl stop” or “/etc/init.d/apache stop” commands.

/opt/lampp/lampp start

Before taking any more steps I would recommend immediately running the security option of Lampp to configure the security of the server. This is highly recommended.

/opt/lampp/lampp security

Now you can point your browser to the IP of your linux box (either localhost if you are running the apache under your local computer or the IP on the network).

If you are having problems with your linux isntallation, checkout the Linux FAQ on Apache Friends.

Mac OSX or Solaris
If you installing xampp follow the appropriate guide below:

- Max OSX install read here.
- Solaris install read here.
Security Note: They do not recommend Xampp to be run for live/production. This is to do with security and takes extra configuration to make is secure enough for a live environment.

Once you have installed these packages successfuly it is very quick and easily to replicate the install across different workstations/server environments.

With SEO now a huge topic in the workplace the number of upstart Search related businesses has seemingly doubled over the past 12 months. The paranoia from marketing managers and clients worried about getting their Google Ranking is enough to drive any web developer crazy.

So why is everybody so concerned about their Google ranking? One word. REVENUE! In a dog-eat-dog world it’s all about getting noticed.

THE FACTS:

- Google’s estimated share of the search market today is estimated at 42.3 % in comparison to Yahoo’s 27.6 and MS’s 13.5 %. (Source: ComCore (USA) Feb 2006)

- A high Google ranking means your site is more likely to turn up in the top search results within Google and be seen by potential customers
- Statistically speaking users are more likely to visit a site appearing on the first page than the 7th! (convenience and perceived quality)

GETTING IT DONE:
There are commercial options; As I have mentioned there are many Search Related Companies. Typically they will conduct a review of your site, and asses it’s desirability to a crawling web robot (i.e. the google search bot which indexes your site!), then get back to you with some recommendations. Some also offer a Market analysis i.e. what people are searching for and how they are searching for it. However many of these companies charge a premium rate,and there are no guarantees - SEO is not an exact science - FYI The company I work for recently contracted a Sydney based Search Company which proved to be a worthy, but expensive exercise at a mere $3500.

DIY; Validating your own site is doable, but I recommend you spend a good amount of time doing some background research first.
Checkout the articles on the seochat.com site (part of the Developer Shed Network), and have a listen to the Andy Jenkins (Online Store Profits) “Stomping the Search Engines” interview with Brad Fallon - who infamously achieved a #1 Google and Yahoo Ranking within a year of releasing his first commercial website www.MyWeddingFavors.com. Lazy ? Read Yaro Starak’s summary of the interview…

As projects start to grow in size you often come into management issues, clients sending members of your staff errors through email or over the phone, and often people don’t pass on the errors correctly or get all the details about the bug. Soon enough you have clients upset that their 2 second bug fixes haven’t occured and tracking them is impossible.

I needed to get onto a way of centralising the errors for the application, and immediately hunted online. Althought there are many choices, Bugzilla is widely used and available to you under Open Source. It runs using MySQL and Perl (CGI) scripts, and takes a little while to configure. I simply dropped an email to my hosting provider and they were able to install and configure everything for me and have it turned around within a day.

Bugzilla

Bugzilla is a webapplication that operates by having users log bugs under various severities to products and components of your application/project. It allows you to restrict the viewing of products from users, allow delegation between users and handles all notifications and sorting for you. It is very active in development and has a lot of support.

Now clients can post their bugs into the system directly, and all of the developers can use it to internally keep a centralised listing of bugs. Clients are notified when the bug is fixed and everyone is kept happy.

Since I have been using Eclipse I have now had the bug reporting lists integrated directly into my Eclipse Desktop using this very cool plugin:

Buglist - Eclipse/Bugzilla Plugin

Overall making the step up in this system has helped management of bugs, and make it easy to keep on top of them and provide not only better custom service, but better software and professional practices.

As there is always a need for client side validation with Website design I thought I would discuss a few different implementation methods that may help with the process. JavaScript is always a popular choice for this, and contains generally all validation that we need for simple forms. These days JavaScript validation logic has been extended by allowing the server to help with some realtime validation using AJAX which allows us to do more complex checks, like checking the username exists on the server before submitting etc. For the moment this article will discuss the implementation of form validation methods, and I will provide some examples in the future.
As a note, we must always assume that JavaScript can be disabled on a clients browser. This typically has occured since people have been afraid of JavaScript exploits for MS IE, popup windows and the such. Hopefully since WinXPSP2 (I am yet to check) is whether people are feeling more confident leaving JavaScript on. So, because of this, we must always allow our form to operate without requiring the use of a custom JavaScript submit function. More importantly we should always remember that client side validation does not substitute server side validation and it must always be performed. Client side validation will make your forms feel more reponsive to the user as simple errors can a majority of the time be ruled out with simple JavaScript checks.

For us to make use of form validation correctly, we must first code up our form with a submit button. We then can use various event listenner/triggers that occur during our client entering form values to call JavaScript validation methods. Most popular events that we can use is the onsubmit(); and onchange();. You can read more about intrinsic events on W3C here to see what additional events occur for HTML elements.

Onsubmit

This method is used as a sort of hook allowing us to call validation or logic checks prior to the form being submited to its action. It allows you to call a function which can return either a true or false state, allowing you to specify whether to submit the form or not.

If you are using Macromedia Dreamweaver and are looking for some basic quick validation (mandatory fields, email address/number validation, minimum length and the such) you can use their Validate Form behaviour (by selecting ‘window -> behaviours’ then selecting your form [has to be selected to work correctly] and selecting add behaviour -> validate form on the behaviours window). For our explanation, it places a generic ‘all in one’ JavaScript validation method in your header that allows it to accept many parameters and rules. The function is called using the onsubmit function tied onto the form element. The function processes, displaying an error message and then sets a document variable which returns true or false. This is great for very quick validation, but lacks largely in the logic you can perform, you can’t do a particular check based on a selection of the form elements.

From here you may choose to extend the form validation and write your own method, allowing you to compose your own onsubmit function and implement your own extended logic/error messages. Your function either needs to return true/false (which in turn is returned from the onsubmit call, e.g. onsubmit=”javascript:return myOnsubmit();”). This opens up many different ways of handling form validation, but also now means that we potentially have to start considering non-reusability etc.

To help validate your form, you should try and collect a number of validation methods for particular purposes, such as checking for required fields, checking email address syntax and the like. These can be placed into a single JavaScript script and included onto each form page. You can then make your custom logic checks for the form in a concise form.

Another more advanced way of handling this step is to create your own Validation Class and then generically register validation checks on field elements. For sake of extending the flexibility of your design, you could also allow the register of validation functions that return true/false to extend its capabilities. This would then also contain all standard logic (such as required field checking methods, validation of email addresses etc). Through many declaritive statements you could setup a quick way of performing basic field validation and allowing it to be extended with an additional logic method.

How to handle the error messages becomes an issue, and is one of the great downfalls of the Dreamweaver implementation. How you place in your error message is upto younow that you have written your own class, but here are some different implementation methods; inline javascript, through your declaritive call (assigning to a variable) or using a hidden form field (with a naming convention - that could be checked by your validation method to see if it exists, and if so grab the message from its value). All have pros and cons, most likely the best choice would be variables through your declartive statements.

Onchange

On change event is another event that allows us to register a method that is called if the form value has changed since gaining focus, and is triggered after the element loses focus. We can use this method to immediately provide feedback about the users input as they are filling out the form, prior to hitting the submit button.

Using this method we can do several things, from alerting error messages to changing the elements CSS style from one colour representing valid to invalid etc.

As explained under the onsubmit action, we can use our validation class methods to help validate these fields generically.