Saturday, June 12, 2004

CFML Standards

Driving CFML

CFML as a standard?

Yes, it's not a bad idea, but how relevent is it? or useful?

Personally I like the idea of competition, because the free market always drives innovation.

But what changes would we want a competitor to do or not do?

I think it's up to the competitor, what changes provide him/her with the sales to keep the company going.

Personally, I think we have tag overkill, too many internal tags that we mostly do not need on an every day basis, I think it should be like javascript or java where you can import additional tag/function libraries as needed.

Tag Libraries I think are the way to go, just like how cfscript udf libraries or cffunction libraries work.

Instead of having new cfml tags/functions, have tag libraries that can be used any cfml server, to work.

That way whoever has the most efficient and coolest tag libraries will help innovate and drive the market.

After all there is a saying about trying to be too much, and be everything to everyone.


Friday, June 11, 2004

Mr. Clean: Practical Experience in Cleaning Code

I have in my last 3-4 years of ColdFusion experience, frequently having been put in the position of cleaning up other people's companies work.

Which can get rather frustrating, so I want to share some of my tips and experiences so that you can help speed up the process.

1. Flow Chart It - Simply having this documentation to make sure the code continues do whatever functionality it does. Save your rear, make sure you are improving the readability, functionality of the code, without losing what it was originally meant to do.

2. Thoroughly comment - It's a pain, but it always pays off in the end, I mean, don't you want the person who works on the code some years after you have done, to have a good impression? Don't repeat the pattern of forcing coders to clean up the work of other coders.

3. Indenting - There are many different styles of indenting, but pick a style, that's reasonable, but we each have our own style. Like for example:

table blah blah
tr blah blah
td blah blah
content
/td
/tr
/table

Others like doing it like this:

table blah blah
tr blah blah
td blah blah
content
/td
/tr
/table

The key is find the style you like that is still going to be readable by others.

4. Documentation - It really pays to both document the work the previous person did, and what functionality, and then what work you did.

The goal in all of this is to help us as an industry and community to raise our standards of good coding.

And if that happens, it's much less likelier that we'll have to do more cleaning other people's code.

After all you can pick your friends, you can pick your code, but you should not pick your friend's code.

:)

Thursday, June 10, 2004

Business Philosophies: Which path is the right path?

One of the issues that has been on my mind, is trying to understand different philosophies that companies have adapted, in how they sell their products/services.

Whether that be online or offline.

The reason it strikes me so harshly, is that I have experienced bad to horrible experiences that help me learn from other people's philosophical mistakes.

Working for companies, going down the path of destruction, and prefer to avoid dealing with it, and sticking to current practices, rather than trying to change.

I definitely experienced that at my last job, a dot-com that went down hill.

Or companies that seem to do well, but seem to miss the path of understanding their customers and how to keep them as customers.

There seems to be a common trend to see companies as marketing companies, rather than companies who sell products or services.

It is sort of a subtle difference, but if you've ever been at a store that had good practices vs bad practices, you can easily tell the difference.

I myself, in my retail/fast food experience have been taught that the goal of any business is to extend the customer life cycle, by making sure the customers stay happy.

I remember the old story of this one grocer, where he taught the value each customer.

He taught that if even 1 customer was dissatisfied, how that can add up to millions of dollars in lost sales. Each customer who did not buy or was not satisfied was a loss in sales and profitability.

So they focused on how to improve customer retention, not always by marketing promotions, but by making sure every aspect of their operation was top-notch.

Each industry has it's idea of what those top-notch things can be.

Such as for the ecommerce industry, here are some examples:

1. Demonstrating trust in your customers, do not hide anything
2. You directly ask customers how you can improve the site, the functionality, usability
3. No errors at all
4. No interference between the customer and the customer's objective, let them get what they want.
5. Making sure your fulfillment and inventory processes, provides the products, the customers of your industry expect to see at any store. Inventory, in terms of offering products, you consistently do not have in stock does not make you look good.
6. Take pride in the effort and work of you and your team, in the products, functionality and customer service attitude.
7. Urge for more competition, so that you can use competition, to urge mutual competition for higher standards of service.

Now let's look at the marketing approach.

1. Identify and understand the demographics/purchases/data of a customer
2. Present promotions/marketing material to entice customers to purchase
3. Design is about branding, and about having space to promote and market
4. Indirect Analysis of customers buying behavior
5. Invisibility to your competition is the key

The marketing approach sounds like the correct approach, except it's not about what the customer wants, but what the seller wants.

To me it's obvious, you always want a satisfied customer that is a repeat customer, emphasis on extending the customer life cycle.

I know there are other approaches, but let's here what you have to think about this.

Wednesday, June 09, 2004

Learning from your mistakes

We all make them, face it, we're human, so now that we made this minor to major mistake, how can we make sure it doesn't happen again?

Here is my big steps of mistake prevention:

1. Document your projects, and include any mistakes as part of your project documentation
2. When planning your projects, research past projects to make sure that project development process is always improving.
3. Status Quo = Death, so always try to keep learning more, different skills, different approaches
4. Share your mistakes, take responsibility for your own mistakes, so that when you do good things, you can take credit for them.

Do you have the honor and integrity to be honest with yourself and those around you?

The path of pursuing a craft is not an easy one, but if you give up, or don't even give your best than why bother?

After all, if we have a dream, we must pursue to it's end.

In honor, of former President Ronald Reagan, who showed what it's like when american's dream, and then go ahead and make those dreams real.

I am mostly living my dream, although it is too easy to take it for granted.

I never imagined that after 10 years of fast food, I'd suddenly become a professional Web Developer.

Where did all of you come from before this field?

What kinds of dreams and visions do you have for your own lives?

I'd really like to hear what you all say.

Taking CF Seriously

I hear so many stories about people not taking ColdFusion Seriously.

I mean seriously, in the north pole of ColdFusion, that we call the Twin Cities, Minnesota USA.

We are laughing with hilarity of cf, cf serious, C'mon who can take that seriously.

I am just the Jewish Santa Claus of ColdFusion, Ho Ho, He He Hum, Hum.

Now that we have had that little laugh, we can get back to planet reality.

For me, I could care less how many people like it, hate it, love it.

It's all about what is the goal of my project, and how can I speedily accomplish it.

Let's be honest there is no such thing as a perfect solution, never will exist, never has existed.

So for those of us, that are practical and pragmatic, we have to consider the goals and objectives, and what tools can get us there.

One of the things, that I love about ColdFusion, is that it's in plain english, it's easy to take some code to my boss, go over the logic flow of some marketing or ecommerce app, and we can logically find the best way to accomplish the goal.

One of my favorite quotes this year was from InternetRetailer.com. I am paraphrasing from memory,

"Too often, management focuses on the technology means/methods rather than what the business goals/logic and rules are. So they end up wasting time and energy finding the perfect technological solution, instead of what solution can best meet their business goals."

So let us clarify that.

Business People/Marketing/Advertising/Clients

You tell us your business goals and/or objectives, and it is up to us Application Developers, to come up with the best solution, in time and money.

Doesn't that make sense.

Then as App Developer's talk to each other, instead of saying what technology is best, or worry if they are on the right bandwagon, they can brag about meeting business goals and objectives.

We get like ostriches sometimes, and we get stuck in the sand.

I personally am going to stick with ColdFusion, it's my solution, it doesn't matter to me, if anyone else uses it.

Use whatever works, if it doesn't work for you, then don't use it!

Ho Ho, Hee Hee, Ha Ha!

Tuesday, June 08, 2004

Oy the pains of cross-scripting

Today, as I have been looking at the cf app logs, I have seen a lot of cross-scripting attacks. Mostly generated at our behest,by a service that confirms our security.

However we also have a tool to help prevent that, Microsoft's Urlscan.

Very interesting tool, to play with and to configure, however it seems to be missing something, because cross-scripting just comes right through.

Now I have played with using some Regular Expressions that can be on each application's page, but it is a painful performance to force it loop through each url variable, and validate and verify it.

But urlscan seems to lack some additional options or configuration that prevents javascript from running on the url.

Now everyday I look at my logs, especially in the morning, and I someday want there to be no errors there, of course that may not be a realistic wish. One can hope can't they??? :)

There was one option called DenyUrlSequences, which left me with some hope of being able to prevent javascript from loading.

It was just a simple alert script, but still it kept popping up with it's annoying message.

My attempt in cfml was to use regex, and to only allow certain url variables, and if there is any bad url variables, to do a cflocation with the new cleaned up url variables and values.

We remotely may end up doing that, but we'd rather not have to scan each page's url variables for validity.

What have the rest of you done to prevent this?

If I may be so bold, I want to thank all of you for the honor of providing some little tidbit that may be of use to you.

Thanks, Salud!

Monday, June 07, 2004

Sticking to Standards

I know this is the thing to talk about, but it really comes down to understanding your standards, and sticking to them.

My personal standards are:

1. File/Folder Naming conventions
-includes that are included in the middle of a page are called mod_whatever_function.cfm
-navigational includes are called incl_leftnav or incl_rightnav.cfm
-folder names have no spaces, all lower case and use _ when necessary. Think about seo when folder names.

2. Coding Style Standards
-Good indenting, drastically improves readability of code.
-commenting every section in english with time and date stamps
-no # in cfif and cfset unless it's for an evaluate function

3. Always think efficiency and power in my coding.
-Use cfswitch rather than cfif for simple logic
-when and where to loop

4. Know how to speed up application preparation.
-I like to have default local variables that are setup in the same name as query fields
-Loop thru query fields to populate cfparams, previously set up
-have forms refer to local variables, which will either be populated or not populated, and neither will cause any errors.

5. Correct and Specific SQL Statements
-NEVER EVER do a Select *
-Always think about what the most efficient way, to the server and to the database, not necessarily what is efficient to you.

6. Figure Death Handling
-If you died, how easy would it be to walk in and take over from you? In other words how thoroughly documented are all the work you do? Make it easy, document your code, plan your projects, that documentation is both a great learning and teaching tool

7. Learn from mistakes
-We all make mistakes, the key is learning from them.

Remember it took 10000 light bulb failures before Thomas Edison succeeded.

At this time I would like to honor my hero, former President Ronald Reagan, who passed away June 5th, 2004.

"No arsenal or no weapon in the arsenals of the world is so formidable as the will and moral courage of free men and women."
-President Ronald W. Reagan
-First Inaugural Address, January 20, 1981.