Archive for the ‘Business’ Category

Sample Code for Employers

Wednesday, June 10th, 2009

If you are looking for a job programming, you need to demonstrate to a potential employer that more than anything else, you will be profitable. In terms of programming, profitable code is robust, is produced quickly, is readable, understandable and maintainable by the rest of the team, and depending on the job you're applying for, may have to be secure or efficient too.

As an employer I consider it vital to see a sample of a developer's code before employing them – it's the most reliable way of assessing how competent a candidate. The standard of code I've encountered from candidates over the past few weeks was generally weak. If you want to stand out, you may be interested in a few tips. I've tried to put these in order of importance.

  1. Submit only your own code If you worked on the code with anyone else, it's worthless to me.
  2. Submit your best code If you have more than one project, submit the best. I'm liable to judge you on the worst. The most recent code you've written is normally the best, assuming your programming skills have improved over time.
  3. Make it easy to run the code I can't run most of the code I receive. Maybe it runs, but generally it's not clear how I get it running (web applications are generally hard to run). I am interested most in the code itself, not seeing the program run, but it's a big bonus if I can run it. So why not include an INSTALL file documenting the process. For web applications, you could include database dumps with sample data, or swap your application onto SQLite and include the database file. But an even easier way is just to get it hosted somewhere and send a link.
  4. Submit code that does something interesting A lot of code is either boilerplate or performs very common tasks. For example, a web application that takes input from a user, puts it into a database, retrieves data from a database, and outputs it into a page is the most simple web application it's possible to write. It's covered step-by-step in any web programming textbook. If that's all the application does, it had better be pretty dazzlingly tidy code. But I prefer to see code that is outside the scope of textbooks.
  5. Use plenty of third-party libraries The more libraries I see neatly integrated into your software, the more efficient you look as a programmer. There can be reasons to re-invent the wheel in practice, such as to overcome license restrictions, but when you're submitting sample code to employers it makes you look inefficient. Moreover when I see code draw on more and more appropriate libraries (or web APIs, or data sets) it also means that you know what's available and you're thinking about how to combine them creatively. (Incidentally, if you bundle third-party code with the source you supply, put it in a directory called "lib" or something so that I can see to ignore it.)
  6. Write good HTML. I'm less tolerant of bad HTML than a web browser is. I'm not going to pass or fail you purely for HTML that's not standards compliant because it's enormously widespread, relatively low-impact, and fairly easy to teach – but you're applying for a job writing software that outputs in a well-defined language. It comes across better if you're actually outputting in that language, and not some misinterpretation of it. It begs the question, would you do that for any other data format or protocol? Anyway, bad HTML breeds bugs.

If you can't find code that meets the above criteria, why not write something especially? It's possible you could write something in a weekend that can improve your job prospects significantly.

But if you're not employed at the moment, and you're looking for a job as a programmer, you should be constantly either writing code or reading articles on the web about writing code. Employers can teach you skills on the job, but it costs money to do this, and that's money that won't be going into your salary.

Posted in Business | No Comments »

Calls to action

Friday, November 28th, 2008

A way of supposedly increasing the conversions from your site is by adding calls to action, links or banners or buttons nudging people away from simply reading and towards taking action – purchasing your products, enquiring about your services and so on.

The practice of including calls to action is taken straight out of the advertising industry. Advertisers have a small list of things that they need to include in an advert, and a call to action is on that list. However a website is not an advert. Users browsing the web are mainly in a mode where they will read and compare and research a purchase. Who would click the first "buy this now" button they see when they can hop onto another site and check out alternatives and price first? In this context, calls to action may not be very effective and can be intrusive. It's even less effective if your call to action is not something as passive and easily handled over the web as just "buying", such as "Enquire now about our calibration service".

In the UK we also like our calls to action implicit. Watch TV ads for a few minutes and the number you'll see that include an explicit call like "Sofas half price at DFS until Monday! Come down to DFS showrooms today!" are small compared to the number that run more along the lines of "The sun is shining and this man in trendy clothes is laughing with a group of attractive women. What's that he's drinking? Oh, Coca-cola."

So include calls to action, make sure they are seen, but keep them understated and out of people's faces and users may find your site that much more appealing – easily enough to outweigh the effectiveness of intrusive calls to action.

Posted in Business, Usability | No Comments »

GnuCash Accounts

Thursday, December 7th, 2006

The past couple of days have been spent tidying up my accounts in GnuCash. It's great when it all comes together and your accounts reconcile perfectly with your statements.

I like GnuCash a lot actually. It's slightly harder to get your head around than just listing your accounts in a spreadsheet, but much more powerful when it's done. Because money always has to go from somewhere, to somewhere, you can view transactions from both ends immediately. So every time I pay for a domain name on card, I see the money transfer from my credit card, with the net cost going to the registrar, and the VAT value going to my VAT account and reducing my debt to the VAT man. And then I can turn it round and see the actual cost to me of the domains, or track my VAT debt.

The other neat thing is that accounts are nested, so for example, I can create an account for each client within Accounts Payable, and see how much each client owes, plus clients' debts to me can be included within my assets. GnuCash's own customer invoice tools don't do use subaccounts though, which makes them actually harder to work with than doing it manually, I find.

At first I found GnuCash kind of quirky, and I did struggle with it. But the new 2.0 series is better on the UI front (now a GTK2 app) and now I know what I'm doing with it, it's actually quite easy to get everything to work and incredibly useful when it does. It becomes quite frustrating that all the other accounting information I receive is in a simple flat transaction list, like a spreadsheet or a bank statement or some printed accounts. It's not wrong; there may be no other way to do it; but it's simply not so elegant and right.

All I need is some way to get the accounts data to my accountant.

I tried a few different ways:

  • Linux VM with GnuCash and accounts, burned to a CD along with VMware player. Couldn't get Ubuntu VM to fit on a CD; Debian and Damn Small Linux wouldn't install properly.
  • Converting to QIF with a Java tool. Tried importing this into Grisbi and it looked a mess.
  • Importing GnuCash directly into Grisbi (with the intention of exporting to QIF or CSV or something). Seemed to make a mess of it, not as much as the Java exporter, but the account balances were all wrong.
  • Transforming to Gnumeric sheet with an XSL stylesheet and sabcmd. No account balances, but these can be added quite easily within the spreadsheet app. Required me to install Gnumeric.

I sent the QIF and the spreadsheet (saved as XLS) to the accountant. Other ways that occurred to me:

  • Hand them an Ubuntu CD and my GnuCash files. This would require them to reboot into Ubuntu and GnuCash isn't even included on the CD anyway.
  • Hand them an Ubuntu CD, an empty VMware VM and my accounts, and let them install everything. Probably too technical and overkill.
  • Set up a VNC server that they can log into to access a copy of GnuCash. Security aside, I don't know what kind of connection they have. It could either be too slow for them or it could DoS my outbound connection.

Posted in Business, Open-source | 1 Comment »

Data mining with AJAX

Friday, October 27th, 2006

Just had an idea: how about using Javascript to record client-side usage of your website?

The principle is this:

  1. Register Javascript listeners which construct a list of events, particularly mouse, scroll and click events, along with the time that the event was fired.
  2. Register an unload event which posts the information as XML with AJAX to a script on the server when the user leaves the page.
  3. Browsing sessions can be collated on the server using cookies.
  4. Create a player, which reads the events as XML and renders them using a DHTML 'cursor' and/or by firing events within the DOM. Could have a time slider and fast-forward controls, etc, depending on how complex you want to get.

Voila – see exactly what people are doing with your site. I have knocked up a test which implements the first two steps, for mousemove events, and that much works, so the whole concept would be workable. I can imagine it would break down if your site uses plugins (or Javascript navigation, depending on how easy it is to replay the events accurately) but that's a limitation you would have to live with.

There are obviously privacy concerns but this is relatively mild as no personal data would be recorded. Perhaps it could pop up a Javascript window.confirm() dialog asking if it's OK to record your behaviour. But it would be a very useful tool for examining site usage, especially for commercial sites. This is the way modern marketing works. I leave it up to your conscience as to whether it's ethical.

Posted in AJAX, Business, Web Design | 2 Comments »

Domains as a measure of trust

Tuesday, October 3rd, 2006

I'm increasingly amazed by the number of banks and other secure services that seem to spread their online services over dozens of differerent domains. Simple put, a domain is one unit of trust, for a variety of reasons, and this is even assumed for security reasons in many applications (cookies and XSS sandboxing spring to mind). It's cheaper, easier, more secure, and visibly more secure to use subdomains than purchase a separate domain to redirect users to for secure services.

Some of the culprits I've come across:

  • NatWest (at natwest.com) use nwolb.com for online banking.
  • RBS (which owns Natwest) also owns Streamline Direct, a payment gateway. RBS' merchants' customers get redirected onto Streamline Direct (at streamline-esolutions.com) to enter credit card details. Most won't have ever heard of them. But if you did Google for them you'd find them at streamline-direct.co.uk and/or streamline.com.
  • Paying for domains online yesterday (at streamline), I was redirected to securesuite.com, ostensibly some Mastercard security thing, and asked to enter my credit card details a second time.
  • Barclays' (at barclays.co.uk) runs their payment gateway out of epdq.co.uk
  • Play.com hands over to playsecureserver1.com to take card details.

And just to contrast the way it's supposed to work, let's think of a few examples of big sites with secure services:

  • Amazon (www.amazon.co.uk) uses https://www.amazon.co.uk.
  • If you pay Google for advertising (adwords.google.co.uk), you'll pay at https://adwords.google.co.uk.
  • What domain does Paypal (www.paypal.com) use for secure services? https://www.paypal.com/.

It is relatively trivial for a hacker to obtain an SSL cert for an arbitrary domain, but extremely hard to obtain an SSL cert for someone else's domain and then insert his machine into their DNS. Either way, he still has to compromise a web server somewhere to get his machine inserted into the chain, but web servers do get compromised, and he would have to find it beneficial to redirect to a third-party machine rather than set up some credit-card interception on the compromised host, but that's not that hard to imagine either – maybe he can't obtain the requisite privileges, or perhaps it's less traceable to redirect to a different (perhaps also compromised) server.

Maybe I'm just paranoid, but more important than technical security measures are social measures: How can the public be expected to avoid phishing attacks when legitimate services are being given untrusted domains?

Posted in Business, e-Commerce | No Comments »

e-Commerce enquiries

Monday, October 2nd, 2006

Mauve Internet has had two new enquiries about e-Commerce sites this week, which is good. First in a while.

I suspect that there is typically a slump in the summer as smaller business owners plan more for their weekends than the future of their business. As summer has now passed, people start looking ahead more.

This does however mean that I will have to pimp my shop codebase. It really needs tidying up – lots of things that I wouldn't do the way they are done now that I've had some experience of maintaining the codebase.

I have a ton of integration to do. There are two branches to the codebase:

  • One (let's call it 'stable') has seen bugfixes and customer-driven improvements, but has been branched a dozen times and is a huge mess.
  • One has had some refactoring and more developer-driven improvements, but currently crashes due to character set issues.

After that is done, the administration interface needs to have some serious work done. Most importantly, the ImageChooser service needs to be pretty much redone. It all needs a bit of AJAX on top to make administration a more smooth experience, and I need to hook up TinyMCE to bolt in a minimal CMS.

The difficulty, if I do this work, is that I may still have to work with the aforementioned 'stable' version even though I will have a much improved next-generation version available. Perhaps I can cut a deal on that.

I'm also considering supporting osCommerce, because it would be cheaper in terms of codebase maintenance, but I wouldn't be able to make the same guarantees I can about implementation of bespoke features and use of future-proof technologies. This would be available as an alternative to my shop software.

What I most want to do is rewrite everything in Python. Python is much faster to develop with than PHP, and leads to much tidier and more legible code.

Posted in Business, e-Commerce | No Comments »