William Cameron | Beyond the Keyboard

Pop quiz time. You're a software developer. You probably have a job. What is your most important job as a developer? Time's up! What did you say? If you said "to get another, better job" you're right! If you didn't, well, let's talk about this a little bit. Most people think their job search ends when they accept a new position. That's not at all true, though. After all, there are tons of things that can go wrong with the role you have (or just accepted): bankruptcy of the company, you hating the role you're in, discovering that the work isn't what you love, and more. In fact, you should be looking for your next role from the day you start a new job until the day you leave! Your skills as a developer mean that you are a valuable commodity. Even if your current company doesn't recognize your value, somebody in the market will. Of course, all of us want to attain the best job, the one that we fall in love with and never w

Recently, somebody asked me to take a look at a product they had, and give them some information on what I could do to improve it. Their product was a simple survey tool, focused on gathering data from users they invited or that had paid to use the tool. It seemed straightforward enough. Sure, I had a few concerns: the site had been outsourced, and this person wasn't a technical individual, but I figured I could take a look. What I found was pretty shocking. Passwords stored in plain text. No SSL encryption for logins or credit card data. A complete and total lack of any kind of password policy. And this was before I even got into the code. Too often, it's easy to forget about security considerations when we're working on building something for a client. Security is one of those things that it seems people learn once and then assume they know, like riding a bicycle. But it's not. Security is an ongoing learning process. When was the last time you stepped out and too

In today's threatscape, antivirus software provides little piece of mind. In fact, antimalware scanners on the whole are horrifically inaccurate, especially with exploits less than 24 hours old. After all, malicious hackers and malware can change their tactics at will . Swap a few bytes around, and a previously recognized malware program becomes unrecognizable. Sure sign of system compromise No. 1: Fake antivirus messages In slight decline these days, fake antivirus warning messages are among the surest signs that your system has been compromised. What most people don't realize is that by the time they see the fake antivirus warning, the damage has been done. Clicking No or Cancel to stop the fake virus scan is too little, too late. The malicious software has already made use of unpatched software, often the Java Runtime Environment or an Adobe product, to completely exploit your system. Sure sign of system compromise No. 2: Unwanted browser toolbars This is probably the seco

Anybody who does object oriented development quickly learns about type hinting - the process by which you can indicate to one object another object it should expect. Remember this example from the last post? <?php class MyClass() {   public function __construct(MyObject $mobj) {     $this->myObject = $mobj;   } } But type hinting alone is not sufficient to loosely couple our objects. In fact, even though we are injecting our dependency in the initial example, we're type hinting on a concrete object, meaning that we are tied to that specific object for all future iterations. Sure, we can mock it for testing (which is an advantage), but we can't easily subclass it and use it elsewhere. Fixing the Type Hint Tight Couple It's easy to fix this particular tight coupling problem. To do so, we can draw back on our knowledge of SOLID principles, namely the Dependency Inversion Principle, which states: Objects should rely upon abstractions, not concretions. F

What Is Tight Coupling? It would help to define exactly what the problem is, in order to solve it. Tight coupling, in object oriented application, is an abnormal dependency between two unrelated objects. This usually manifests itself in a few different ways; today we're going to talk about the first type: the object creation tight couple. The Object Creation Tight Couple Have you ever seen or written code like this? <?php class MyClass(){   public function __construct(){     $this->myObject = new MyObject();   } } We've all probably observed this. Even if it's in another method besides the constructor, we've all seen code that creates other objects. The culprit here is the new keyword. This keyword creates an object, but the creation of an object tightly couples one object to another. It's impossible to easily swap one object for another. Solving The Object Creation Tight Couple There are a few easy ways to solve this particular type of problem. The first is w

When it comes to ecommerce analytics, business owners and marketing managers typically focus on metrics like conversion rates, number of transactions, and average order value. These are valuable, and should be monitored. After all, measuring such outcomes is what directly impacts revenue and the bottom line. Thanks to Google Analytics as well as Mixpanel, Flurry, Site Catalyst, and other analytics platforms, these ecommerce metrics are readily available to site owners. While focusing on the outcomes is key, close attention to tracking user behavior and interaction with the site or mobile app will also yield significant incremental improvements. Here are five interactions you don’t see a lot of people measuring, when they really should be. Product Categories You can easily report on top products, what’s selling, and what’s not selling on your website. However, go beyond that and consider rolling up your reports to the product category level. Some categories can be driving more

In computer programming, SOLID (Single responsibility, Open-closed, Liskov substitution, Interface segregation and Dependency inversion) is a mnemonic acronym introduced by Michael Feathers for the "first five principles" identified by Robert C. Martin in the early 2000s that stands for five basic principles of object-oriented programming and design. The principles when applied together intend to make it more likely that a programmer will create a system that is easy to maintain and extend over time. The principles of SOLID are guidelines that can be applied while working on software to remove code smells by causing the programmer to refactor the software's source code until it is both legible and extensible. It is typically used with test-driven development, and is part of an overall strategy of agile and adaptive programming. S - SRP - Single Responsibility Principle - A Class should have only a single responsibility. O - OCP - Open/Close Principle - Entities shoul

For the 2013 holiday shopping season, consumers will increasingly rely on marketplaces and comparison-shopping channels.  Amazon, Newegg, Ebay, Google Shopping — all have huge numbers of motivated shoppers.  Ecommerce merchants large and small can sell on these channels. But not all of them will do it profitably.   1. Products. Identifying winning products is the first step. Research last year's best sellers, evaluate new products, and consider niche offerings and up-sells.  2. Sourcing and inventory management.  Ensuring product availability is crucial. The necessity of placing orders early and check for add-on items. 3. Product content and feeds. Compelling images, descriptions, and videos are all important for selling products on marketplaces and comparison-shopping channels. Optimize your product content and data feeds. 4. Pricing. Understanding your margins is vital for profitable multichannel selling. Understand dynamic pricing and strategies for mass-market pricing. 5.

Lots of developers understand that object oriented code offers advantages over procedural programming. And so, they begin working on creating objects in their own projects, and eventually feel pretty good about what they've done. After all, if they're using objects, their code must be object oriented, right? Well, not exactly. They quickly find out just how limited their code is when they try to implement the concepts of object oriented programming, like reuse and extensibility. And they quickly find that their code is really procedural code wrapped up in classes, not the grand object oriented application they thought it was. But how can you know ahead of time what kind of code you have? Is there a set of tools you can use to determine if your code is truly object oriented, or is it just procedural code wrapped in classes? Let's take a look at the hallmarks of truly object oriented code and find out. Object oriented code splits responsibilities between classes. The big

Add link back to category that allows sort-by-customer-review. Include star ratings on cross-sells. Use Expert / Staff Reviews Show money back guarantees right on product page when available. Allow customers to ask and answer questions on your page. Include manufacturer’s website URL and contact number on the product page. Enable comments on customer reviews. Know when to offer live chat. Source: http://www.getelastic.com/thinking-positively-negative-reviews/

Shopping cart abandonment is an epidemic in online retailing, with some companies reporting that more than 60% of checkouts end without a conversion. Preventing even a relatively small percentage of these abandoned carts would significantly improve revenues and profits. While purchase price and shipping costs are the leading reported causes of shopping cart abandonment, ease of use is close behind. Fighting Frustration One increasingly popular method used to slash cart abandonment rates is to introduce single-page, Ajax-driven checkout forms that combine the convenience of a single page format with asynchronous form validation. As we start this discussion of the pros and cons of single-page, Ajax checkouts, I need to describe why these two methods—one pagers and Ajax—are employed and what frustrating problems they seek to solve. Single-Page Checkout is Faster, Easier to Understand Single-page checkout is faster and easier so that more customers convert. When you're trying t

Recent studies indicate that 7 out of 10 online shopping carts are exited before a sale is completed. This abandonment rate seems to be rising, as online shoppers become more comfortable comparing prices and other product or service attributes. SeeWhy , a website conversion service, reported that shopping cart abandonment rates rose from about 71 percent in mid-2010 to 75 percent by June 2011. These figures are much higher than the rates of about 46 percent that Forrester Research reported in early 2010. In the past, each cart abandoned was seen as a sure sign that a sale had been lost, but this may not necessarily be the case. “Shopping cart abandonment is an important part of the normal buying cycle for many customers and for many types of purchase,” wrote Charles Nicholls, founder and chief strategy officer for SeeWhy in a whitepaper on the topic. “This leads to the conclusion that abandonment, rather than being a rejection of the brand’s value proposition, can be a step in

An abandoned shopping cart is like a broken promise. For the merchant, there is a lost sale and unclaimed revenue. For the shopper, there is an unfulfilled need or want. Fortunately, a quick series of cart abandonment emails may renew that promise, helping both the customer and the retailer. Roughly two out of every three (67.35 percent) ecommerce shopping carts are abandoned after consumers have selected items and placed those items in the cart, according to April 2013 data from the Baymard Institute , which averaged documented online shopping cart abandonment rates from 19 separate studies conducted in the last few years. Shopping cart abandonment can happen for a number of reasons. Forrester Research, as an example, has consistently blamed shipping and handling costs. Imagine that a shopper finds the perfect $25 item, adds it to the cart, and learns that it will cost another $15 — more than half of the product’s price — just to ship. At other times, a shopper might have become

Key performance indicators (KPIs) are a mode to measure and monitor the performance of an organization, business unit, department or specified activity. They are focused on activities that are critical to the success of the business. It is not to be confused with Key Result Indicators (KRIs), Result Indicators (RIs) and Performance Indicators (KIs), which serve slightly different purposes. KPIs have to be chosen carefully in order to give valuable information. On one hand, the target has to be defined clearly to choose the correct measure. Once, this has been defined, the adequate KPIs have to be chosen. These should be defined in a way that is understandable, measurable and meaningful. So, there must be a strong link between the activity measured and the input factor observed. This depends very much on the department and the specific activity in question, because a KPI should tell the manager in the end, what actions need to take place. To give an example: The number of parts reject

There are 10 mandatory KPIs used to track performance, return on investment and conversion rates for ecommerce websites. Known as eCommerce KPI - these ratios and percentages are used in addition to traditional conversion rates and return on investment calculations. These KPI need to be trended over time ideally month after month, but can be as granular as weekly measurements. Once there is a year's worth of data, seasonal fluctuations will become apparent, as well as site performance measurement indicators. When analyzing performance and overall ecommerce health, these KPI need to be compared against the same time last year. This takes seasonality out of the equation and factors for sustainability. AVERAGE ORDER VALUE (AOV) - total revenue divided by orders BUYING SESSIONS - visitor sessions with a purchase divided by total sessions NEW VS RETURNING VISITOR % - new visitors divided by all unique visitors RATIO NEW to RETURNING VISITORS - new visitors divided by returning visi

who are you and how did you find my blog? Are you from Germany, using Internet Explorer on Windows?  If so you make up the highest portion of my visitors.. thank you. If not, thanks for visiting.. you are the minority, I need more people like you to visit to make you become the majority.

Small brick-and-mortar retailers can find new customers, experiment with new products, and generally grow their business when they start selling online. For established retailers, the first steps toward ecommerce often begin with product preparation, software selection and integration, and learning about online marketing and customer service. Ecommerce is a fast expanding retail segment, growing 20 percent in the United States in the first quarter of 2013. Based on estimates from the U.S. Department of Commerce and the IBM Online Retail Index, total ecommerce sales excluding travel and automobiles may have been as much as $50 billion in the first quarter. Find out more at http://www.practicalecommerce.com/articles/4065-How-to-Sell-Online-if-You-Already-Have-a-Physical-Store

You don't have to be a bank to be worried about being hit by a Distributed-Denial-of-Service attack these days. With hackers who pull off these costly take downs getting stealthier and more vicious, security leaders across all industries need heed these tips to be prepared Security execs have never been comfortable talking about these attacks because they don't want to draw more attention to their companies. They worry that offering even the basic details of their defensive strategy will inspire attackers to find the holes. But many companies are finding themselves under attack for the first time, and their security chiefs need answers if they're going to fight back. Tight lips sink company defenses Be ready for real-time defense adjustments Don't rely only on perimeter defenses Fight application-layer attacks in-line Collaborate Have your playbook ready Watch out for secondary attacks Be worried, even if you're not a bank Why not checkout  http://www.

Cryptographic researchers Ari Juels and Ronald Rivest (the "R" in RSA) have come up with an interesting idea aimed at helping to detect attacks on web application databases. It is based on storing fake passwords as bait and sounding the alarm when an attempt is subsequently made to use one of these fake passwords. The idea involves storing what they have dubbed "honeywords" for each user in the password database alongside their actual password. An attacker who gained access to the database would be unable to distinguish the honeywords, which would also be stored in the form of salted hashes, from the real password. If attackers were then able to crack the stolen hashes, they might well use them to try to log into the associated web application. If such an attempt were made using one of the honeywords, the web application would know that the access was unauthorised – since the account's legitimate owner has no access to the honeywords, any honeyword used must

This proved quite an interesting job, and took a bit of time to get this down  to a tee.  I do have a working version of some database tests which I will post at a later day with a complete working PHPUnit example of using a YAML dataset for tests. keep watching.

A few years ago, small ecommerce business owners invested a good part of their marketing budgets on search engine optimization. Their goal was typically to obtain the highest possible search rankings, to capture as much organic traffic as possible. Many businesses used that as their core tactic for search engines. Organic traffic was considered free. If they did a good job, they had a shot at the first page of Google's search results, where the majority of clicks occur. They could even break into the coveted top five positions, above the fold. A strategy might have been to drive 70 percent of search traffic from organic listings. Organic Traffic Risky But seasoned merchants know they can quickly be dumped off the first page of Google with an algorithm change. If you’ve ever changed platforms or the navigational structure of your store, it’s likely your rankings suffered. Things like personalized search results, local results, and suggested keywords have also altered the search

Are you looking to refactor your existing codebase and don't have a clue where to start? Start with a block of code, a big function, a class, anything that you just look at and think WTF, where do I start!. Make it simpler, better, more modular. Apply today's best practices to the code, even if you don't think it will make much of a difference. Rename variables to be more meaningful, extract some of the methods or if statements into separate functions. And do the same thing the next day. And the day after that. Pretty soon, you'll begin to realize major rewards from minor efforts. And, you'll also reach a point where major structural changes will both be possible and reasonable - and, if you've done your job right, not all that hard. Slow and steady wins the software race.

The premise of TDD is to write tests that satisfy that a piece of functionality is working as expected. Be this a unit of code (unit test) or a higher level feature (acceptance test). A test should be written to fail. (Red) Simply enough code should be written to make this test pass (Green) Code should then be tidied up and optimised (Refactor). This is inline with the Kent Beck model of Red, Green, Refactor for Test Driven Development.

ATDD or Acceptance Test Driven Development is often referred to as BDD or Behaviour Driven Development. This is the practice of writing high level acceptance tests, understandable by business and customer level, in satisfying that a piece of work does what it is supposed too. Focusing on the behaviour of the system from the customer or users perspective, allows the project to progress from a functionality and behaviour perspective, so that once the system does what it's meant to do its complete. Acceptance tests will usually be ran at the project level, where it is possible to get an overview of the state of a project by running these, and see what percentage pass, determines what percentage of the project is complete.  Inline with these, developers may use separate Unit Tests inline with each acceptance test focusing on the units of code that make up an acceptance milestone.

Do you often wonder where to start with TDD?  Is it more hassle than its worth?  Well yes and no, and I guess its down to how passionate you are about your code. Check out http://www.phpunit.de  the industry standard for writing Unit Tests on your PHP code.

As the online and offline worlds converge, mobile commerce has the potential to eclipse desktop-based ecommerce and, perhaps, even replace a significant portion of traditional retail shopping. Mobile-driven online sales in the U.S. are expected to reach $2.12 billion in 2013 and explode to about $62.2 billion in the next three years, according to an eMarketer report . With such phenomenal growth, some change is bound to come. There are at least seven ways that mobile commerce is likely to change retail shopping and marketing. Online and multi-channel retailers should start preparing for these changes now. 1. Website Design Adapts Online sellers are already working to build responsive sites that change size and layout in response to the user’s device or device orientation. By next year, responsive design will become imperative. Merchants that have not optimized for smartphones and tablets could see an impact to the bottom line. 2. Marketplaces Become More Important Regardless of

Key performance indicators are becoming common in large corporations as a way to measure and monitor the success of key activities. But they can also play an important role in any sized ecommerce business. A KPI — key performance indicator — is simply a measure of some process, event, or activity. An example is checkout abandonment, when shoppers exit before completing an order. This KPI should be monitored closely by all ecommerce businesses. If it is typically 10 percent and suddenly goes to 15 percent, that may be an indicator that something is broken on your website, like your SSL, your shipping estimator, or your credit card authorization. By monitoring that KPI daily, you will mitigate the risk of losing business if something breaks. Establishing KPIs KPIs differ among businesses. For example, large corporations monitor the time between orders and final payment, striving to reduce that cycle. For an ecommerce business, checkout abandonment is an important KPI and lowering tha

There is a question going around about whether a PHP function should return a response. Is a function (or method), that does something and doesn't return anything any good? And I personally think - no its not good. A function should ALWAYS return something. Even if its true or false, $this or mysql_insert_id(). The main reason being that, if a function simply executes and does its thing, without returning anything, there is no way to verify if that function has executed successfully. If a PHP function call returns null once completed, but also returns null if there was an error of some sort, how does the developer know if it ran ok. Simply returning true, so you can verify if it ran as intended, or even throwing an exception is some form of return value, so if there is an issue this should be picked up by the developer and they can rely on their code working as intended.

Well it's been 1 year to the day since I launched this Blog and I've done better than I thought with posting some information people might find useful. Not the highest traffic site in the world yet, but hey, it's my own little space and if you're here - Thanks for visiting. Where's the Cake?

Do web project specifications exist? And is it possible for a project to actually come in on budget, time and with all the promised features? Some camps argue that the Traditional Waterfall model just doesn't fit the bill, and Big Design Up Front (BDUF) cost too much.

Ten Tips for Constructing an Agile Database Development Environment that Works