Writing useful change logs for your application

It takes a while for people to adapt to change and many resist to change due to the adaptation and complexity in integrating these changes may bring to our workflow, ClojureWerkz team posted three questions you should ask when writing a change log:

A useful project change log answers three questions:

Whether it is critical to update

Whether the release is backwards compatible

What has changed and why

A change log that covers these three points will help your users adopt new versions faster, even in some of the most conservative corporate environments. It will also make the ops people respect your project more.

Almost 3 Million users affected by the latest hack to Adobe.

Today Adobe released a bulletin stating that 2.9 million Adobe customer’s data has been stolen from their systems:

Our investigation currently indicates that the attackers accessed Adobe customer IDs and encrypted passwords on our systems. We also believe the attackers removed from our systems certain information relating to 2.9 million Adobe customers, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders.

Reading some comments from around the web some people make the argument that with so much money Adobe should not have this kind of issues but the reality is that security is a very complex subject. We do not know details on how the data bridge was performed which it will be interesting to find out in the near future.

This hits close home since currently I am working on an application that requires extra care, specially with user’s data and altho the data can be encrypted there is always the risk of some trying to access data and it only takes decrypting one string in order to get the key to decrypt the rest.

photo credit: Kris Krug | cc

SXSW by the numbers

Source: @Mashable

Spotify Terms of Service and Facebook

I opened Spotify this morning and I was greeted with an updated Terms of Service document, I don’t have time to go through the whole document this time but I was interested to see if they had made any modifications to their document when you connect your Facebook account and it seems like they are still the same so I would like to share with you some highlights of the document:

2.1 Registration data

If you connect to the Service using your Facebook credentials, you authorise us to collect your authentication information, such as your username, encrypted access credentials, and other information that may be available on or through your Facebook account, including your name, profile picture, country, hometown, e-mail address, date of birth, gender, friends’ names and profile pictures and networks. We may store this information so that it can be used for the purposes explained in Section 3 and may verify your credentials with Facebook.

Let’s scroll down to Section 3

3. How we use the information we collect

We may use the information we collect, including your personal information, to: (i) provide, personalise, and improve your experience with the Service and products and services made available through the Service, for example by providing customised or localised content and advertising; (ii) ensure technical functioning of the Service and products and services made available through the Service, develop new products and services, and analyse your use of the Service, including your interaction with applications, advertising, products and services that are made available, linked to or offered in the Service; (iii) communicate with you for Service-related purposes, including promotional e-mails or messages; (iv) enable and promote the Service, including features and content of the Service and products and services made available through the Service, such as sharing, user interactions, notifications and suggestions, and integration with third party services; (v) enforce this Privacy Policy, the Terms and Conditions of Use, and the Mobile Terms, including to protect the rights, property or safety of Spotify, users or any other person and the copyright-protected content of the Service; and (vi) as otherwise stated in this Privacy Policy.

4.2 Sharing with Facebook and other services

If you connect to Spotify using Facebook or otherwise connect your Spotify account to an Other Integrated Service, the default setting is generally that Spotify automatically shares your activity and activity-related stories with that service, including the music you listen to. You understand that such information may be attributed to your account on Facebook or the Other Integrated Service and may be published on such service. See section 5 below to learn how you can disable sharing of information on Facebook and Other Integrated Services.

Spotify also enables you to share a particular item of content, on an individual basis, to third party services or other Spotify users by using the share functionality in the Service. Please note that sharing of such content on a third party service may be posted as activity on the Service, regardless of your account settings. To share an individual item of content to a third party service, you’ll be prompted to enter your access credentials for that third party service. Spotify may store your username and an access token or similar credentials obtained from the third party service, so that you are able to share particular items of content, on that third party service, on an individual basis, without entering your access credentials again.

You understand and agree that Facebook’s or other third parties’ use of information they collect from you is governed by their privacy policies, and Spotify’s use of such information is governed by this Privacy Policy.

Using applications such as Spotify is fun, specially if you use their free service and you don’t mind the commercials but as any other business Spotify must find ways to create revenue and personal information is valuable that is why it is important to understand what happens with specific applications in the event that you connect them with your social networks (Facebook, Twitter, LinkedIn).

How my iPhone made me miss my first flight of the year

It was 2:00 AM on a brand new and sparkling year, 2011 to be exact. I was aware that I had to wake up at 3:30 am to get ready and head out to the airport by 4:00 AM, this would give me plenty of time at the airport to check-in and to make it to my flight since my flight was not taking off until 5:40 AM. This was a business trip that had been planned months ahead and that it was necessary for me to fulfill without any error. If I remember correctly I was on a conference call 6 months earlier talking about how I already had to reserve January 1st for this business trip. That is how far in advance my schedule for this trip was set up.

As an iPhone owner that has grown to rely on the integrated alarm clock I set up my alarm but something was telling me that I was going to miss the flight and I was going to wake up late, I guess its the same feeling everyone has when traveling and all of the sudden feels the fear of missing a flight. So my wife set up her alarm clock on her iPhone as well, this would help us have double assurance that everything was going to work out as planned. Now, lets remember that this is January 1st at 2:00 AM and we received the new year with two kids in bed, watching a TV show and chatting about the new events of the new 2011 so it is not like my fear was grounded due to excess of partying but rather it was probably only due to all the planning that was involved ahead of time was keeping me on my toes for this day.

When I was laying in bed trying to fall asleep at some point I considered going to the living room and doing some preliminary work which would keep me awake until 3:30 AM to get ready for the flight but I figured an hour and a half of sleeping was well worth it since I was going to be working and traveling at least until 10:00 PM the same day. Besides we had two alarm clocks, What could go wrong?

Fast forward to 6:09 AM. An email from my bank came in to report the current balance of my personal account as it does every day but this time was different, it came in with a “Bing”! which woke my wife and I. At this time I was not aware of what time it was but I knew it was later (or earlier depending on how you see it) since a glimpse of light was coming through the bedroom curtains. I knew I was in trouble. I quickly picked up my iPhone and saw it was after 6:00 AM and that there was no way I was making it to the airport to my flight, rapidly I started running ideas through my head trying to figure out what to do and how to “fix” this issue. While I was trying to figure out what to do I kept repeating to myself – I knew I was going to oversleep – I fired up the Delta iPhone app and checked for the next flights available from my city to my destination. The next flight was at 6:45 AM, I knew it would take me at least 30 minutes to get to the airport plus the flight change at the front desk and going through security there was no way I was going to make it. So I browsed through the app and the next direct flight was not until 11:45 AM. Too late.

I realized it was time to do damage control, I fired off some emails and waited for everyone else to wake up in my destination area so I could let them know that I definitely missed my flight and that I was not going to fulfill this business trip.

While I was in my home office browsing through the world news, waiting for email responses I ran across a post that stated that there is in fact a software glitch on the iPhone for January 1, 2011. After reading the post it all made sense,

1. There was not a “Snooze” screen on my phone indicating that I had slept through the alarm clock and that it tried to wake me up.
2. How was it possible that the one sound of an incoming email woke us up but not the continuous sound of an alarm?

We had been victims of the software glitch.

I fired up twitter and there multiple reports of people missing work or similar due to the alarm issue so I knew I was not alone. If you do a search in google you can find multiple sites describing the issue.

Interestingly enough some people are replying to the posts with “Give it a rest” or “It’s just an alarm clock, no a big deal”.

I will agree with some people who say it is not a big deal since it is just an alarm, but when you have grown to rely on the alarm for important occasions, it becomes a big deal. I did learn my lesson and for the important dates I will go back to a good old battery-powered alarm clock, or maybe two.

What a great way to start the sparkling new year!
* Missed first flight of the year [check]
* Missed first meeting of the year [check]

If you were in my shoes would you attribute these issues to a wonderful software glitch by Mr. Jobs or would you assume it is all your own fault?

How to use Read More in Custom Type pages

The same rule applies for Custom Types as regular pages:

[php]< ?php global $more; $more = 0; ?>
//The code must be inserted ahead of the call to the content

< ?php the_content('Continue Reading'); ?>[/php]

From the WordPress docs:

Please remember that the “Read More” tag is used only on the Home page which shows the latest posts. It does not work in “Pages”. If you want to turn it on in Pages too for showing a set of partial posts, use the following code inside the loop for the dynamic content:

More info in the documentation

Optimizing SWF files with Flex Optimizer

I found a reference to optimizing SWC files with Flex Optimizer and I figured I would run some tests through SWF files and see what effects it had in it.

To my surprise the Optimizer tool did optimize the SWF files but just by a few bytes:

Test 1:
…_concept1_v1_alt.swf (56569 bytes)
…_concept1_v1_alt_optimized.swf (56456 bytes)

Test 2:
…600_Flash_v1.swf (38164 bytes)
…600_Flash_v1_optimized.swf (38127 bytes)

I also ran a test against a custom SWF file inside a SWC file and this is the result:

…DropDown/library.swf (14810 bytes)
…DropDown/library_optimized.swf (11723 bytes)

So the SWC files are bloated with extra information no needed and can be compressed quite a bit but SWF file no love. And it does make sense since the SWF files that I was testing contain a lot of graphics but I still gave it a go.

Here you can ind more information about Optimizing RSL SWF Files.

Some things I didn’t know about TextMate and ActionScript 3

I have been using TextMate for a couple years now and I am used to write almost everything by hand. Since AS3 I have been using the AS3 Bundle and mainly it has been to highlight my code and create new documents from the Templates. But I noticed that there are a couple features that might speed up your coding by a bit.

List imported classes

After the “:” you will get a list of the already imported classes that you can use to declare the type of variable you are declaring.

Auto Import classes

If you Hold down Shift+Option+I after highlighting a Class name on your application. The class you are highlighting will be imported at the head of the file. This is helpful because you can keep coding your class and as you are making your declarations you can import the classes necessary for the application.

List class Members

If you type this.[TAB] you will get a list of properties and parameters that are available for that specific class. Useful if you forgot something, but you are a professional so you probably won’t need that.

Insert Color

Ah! You need that color but you don’t remember the hex value for it, no problem just do Shift+Command+C and you will get a color picker component where you can select the color you need and it will insert the hex value into your document. This works for HTML/CSS as well!

Documentation for Selection

My favorite by far! Highlight a word on your application, then key combo control+H and you will get a new window with options to select the right property/method you have selected and you can access the documentation directly. It can’t get easier than that.

Change Document Type

Hold Option+Control+Shift+(Letter for Document Type) and you can change document types rather quickly. When would you need to do so? Well say you are working on a HTML/CSS/PHP (or ASP) project. Now you can use the shortcut to switch document types fast.

Conclusion

There you have it, some shortcuts that might help you speed up the way you code in TextMate, Also remember you can add your own behaviors for a specific language, for example I created couple snipplets that would allow me to navigate up/down between method names (Shift+Command+UpArrow or Shift+Command+DownArrow).

YouTube Will Be Next To Kiss IE6 Support Goodbye

Accordingly to TechCrunch YouTube will stop surpport for IE6.

“Judging by this screenshot taken by an IE6 user who was watching some videos on YouTube, it appears the Google company will be phasing out support for the browser shortly. I don’t have Internet Explorer 6 installed on my computer, so I can’t verify this first hand, but illogical it seems not and a simple Twitter search shows multiple people confirming the news. Heck, some are even downright ecstatic over the news.”

For many developers it has been a nightmare to apply hacks to their code to make design fit IE6 standards and this move might help other big players help users upgrade their browsers and make the web a “better” place. With YouTube encouraging users to install other browsers such as Google Chrome or FireFox we can only hope that people understand that Internet Explorer is just a piece of software that that there are other alternatives for online browsing that give you a better experience.

WordPress VS Drupal User Management

Having the ability to create different users and give each a different role is one of the most important things within a CMS, you need to be able to control all aspects of the site (super users) and also give other users the ability to control display or content within the site without breaking it.

In our CMS test I will have 6 type of users.

  1. Super Administrator:
  2. Responsible for all the aspects of the site, create/delete/edit/publish/unpublish content, change themes and create or edit other users

  3. Site Administrator:
  4. Responsible for create/delete/edit/publish/unpublish any content from the site, change themes, create or edit other users but is not able to change the layout of the site.

  5. Author:
  6. Creates/edits/publish/unpublish own content.

  7. Editor:
  8. Creates/edits own content but can’t publish the content, they notify the Site Administrator to do so.

  9. Subscriber:
  10. Receives notifications when site content changes and is able to comment on content if content is enabled to receive content.

  11. Visitor:
  12. Access to all content that is published but is not able to edit any part of the site

WordPress and Drupal do a good job in allowing you to create different kind of users and this is where we start to see some separation between the two systems and this might be one of the main reasons why you may choose one after the other but lets see them in detail:

WordPress:

WordPress comes with 5 predefined roles (or user types) and one user, WordPress has a page that explain the roles in great detail but lets see their “Summary of Roles”

  • Administrator – Somebody who has access to all the administration features
  • Editor – Somebody who can publish posts, manage posts as well as manage other people’s posts, etc.
  • Author – Somebody who can publish and manage their own posts
  • Contributor – Somebody who can write and manage their posts but not publish posts
  • Subscriber – Somebody who can read comments/comment/receive news letters, etc.

This is great specially when you are starting and you want to create your content and define users rather quickly. In the default installation since I was the one installing the software I was automatically added as a site Administrator.

Wordpress_Users_Default

I went ahead and created the different users that we need and with WordPress was a breeze since the roles were already defined as an option.

Wordpress_Users_Added

There was one major issue with the default set up and that is the Administrator role could not be edited in a way that the role was not able to edit the layout of the site. So I still wanted the site administrator to have full control of the site content and users but not to have control of the layout. I am sure I could go into the database and alter this setting by creating a new role and applying new rules but for this experiment I am not going to go that far. I went ahead and did a quick search in Google for a plugin or similar that would allow me to create custom roles and there were about 21,500,000 results on my search (wordpress+custom+roles), so it seems to be some sort of demand for the feature.

Drupal:

Drupal has 2 predefined roles and one user each of the roles are explained within the role’s page:

  • Anonymous user: this role is used for users that don’t have a user account or that are not authenticated.
  • Authenticated user: this role is automatically granted to all logged in users.

Here is where we start to see a small gap between WordPress and Drupal. Drupal allows you to create custom roles where you can define and alter the different access levels for the users. Drupal starts to show some “muscle” here by giving you different categories for User Management, such as Access rules, Permissions and User settings.

Drupal_Users_Roles

Drupal_Users_Default

Creating roles has a lot of advantages because you can customize exactly what each user is allowed to see and do, but also you are responsible for what you allow the user to do. It is a good idea to create test accounts that will allow you to see what the new role will be able to access.

Drupal_Users_Roles_Edited

One more benefit for Drupal users is that you can customize the different emails that the user is going to recieve when new accounts are created, forgot password, no approval required, awaiting approval, blocked email and deleted email. For many of us this might not seem like a huge benefit but if your CMS is going to have your (or your client’s) personality, it is great to see that you can customize these type of details.

If the administrator creates a new account you have an option to notify to the user of their new account, WordPress doesn’t have this option.

Drupal_Users_Added

We can see how both systems have their own way of handling user management and it is evident that when it comes down to a robust CMS where you need detailed user management Drupal gives you the flexibility you need. WordPress is the “out-of-the-box” solution that allows you to create predefined users, in a blogging environment this is perfect but for a more complex setup you will need to rely on plugins or hack the software directly.

to be continued (templates)