Monday, September 8, 2014

Making a "Simple" Site is Damn Hard

If you're somehow related to the IT field (you're a sys admin, a QA, a Project Manager, or even a programmer) you surely got at least one request from a relative who just opened a business, to create them a "simple" website. This term - "simple" - lies anywhere from some texts that don't need to be updated in the future, to online stores or web scale streaming platforms. How hard can it be? it's just a "small" web page after-all. You're in luck, my friend. This post is here to help you make them appreciate the simplicity of web sites.

 This impression, that to build a good web site is so simple that even the nephew of one of my wife's cousins who's only in his 9th grade is able to do, is our fault.

We, the people from IT, fail to communicate properly how complex and what a big deal it actually is to have a "Hello World" correctly displayed in a web page. After all, there might be a reason (related to social and communication skills) why when you ask somebody what job this guy
has, most of the people will say he's an IT guy.
People are ignorant by definition and this also includes us, the software developers. If you start talking to me in nautical jargon, I'll most probably understand only your linking words and phrases. Why should we expect from our non-technical peers to understand that in order to avoid sql injection attacks on their "small" web site, we have to use prepared statements or ORMs? Or that they want their site protected against cross site scripting vulnerabilities and we have to use some sort security encoding library or framework? No, they don't have to know all this and it's absolutely normal for them to expect to have a web site that in a month or so after you finished, it will still display their content and not some commercials to the blue pill for men or genuine fake watches.

They instead can, and actually should understand, that software development is hard. The simplest way to convince them that web development is a difficult process is to ask them to press ctrl+u (if they use a PC and Firefox or Chrome as browsers. If they use other "browser", one of the most helpful advice you could give them is to switch to a real browser) and have a quick glance at the source code of any web page.

And then explain them that all the gibberish characters they see there is actual code that a programmer (most probably you) has to write, all of it. And then, tell them that if instead of jQuery you happen to write jquery, none of that part of the code will work anymore.

Next, let them know that the whole process of building a "simple" web site is a stream of decisions that you have to make:

  • Will you design the site from scratch? Will you buy and use an existing theme (disclaimer - that link contains my referral id to the themeforest site)? 
  • Will they require a CMS?
  • What features will they need on the site? (shopping cart,  newsletter, contact form, forum, blog, calendar, polls, etc.)
  • Will you implement the above features by yourself or you'll re-use existing solutions?
  • What kind of hosting will you recommend (dedicated server, VPS, shared hosting, etc)?
  • etc

Of course, you'll have to take some of those decisions together with the beneficiary of the web site, but most of them you'll take by yourself. The fact that you take as many of those decisions by yourself and get off the burden from the shoulders of your potential client, will increase their appreciation of your work because having to make too many decisions increases the anxiety of normal people.

Please notice that I haven't even brought into discussions the decisions related to:

  • What programming language should I use? (although it should be Perl, obviously)
  • What framework should I use?
  • Should I use a relational database, or some no-sql technology?
  • What's the caching strategy that I'll adopt?
  • Full-text search solution?
  • Hosting OS?
  • What web server should I use in production?
  • etc

I haven't mentioned these kind of questions, because they don't concern average Joe. The ignorance of normal people regarding those questions is absolutely normal, and we should only bring them into discussions when we want to be seen as some special kind of smart asses. It's like someone would've told me that he tied a becket hitch  instead of tying a knot. I'm not a walking wikipedia to know everything and neither are our non-technical friends. 

In conclusion, the more you make regular people understand why software development is a complex process, the less difficult will be for them to appreciate your work and accept your hourly rate. Share this article with your friends and help them become a little less ignorant regarding the complexities of web development.


Want to see some of my work? have a look at PRForge - a crowd speaking platform where you amplify your message with the help of your friends and brand ambassadors across different platforms (for now we support facebook, twitter, reddit and hackernews). We'll soon open the private beta, so leave your email address in the form there, to catch a seat in the first row.

Wednesday, April 23, 2014

Facebook Authentication in Perl with Mojolicious (Lite)

Below is the minimum you need in order to have a web app that provides Facebook authentication.

Although there are less than 100 lines of code (including comments), this is a complete Facebook application implemented in +Perl  , using the +Mojolicious web framework. It provides Facebook authentication and accesses user's Facebook username. Of course, with proper scope settings it could also access user's list of friends, the pages that the user manages, or many other interesting things that Facebook offers access to.

So, the complete app:

In order to make it work, you have to first create a Facebook application and then fill in the values for $config->{facebook}->{app_id} and $config->{facebook}->{secret}  with the values provided by Facebook on the application Settings page:

Also, you have to provide a Site URL to your Facebook app. This is the URL where the user will be redirected after Facebook authenticates him. In our app, the URL is  - of course, is not a valid domain, but an alias I made in /etc/hosts that points to the IP of the machine that runs our Mojo Lite app - Facebook seems to be OK with this URL.

After you have installed the dependencies:

You can start your app in dev mode by executing: morbo facebook

When you click on the Click here to authenticate with FB link, you (and your users) will be redirected to Facebook and presented with a screen like this

After you authorize the app to access all the scopes set on line 39, Facebook will redirect you back to your app. Note that this authorization phase is done just once - after that, every time you log in with that account, Facebook will simply redirect you to the app.

If you read this far and liked the article, get rid of your shyness and share it using the buttons on the left :)

Sunday, January 5, 2014

Voting Rings - Bad or Good?

Voting rings can be a low cost alternative to AdWords and Facebook ads to promote high quality content.

What are voting rings or voting cliques?

Reddit, in their faq section, answers to the question What constitutes vote cheating and vote manipulation? with:
 A "vote ring" is a group of people who agree to vote on certain things together, either a specific submission, a user, a domain, or anything like that.
And they, not only discourage this type of practice, but they explicitly forbid it. Other websites that highlight voted content like hacker news, digg, delicious, stackoverflow, quora and basically all the rest, also forbid the practice of participating in voting rings.

Why are voting rings so alluring

Because it helps you get on the front page of hacker news, or of any popular reddit thread - and this, my dear reader, brings a huge amount of traffic to your site. 

As an example, my post titled Why I'll never leave Romania as a software developer was on the front page of the /r/programming thread on reddit for one day. As a result, the post got 26k visits, most of them from reddit. And the visitors were highly targeted people, all interested in programming. 

You don't have to be a rocket surgeon to estimate that, at a modest cost of 30 cents/click with AdWords, this amount of traffic would've cost 7800 dollars. Imagine what happens when you are on the front page on /r/technology (which has 10x times more subscribers than the /r/programming thread) or reddit itself.

Most of the algorithms that decides what post to be on the front page are based on a combination between the number of votes it receives, and their recency, such that, the more votes a post receives right after it is posted, the upper it gets on the front page, thus being exposed to a bigger number of readers, increasing its chances to be upvoted even further. 
On the contrary, no matter how good an article is, if it doesn't get a few upvotes early on, right after it is submitted, it will go down the drain on the path of internet forgetfulness.

Voting rings are a current practice of internet activity

If you love a certain's author style, there are big chances that you like, share, tweet or upvote the content they publish, creating a voting ring, so the better an author is, the biggest their voting circle is, the bigger the chances that their content gets featured on social networks and so on. Indeed, you might say, having many followers, the author has proven track record that they create notable content. 
For the rest of us, the mere mortals, things are a little bit different - we have to be proactive in promoting our content in order to have it exposed. 

Unfortunately, this proactiveness is considered bad practice and it might get your account banned from the vote enabled, content bubbling sites. Fortunately, it is difficult to accurately identify voting rings, especially due to the fact that popular authors posts look liked they're promoted through voting ring schemes.

So, whether you explicitly ask your friends to upvote your submission or you share your submission on your social network profiles, you encourage your friends to upvote your creation, thus you are susceptible of ad-hoc voting rings creation. 
In my opinion, voting rings are a reality, whether they're good or bad is debatable, but, when I spend 3, 4, or even more hours to write an article, I want to make sure it gets all the possible feedback - be that positive, or negative, so it seems normal to promote it on all the channels I can and ask a few friends to help me with it. 
I don't even know if there's anyone to be featured on the front page of any popular social content aggregator who got there without help (ie early upvotes) from friends or acquaintances. If you have knowledge of highly popular content that got its notoriety without some initial boosting, please mention it in the comments section of the article.


I'd say that voting rings are a natural way of association among individual. It happens day by day in our offline lives. It happens when we ask for endorsements, it happens when a political party or NGO starts a social movement or a protest and the examples could go on and on. 
So, creating a voting ring to give you an initial boost to your content is a good thing. The people in the community will take care and show you the place where that post belongs in an instant anyway, by upvoting or downvoting it.
Why would we ban those practices from the online environment? I expect the online world to be an enriching experience to our offline lives, not a restricting one. I expect it to offer at least what the offline world offers (in the limits of the current technology available, of course), and a little more.

The worst case scenario would be when a group of, lets say, 1000 people group together and act in a monopolistic way against the community they're part of, by keeping the front pages filled only with their content. Such a group of people will take time to be created and there are little chances that just one group will be. There would be more groups, acting in opposition, simply balancing the focus the internet gets.

An Experiment

Not long while ago, together with a group of friends, we created PRForge. It is thought as a platform for audience amplification. Whenever someone posts a link in a group on PRForge, the link gets spread on the social properties of all the members from that group, thus amplifying the total reach of that piece of content. The social platforms supported until now were just Facebook and Twitter, but starting the last days of 2013, we implemented reddit and hacker news upvotes:
If this post convinced you that voting rings are OK to use, join the group on PRForge and be part of the voting ring I created. 

After you sign-up, install the firefox plugin from the link 
Go Get It Champ
which is on the left sidebar. 
Let that Firefox instance running with a Reddit and Hacker News account logged in. Whenever an authorized to post member of the group will submit a Reddit/HN link, it will be automatically upvoted by all the members of the group. 

In order to become authorized to submit links, let me know in the comments section of the group. 
After you sign up you'll be also able to create your own, private groups.

Please note that although PRForge's main functionalities are working right now, it is in a really early release and there are things that will not work. Please bear with us while we fix the glitches that will appear.  

If you read this far, you might want to follow me on twitter