Blog


Emerging Technologies in Human Resource Management

Emerging Technologies in Human Resource Management

Jacob Beasley

For the past few years, I have been working in the business of Information Technology. Recently, I was brought on board as the Chief Information Officer of Splayback.com, a sports video website that also specializes in fund raising for sports organizations of all sizes. In the process of performing this role, I have learned a little bit about what is out there for automating human resource management. Additionally, in a previous employment, I was Chief Information Officer for a financial services company. In that position, I successfully implemented just about every piece of software explored in this paper. I will be writing about what I consider to be the easiest areas of human resource management to automate: recruiting, training, and processing paperwork. I have chosen these areas due to my own experience. After reading this paper, you should expect to be familiar with software, companies, and methods of automating your human resource management.

Without the proper employees, a company really cannot function. There are really two ways, in my experience, that recruiting can be automated: it can automate the search for people who are good candidates and it can automate the processing of their resumes. Before you can hire anyone, you need to get their resume. One of the simplest ways to do this, is to post an available position on a website, such as monster.com or craigslist.org.

Posting a job position on a website is not free; it can cost anywhere between thirty dollars and thirty thousand dollars, depending on where you post and the number of cities you wish to post in. So, you want to find the website that gives you the most coverage for your dollar. What you really need is a way to compare two different websites’ traffic, but does such a way exist? Yes, there are two major ways of doing this: you can compare their “Alexa” ratings or compare how often they are searched for using “Google Trends.”

Lets begin by using Google Trends to compare monster.com, jobs.yahoo.com, and craigslist.com. Now, this is not an exact science, but it is still useful to do the comparison. To do this, you begin by going to http://trends.google.com/. From there, you search for the terms you are looking for, separated by commas. To compare these three sites, I would type the following

into the search box and click search: “monster.com, jobs.yahoo.com, craigslist.com”. You may want to try variations on the name, such as “monster jobs” or “yahoo jobs,” just because sometimes people do not search for the exact url. After a few searches, you will see “big trends.” The graph to the right shows a search I did. Clearly, Monster.com had been the dominant player over the past few years, but ever since the end of 2008, Yahoo Jobs and Craigslist have been catching up. The graph on the left shows that for some sites, such as yahoo.com (which is not even on the map), the initial results can be misleading. You need to “think like a searcher” and pick terms that a person searching on Google would choose when they want to find a site. After all, not many people would search for “yahoo jobs” by typing in “jobs.yahoo.com.”

Alright, so Google Trends has its shortcomings. I admit it, but where it leaves off, Alexa picks up. Alexa is a piece of software that users can install that allows Alexa.com to track what webpages they go to. The more people who go to your website with the Alexa toolbar installed, the higher your site is rated on Alexa.com. Initially, this might be considered a “privacy concern,” but many businesses have its employees use the “Alexa Toolbar” in order to improve the business’ own Alexa rating. Additionally, many advertisers use Alexa ratings in order to judge the quality of advertising space (Maki). Through the use of Alexa’s ratings, we can judge how one job website compares to another.

So, you have posted your ad, but suddenly you receive 500 resumes. How are you going to be able to “quickly sift” through that many to pick out the best, say, 20 or 30 resumes? You need a system where resumes can be uploaded by potential job applicants. For this, I want to talk a little bit about Zoho Recruit, which can be seen at http://www.zoho.com/recruit/index.html. If you are ever in the position of dealing with thousands of new resumes, then I want to take a moment right now to encourage you to check Zoho Recruit out. From my past experience, it allows you to have a series of job postings, a series of recruiters, and a series of potential applicants. It then allows you to setup some basic filtering for the job posting and then filter your potential applicants based on that data. It is very simple to use and even easier to deploy. It all can take as little as 20 minutes from start-to-finish. Pricing is based on volume, but is extremely affordable. Additionally, it allows total private labeling, so nobody has to know you are using an off-the-shelf product.

Once an employee is hired, they need to be trained. One-on-one training is time-consuming and, as an organization grows, inevitably your employees will need to be re-educated on a regular basis. Though it may be practical to hold weekly training meetings, many businesses are finding that it is useful to use video tools, a “company wiki,” or web-based quizzing to make sure that their employees are well-educated and equipped.

Lets begin by exploring the use of video tools. These days, everyone is familiar with Youtube, but have you ever considered using video within your corporation for training, documenting procedures, and motivating employees? Youtube is launching a corporate version of their platform (Cashmore). Personally, I have encouraged people in the past to use Clip-Share or PHPMotion. Both can be setup for under $500 and thrown onto a webserver for under $100 per month. For a company that already has an IT department, it can be a great alternative to traditional training approaches. It is especially useful when your staff are not in the same area.

Wikipedia is synonymous with information these days, but what exactly is Wikipedia? Well, Wikipedia is just the largest site running the Wiki software “MediaWiki.” MediaWiki is totally free software, so installing it on your company’s server is easy. It takes less than an hour to get it setup and configured just the way you want, presuming you have a programmer on your staff. A wiki works like an encyclopedia that anyone can edit. Of course, MediaWiki does allow you to prevent just anyone from editing, but that is just a matter of having the proper configuration. Wikis can be used for documenting corporate policies, competitors, or just storing a list of commonly used documents for the staff. It is web-based, so if they have a web browser on their phone or computer, all the staff will have access to it without installing any software (“MediaWiki”).

Sometimes, a business may feel the need to train its employees in a fashion that is more “ordered.” They may want to setup a sort of “online college” for their staff. It could, for example, automate the orientation process for hiring new employees in other states, or be a way for the company to test every employee on changes to company policies on a monthly basis, thus allowing management to quickly know who to train based on their test scores. One tool that I have used in the past for this is called “Moodle.” It is completely free, easy to setup, and has literally hundreds of free add-ons created by other companies and schools who use the software (“Moodle.org: open-source community based tools for learning.”).

When I first started by own business, I was faced with seemingly insurmountable amounts of paperwork for hiring new employees, running payroll, and doing all of this in compliance with federal, state, and local regulations. I needed someone to help me out. I found Paychex, though there are a number of other payroll processing companies in the industry. Paychex targets small businesses and takes on the liability for any errors that they make, so they were a natural fit for me. I was just starting out and not large enough to warrant someone whose sole purpose was Human Resource Management. By hiring a third-party to process all of the paperwork for me, it allowed me to focus on running my business rather than on preparing professional looking paychecks for my employees. Additionally, they have automated the entire process electronically, so all I have to do is give them a call once a week and let them know how much to pay everybody. They then handle automatic deposit, taking out taxes, filing those taxes with the state and federal government, and allowing my bookkeeper to check all of the financial information online. They even integrate with Quickbooks (“Payroll by Paychex.”).

Though payroll is the most basic element of pay, it is not all of what is involved in rewarding employees. In this day and age, many people expect healthcare and retirement benefits. Additionally, our government provides tax incentives to provide these to employees, so it makes a lot of economic sense to do so, but providing all of this can be very challenging. It requires a lot of complicated paperwork; I would not even know where to begin. Luckily, there are companies out there that specialize in benefits processing. Like Paychex, they have leveraged proprietary computer software to automate the entire process. One such company is benefitprocessing.com (“Benefit Processing, Inc.”).

The modern business environment is increasingly competitive, and to succeed, an organization must be able to adapt and improve efficiency. Technology is one way they can do this. By leveraging modern technology in recruiting, training, and processing, I have been able to flourish in my career, quickly advancing myself from a novice computer hobbyist to the Chief Information Officer of Splayback.com. The one piece of advice I leave you with is this: All technology must be both practical and easy; if it is not, people will avoid it and it will be a waste.

Works Cited

“Benefit Processing, Inc.” Benefit Processing, Inc.. Benefit Processing, Inc., n.d. Web. 5 May

2010. <http://www.benefitprocessing.com/>.

Cashmore, Pete. “Introducing Youtube, Corporate Edition.” Introducing Youtube, Corporate

Edition. Mashable, n.d. Web. 5 May 2010.

<http://mashable.com/2007/07/18/youtube-enterprise/>.

Maki. “20 Quick Ways to Increase Your Alexa Rating.” 20 Quick Ways to Increase Your Alexa

Rating. Dosh Dosh, n.d. Web. 5 May 2010.

<http://www.doshdosh.com/20-quick-ways-to-increase-your-alexa-rank/>.

“MediaWiki.” MediaWiki. MediaWiki, n.d. Web. 5 May 2010.

<http://www.mediawiki.org/wiki/MediaWiki>.

“Moodle.org: open-source community based tools for learning.” Welcome to the Moodle

community!. Moodle, n.d. Web. 5 May 2010. <http://moodle.org/>.

“Payroll by Paychex.” Payroll by Paychex. Paychex, n.d. Web. 5 May 2010.

<http://www.paychex.com/>.

  • Share/Bookmark



Preventing Hacking 101 By Jacob Beasley

As Sun Tsu wrote in his book, The Art of War:

So it is said that if you know your enemies and know yourself, you can win a hundred battles without a single loss.
If you only know yourself, but not your opponent, you may win or may lose.
If you know neither yourself nor your enemy, you will always endanger yourself.

In the context of business, a businessman or businesswomen needs to understand how to secure themselves from threats, internal and external. Understanding the basic types of attacks is the foundation to, metaphorically, “knowing your enemies.”

Why People Hack?

Traditionally, hackers were split into two categories: white hat hackers and black hat hackers. The idea was that black hat hackers did things illegal purely for evil, personal gains (hot women, drugs, etc) and white hat hackers ran around with angel wings helping companies test for potential security risks.

I should also point out that there is another kind of hacker generally called a “Script Kiddie.” This kind of hacker is somebody who does not know what they are really doing, but might have a few tricks up their sleeve (maybe spent a couple hours Googling on how to hack or something). This is probably the disgruntled employee who just wants revenge, or the ex-business-partner wanting something that isn’t there’s. Be aware of who these potential people could be and what their level of skills are.

The tools of the hacker

A hacker, these days, generally has a relatively modern computer, an internet connection, and a few “tools” to be successful. These tools consist of software for tracking network traffic, trying hundreds of passwords, or preforming other basic attacks. Many of the more advanced attack require a computer with Linux, though many of the basic ones (the ones described in this article) can be done on a Windows machine (probably Mac too).

Tool 1: Sniffing

You’d be surprised how many companies don’t encrypt their webpages and login systems. If you are using a public internet connection that is not encrypted, then it is extremely easy for somebody to just “sniff” for all internet activity coming over the network. If they know what they are looking for, then it is extremely easy to pickup everything that a person is doing. If the data is encrypted somehow, however, then it all looks like gibberish. In short, SSL (secure socket layer) is the simplest form of “encryption” being used on the internet. Want to know if your connections are secure? Below is a list of different internet protocols and their “nonsecure” counterparts. Make sure you are using things encrypted if you do not want people to be able to see your passwords when using this form of hack. If you want to perform this hack, a person would download a copy of “wireshark” and watch this video on how to use it: http://www.youtube.com/watch?v=0bazkLeY6b4

Unsecure Protocol Secure Protocol Purpose
http https Used for webpages. look for https:// before any webpage you go to and have to type in a password at.
ftp ftps Used for transferring files to web servers. Look for ftps:// instead of ftp://. If using file-zilla or another ftp tool, make sure to check the “use ssl encryption” box in your ftp client to force encryption.
email email There are a number of email protocols in wide usage and the protocols aren’t really “named” different if encrypted. Just make sure that you check the “use ssl encryption” box in your email program to FORCE encryption. Alternatively, use a website-based email client like gmail that forces encryption.

Tool 2: Cracking With Brute Force

Okay, what if you could just try a million passwords until you get the right one? Enter brute force. There are many different ways to use brute force, but they all consist of trying hundreds of thousands of passwords until one works. This will fail with most high-end database systems (ex: banks will shut your account off after 5 failed login attempts), but for cracking microsoft word files, zip files, pdf files, etc, it is pretty easy. There are many tools out there that already do this. Just go to sourceforge.net and search for “brute force ____” when you need to crack a file. Some old web servers or online systems can be cracked like this, but don’t count on it. Even if you could try 10000 per minute, it could take months because of the millions of possibilities. You can narrow it down by using a “dictionary list” of the most used 1000 passwords (just google for that, too), but when that fails you’re pretty much out of luck. Brute force cracks can take a long time and should be avoided as much as possible. Sometimes, however, they can take as little as 3 or 4 minutes if you are cracking highly vulnerable things (like a Windows password given a Windows SAM Passwords File).

Tool 3: Cracking With SQL Injection

Many small business and local counties use database systems designed by “Microsoft Certified Engineers” who do not fully understand the underlying technologies. When you access a website (lets say my website), oftentimes it queries up a database for contents. That “query” may contain some of what you typed in (for example, a username or search query). So, lets say the sql code is below:

SELECT * FROM users WHERE username=’jacobbeasley’;

Okay, so I type in jacobbeasley, it generates the above query, the database returns my information and the webpage displays my personal information. Vuala, right? Foolproof? Absolutely not. You see, what if, hypothetically, you typed in a single quote into the query? Maybe you type in: jacobbeasley’; delete from users where 1; select ‘

Then the sql becomes:

SELECT * FROM users WHERE username=’jacobbeasley’; delete from users where 1; select ”;

Even the average non-sql-ite can figure out basically what is happening. You see, I effectively caused three DIFFERENT pieces of sql code to run:

1) SELECT * FROM users WHERE username=’jacobbeasley’;

2) delete from users where 1;

3) select ”;

Number 2 from above would delete all users. Obviously, very problematic. Now, if the website/database was made by a GOOD programmer, then this is preventing using a method called “escaping” in which anything the user entered is “escaped” so that the database knows to not interpret it as a separate command. Keep in mind that if weird character sets are being used, sometimes there may be multiple characters for a quotation mark, in which case if you try many types of quotation marks, you might get a hit and be able to do anything you want in the database.

Tool 4: Keyloggers and Phishing

This is one of the oldest and SIMPLEST methods of hacking a computer. A keylogger is a piece of hardware or software that logs everything someone types. Keyloggers are extremely easy to make for windows using c++ and the “getasynckeystate” function and, when combined with a little con like, “You need this software to open ____ file” you can generally get people to download the software. Then, you program the software to email you after a week everything they typed and delete itself. Phishing involves making a website that looks just like another website, but when the user logs in, you steal their username/password. You could reconfigure a person’s network settings so that a site like yahoo.com or gmail.com forwards to YOUR VERSION OF GMAIL/YAHOO instead. Then, when they try and login, you steal their passwords, store them, and display some “you need ____ update” thing. Once they update, it removes your phishing scam and the user never even knows you stole their password. Any decent antivirus software will prevent this sort of things by locking down your internet connection settings and tracking computer programs for calls to “getAsyncKeyState” or other common keylogging functions (at least, they “should” be doing this).

Tool 5: Easy Con

The weakest link in many companies is the people themselves. For example, if you made a call to a person pretending to be “tech support” from their company, you might be able to con them into giving you their passwords. Alternatively, you could call their IT person pretending to be them in order to have their “password reset” and emailed to their “new email.” Be sure to follow the “not getting caught” tips below to avoid getting caught.

Not Getting Caught

These days, everything is trackable. Here are some quick tips to avoid getting caught.

When doing things online, don’t do them under your own name or internet connection. Whenever you connect to the internet, you are given an “IP Address.” These addresses are registered by your internet service provider and it is pretty easy to figure out who you are by:

1) tracking ip addresses (it is transmitted with every webpage you request – http://www.whatismyip.com/)

2) taking ip and looking up what internet service provider it is for

3) getting court order to force the internet service provider to say what physical location (your home address) was associated with that ip at such and such a date. In effect, it will be your home location or wherever you are accessing the internet. From there, they can look at security cameras or look up who registered the internet connection to identify you.

To avoid the above, you need to “funnel” anything you do through a “proxy server” in a foreign country. Keep in mind that some proxy servers are logged, so consider going through several proxy servers or, alternatively, picking a proxy server in a country that does not trade information with other countries, such as china or north korea. You can find lists of tons of proxies on Google.

Also, if you ever make phone calls, be sure to follow the above tips AND use an online service like skype to make the phone calls. When using this service, don’t ever use your credit card. Consider either stealing somebody else’s (somebody you don’t know) or, even better, using an unverified paypal account registered to a gmail/yahoo/hotmail email that was created/accessed using a proxy, that way there is nothing tying it directly to you. To do this, however, you need to get money in the paypal account. How?

1) Open up an account with an offshore IT outsourcing service like scriptlance.com under a false identity or alias.

2) Do some work and earn some money.

3) Take that money and have it deposited in paypal account.

4) buy anything you want online and the money is virtually untracable.

5) BE SURE TO DO EVERYTHING BEHIND A PROXY! Then you’re almost 100% untouchable.

To prevent somebody from using proxy servers, have firewalls setup on your servers that block any out-of-country requests. Additionally, log people’s ip addresses and if a person logs in under one ip address and seems to “switch” ip addresses in the middle of using the site, force them to login again.

The Weakest Link

If you really want to be a good hacker, keep in mind that people are people. There’s no magic here. The best hackers are also the best con men. The weakest link is the person. It does not matter how good the security of a building or website is if the people running it are not trained in basic it policies.

Namely:

1) never give out your password to anyone, ever.

2) If an IT person calls asking for your password, tell them just to reset it themselves. There is no reason why they should ask you for your password.

3) Have a process for resetting passwords that requires full identification in a manner that cannot easily be bypassed. This manner will vary from organization to organization.

4) Require antivirus software that can prevent the most common phishing and keylogger attacks.

5) have regular backups of the database made to multiple locations so that, in the event of an attack, recovery from that attack can happen fast.

6) Only whitelist your office ip addresses to be able to login to the system(s), thus preventing people from accessing them behind a proxy. This is sometimes impractical. alternatively, when they login under a new ip address, force them to complete some sort of email verification process (so the chance of someone operating behind a proxy is less likely).

7) Secure the local premise and all wireless networks in order to prevent the unauthorized on-site attacker. Use encryption methods that have not been cracked (just Google to find out if they have been cracked).

8) Have your applications tested for sql-injection and brute-force attacks. Preventing these is easy; its just a matter of following best-practices. Have it log the number of failed login attempts and prevent more than, say, 20 per hour. At 20 attacks per hour, a brute force attack will take around 2000 years.

  • Share/Bookmark



PDF Editor

Have you ever wanted to recorder the pages within a pdf file, delete pages, or merge multiple pdf files? Wouldn’t it be nice if you could see previews of each page while doing so? Well, this is exactly what I’ve created. I originally created this for a mortgage company, but they’ve since closed down so feel free to try it out. Its written in php and uses ghostscript as the pdf conversion library.

Download Link: PDF Editor Setup

Jake

  • Share/Bookmark



Goaldstandard.com

For years, people have had a common struggle: doing what they want to do.

Seriously, it sounds ridiculous, right? You set out to do something, such as lose weight, gain weight, study hard, etc, and before long you find yourself lazily sitting around watching The Late Night Show or, heaven forbid, Opera.

So, why do we have such a hard time doing what we want to do? Honestly, I have no idea. I mean, I could provide plenty of philosophical, psychological, or religious answers, but the real question we should be asking is not why I have such a hard time, but how do I overcome this.

So, I made goaldstandard.com. Its a system where you have a number of goals. Each goal corresponds to a certain day of the week and a number of “accountability partners” (just lists of email addresses). Everyday, you must login and mark off the goals you completed. If you don’t your accountability partners get emails. Additionally, if you delete a goal, edit a goal, or remove an accountability partner, they get an email telling them what happened, so there’s no way to “skip your goals” and not have your accountability partners know about it.

My fiance, a few friends, and I have been using this, along with splayback.com, in order to achieve a measure of success. For myself and my fiance, it has worked wonders on our lives! I’ve gained 20 pounds!!! (That’s muscle, btw, as this has caused me to exercise more than I was). My fiance has lost weight and, more importantly, has gained a great deal of self-confidence and now has a very positive self-image.

Of course, some of my friends have not had success. Why? Honestly, its because they changed their email address and aren’t getting any updates anymore. Additionally, some people truly are totally hopeless when it comes to doing things they commit to doing, but most people can succeed. It helps if your accountability partners take the time to respond and encourage you when you don’t quite get them all done.

Try it out!

http://goaldstandard.com/

  • Share/Bookmark



“HTML IN COMMENTS” WordPress Plugin Released!

I have just released a MUCH NEEDED wordpress plugin that allows users to include html code in their comments. It takes the html code and replaces all “<” characters with “&lt;” and all “>” characters with “&gt;”. I needed this because comments containing html kept being garbled up.

Download link: htmlincomments wordpress plugin

Jake

  • Share/Bookmark



Twitter Fully Integrated

Now my posts show up on my twitter account! Yay wordpress!

  • Share/Bookmark



How To Scrape Data Using Standard PHP

Alright, so you want a website that displays live stock quotes? Or maybe you want it to download and save financial reports off from the SEC (Security and Exchange Commission) database? In this tutorial, I show you how to do it in 10 minutes using PHP.

Alright, for the novices out there, I suggest you read my article on how the internet works before we begin and the first few pages of w3 school’s html tutorial.

Alright, lets begin. Scraping involves several steps:

  1. Downloading the contents of the other page
  2. Interpreting/Reading the other page
  3. (Possibly) Using information gained to go back to #1

For example, Google “spiders” through every page on the internet. How does it do this? Well, it follows the steps above and, in number 2, it searches for “links” within each page and then uses those links to loop back to number one. Simple, right?

Alright, so lets pick a site that we want to scrape. How about we scrape tutorials off from w3schools. Below is the contents of http://www.w3schools.com/ in plain html code. To view this, go to http://www.w3schools.com/ and then click view->source in your browser. (The verbiage is a little different in each browser, but same basic idea). I have chosen to not only show the html code that interests us by searching for the specific html code that we want to read first.

<tr>
<td id="leftcolumn" width="150" valign="top" align="left" style="padding:4px;border:none">
<h2><span>HTML</span> Tutorials</h2>
<a href="html/default.asp" target="_top">Learn HTML</a><br />
<a href="xhtml/default.asp" target="_top">Learn XHTML</a><br />
<a href="css/default.asp" target="_top">Learn CSS</a><br />
<a href="tcpip/default.asp" target="_top">Learn TCP/IP</a><br />
<br />
<h2><span>Browser</span> Scripting</h2>
<a href="js/default.asp" target="_top">Learn JavaScript</a><br />
<a href="htmldom/default.asp" target="_top">Learn HTML DOM</a><br />
<a href="dhtml/default.asp" target="_top">Learn DHTML</a><br />
<a href="vbscript/default.asp" target="_top">Learn VBScript</a><br />
<a href="ajax/default.asp" target="_top">Learn AJAX</a><br />
<a href="jquery/default.asp" target="_top">Learn jQuery</a><br />
<a href="e4x/default.asp" target="_top">Learn E4X</a><br />
<br />
<h2><span>XML</span> Tutorials</h2>
<a href="xml/default.asp" target="_top">Learn XML</a><br />
<a href="dtd/default.asp" target="_top">Learn DTD</a><br />
<a href="dom/default.asp" target="_top">Learn XML DOM</a><br />
<a href="xsl/default.asp" target="_top">Learn XSLT</a><br />
<a href="xslfo/default.asp" target="_top">Learn XSL-FO</a><br />
<a href="xpath/default.asp" target="_top">Learn XPath</a><br />
<a href="xquery/default.asp" target="_top">Learn XQuery</a><br />
<a href="xlink/default.asp" target="_top">Learn XLink</a><br />
<a href="xlink/default.asp" target="_top">Learn XPointer</a><br />
<a href="schema/default.asp" target="_top">Learn Schema</a><br />
<a href="xforms/default.asp" target="_top">Learn XForms</a><br />
<br />
<h2><span>Server</span> Scripting</h2>
<a href="sql/default.asp" target="_top">Learn SQL</a><br />
<a href="asp/default.asp" target="_top">Learn ASP</a><br />
<a href="ado/default.asp" target="_top">Learn ADO</a><br />
<a href="php/default.asp" target="_top">Learn PHP</a><br />
<a href="aspnet/default.asp" target="_top">Learn ASP.NET</a><br />
<a href="dotnetmobile/default.asp" target="_top">Learn .NET Mobile</a><br />
<br />
<h2><span>Web</span> Services</h2>
<a href="webservices/default.asp" target="_top">Learn Web Services</a><br />
<a href="wsdl/default.asp" target="_top">Learn WSDL</a><br />
<a href="soap/default.asp" target="_top">Learn SOAP</a><br />
<a href="rss/default.asp" target="_top">Learn RSS</a><br />
<a href="rdf/default.asp" target="_top">Learn RDF</a><br />
<a href="wap/default.asp" target="_top">Learn WAP</a><br />
<a href="wmlscript/default.asp" target="_top">Learn WMLScript</a><br />
<br />
<h2><span>Multimedia</span></h2>
<a href="media/default.asp" target="_top">Learn Media</a><br />
<a href="smil/default.asp" target="_top">Learn SMIL</a><br />
<a href="svg/default.asp" target="_top">Learn SVG</a><br />
<a href="flash/default.asp" target="_top">Learn Flash</a><br />
<br />
<h2><span>Web</span> Building</h2>
<a href="site/default.asp" target="_top">Web Building</a><br />
<a href="browsers/default.asp" target="_top">Web Browsers</a><br />
<a href="cert/default.asp" target="_top">Web Certification</a><br />
<a href="hosting/default.asp" target="_top">Web Hosting</a><br />
<a href="w3c/default.asp" target="_top">Web W3C</a><br />
<a href="quality/default.asp" target="_top">Web Quality</a><br />
<a href="semweb/default.asp" target="_top">Web Semantic</a><br />
<br />
</td>
<td valign="top" align="left">
<table border="0" width="100%" cellpadding="0" cellspacing="0">
<tr>

Alright, so upon basic analysis, what do we find? Well, this portion of code STARTS with “<td id=”leftcolumn” width=”150″ valign=”top” align=”left” style=”padding:4px;border:none”>” and ends with “<table border=”0″ width=”100%” cellpadding=”0″ cellspacing=”0″>“. So, if we wanted to “grab” this section of html code from the whole of the site, then we’d be all set.

Alright, so lets go back to our steps again.

  1. Downloading the contents of the other page
  2. Interpreting/Reading the other page

Downloading the contents of the other page in PHP is easy. We can just use the file_get_contents function like this:

$pagecontents = file_get_contents("http://www.w3schools.com/");

The above code assigns the php variable $pagecontents the contents of w3schools.com (in html, of course).

Now, we need to “grab” the html code of interest. To do this, we need to write a function that can search for the “start”, the “end” and then grab what is in between. Here is a php function that does just that:

function getBetween($str, $start, $end, $searchpos=0) {
$startpos = strpos($str, $start, $searchpos);
if ($startpos === false) return ""; // didn't find start
$endpos = strpos($str, $end, $startpos + strlen($start));
if ($endpos === false) return ""; // didn't find end
return substr($str, $startpos + strlen($start), ($endpos - $startpos - strlen($start)));
}

So, to wrap it all up, we’ve learned how to download a list of the tutorials on w3schools.com. This is hardly a complete project, as you could continue to loop through each “individual” link by searching for things between “<a” and “</a>”, but this is a great start! The complete code is below.

<?php

function getBetween($str, $start, $end, $searchpos=0) {
$startpos = strpos($str, $start, $searchpos);
if ($startpos === false) return ""; // didn't find start
$endpos = strpos($str, $end, $startpos + strlen($start));
if ($endpos === false) return ""; // didn't find end
return substr($str, $startpos + strlen($start), ($endpos - $startpos - strlen
($start)));
}

$pagecontents = file_get_contents("http://w3schools.com/");
$part = getBetween($pagecontents, '<td id="leftcolumn" width="150" valign="top" align="left" style="padding:4px;border:none">', '<table border="0" width="100%" cellpadding="0" cellspacing="0">');

print($part);

?>

– Jacob Beasley

  • Share/Bookmark



Applied Theory: How Facebook Works

After having studied my articles on Relational Databases and How the Internet Works, here are the basics of how Facebook works. I will only concentrate on the users and their friends (as Facebook is a HUGE undertaking).
Tables
Below are the tables for the users and friends features. Notice how Jen & Jake are friends and Rob & Davy are friends.

Users

id username password
1 jacob beasley
2 jennifer hamilton
3 rob mohr
4 davy stiles
5 charles beasley
Friends

id userid friendid
1 1 2
2 2 1
3 3 4
4 4 3
Login Process:

  1. You go to Facebook.com. Facebook.com shows you a login form. You type in your username/password and click login.
  2. Your browser sends a request to Facebook containing your login information
  3. The web server receives the requests, recognizes that it is for a PHP file, and it starts up the PHP interpreter.
  4. The PHP Interpreter reads the Facebook programmer’s code. The code realizes that you are trying to login and queries up the MySQL database to see if the email/password is valid. The “query” is sent using SQL (structured query language).
  5. The mysql database searches the table and finds the user. It then sends this back to the php script
  6. The php script continues running where it left off. It recognizes that the data was valid. It tells the browser to save a cookie with the user’s information and outputs the rest of the page.

Viewing another page:

  1. You click on your inbox.
  2. Your browser requests the inbox page. It sends the cookie that was set in the login process over to the web server.
  3. The web server recognizes it is requesting a PHP file and runs the code through the PHP interpreter.
  4. The php code sends a request to the mysql server to see if the information stored in the cookie is valid.
  5. The mysql server sends back a response.
  6. The php code sees that the cookie does checkout. It then queries the mysql table for a list of messages
  7. the mysql servers sends back a response with the messages
  8. the php code then outputs the rest of the page with the messages
  9. The web server sends what the php code outputs to the browser
  10. The browser, finally, displays the page to you, the user.
  • Share/Bookmark



Relational Databases In Ten Minutes!

Database Crash Course
How do you store large amounts of information? How does a person store, say, 20000 users each with 4 different purchases? It does this using a database system. Below are two different types of database systems. We will be focusing on a relational database system, as a flat database systems are really only hypothetical these days… most everything we do will be relational in nature.

Flat Database
A flat database simply is a list of items. For example, if you just have a list of people have signed up for a newsletter.
Relational Database
A relational database combines flat databases (or tables) and links up entries from one flat database (table) with another. For example, if you have a flat database (or table) of newsletters and a flat database (or table) of people who have signed up for newspapers. Each entry (or row) in the list of people who signed up for newsletters could be linked to several entries in the newsletters flat database (or table).

Database

A database is a collection of tables.

Table

A table is a bit like an excel spreadsheet; it has rows and columns. Each row is called a row, record, or entry (the terms are used interchangably). A column is like a “field.”

Field

Each table contains a number of fields. Each field has a type. For example, if I have a table that is meant to store customer information, I could call it “customerinformation” and give it the fields “id”, “firstname”, “lastname”, and “phonenumber”.

Rows/Records/Entries

Each Row is an entry in a table. For example, in the above customer example, an entry in the “customerinformation” table might have an id of 1, a firstname of jacob, a lastname of beasley, and a phone number of 612 210 7533.

Indexes

Each table “should” have an Index. In other words, something unique. You might set it to autoincrement, too. For example, when you are put on a school system, you are given a “school id” number. Same idea… everything is given an “index” so you can tell it apart.


Relational Database Example: Customer Orders
Lets say that we have a bunch of orders and each order, for whatever reason, can only have one product related to it. This would mean that we could have two tables: one that is orders and one that is products. Below, there are three orders. Two of the orders were for donuts and one was for a crescent roll:

Products Table

id name price
1 donut $3
2 crescent roll $2
Orders Table

id products_id status date
1 1 done 9/13/2009
2 2 done 9/13/2009
3 1 still need to ship 9/14/2009


Relationship Types
Fundamentally, there are 4 relationship types you need to be familiar with: one-to-one, one-to-many, many-to-one, many-to-many.

One-To-One

Description

Customers

id name phone sex
1 john smith 555-555-5555 male
2 ivy, poison 555-654-6456 female
Purchases

id customer_id (make it an index along with id) amount date
1 1 $3245 9/13/2009
2 2 $234 9/13/2009

One-To-Many

Allows you to have one table have many associations on another table. For example, a person may have received, say, 50 messages. Each user has a one-to-many relationship between themselves and the messages they have sent. They also have a one-to-many relationship between their user account the messages they have received.

Customers

id name phone sex
1 john smith 555-555-5555 male
2 ivy, poison 555-654-6456 female

Purchases

id customer_id (but not an index so multiple products can be associated) amount date
1 1 $3245 9/13/2009
2 2 $234 9/13/2009

Many-To-One

Just like one-to-many above, but flip left and right around.

Many-To-Many

In some cases, you may have many of one table associated to many of another table. For example, you may have 50 employees and 10 different office locations. Each employee may work out of several office locations and each office location may have many employees, thus you have a many-to-many relationship between the office locations and the employees table. Below is a demonstration of what this might sort of look like. Below, Jacob works at all locations, Davy works at lakeville, and Rob works in san diego:

Employees Table

id firstname lastname
1 jacob beasley
2 davy stiles
3 rob mohr
Employees_OfficeLocations Table

index employee_id index location_id
1 1
1 2
1 3
2 2
3 3
OfficeLocations Table

id city state
1 farmington mn
2 lakeville mn
3 san diego ca

  • Share/Bookmark



How The Internet Works

Technology Diagram
SERVER SENDS THE RESULTS OF THE PHP/ASP CODE BACK
<—–
RESULT IS SENT BACK TO PHP/ASP CODE FOR PROCESSING

<—–

CLIENT: BROWSER WEB SERVER DATABASE SERVER
—->

BROWSER SAYS: GIMME ______ PAGE AND THE USER FILLED IN ______ FORM ELEMENTS

—->

PHP/ASP CODE SENDS QUERIES THE DATABASE SERVER TO LOOKUP USER ACCOUNTS OR STORE INFORMATION

WEB SERVER INTERPRETS OUTPUT WEB SERVERS: APACHE IS THE MOST COMMON ONE FOR LINUX AND INTERNET INFORMATION SERVER FOR WINDOWS
HTML/CSS/JAVASCRIPT

FLASH

JAVA APPLETS

PHP/ASP CODE MAY BE EXECUTED HERE, OTHERWISE FILES MAY SQL IS USED TO COMMUNICATE BETWEEN PHP/ASP AND MYSQL/SSQL MYSQL/MSSQL – DATABASE SERVERS

Above, one can see that the browser sends requests to the server. The server then either returns the request immediately or, if it is PHP/ASP or other “server side” languages, reads and “parses” the “code.” The PHP/ASP code may connect to a database server such as MSSQL or MySQL and send a request using SQL. The server then sends back a response. When the PHP/ASP is done, it sends back HTML/CSS/Javascript code (generally). The browser receives it and displays it for the user. Below are a list of key vocabulary terms.


Client-Side Languages
Client side languages are executes on the clients’ browser. This means HTML, CSS, and Javascript, generally, though Flash and Java applets are also executed on the client. Below is an explanation of each.

HTML

HTML, Hyper-text markup language, was given its name because it allowed for people to “link up” different “pages.” It is a “markup” language because it “marks up” things. In other words, it describes information; generally, it describes how information is organized on the computer screen. HTML is the foundation of describing how we contents is to be displayed and interpreted on a webpage.

XML
XML, Extensible Markup Language, is a “general” language that is similar to HTML but can describe any type of information (not just HTML). It can be a pain to work with, but it is MUCH easier than proprietary file formats like, say, Microsoft Office! When sending data between different programming languages (say, PHP and ASP and Javascript), XML is a great way to do this.

XHTML
HTML was not “uniform.” Each browser interpreted things differently. The solution was SUPPOSED to be XHTML. By using XML and CSS to describe HTML, the theory was that all browsers could talk the same language and display things identically. The reality? It was a huge pain in the butt… Internet Explorer, the most common web browser, failed to do XHTML right. XHTML failed, but generally speaking you should try and have things done according to “XHTML” standards, but NOT AT THE EXPENSE OF COMPLETING WITHIN BUDGET.

CSS

CSS, cascading stylesheets, is an “add-on” to HTML. HTML does not allow you to specify “specifics” very well. For example, if I want to set the colors of the scrollbar in a web browser, there exists no way to do this in HTML. CSS, however, has allowed this to be done. Additionally, I can make a change throughout the entire document with CSS, such as making all table borders disappear by default.

Javascript

HTML didn’t allow things to move. The solution? Well, one of the solutions was javascript. Javascript can “change” html after the page loads. For example, in a dropdown menu, javascript can be set to be run when someone moves their mouse over an element, it shows the menu. When they click on a menu item, it goes to another page. It can do things like verify that fields have decent information, popup new windows, or popup “are you sure you want to?” prompts. Ask your programmers… they’ll explain what it does. Keep in mind that Javascript is run on the client, not the server, so you STILL MUST VERIFY THAT ALL DATA ENTERED IS CLEAN using a server-side language. For example, I once had a client who had a Captcha system (one of those “type in the word from the image below” things) written in javascript… was useless when spammers wrote programs that would automatically spider through pages, find web forms, and post junk data. The spiders don’t execute javascript code, thus the Captcha was ABSOLUTELY USELESS. We got a few hundred to fix that 😀

Java

Java was invented as compiled-interpreted language. What this means, in short, is that java code will run on any operating system that has Java installed: Windows, Linux, or even Mac. Java, however, takes a long time to load, is EXTREMELY time consuming to program, and requires a very high level of expertise to know how to use (compared to PHP/HTML, for example). Flash has replaced Java on websites, though Java does creep up for uploading large files, though you can often times find pre-made java tools that you can have a programmer sort of “plugin” to the site. For video sites, build on top of something that is already out there such as clipshare that ALREADY HAS THIS BUILT FOR YOU. Java is also used occassionally on the server end in a technology called JSP (Java server pages) much as PHP would be used, but it failed… not many people use it anymore.

Flash

Have you ever seen the Lion King? That was done in Adobe Flash. Flash has, in the past few years, become more powerful than Java in many respects (when it relates to web pages, at least). It is highly media intensive and supports communications with web servers directly (bypassing the browser). Whenever you have a site that needs a lot of “movement”, flash will be involved. Contact your team member who is a flash expert for advice on this. Oftentimes, you can use a CMS but just modify the template so that a flash item is put at the top of the page in the place of, say, a large image banner.


Web Server Programs
Web Servers are computer programs. They sit and wait for incoming requests from a client. When a client connects, the client sends a request. The request contains what domain it is for, what page it wants, and any “form” information that is needed.

Apache Web Server
Linux Web Servers are very common and Apache Web Server is the most used web server on a Linux system. It is 100% free and can handle millions of requests per second, depending on how powerful your server is, of course. There are other web servers, but this is the most common.

Internet Information Server
Windows web servers are the second most common type of web server. The “Internet Information Server” web server is provided with professional versions of windows and windows server addition. Generally speaking, if you want to run ASP/MSSQL, you will need a windows web host and they most likely will have Internet Information Server.


Server-Side Programming Languages
Most websites use server side programming these days. For example, you login to Facebook. What language do you think does all the processing to decide what to display on the page? What language decides how it is displayed? What language figures out that it needs to query up the database server, look up your login information, and log you in? Server-Side languages do this.

PHP
PHP has been around for awhile. All of the new “upstart” companies have done their work in PHP. Youtube, Myspace, and Facebook, to name a few. Why? Because it is totally free, easy to learn, and has a HUGE COMMUNITY OF DEVELOPERS. Our entire business model is built around this language.

ASP
Perhaps the second most common server-side language today is ASP. ASP, or Active Server Pages, is a language that was created by Microsoft and allows automation. Aside from Microsoft’s own sites, few major “upstart” companies have grown off from this technology. It requires a Microsoft server license on all of your servers and it requires that you use Microsoft technologies for everything, thus tripling your costs across the board.

Others
Just about any programming language has been adapted by someone for server side coding. The most notable are Perl, Ruby, and Java (JSP). I used to do it in C++ when I was a kid and had too much time on my hands (as did Ebay when they first started out, I think). Those listed here are about 98% of the server side scripting.


Database Server
Database servers store information. They allow you to get access to that information fast and to do all kinds of cool searches on it. For example, if I have a list of 100,000 companies in a plain text file and I wrote a php program to search through it, it could take 20 to 30 seconds. If I send that over to mysql running on an optimized server, it could take just about .1 seconds… obviously, much better.

MySQL
This software is a lot like MsSQL, but totally free. PHP, out of box, integrates with MySQL completely. Combined with PhpMyAdmin (and other tools), a programmer can add/remove tables and otherwise manage the database very easily.

MsSQL
This software is a lot like MySQL, but made by Microsoft and rather expensive. It has a few more features than MySQL, but most projects won’t take advantage of those so they don’t matter anyways.


Browser Comparison
Every browser seems to do things differently these days. Below are a description of the major browsers and how they compare

Internet Explorer
Internet Explorer was created by Microsoft therefore it sucks. It is NOT standards compliant and each different version seems to display things different. It, until recently, had not had an “auto-update” feature thus there are lots of people out there still using IE6 and that IE6 does not do CSS right. This means that you can’t rely on all of the CSS features and will need to develop sites with tables instead of just css. Your programmers will know what that means.

Firefox
Firefox is a great, standards-compliant browser. Through its partnership with google, it has become the second most popular browser out there and the #1 choice among programmers. It has a ton of add-ons and mows your lawn while you’re not busy.

Opera/Safari
They both, for the most part, are “standards compliant” meaning they display XHTML how it is supposed to be displayed. If it works in firefox, it will work in these 99% of the time.


CPanel
Finally, CPanel is a tool you will most likely run into in the course of your work. On most reputable Linux servers, you are given a Cpanel account. Through this account, you can manage mysql databases, php settings, files, ftp accounts, mail accounts, etc. You can give the cpanel password to trusted programmers. When you have to terminate someone, change all ftp and cpanel passwords.


FTP
FTP, or File Transfer Protocol, is a method sending files between a client (the programmer) and a server (the web server, generally). My personal favorite FTP client is File-Zilla Client. When a programmer wants to access a server, he generally wants an FTP Account or a CPanel account or both.


Cookies
Cookies are simply a way to store data between page loads. For example, lets say that you login to a site and then you want to remember what user is logged in. Generally, a PHP programmer will have PHP tell the browser to save a cookie with the person’s username/password and/or session information. This way, when they click on a link to go to another page in the site, the browser will send the cookie contents to the web server and the php script can validate the session and know that the user is logged in.


More Reading
There are several topics not covered in this article in any way that are important to learn and become familiar with if you wish to continue your studies:

  1. DNS – How domain names work.
  2. Protocols – What underlying “methods of communication” that the browsers are using (namely, HTTP, HTTPS, and TCP/IP)

  • Share/Bookmark