Magento on Rackspace Cloud Sites

After a little bit of work I was able to setup Magento 1.4 on Rackspace cloud sites. This new version runs quickly and correctly almost by default on Rackspace Cloud sites. I am not sure if this was the result of changes made to the Magento code or changes that Rackspace made to their infrastructure, but version 1.4 runs much better than previous versions on cloud sites. For the most part you simply need to follow the default instructions for setup and configuration of Magento on the Rackspace Cloud. These standard instructions are available both here on the Rackspace Cloud Sites wiki and here on the official Magento wiki.

There are two things that are non standard. The first, as mentioned on the Rackspace wiki, is that if you are using url rewrites you must set RewriteBase / in the .htaccess file. The second change is only needed if you are using ssl pages on your site. Rackspace handles requests through a gateway server that then forwards the request to the web server running your app. The key however, is that the request is only a secure request from the user to the gateway. The request from the Rackspace gateway to the Rackspace Cloud server running Magento is send unsecured. This is not the behavior that Magento expects. The result will be an infinite loop of redirects when you try to visit any https pages on your site. A minor change to the code will fix this problem.

Rackspace includes a value “HTTP_CLUSTER_HTTPS” with the request when the request is secure. Magento normally looks for the standard “HTTPS” value. We need only make a few changes to the file \app\code\core\Mage\Core\Model\Config.php to fix this issue. The correct way to modify Magento core files is to create a copy of the file and move it to the same place except in the \app\code\local\ directory. To make this change we will copy the Config.php file and move it to \app\code\local\Mage\Core\Model\Config.php. You will need to create these folders.

Change line 888 in the newly copied file from:

$secure = (!empty($_SERVER[‘HTTPS']) && ($_SERVER[‘HTTPS']!='off')) || $_SERVER['SERVER_PORT']=='443';

to:

$secure = (!empty($_SERVER['HTTP_CLUSTER_HTTPS']) && ($_SERVER['HTTP_CLUSTER_HTTPS']!='off')) || $_SERVER['SERVER_PORT']=='443';

Let me know if you have any problems or feedback.

New Facebook Connect in C#

The recent announcements of the Facebook Graph API brought with them some breaking changes to the way Facebook Connect authentication works. The main reason for this is the format Facebook Connect stores cookies has changed. In order to take advantage of these new features on ASP.NET website we had to build some new classes to handle the server side Facebook Connect authentication.

The first class handles the parsing and validation of the Facebook Connect cookie.

public class FacebookCookie {

        private FacebookCookie() {
        }

        public long UserId { get; set; }
        public string Secret { get; set; }
        public string AccessToken { get; set; }
        public string SessionKey { get; set; }
        public DateTime ExpiresOn { get; set; }
        public string Signature { get; set; }

        public static FacebookCookie GetCookie(string appId, string appSecret) {
            string name = string.Format("fbs_{0}", appId); // Cookie Name

            // Test if key exists
            if (HttpContext.Current == null
                || HttpContext.Current.Request == null
                || HttpContext.Current.Request.Cookies == null
                || !HttpContext.Current.Request.Cookies.AllKeys.Contains(name)) {
                return null;
            }
            var httpCookie = HttpContext.Current.Request.Cookies[name];
            return FacebookCookie.Parse(httpCookie.Value, appSecret);
        }

        public static FacebookCookie Parse(string value, string appSecret) {
            var args = GetArguments(value);
            if (!FacebookCookie.Validate(args, appSecret)) {
                throw new SecurityException("Invalid cookie.");
            }

            var cookie = new FacebookCookie();

            DateTime expires;
            DateTime.TryParse(args["expires"], out expires);
            cookie.ExpiresOn = expires;

            long userId;
            long.TryParse(args["uid"], out userId);
            cookie.UserId = userId;

            cookie.Secret = args["secret"];
            cookie.SessionKey = args["session_key"];
            cookie.Signature = args["sig"];
            cookie.AccessToken = args["access_token"];

            return cookie;
        }

        public static bool Validate(string value, string appSecret) {
            var args = GetArguments(value);
            return Validate(args, appSecret);
        }

        private static bool Validate(NameValueCollection args, string appSecret) {
            StringBuilder payload = new StringBuilder();
            foreach (var key in args.AllKeys) {
                if (key != "sig") {
                    payload.AppendFormat("{0}={1}", key, args[key]);
                }
            }
            payload.Append(appSecret);
            var md5 = System.Security.Cryptography.MD5CryptoServiceProvider.Create();
            var hash = md5.ComputeHash(Encoding.ASCII.GetBytes(payload.ToString()));
            StringBuilder signature = new StringBuilder();
            for (int i = 0; i < hash.Length; i++) {
                signature.Append(hash[i].ToString("X2"));
            }
            return args["sig"] == signature.ToString().ToLower();
        }

        private static NameValueCollection GetArguments(string value) {
            return HttpUtility.ParseQueryString(value.Replace("\"", string.Empty));
        }
    }

As you can see this class does quite a few things. The first is that it parses the cookie into name value pairs. Next, and most importantly, the class validates the cookie. This validation uses MD5 hashing to compare the contents of key appended to the app secret to the signature that comes in with the cookie. If these values match we know the key is valid.

The next class is a simple utility that is called directly from your ASP.NET page or ASP.NET MVC controllers. This class is the ConnectService.

 public class ConnectService : IConnectService {

        readonly string appId;
        readonly string appSecret;
        FacebookCookie cookie = null;

        public ConnectService() {
            appId = ConfigurationManager.AppSettings["FacebookAppId"];
            appSecret = ConfigurationManager.AppSettings["FacebookAppSecret"];
        }

        #region IFacebookConnectService Members

        public bool IsConnected() {
            if (cookie == null) {
                cookie = FacebookCookie.GetCookie(appId, appSecret);
            }
            return
                cookie != null &&
                cookie.UserId != 0 &&
                !string.IsNullOrEmpty(cookie.SessionKey);
        }

        public string SessionKey {
            get {
                if (cookie != null) {
                    return cookie.SessionKey;
                } else {
                    return null;
                }
            }
        }

        public long UserId {
            get {
                if (cookie != null) {
                    return cookie.UserId;
                } else {
                    return 0;
                }
            }
        }

        #endregion

    }

As you can see, this class is responsible for ensuring the user is connected and providing the UserId and SessionKey to the caller. Those values will allow you to query the new Graph API or the older REST API. You can use the Facebook Toolkit to query various data as well.

UPDATE: I have posted a new open source project on codeplex. This project should you get started using the new JavaScript SDK with a .Net application. The project is not yet ready for use in production, but I will be working on getting it ready asap. For now check out the code at: http://facebookgraphtoolkit.codeplex.com/

.Net APIs for 37Signals Products Open Sourced

Recently, I created a API wrapper for Basecamp. I built this to create a web application that interacts with basecamp (more on that shortly). Today, I decided that to open source the basecamp API and post it on Google Code. I have also started working on an API for Highrise and have plans for the other 37Signals products as well. So if you are a .Net developer and you are interested in integrating your product with 37Signals check this out. You can browse the source or download and build this project here. I haven’t quite finished up coding or testing yet, so be careful if you want to use this in a production environment.

Let me know if you have any questions or feedback.

Migrate from Mediacom Email to Gmail

I am writing this post out of sympathy. I don’t have Mediacom anything, I never will be a customer of that company again, and I have never used their email. However, I do live in an area where mediacom is the only cable company and as such I hear a lot of complaints about their email system. Also any quick search will show you how much people hate that company. So this post is here to help people solve at least part of the problem that comes along with being a mediacom customer. Please share this with anyone you know who has a @mchsi.com email address.

Before we begin, I would also suggest to you that after you migrate your email to gmail you look into alternative internet providers. The one I use here in Iowa City is Qwest DSL. Back a few year ago, medicom internet was deffinately fast than DSL (assuming you actually had an internet connection with mediacom), but Qwest has been making some serious upgrades to their network and in my experience my DSL is much faster than cable modem.

The first step is setting up your free Gmail account. This is very easy. To sign up for your account visit the Gmail Signup Page and fill in the required information. You will be asked for a secondary email address when you sign up. I would recommend using a work address, but you may also use your @mchsi.com email address.

After you have signed up for your account you will be directed to your new inbox. The Gmail inbox is very clean and easy to get used to. To begin the migration of your old email click on the settings link at the top of your inbox. (See picture below)

Next click the “Accounts and Import” tab. Select “Always reply from default email address”. After that click the “Add POP3 email account” button.

After you click the “Add POP3 email account” button a popup window will appear asking you for your email address. Input your @mchsi.com email address and click next.

Next enter your password in the dialog and then click “Add Account”.

That is everything you need to do in order to get Gmail set to download your mediacom email. You start seeing the emails that are being imported from your mediacom email appear in your gmail inbox within a few minutes. If you have a lot of email in your mediacom account this process may take some time.

That’s it. All your emails from your mediacom email will be in Gmail and any future email you receive to your @mchsi.com email address will arrive in Gmail. All email sent through your gmail account will use your new email address.

You can also setup gmail with other devices like smartphones and email software like outlook.

Setup Gmail on your phone: http://www.google.com/mobile/sync/
Setup Gmail with Outlook: http://mail.google.com/support/bin/topic.py?hl=en&topic=23333

Let me know if you have any problems or questions.

Google Apps Account Renaming Tool

Yesterday a client of Atlas Bay asked me if it was possible to rename some of their user accounts in Google Apps. After a bit of digging I found that it was possible, but only using the Google’s provisioning API. Unfortunately, the provisioning API is only available for Google Apps Premier Edition users. I decided that the easiest way to complete this renaming of the user accounts was to build a tool using Google’s .Net SDK. After a few minutes I developed a simple command application that will allow me to rename any user account in a Google Apps domain. Using the tools is simple, and I have made it available for anyone to use. Here is how you complete an account rename.

First, you need to turn on the provisioning API on your Google Apps account. To do this, click on the Users and groups tab in your domain administration site. Next, check the box called “Enable provisioning API.”

After the API is enabled you can use my tool to rename an account. If you are running Windows, Internet Explorer, and have .Net 3.5 installed simply click here to run the application. If you are on Firefox or another browser you can download and install the application here.

When the application opens you will be prompted to enter your domain, administrator email address, and password. As a note, this application is running on your computer and all data is being transmitted securely to Google so all your data should be safe.

After you have entered your administration credentials you will be prompted to enter the old username and new username. After you click enter, the request will be sent to rename the account. Be careful because there is no confirmation. However, if you make a mistake you can always just fix it with this tool.

After the account has been renamed you will receive a message that the operation completed successfully and asking you if you would like to rename another account using your same administrator credentials. If there is an error you will be told, however there is no detailed information about the cause of the error.

The only thing that is left is to turn off the provisioning API in your Google Apps administration site and you are done.

In case you would like to modify this program yourself here is the source code. You will need to download and reference the .Net library for the Google Data API here. You will have to reference Google.GData.Apps, Google.GData.Client, and Google.GData.Extensions in your project.

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using Google.GData.Apps;

namespace AtlasBay.GoogleAppsTools
{
 class Program
 {
 static void Main(string[] args)
 {
 Console.WriteLine("Domain:");
 string domain = Console.ReadLine();
 Console.WriteLine("Administrator Email:");
 string adminEmail = Console.ReadLine();
 Console.WriteLine("Administrator Password:");
 string adminPass = Console.ReadLine();
 RenameUser(domain, adminEmail, adminPass);
 }

 static void RenameUser(string domain, string adminEmail, string adminPassword)
 {
 Console.WriteLine("Old Username:");
 string oldUsername = Console.ReadLine();
 Console.WriteLine("New Username:");
 string newUsername = Console.ReadLine();
 try
 {
 AppsService service = new AppsService(domain, adminEmail, adminPassword);
 UserEntry entry = service.RetrieveUser(oldUsername);
 entry.Login.UserName = newUsername;
 service.UpdateUser(entry);
 Console.WriteLine("Rename Successful. Perform another rename? y/n");
 }
 catch
 {
 Console.WriteLine("An error occurred while performing the update. Try another? y/n");
 }
 var key = Console.ReadKey();
 if (key.Key == ConsoleKey.Y)
 {
 Console.WriteLine();
 RenameUser(domain, adminEmail, adminPassword);
 }
 }
 }
}

This application and code are provided as is. The application works on my machine, but you are using this at your own risk.

Google Apps Sync for Outlook

Today Google issued a heavy blow in the fight for small business, non-profit, and education email systems. Google announced that they will soon be releasing a tool that will allow Google Apps Premier and Education users to synchronize all their Outlook data instantly and quickly with their Google Apps account. This new tool will behave very similar to how Outlook interacts with Microsoft Exchange server and will feel no different for users.

As somebody who has setup numerous deployments of Exchange and Google Apps I can tell you that this is the one thing my customers have been waiting for. Many organizations have been using Exchange Server since its early days. All of their employees are using Outlook to manage their email, calendar, tasks, and contacts and for these organizations training all their employees to use Gmail would have simply been too difficult and too great of cost. However, this new tool allows organizations to seamlessly transition to Google Apps without the difficulty of removing Outlook.

Below is a demo of the new Outlook Sync tool.

Microsoft really needs to step up their game if they want to continue to succeed in this market. I am not saying Exchange Server is going to simply vanish, but fewer smaller organizations are going to be considering products like Small Business Server in the future and will instead be relying on cloud file storage and services like Google Apps and Salesforce.com to power their businesses.

Move to Hosted Email

The time for an organization to host and maintain their own email system has passed. For many years, I have been a proponent of Microsoft Exchange Server and Small Business Server. I have helped many smaller sized organizations install and support these email systems. However, with the vast selection of free or inexpensive hosted email solutions available I can longer see any reason that would justify an organization maintaining their own email system.

The simple fact is that building and supporting an onsite email system is costly to setup and costly to maintain. Additionally, it is nearly impossible for any organization to maintain even a 99% uptime. A 99% uptime amounts to 3.65 days of downtime per year. With most paid email services and even some free ones an uptime of at least 99.9% is guaranteed. Even the free solutions, like Google Apps Standard, that don’t guarantee 99.9% will almost certainly maintain levels close to that level.

Atlas Bay switched from using Exchange Server as a part of Microsoft Small Business Server about 6 months ago and I haven’t regretted the decision once. The time we spend maintaining our email went from hours per month to nothing. We are using Google Apps Premier and love the uptime guarantee, spam filters, and virus filters. This level of reliability and quality would never have been available to us with an on-site email system. Additionally, we now know that our email will always be delivered, always be available remotely, and is secure.

Since Google Apps was released Atlas Bay has helped many organizations make the switch. We have setup single person businesses and medium business. Some people still like to use Outlook while others like to use only the web interface for gmail. The beauty of Google Apps is the flexibility. This flexibility makes it easy for employees to make the switch. To date I have not had a single person say they preferred using their on-site email system over Google Apps. Additionally, every single company is seeing drastically reduced support and maintenance costs. Most customers that are on Google Apps haven’t had to pay for a single hour of support with their email systems since they made the switch.

With the economy as it is and every business trying to save money I would urge you to consider moving your organization over to Google Apps. You will save money and more than likely have a much better and more reliable email experience.

Build or Buy: CRM Software

CRM (Customer Relationship Management) software comes in all kinds of forms from countless vendors. There is not doubt that every organization should be using CRM software. It simply isn’t enough for a business to keep spreadsheets of data and private contact lists with client information anymore. Businesses need reliable data that can be analyzed, reported, and accessed by anyone in the organization. Once your organization has made the choice to implement CRM software the choice is what software do you use or do you hire a consultant to build a custom solution for you.

First, and most importantly, don’t build custom CRM software. Seriously, don’t do it. It wont work. Unless you have the development budget of Microsoft or Google you are never going to be happy with what you get. A good CRM software application costs millions of dollars to plan, develop, test, and maintain. A single person or small consulting company will not be able to create you product from the ground up to meet all your needs.

Now, I know what some of you are thinking. Many organizations think that none of the CRM products out there really meet their needs. Or they think that because their business is different than a traditional sales based company that traditional CRM software just doesn’t work for them. Both of these assumptions are wrong.

First, a good CRM software application is customizable. You can create new types of entities, edit the entities that come with the software, and change the data those entities store. No matter what your organization is you can shape a good CRM software application to your needs. If you are considering CRM software that can only be changed by programmers, don’t buy that software. CRM software should be relatively easy to modify by anyone who has read the manual.

Second, even if the software that is currently available can’t meet your needs 100%, I guarantee that the custom software you are considering making or that some consultant is trying to sell you wont even be in the same ballpark as your needs. I have seen dozens of CRM solutions that were build by consultants that cause more headaches than they solve problems. Microsoft Access, FileMaker, or custom a custom web application are not good CRM applications for any organization.

I wont go into too much detail on these points, but here are some more things to considers:

• Is your data secure? Where is the application hosted? Are you using encryption?
• Is your data going to be backed up daily? Don’t know, then it probably isn’t.
• Is your custom web application compatible with multiple web browsers?
• Can you access your CRM data outside your office?
• What will be the cost to make changes to the application?
• Can multiple people use the data at the same time?
• Can you build customizable reports?

If your application can’t do these things then it is time to consider something new. These features are the basics found in any established CRM software such as Salesforce.com or Microsoft Dynamics CRM Online. For most companies, I would recommend using one of the online hosted CRM solutions. These solutions will be much easier and faster to implement and will cost less to maintain and upgrade in the long run.

If you are considering implementing or upgrading your CRM software give us a call. We will always give you an honest assessment of what will work for your business. We don’t sell  proprietary in-house CRM software that makes us huge margins like many other small consultants. We will recommend to you what is right.

Launched SigmaLambdaGamma.com

Last week Atlas Bay and Kalidoscopio launched the new SigmaLambdaGamma.com. Sigma Lambda Gamma is the largest, historically Latina-based national sorority with a multicultural membership in chapters and alumnae associations throughout the United States. The new website enables headquarters staff to more easily communicate with the public and their 3,000 members all over the world. SigmaLambdaGamma.com is built on modern communication and collaboration tools to provided a unique and useful experience for the user.

At the core, this website is built on the WordPress software. WordPress is the most widely used online blogging and content management solution today. WordPress enabled the developers and designers to more quickly and efficiently deploy a quality and reliable product for our client without expensive and lengthy custom software development.

One of the key elements to the new SLG website is the integration with social networking. Users can now share information obtained from the website quickly and easily on their favorite social networking site. Additionally, Atlas Bay has integrated this website with the new Facebook Connect tools to enable website users to easily login and comment on posts.

One of the main pain points with the old website for the headquarters staff at SLG was keeping the website up to date. The old website required headquarters staff to utilize complicated website editing tools and perform manual HTML edits. This method proved to be difficult and the website quickly became outdated.

The new solution allows anyone with basic word processing skills to upload new content, add photos, or add videos in only a few easy steps. Additionally, the new website platform enables more people to participate in editing the website because of the customizable levels of permission. Website administrators can now assign other users limited permission to perform edits or publish new content without risk of unauthorized edits.

While building this website, Sigma Lambda Gamma also decided they would like a complete branding makeover. Through collaboration with Kalidoscopio, Atlas Bay was able to provide SLG with new color schemes and logos to improve and modernize their brand. These new logos and colors are now available for the entire organization to unify the look off all official documents. The new logo will now appear on everything from press releases to clothing and will ensure the brand is always presented consistently all around the country.

Wikis In the Workplace

Most likely when you hear the work “wiki” you think of Wikipedia. Wikipedia, as you probably know, is a wildly popular online encyclopedia. If you haven’t integrated Wikipedia into your daily live you are really missing out, but that isn’t the topic of this post. This post is about the role of wikis in the workplace.

At the core a wiki is a text management system that allows people to create, edit, and share articles online. A wiki can be used for many things, not just encyclopedic content. For example, one common use of wikis is to create online help documentation. The wiki is the best choice to store many kinds of company knowledge because it flexible, accessible, and it maintains revision history.

The storage and sharing of company knowledge is critical to the success of any business. Employees must know processes, procedures, policies, and information each day to accomplish their work. If a person quits or calls in sick the other employees must have the information they need to compensate for the missing team member. If your office is like most offices, the vast majority of this information is stored in the heads of a few key employees. This is clearly not the most effective solution. Any office must have a persistent and accessible method of storing this critical information.

A wiki is the perfect solution to this problem. By creating a secure company-wide wiki you and your employees can begin to document their job and share their knowledge. Policies can be shared more easily, processes that are only known by few can be performed by many, and everyone can learn new skills that will enhance the value of themselves and the company.

We use a wiki at Atlas Bay for a variety of purposes. One of the most important uses of a wiki for us is to document technical processes. By storing this information in our wiki there is no need for multiple people to figure out the same problem. Additionally, when we must perform a task again after many months of learning the task we can simply read our wikis for any procedures and notes regarding the task.

Another use of our wiki is software specification documentation. When working on a new project we work closely with a customer to determine exactly what they are looking for and what their needs are. By using our company wiki to to store this data, each person working on that project team has constant access to that information and can make updates as need.

I strongly recommend that your company utilize a wiki and begin to centralize your company knowledge. The process is simple and affordable. Your wiki will start out small, but over time it will grow organically into a large an useful collection of information that will increase the effectiveness of your business.