Just a quick update on the progress of this issue:

This storm cloud may have passed. I'm waiting for the official word from my Authorize Net sources but things are looking up for now.

I can't say more than this for now, and this being as fluid a situation as it is, things could "cloud up" again, but it's looking good. I'll post more as soon as I can!

MasterCard/Discover New Partial Authorization Rule

Authorize Net, one of the web's largest online payment gateways sent out an email to all their merchants that as of May 1 2010 Master Card and Discover were going to go live with a new processing rule that would require virtually ALL merchants to allow partial payments and multiple payment transactions. (There are a some exceptions, but few fit the profile) Yes you read that date right. This notice went out right about the time the rule was to go into effect, and the rule states that if the merchant was found to not be in compliance they would be hit with a penalty!

The first thought that jumped to mind was "What the !$#!@$!@!" - Fortunately even MasterCard realized you can't announce a new rule that will fundamentally change the way EVERY shopping cart website on the web processes credit cards and realistically expect this quick of a response. So Authorize Net got an extension for their merchants that pushes the deadline out to June 30th 2011. It appears that other gateway provides are getting such extensions as well. Best check with your gateway provider to see what they say on this.

So what does it mean?
A quick Google search on the topic brings up a lot of hits, but clicking on the results just takes you to a lot sites and blogs that just regurgitate the word for word content of the email notice which can be read here. Not a lot of helpful "what do I do" content to be found.

What's it really mean?
I'm not going to go into detail repeating the same thing that is available in the email or on on the Auth Net site, that can be found here:

• New MasterCard/Discover Processing Requirements
• MasterCard/Discover Partial Authorization FAQs
• http://www.authorize.net/support/AIM_apiupdates.pdf.

I'd recommend reading over these thoroughly!

Fortunately over the years we have developed a very good relationship with Authorize Net, we refer a lot of business their way, So I had a direct line to call. Talking to my contact at Authorize Net led to two conclusions;

1. They were on it and trying to be as responsive as they could
2. And that they had almost as many questions as I did

So we arranged a conference call with one of the lead techs working on the updates to their API to discuss what all this really meant from a technical standpoint. The call cleared up a lot of questions, but it also raised a number of concerns that still needed to be addressed. My contact at Authorize Net called me back the next day to ask if I would be involved in another conference call, this time with ten or twelve other eCommerce community leaders and if prior to the call I would email my primary concerns and questions so they could be covered during the call. So we had a "LiveMeeting" presentation and conference call with lead Authorize Net API techs and a number of eCommerce developers around the country.

So the big question: How's this impact my eCommerce web site?

It's is pretty simple to visualize. Assuming you are using Authorize Net or a similar real-time payment gateway, the way your web site works now is like this

Current Process

The payment is submitted to the payment gateway, if there's sufficient funds available on the card the payment is competed and the transaction is complete. If there are insufficient funds the transaction is terminated. In other words a single payment attempt is made and it will pass or fail. If it fails due to insufficient funds the user must start over.

New Payment Process

If the card submitted has funds available, but not enough to complete the full transaction, the available funds will be captured and the cart must allow the customer try with another card to pay the balance due.

• Merchants must accept multiple payments for individual orders
• Number of payments not known in advance
• Payment software must recognize multiple payments

While this is easy to visualize it's not an easy technical change! As you can see, this is a fundamental shift in he way virtually EVERY shopping cart site on the web will have to behave! This is going to take some pretty extensive programing to adapt the flow of the cart checkout process to allow for multiple attempts, and to clean up the mess of partial payments if a user decides to bail out in the middle of the process.

So, can we just opt out and do things the way we are now?

Well from a technical standpoint, yes. To prevent sites all over the web from breaking, "non compliant" sites will continue to work just as they do now.

Good, no problem then right? Wrong!

MasterCard will penalize merchants whose sites are found to be non compliant! How much is the penalty? No body is telling! Everyone just points to someone else. But some of the figures being passed around range from significant to bloody outrageous! To the point where the immediate reaction is "how can that even be legal!" I'm still digging to see if I can get somebody to give me a straight answer and will report as soon as I do, but suffice it to say that MasterCard & Discover are serious about this and they aren't going to make it easy to ignore. They are going to force you into one of three choices. Comply, No longer accept Discover or MasterCard, or shut down.

What about just not taking MasterCard or Discover anymore? Well some may choose to do this, but the hand writing is on the wall! Even though they are not being required to do so Authorize Net is preemptively building this functionality into their system for Visa and AmEx as well. They are pretty much expecting them to follow suit.

Why don't we hear more from all the gateway providers about this? Don't worry, you will. PayPal is already hard at this and making information available to developers. All other gateways will fall into line. Many of them are likely waiting to see what Authorize Net does, since many of them offer Auth Net emulation and their APIs work pretty much the same.

So, what next?

Fortunately we have some time. We are working closely with Authorize Net and will be releasing updates to users of current the version of Cartweaver for Authorize Net, and depending on what paths some of the other gateways take, we will release other updates as we can. We will stay on top of the changes and keep you informed.

To stay updated on how this progresses check back here or follow us on Facebook and Twitter. We will release up to the minute information there.

Adobe has released Dreamweaver CS5 and it looks to be quite the upgrade! I'm pleased to say that Cartweaver 3, ASP, PHP and ColdFusion have been fully tested and are Dreamweaver CS5 ready!

If you are currently using an older version of Dreamweaver, especially anything pre CS3 you should definitely download the CS5 trial and give it a good looking over. If you've been holing off upgrading CS5 will make you glad you did. This is the upgrade you've been looking for - and no, this is not an Adobe advertisement - I'm just pretty jazzed about the improvements in this version and don't mind giving credit where credit is due.

Although the ColdFusion and ASP versions of Cartweaver ship with an Access database we have never made any secret out of the fact that it's far better to use a for-real database server such as MySQL or MS SQL Server for your ecommerce database.

This may cause new users some confusion because these databases are not a file that you can upload. Usually your host creates the database for you but it's empty. Now what?

To demonstrate how to add your Cartweaver database tables and fields to your database, we will use MySQL as the our example since it is the most common database for many and the only one supported by the Mac and Cartweaver PHP. The process is similar for SQL Server.

• First go to the Cartweaver customers page and log in. This will give you access to the Customer's Free Downloads page. Once there, download the MySQL database creation script.
  
  
• Once you have it downloaded un-zip it and look for Cartweaver3_MySQL-Creator.sql
  
  
• Open this file in a text editor such as note pad - Do Not use Word as it will add characters that will corrupt the script. Use only a simple text editor.
  
  
• Now that you have your script ready, open your MySQL database in your MySQL administrator, in this example we will use phpMyAdmin since this is the one many hosts provide.

Now that you are here - just follow the example in this video.

Yes it is THAT simple.

The process may vary depending on what admin you are using, and whether you are using MySQL or SQL Server, but the principle and the basic steps are the same.

As an add note: I highly recommend Navicat (the commercial version) as your MySQL Administration tool. It is far and away the best, easiest MySQL admin out there and well worth the money! - No I'm not affiliated with Navicat in any way nor do I get any kind of commission. I recommend it so highly because I've tried a LOT of admin tools and haven't found any better. Definitely worth a look.

There are some things you can do when developing and testing locally that can ease your work-flow when it comes time to move your site to the online server, here's one of them that I was surprised to learn a lot of developers weren't using.

Mirroring your database / data source set up

Although Cartweaver CF supports Access database, it is always our recommendation that you move to a true database server such as MySQL or SQL Server. The advantages of speed, security, and stability are undeniable and well worth the additional set up and learning curve if you are not yet familiar with a these DBS'. Since both the ColdFusion and PHP versions of Cartweaver support MySQL I'll use it as the example here, although the principle apples equally to SQL Server.

Same user, both places.

It's a pretty simple procedure that will save you a lot of headaches. I was surprised to find that many developers will keep different sets of data source files, one for local work and one for the server. The reason for this is they have different log on and permissions locally. This can really lead to confusion and potentially an emergency if the local files are unintentionally uploaded to the server thus overwriting the server settings and breaking your site.

So here's a simple tip.

Using your Database admin - I'll use Navicat (my absolute favorite database admin tool) in this example - set up your local development database. Give this database the exact same name as you or your host used when setting up your database on the server.

Then in the user admin, create a new user and assign the exact same username and password you will be using on your host server. Finally when you set up your data source name (DSN) use the exact same DSN you have on the server... When I say exact, this includes CASE as well, due to the fact that many hosted MySQL servers are on Unix / Linux boxes and are therefore case sensitive. For ease of set up, go ahead and give the local user full permissions to the database for this application, the permissions don't have to mirror the server exactly.

Now, when setting up your local data source direct your DSN to this database using the username and password you just created. Now when moving files back and forth between your host server and your local development environment you wont have to worry about maintaining two data source set ups, since they are both identical it wont matter where the files are.

If you haven't been using this set up already, by all means start today, I hope you find this as big of a time saver as I did when I first discovered it.

One universal thorn in the side of developers the world over in adopting AJAX, jQuery (and other cool JavaScript frameworks) and more complex CSS, not to mention looking ahead to HTML 5 is the abomination called IE6. This Microsoft non-standards-compliant train wreck of a browser has been the unwelcome guest that has just refused to leave the party.Dumbing down our sites and applications to support for this blemish on the web has been the bain of the web developers/designers existance for far too long.

At last! Let's have a good Ol' Irish wake and party it's passing!

Recently Google announced that it will no longer support or worry about compatibility with IE6. This follows on the heels of Microsoft announcing the same.

The cool thing here is, the biggest block of "hangers on" to IE 6 has been large corperate and government IT departments, and them not allowing users on their networks to update.

NOW with two of the largest players in the market saying "IE6 is dead and we are moving on" the playing field has officially shifted in our favor. With major business and employers being pushed forward there's no reason to not tell users to update as well.

If one of our clients says "my site looks funny" and we find they still have IE6 we can, with authority, tell them they need to update their browser and back this up by saying even Google and Microsoft have abandoned all support for IE6 and for this reason we no longer developed with it in mind. The update is free, there are many choices, just do it. All said with a reassuring head nod and smile of course.

Google's formal announcement

OH YEAH!  What a glorious time this is. All together now...

<Munchkin voice> Ding done the 6 is dead, the wicked 6 is dead!!!</Munchkin voice>

A Heartbeat script may be the end of your session time-out frustrations.

We have all been there. Updating a web form and after working on it for quite a while the phone rings or somebody need our attention. You go back to you web form and finish it, then submit it only to find that your log in session has expired and you lose all your work!!! (insert explicative here).

"I can hear your heartbeat"

There is a way around this with AJAX / jQuery. There are several variations available of what has become to be known as a "Heartbeat" script. The purpose of this script is to Asynchronously ping or poll the server at given intervals to keep your session on the server alive. Here are a few exasmples:

• http://www.jasons-toolbox.com/JHeartbeat/
• http://www.ajtrichards.co.uk/jquery-hearbeat/
• http://www.ajaxpatterns.org/Heartbeat
  

There are numerous others that you can find by doing a quick Google search on "Heartbeat jQuery Script"

Some of the scripts you will find use the jQuery framework, others do not, but all follow the same idea and that is to simply interact occasionally with the server in the background to let the server know you are still there. This can save a lot of frustration for our clients and ourselves - c'mon admit it... Even though you constantly tell your clients to remember to update frequently to save their work you forget from time to time and get caught by this as well!

The cure-all?

Is this little script the cure-all that we have been looking for? Quite possibly, but as with any JavaScript function you'll need to test it with your application to be certain it doesn't conflict with anything else you have going on. It's pretty easy to implement, and worth the time however, so you might want to give it a try.

iPad, from a developer's perspective

When I watched Steve Jobs introduce the Apple iPad on Wednesday, my first reaction was, this is cool, but it really didn't move me. Like the MacBook Air, it impressed me as innovative and kind of "wiz-bang" but it doesn't have the horse power to replace my laptop nor does it have the communications ability of my smart phone, it just didn't seem to fit.

"Walk a mile in my shoes."

Then it struck me, I am looking at this from a developer's perspective. Face it were are not a mainstream lot. So I stepped out of my own perspective for a bit and tried to wrap my head around this new device from a run-of-the-mill user's stand point. NOW I get it! For the way the vast majority of my more "normal" family and friends use computers, this device is absolutely brilliant!

For example, my daughter went to Japan for three months and took my old MacBook with her. While this is a pretty easy traveling companion, the iPad would do everything she ever uses the MacBook for, and it would do it lighter, faster, better, and cheaper! I realized that Apple once again "Got It" - maybe even before the rest of us even knew what "it" was. I'd be willing to bet that 60% of the consumer market uses their computers for no more than what the iPad does, and the iPad does it in a new and more human friendly way. I feel a "I've got to have one of these" feelings coming over me!

What about our clients?

Then I took a moment and thought about our clients. So many of our clients have smaller "mom-n-pop" ecommerce sites for whom selling on the web is as much a part of their lives as it is a business. With an inexpensive, easy to use, access to the web anywhere, device like this in their hands, administering their web site, checking orders, adding new products and emailing customers just got a whole lot easier and more portable! And affordable! Our clients could literally be on a beach on Maui, or camping in the mountains of Colorado and with the G3 version of the iPad be connected and able to run their store and keep tabs on their business. For small one or two person businesses this spells freedom.

Social media on steroids.

Now that Social Media is becoming such a significant element in how we communicate and promote our business, the iPad's larger interface, compared to smart phones, will open things up and make staying current and connected much more friendly and therefore easier than in the cramped confines of even the best iPhone or Blackberry Storm or Droid. As we all know, when you make something you should be doing easier, you're more likely to actually do it.

A new category of computing & communications.

Like the iPod, and the iPhone, I think Apple has done it again. They managed to see just a little further over the horizon that the rest of us and identified a huge, primed and ready market, and got their first!

There's two things I'm resolved to buy now... an iPad, and more Apple stock. I'm 100% confident that these will both be expenditures that I'll be very pleased with.