This storm cloud may have passed. I'm waiting for the official word from my Authorize Net sources but things are looking up for now.

I can't say more than this for now, and this being as fluid a situation as it is, things could "cloud up" again, but it's looking good. I'll post more as soon as I can!

Authorize Net, one of the web's largest online payment gateways sent out an email to all their merchants that as of May 1 2010 Master Card and Discover were going to go live with a new processing rule that would require virtually ALL merchants to allow partial payments and multiple payment transactions. (There are a some exceptions, but few fit the profile) Yes you read that date right. This notice went out right about the time the rule was to go into effect, and the rule states that if the merchant was found to not be in compliance they would be hit with a penalty!

The first thought that jumped to mind was "What the !$#!@$!@!" - Fortunately even MasterCard realized you can't announce a new rule that will fundamentally change the way EVERY shopping cart website on the web processes credit cards and realistically expect this quick of a response. So Authorize Net got an extension for their merchants that pushes the deadline out to June 30th 2011. It appears that other gateway provides are getting such extensions as well. Best check with your gateway provider to see what they say on this.

So what does it mean?
A quick Google search on the topic brings up a lot of hits, but clicking on the results just takes you to a lot sites and blogs that just regurgitate the word for word content of the email notice which can be read here. Not a lot of helpful "what do I do" content to be found.

What's it really mean?
I'm not going to go into detail repeating the same thing that is available in the email or on on the Auth Net site, that can be found here:

• New MasterCard/Discover Processing Requirements
• MasterCard/Discover Partial Authorization FAQs
• http://www.authorize.net/support/AIM_apiupdates.pdf.

I'd recommend reading over these thoroughly!

Fortunately over the years we have developed a very good relationship with Authorize Net, we refer a lot of business their way, So I had a direct line to call. Talking to my contact at Authorize Net led to two conclusions;

1. They were on it and trying to be as responsive as they could
2. And that they had almost as many questions as I did

So we arranged a conference call with one of the lead techs working on the updates to their API to discuss what all this really meant from a technical standpoint. The call cleared up a lot of questions, but it also raised a number of concerns that still needed to be addressed. My contact at Authorize Net called me back the next day to ask if I would be involved in another conference call, this time with ten or twelve other eCommerce community leaders and if prior to the call I would email my primary concerns and questions so they could be covered during the call. So we had a "LiveMeeting" presentation and conference call with lead Authorize Net API techs and a number of eCommerce developers around the country.

So the big question: How's this impact my eCommerce web site?

It's is pretty simple to visualize. Assuming you are using Authorize Net or a similar real-time payment gateway, the way your web site works now is like this

Current Process

The payment is submitted to the payment gateway, if there's sufficient funds available on the card the payment is competed and the transaction is complete. If there are insufficient funds the transaction is terminated. In other words a single payment attempt is made and it will pass or fail. If it fails due to insufficient funds the user must start over.

New Payment Process

If the card submitted has funds available, but not enough to complete the full transaction, the available funds will be captured and the cart must allow the customer try with another card to pay the balance due.

• Merchants must accept multiple payments for individual orders
• Number of payments not known in advance
• Payment software must recognize multiple payments

While this is easy to visualize it's not an easy technical change! As you can see, this is a fundamental shift in he way virtually EVERY shopping cart site on the web will have to behave! This is going to take some pretty extensive programing to adapt the flow of the cart checkout process to allow for multiple attempts, and to clean up the mess of partial payments if a user decides to bail out in the middle of the process.

So, can we just opt out and do things the way we are now?

Well from a technical standpoint, yes. To prevent sites all over the web from breaking, "non compliant" sites will continue to work just as they do now.

Good, no problem then right? Wrong!

MasterCard will penalize merchants whose sites are found to be non compliant! How much is the penalty? No body is telling! Everyone just points to someone else. But some of the figures being passed around range from significant to bloody outrageous! To the point where the immediate reaction is "how can that even be legal!" I'm still digging to see if I can get somebody to give me a straight answer and will report as soon as I do, but suffice it to say that MasterCard & Discover are serious about this and they aren't going to make it easy to ignore. They are going to force you into one of three choices. Comply, No longer accept Discover or MasterCard, or shut down.

What about just not taking MasterCard or Discover anymore? Well some may choose to do this, but the hand writing is on the wall! Even though they are not being required to do so Authorize Net is preemptively building this functionality into their system for Visa and AmEx as well. They are pretty much expecting them to follow suit.

Why don't we hear more from all the gateway providers about this? Don't worry, you will. PayPal is already hard at this and making information available to developers. All other gateways will fall into line. Many of them are likely waiting to see what Authorize Net does, since many of them offer Auth Net emulation and their APIs work pretty much the same.

So, what next?

Fortunately we have some time. We are working closely with Authorize Net and will be releasing updates to users of current the version of Cartweaver for Authorize Net, and depending on what paths some of the other gateways take, we will release other updates as we can. We will stay on top of the changes and keep you informed.

To stay updated on how this progresses check back here or follow us on Facebook and Twitter. We will release up to the minute information there.

If you are currently using an older version of Dreamweaver, especially anything pre CS3 you should definitely download the CS5 trial and give it a good looking over. If you've been holing off upgrading CS5 will make you glad you did. This is the upgrade you've been looking for - and no, this is not an Adobe advertisement - I'm just pretty jazzed about the improvements in this version and don't mind giving credit where credit is due.

This may cause new users some confusion because these databases are not a file that you can upload. Usually your host creates the database for you but it's empty. Now what?

To demonstrate how to add your Cartweaver database tables and fields to your database, we will use MySQL as the our example since it is the most common database for many and the only one supported by the Mac and Cartweaver PHP. The process is similar for SQL Server.

• First go to the Cartweaver customers page and log in. This will give you access to the Customer's Free Downloads page. Once there, download the MySQL database creation script.
  
  
• Once you have it downloaded un-zip it and look for Cartweaver3_MySQL-Creator.sql
  
  
• Open this file in a text editor such as note pad - Do Not use Word as it will add characters that will corrupt the script. Use only a simple text editor.
  
  
• Now that you have your script ready, open your MySQL database in your MySQL administrator, in this example we will use phpMyAdmin since this is the one many hosts provide.

Now that you are here - just follow the example in this video.

Yes it is THAT simple.

The process may vary depending on what admin you are using, and whether you are using MySQL or SQL Server, but the principle and the basic steps are the same.

As an add note: I highly recommend Navicat (the commercial version) as your MySQL Administration tool. It is far and away the best, easiest MySQL admin out there and well worth the money! - No I'm not affiliated with Navicat in any way nor do I get any kind of commission. I recommend it so highly because I've tried a LOT of admin tools and haven't found any better. Definitely worth a look.

Mirroring your database / data source set up

Although Cartweaver CF supports Access database, it is always our recommendation that you move to a true database server such as MySQL or SQL Server. The advantages of speed, security, and stability are undeniable and well worth the additional set up and learning curve if you are not yet familiar with a these DBS'. Since both the ColdFusion and PHP versions of Cartweaver support MySQL I'll use it as the example here, although the principle apples equally to SQL Server.

Same user, both places.

It's a pretty simple procedure that will save you a lot of headaches. I was surprised to find that many developers will keep different sets of data source files, one for local work and one for the server. The reason for this is they have different log on and permissions locally. This can really lead to confusion and potentially an emergency if the local files are unintentionally uploaded to the server thus overwriting the server settings and breaking your site.

So here's a simple tip.

Using your Database admin - I'll use Navicat (my absolute favorite database admin tool) in this example - set up your local development database. Give this database the exact same name as you or your host used when setting up your database on the server.

Then in the user admin, create a new user and assign the exact same username and password you will be using on your host server. Finally when you set up your data source name (DSN) use the exact same DSN you have on the server... When I say exact, this includes CASE as well, due to the fact that many hosted MySQL servers are on Unix / Linux boxes and are therefore case sensitive. For ease of set up, go ahead and give the local user full permissions to the database for this application, the permissions don't have to mirror the server exactly.

Now, when setting up your local data source direct your DSN to this database using the username and password you just created. Now when moving files back and forth between your host server and your local development environment you wont have to worry about maintaining two data source set ups, since they are both identical it wont matter where the files are.

If you haven't been using this set up already, by all means start today, I hope you find this as big of a time saver as I did when I first discovered it.

At last! Let's have a good Ol' Irish wake and party it's passing!

Recently Google announced that it will no longer support or worry about compatibility with IE6. This follows on the heels of Microsoft announcing the same.

The cool thing here is, the biggest block of "hangers on" to IE 6 has been large corperate and government IT departments, and them not allowing users on their networks to update.

NOW with two of the largest players in the market saying "IE6 is dead and we are moving on" the playing field has officially shifted in our favor. With major business and employers being pushed forward there's no reason to not tell users to update as well.

If one of our clients says "my site looks funny" and we find they still have IE6 we can, with authority, tell them they need to update their browser and back this up by saying even Google and Microsoft have abandoned all support for IE6 and for this reason we no longer developed with it in mind. The update is free, there are many choices, just do it. All said with a reassuring head nod and smile of course.

Google's formal announcement

OH YEAH!  What a glorious time this is. All together now...

<Munchkin voice> Ding done the 6 is dead, the wicked 6 is dead!!!</Munchkin voice>

We have all been there. Updating a web form and after working on it for quite a while the phone rings or somebody need our attention. You go back to you web form and finish it, then submit it only to find that your log in session has expired and you lose all your work!!! (insert explicative here).

"I can hear your heartbeat"

There is a way around this with AJAX / jQuery. There are several variations available of what has become to be known as a "Heartbeat" script. The purpose of this script is to Asynchronously ping or poll the server at given intervals to keep your session on the server alive. Here are a few exasmples:

• http://www.jasons-toolbox.com/JHeartbeat/
• http://www.ajtrichards.co.uk/jquery-hearbeat/
• http://www.ajaxpatterns.org/Heartbeat
  

There are numerous others that you can find by doing a quick Google search on "Heartbeat jQuery Script"

Some of the scripts you will find use the jQuery framework, others do not, but all follow the same idea and that is to simply interact occasionally with the server in the background to let the server know you are still there. This can save a lot of frustration for our clients and ourselves - c'mon admit it... Even though you constantly tell your clients to remember to update frequently to save their work you forget from time to time and get caught by this as well!

The cure-all?

Is this little script the cure-all that we have been looking for? Quite possibly, but as with any JavaScript function you'll need to test it with your application to be certain it doesn't conflict with anything else you have going on. It's pretty easy to implement, and worth the time however, so you might want to give it a try.

When I watched Steve Jobs introduce the Apple iPad on Wednesday, my first reaction was, this is cool, but it really didn't move me. Like the MacBook Air, it impressed me as innovative and kind of "wiz-bang" but it doesn't have the horse power to replace my laptop nor does it have the communications ability of my smart phone, it just didn't seem to fit.

"Walk a mile in my shoes."

Then it struck me, I am looking at this from a developer's perspective. Face it were are not a mainstream lot. So I stepped out of my own perspective for a bit and tried to wrap my head around this new device from a run-of-the-mill user's stand point. NOW I get it! For the way the vast majority of my more "normal" family and friends use computers, this device is absolutely brilliant!

For example, my daughter went to Japan for three months and took my old MacBook with her. While this is a pretty easy traveling companion, the iPad would do everything she ever uses the MacBook for, and it would do it lighter, faster, better, and cheaper! I realized that Apple once again "Got It" - maybe even before the rest of us even knew what "it" was. I'd be willing to bet that 60% of the consumer market uses their computers for no more than what the iPad does, and the iPad does it in a new and more human friendly way. I feel a "I've got to have one of these" feelings coming over me!

What about our clients?

Then I took a moment and thought about our clients. So many of our clients have smaller "mom-n-pop" ecommerce sites for whom selling on the web is as much a part of their lives as it is a business. With an inexpensive, easy to use, access to the web anywhere, device like this in their hands, administering their web site, checking orders, adding new products and emailing customers just got a whole lot easier and more portable! And affordable! Our clients could literally be on a beach on Maui, or camping in the mountains of Colorado and with the G3 version of the iPad be connected and able to run their store and keep tabs on their business. For small one or two person businesses this spells freedom.

Social media on steroids.

Now that Social Media is becoming such a significant element in how we communicate and promote our business, the iPad's larger interface, compared to smart phones, will open things up and make staying current and connected much more friendly and therefore easier than in the cramped confines of even the best iPhone or Blackberry Storm or Droid. As we all know, when you make something you should be doing easier, you're more likely to actually do it.

A new category of computing & communications.

Like the iPod, and the iPhone, I think Apple has done it again. They managed to see just a little further over the horizon that the rest of us and identified a huge, primed and ready market, and got their first!

There's two things I'm resolved to buy now... an iPad, and more Apple stock. I'm 100% confident that these will both be expenditures that I'll be very pleased with.

As web developers we need share our progress with our clients as we wok on their new sites, but we only want to share our work with them or a select group users.

That being said you'd be amazed how often the ever busy Google bots crawl their way to one of these staging sites and then, as they were designed to do, index it and then share it with the world!

What brought this thought to mind was, I have a Google Alert set up for the term "Cartweaver" as well as several eCommerce related search terms and frequently I'll get an alert that directs me to a site that is obviously the basic, initial install of Cartweaver.
What is no doubt happening here is a developer is putting this up as a test case for themselves or a client so see - I seriously doubt that they intended for Google to find and index their site at this time however.

So, how do you share your progress with your clients, yet protect it from Google and other uninvited "guests"?

The best solution here is to set the folder on the server that contains your site to be protected and to require a username and password to allow access. If you have a dedicated server this is no problem, and some hosts will set this up for you... but not all. So what do you do if you want to test things on your host server, and allow you client to check progress, but keep the site private and block access for everyone else until you are ready to go live?

A simple User Authentication Method with a "Security Index Page"

Here's a simple set up you can use. You can create a placeholder / log in page and name it as your index page. This page will serve to as you temporary home page. This page will force users to log in to view the rest of the site. During development of your site, just name your home page "home.cfm" (or PHP or ASP) - When you are ready to go live you can eliminate the "security" index page and rename your "home" page to "index". If you do this in Dreamweaver's file view Dreamweaver will even update the links to the home file to index for you so you won't have to worry about doing this manually.

Now what you do is add a log in form to the security index page that will allow users to log in. If the log in is correct they will be automatically taken to the home page and be allowed to browse the site, if not the will be bounced back to the security index page.

What if they are not logged in and manually enter a url for one of the interior pages? Won't they be abe to see the site then?

We can prevent this with a simple validation / relocation script.

We will set a default log in session variable and if a log in is correct this default will be replaced by expected "logged in" value. To prevent access to any pages other than the security index page for anyone not properly logged in we will place code that checks the logged in variable value. If the user is correctly logged in we do nothing and allow access to the requested page, if the value is incorrect we will automatically redirect the user back to the security index page. For ColdFusion we would include this code in the Application.cfm or Application.cfc file, depending on which you are using. For PHP or ASP you will need to include this code at the very top of each page on your site.

Doing this will effectively hide your site-in-progress from prying eyes or Google bots, until you are ready for them to see it, but makes your work in progress easy to see for your clients.

Download the example files here:

• ColdFusion
• PHP
• ASP

Once the site is ready to go live, we delete the index page and rename the home page to index, as mentioned above. Then we delete the included checking code from the site. For Coldfusion, you select the include from you Application file, for PHP you can do a quick search and replace to eliminate the include code.

A note to remember:
It is better if you can secure the site on the server at the folder permissions level, but if this option is not reasonably available to you, this method will do the trick!

Hope you find this helpful!

This program affords me the opportunity to give back to a community that has been such a large part of my career! It also gives me a chance to stay on the inside track of where Adobe and the web development industry as a whole is headed.

A BIG thank you to Adobe for asking me back - it's an honor and a privilege to be part of such a dynamic community! Find the list of ACPs here - http://tinyurl.com/yh47gp8

First let's look at what happens in a normal purchase transaction.

When the customer clicks the final checkout button the credit card and customer data is passed off via SSL encryption to the payment gateway (note, we are only discussing real-time gateways here like Authorize Net, Link Point or the like) The gateway verifies the information and validates the transaction, or not, depending on the response from the card issuing bank, then reports the results, either success or failed, back to the cart application. The cart then processes the transaction based upon the gateway response.

• Success - the order is added to the database and a confirmation page is displayed.
• Failed - a "Transaction failed" page is displayed and the customer is given the option to try again.

Simple enough, but what would cause a successful transaction to be recorded at the gateway, but not in the store database?

What can cause this is something interrupting the response from the gateway, a glitch in the connection or a dropped packet transfer.

What can you do?

Unfortunately there is nothing in the code or the app that can prevent a connection glitch on the web. As long as you are reaching out to a remote service, and then requiring a response back from that remote service, there's always a chance that something will prevent the return response from getting through. Fortunately this is a very rare occurrence, but it does happen... Things are better now than they were a few or a couple of years ago, by a long shot! But still not perfect, and this can happen.

Now what if it's happening frequently? Well the first thing to keep in mind - it is not the code or the application. The app works the same way for every transaction. It sends the data off, receives the return data, and acts accordingly based on the response. So the missing order issue is happening to you frequently then you need to see what the possible cause that may be within your control could be. First thing to look at is your host's system. If you are on a host with overloaded servers or with internal connection issues, this could definitely cause this problem. You see, when browsing from page to page on a web site, if the hosts system is a little glitchy or over stressed, drops in page requests can go pretty much unnoticed, but if this "drop" occurs mid transaction, then you have problems! There's no way to reinitiate the entire transaction - the app has already transferred the data to the gateway, all it can do now is wait for the response. There are a number of things that can cause this - many of them are beyond your control since they happen out on the web - but you do have control, or influence at least on what happens on your server - either by working with your host or seeking out a more reliable host.

The main thing to remember here is this problem is a connection / communication issue, not an application code issue. This can happen every once in a while, simply because the web is not a perfect network. But if it's happening with any frequency, you need to see what you can do to assure more reliable connections between your site and your gateway.

I hope this conversation will help clear the fog around this issue for you and help you make your system as reliable as present web technology will allow.

One of the points I make is to respect the community etiquette and don’t jump in and start selling. Doing this will make you about as welcome as an Amway salesman at a family reunion! Social media is a powerful direct -to-consumer communications tool but their are boundaries you should respect.

Take a look at the article and listen to the interview and let me know what you think.

The following modification for the ColdFusion version will remove items from the cart that are no longer available, and show the customer a message that an item has been removed from the cart because it is no longer available.

Now, in CWIncFunctions.cfm, add the following section of code at line 399, right after this line:

Add the following code:

  
  SELECT c.cart_sku_ID, c.cart_sku_qty, s.SKU_Stock, c.cart_Line_ID
  FROM tbl_cart c
  INNER JOIN tbl_skus s
  ON c.cart_sku_ID = s.SKU_ID
  WHERE c.cart_custcart_ID =
  AND s.SKU_Stock < c.cart_sku_qty
  
  
  
  
    
      
      DELETE FROM tbl_cart
      WHERE cart_Line_ID =
      
    
      
      UPDATE tbl_cart SET cart_sku_qty =
      WHERE cart_Line_ID =
      
    
  
  

Now, when a user comes back to view his cart, any items that are no longer available are removed from the cart and a message is displayed to the customer, and items that have smaller quantities available than were available at the time of the cart creation have their values adjusted. This only affects carts where Allow Backorders is unchecked in the Cartweaver admin.

Update: 10/4/2009 Thanks to Alex in the CW support newsgroup for pointing out that the method does not consider quantities in the cart greater than available quantities. It was written for one situation, but I have now adjusted the code to work with all situations where a quantity is no longer available for a given item

The following modification for the PHP version will remove items from the cart that are no longer available, and show the customer a message that an item has been removed from the cart because it is no longer available.

In CWIncFunctions.php, add the following section of code at line 470, right after this line:

$Cart["Products"] = array();

Add the following code:

if(!$cartweaver->settings->allowBackOrders) {
  $query_rsCWCheckStock = sprintf("SELECT
  s.SKU_Stock,
  c.cart_Line_ID
  FROM tbl_cart c
  INNER JOIN tbl_skus s
  ON c.cart_sku_ID = s.SKU_ID
  WHERE c.cart_custcart_ID = '%s'
  AND s.SKU_Stock < c.cart_sku_qty",$cartID);
  $rsCWCheckStock = $cartweaver->db->executeQuery($query_rsCWCheckStock, "rsCWCheckStock");
  $rsCWCheckStock_recordCount = $cartweaver->db->recordCount;
  $row_rsCWCheckStock = $cartweaver->db->db_fetch_assoc($rsCWCheckStock);
  if($rsCWCheckStock_recordCount > 0) {
    $cartweaver->setCWError("Item Sold", "An item or items in your cart are no longer available or had quantities adjusted");
    do {
      if($row_rsCWCheckStock["SKU_Stock"] <= "0") {
        $query_rsCW = sprintf("DELETE FROM tbl_cart
        WHERE cart_Line_ID = %d",$row_rsCWCheckStock["cart_Line_ID"]);
        $rsCW = $cartweaver->db->executeQuery($query_rsCW, "rsCW");
      } else {
        $query_rsCW = sprintf("UPDATE tbl_cart SET cart_sku_qty = %d
        WHERE cart_Line_ID = %d",$row_rsCWCheckStock["SKU_Stock"], $row_rsCWCheckStock["cart_Line_ID"]);
        $rsCW = $cartweaver->db->executeQuery($query_rsCW, "rsCW");
      }
    } while ($row_rsCWCheckStock = $cartweaver->db->db_fetch_assoc($rsCWCheckStock));
  }
}

Now, when a user comes back to view his cart, any items that are no longer available are removed from the cart and a message is displayed to the customer. This only affects carts where Allow Backorders is unchecked in the Cartweaver admin.

Update: 10/4/2009 Thanks to Alex in the CW support newsgroup for pointing out that the method does not consider quantities in the cart greater than available quantities. It was written for one situation for a customer, but I have now adjusted the code to work with all situations where a quantity is no longer available for a given item.]]> http://blog.cartweaver.com/index.cfm?newsid=77 http://blog.cartweaver.com/index.cfm?newsid=77 Sat, 03 Oct 2009 14:13:18 GMT
These steps aim top give a basic workflow for those of you that don't know where to get started when facing a blank screen.

I usually use a simple 3 step approach to all my projects:

Step 1: Plan
Step 2: Develop
Step 3: Test, test, TEST !

(note: this is just *my* method. I am quite sure each reader has their own set of "rules".

General overview:

Step 1: Plan

A lot of developers neglect to give this step the proper importance. I' think it is the most important part of the entire project.
Not having a good initial plan will add a lot of extra work to any project in the long run.

Why is it so important ?  Becuase the plan, will guide you in *what*  you need to develop, and will force you to know the exact details before you start the actual coding work.
Attempting to develop a shopping cart without previous planning is like attempting to build a house without a blueprint.

A few good reasons why you should plan ahead:

i. It is a lot easier changing things around on a paper than it is to actually change code.
ii. By having all the details before hand it is a lot less probable that you get stumped whilst developing your cat.
iii. Any problems/questions can be solved at the very beginning, instead of having to interrupt development.
iv. By getting your client's approval on your plan, you ensure that you won't have any unpleasant "surprise" features whilst finishing your project.

A very important aspect of planning, is making sure you have all your tools ready, and, that you have a local development environment setup.



Step 2: Develop

If you have done a good job in the initial planning stage, the development part should be a lot easier to handle.

Your plan will act as a map, helping you focus on the actual development, without having to worry about possible setbacks.
Whilst developing, I recommend you do daily backups of your entire work folder. By doing this you can rest assured you don't loose any work, or accidentally overwrite any files. There is no such thing as "too many backups" !

A lot more can be said about the actual development. In future entries, I will be focusing in detail in the actual development process.



Step 3: Test, test, TEST !

Once you have finished your project, be sure to test it thoroughly. You can't trust it to just work because it's supposed to.
You should try all existing site functions to make sure each works as expected.

Never assume the user won't click somewhere!  If there is something not working, chances are, users will try just that.

Sometimes, I find it quite hard to test my own sites, since I know how to use it. I usually ask someone else with basic knowledge to try it.  A lot of times, I just ask my mom; she's 60, and has no advanced knowledge of any kind. She knows the basics of sending email, browsing the web, and using Word.  Having a "non-tech" person test your site is an excellent way of making sure your site is user friendly.

A lot of times, we feel we have so much work to do, we don't take the proper time to test our work. I regret each of those occasions. Even if on a tight schedule, I test all of it.
This doesn't mean that all I do is bug free. But, at least i know that if there is a bug, it won't be an obvious one.


Over the next few weeks, I'll be focusing in detail in each of these steps, and giving some extra tips for advanced users.  Next week, you'll get an in-depth guide on how to tackle Step 1, and how to setup your local staging server.

Please, do post your opinions !

The full list of release notes can be found at http://us2.php.net/migration53.

The main reason for the updated code is the fact that the following functions are now all deprecated in PHP and will throw E_DEPRECATED error messages when used (E_DEPRECATED is a new error message level). The functions are removed in PHP 6:

Deprecated functions:

call_user_method() (use call_user_func() instead)
call_user_method_array() (use call_user_func_array() instead)
define_syslog_variables()
dl()
ereg() (use preg_match() instead)
ereg_replace() (use preg_replace() instead)
eregi() (use preg_match() with the 'i' modifier instead)
eregi_replace() (use preg_replace() with the 'i' modifier instead)
set_magic_quotes_runtime() and its alias, magic_quotes_runtime()
session_register() (use the $_SESSION superglobal instead)
session_unregister() (use the $_SESSION superglobal instead)
session_is_registered() (use the $_SESSION superglobal instead)
set_socket_blocking() (use stream_set_blocking() instead)
split() (use preg_split() instead)
spliti() (use preg_split() with the 'i' modifier instead)
sql_regcase()
mysql_db_query() (use mysql_select_db() and mysql_query() instead)
mysql_escape_string() (use mysql_real_escape_string() instead)
Passing locale category names as strings is now deprecated. Use the LC_* family of constants instead.
The is_dst parameter to mktime(). Use the new timezone handling functions instead.

The functions previously used by Cartweaver are ereg(), ereg_replace(), session_unregister(), and split().

There is also a new PHP site devoted to Windows installations at http://windows.php.net/

If anyone has a Cartweaver version pre-3.1.16, you will want to download the latest version and apply the fixes/changes. To download Cartweaver, go to http://www.cartweaver.com/customers and login as a customer. You should see your downloads. If you have not updated a Cartweaver installation, the easiest way is to simply replace the files in the /cw3 folder. If you have made changes to any of the files in your site, the UpdateNotesCW3PHP.htm file details each change to each file showing line numbers and code before/after. I've found Beyond Compare (http://www.scootersoftware.com/) to be a valuable tool for making line-by-line file changes, or comparing directories.

Update: 2009-09-08 6:47pm One thing I noticed on the PHP site is that the Windows ISAPI version of PHP is not supported any more. Hopefully the bugs have been addressed in the CGI versions, as previous versions of PHP were crash-prone when using the old CGI version. Supposedly the new FastCGI version is better.

 Keep an eye on my this blog as I will post anything new or cool we hear about at the conference.

Also, be sure to follow me on twitter and.or Facebook. I'll be posting there frequently.

http://twitter.com/LawrenceCramer
http://www.facebook.com/home.php?ref=logo#/lawrence.cramer?ref=name

 I hope to see as many of you there as possible, if you are there be sure to attend my session on "Real World eCommerce"  at 2:00 on Tuesday 

Cheers!

Some very good videos on Adobe Labs
Ben Forta's Article
Simon Horwith's Blog

Finally, a bit more in-depth take a look at Adobe's Live Docs

One of really interesting aspects of the new betas is CF Builder (formally code named Bolt) For the first time since the Allaire days, pre Macromedia/Adobe ColdFusion will have a dedicated development environment for the hard core coder. This will open up some doors to serious development that were hard to get through using the hodgepodge of Open Source tools or Dreamweaver which is admittedly tilted more toward the visual designer/developer.

So all in all, the next generation of CF is a big leap and there's no doubt that it will have a big impact on the way many of us do things. I would highly recommend all CF developers, or those wanting to learn more about ColdFusion go to Adobe Labs and download the beta and give it a try!

You should also give CF Builder a try as well... A word of caution here, CF Builder is built on the Eclipse platform, which means if follows a significantly different workflow that Dreamweaver and there is a fairly significant learning curve involved to get your head around the way "Projects" - This is how CF Builder refers to "sites" as Dreamweaver calls them. Is it worth the effort? This is actually a fairly easy question to answer. If you develop ColdFusion based web sites, but most of your time is spent in Dreamweaver's design view, probably not. It you spend the majority of your time working with ColdFusion in Dreamweaver's code view, the most definitely yes. So depending how you currently work CF Builder may be the greatest thing to happen to the way you work in a long time, or a non issue. It'll be up to each individual to decide.

It looks like Microsoft is working overtime to drum up business and may be a little worried, you think?

I say it's about time!

For tooooooo long Microsoft has used it's monolithic market share as a reason to cram its over bloated, under tested, security hole ridden software on its nearly captive customer base... Then, finally they loaded that last straw onto the poor camel's back - Vista. The user community revolted by simply staying put with Windows XP. Basically staging an "upgrade strike". At the same time, larger numbers than ever before decided to make the switch to the Mac. Finally with an eroding customer base and upgrade sales flat lining Microsoft had themselves an "oofdah! moment and stared smelling the coffee burning... In the OS department anyway.

Have they truly seen the light? Sadly it would appear, No. Their approach to .Net or nothing, to non standards based HTML rendering in Outlook their refusal to work with competitors on industry standards joint initiatives, still shows them for what they are... A cranial-up-rectal bully that just doesn't get or care how to play well with others.

For now, out of all this, at least I may get a reasonable price on a finally stable OS to run Open Office, ColdFusion, PHP, CS4, MySQL... you know, all my anything-but-Microsoft apps on.. And for that at least I'm grateful.

I hope, selfishly I'll admit, that Windows 7 is all it is supposed to be, and what Vista should have been. But at the same time I hope it doesn't do too well. I'd like to see Microsoft sweat some more. I'd like to see them realize that a web standards compliant Outlook would actually be the RIGHT long term choice! That Internet Explorer should actually support WC3 (World Wide Web Consortium) standards. Maybe, if Apple continues to erode their base and they continue to lose market share Microsoft will actually see the light. They, and the rest of us will be the better for it.

I'll admit, we have to give Microsoft credit... In the early days they took us to places that few could have imagined, but for a long time now they have turned to the dark side where power and control are far more important to them than progress and innovation or even quality.  I don't want to see them go down, I just want to see them be a productive part of the development community, to be a force for progress rather than an obstacle.

Let's hope they will take the lesson learned in the OS department and move the rest of their efforts in the same direction.

During the week of March 16 - 20, 2009, Authorize.Net will be deprecating all legacy support for the SSL 2.0 protocol. Changes have recently been made to the Payment Card Industry Data Security Standard (PCI DSS) which have made the use of SSL 2.0 a PCI DSS violation.

Due to this change, it is critical that you update any applications or integrations that may be using the SSL 2.0 protocol to support the more current SSL 3.0/TLS 1.0 protocols. Failure to upgrade your applications or integrations may result in a lost ability to successfully process transactions via the Authorize.Net Payment Gateway.... contact Authorize.net for the rest.

Facebook   -   Twitter

I look forward to being a real "blabber mouth" at the event and sharing as much info as time, technology and bandwidth will allow.

I figure once Adobe says it at CFUnited... It's public and ok to share!

Recently we had a handful of reports from customers who could not install Cartweaver3PHP.mxp into Dreamweaver CS3 or CS4 using Windows XP or Vista. These customers would usually get either a Runtime Error or a simple error message that read "Parameter incorrect." I know; that's a pretty unhelpful error message, isn't it?

It's a not typical that we run into an issue that can't be resolved quickly. In fact the extension portion of Cartweaver has been stable for quite a long time now. Any issue is rare occasion at this point, but for it to be an issue that takes more than a few days to figure out is practically unheard of.

At the end of March, one of the first people to report the issue to us was actually someone in Quality Assurance at Adobe who was testing the extension in order to approve it to be on the Dreamweaver Exchange. He sent us great news; ASP & ColdFusion were approved, but the PHP version wouldn't install. Along with that he sent us the Extension Manager crash report XML file.

This was the first I'd seen one of their crash report files. Nothing in it looked out of sorts to me and I kept scrolling through the file hoping to find some clue so that I could reproduce the issue. The one tag that could have helped was empty: <reproSteps></reproSteps>

All of us here at Cartweaver tried to reproduce the issue, but none of us could. Over the next couple months we got similar reports from a few more customers. With each report, we tried to duplicate the issue on a system with the same configuration (for example Windows Vista with CS3, or XP with CS4) but it just wasn't duplicate for us. We of course suggested the customer try all the standard techniques for troubleshooting a Dreamweaver extension issue, but even uninstalling Dreamweaver and wiping out settings didn't do the trick.

Why was this happening to just a few customers? It drove me crazy; I had to find the answer. We probably could have just said sorry to the few people who had the problem and issued refunds, but that's not our style at Cartweaver; we'd rather do everything possible to make things better. I wasn't going to just give up; somehow I'd figure out what was causing the issue and fix it!

Long story (at my personal blog) made short, it came down to a single file with a bad file date that prevented the MXP from installing on some systems. It took a lot longer to figure out the problem than any of us would have liked, but this was really obscure. I can't tell you how relieved I was when I got the news that it worked for a couple of our customers who had been experiencing the issue; finally!

My thanks to our customers who volunteered to help us find a solution to the issue. Your patience and helpfulness are very appreciated; thank you so much!

Since you're probably reading this because you own Cartweaver 3 PHP, there's one important thing you should know: If you're using Cartweaver 3 PHP 3.1.13 and it is working fine for you, you don't need the 3.1.14 update. (No changes were made to PHP files, so if you have 3.1.13 working just fine you don't need this update.)

Some other past Community MX articles about Cartweaver are:

Integrating Cartweaver with a Page Design

Showing Results and Details on One Page Using AJAX

Using JumpStarts with Cartweaver, Featuring Minneapolis

 </div>
 <div id="page2">

add this:

<p><a href="AddToCartButtons.php?prodId=<?php echo($row_rsCWGetProduct["product_ID"]);?>" target="_blank">Make Add To Cart Buttons</a></p>
 </div>
 <div id="page2">

Now, create a new page in the /cw3/admin folder called AddToCartButtons.php and put this code on it:

<?php
include("application.php");
$productId = isset($_GET["prodId"]) ? intval($_GET["prodId"]): 0;

/* Get Product Data */
$query_rsCWGetProduct = sprintf("SELECT DISTINCT product_ID,
product_Name,
product_Description,
s.SKU_ID,
s.SKU_MerchSKUID
FROM tbl_products p
INNER JOIN tbl_skus s
ON p.product_ID = s.SKU_ProductID
WHERE product_ID = %d
AND product_Archive = 0
AND product_OnWeb = 1
", $productId);
$rsCWGetProduct = $cartweaver->db->executeQuery($query_rsCWGetProduct, "rsCWGetProduct");
$rsCWGetProduct_recordCount = $cartweaver->db->recordCount;
$row_rsCWGetProduct = $cartweaver->db->db_fetch_assoc($rsCWGetProduct);

do {
?>
<h2><?php echo($row_rsCWGetProduct["product_Name"] .": skuid " . $row_rsCWGetProduct["SKU_MerchSKUID"]);?></h2>
<textarea cols="80" rows="10">

<form action="details.php?prodId=<?php echo($row_rsCWGetProduct["product_ID"]);?>" method="post" name="AddToCart">
 <input name="qty" type="hidden" value="1">
  <input name="skuid" type="hidden" value="<?php echo($row_rsCWGetProduct["SKU_ID"]);?>">
  <input name="prodId" type="hidden" value="<?php echo($row_rsCWGetProduct["product_ID"]);?>">
  <input name="submit" type="submit" class="formButton" value="Add to Cart">
</form></textarea>
<br/><br/><hr/>
<?php
} while ($row_rsCWGetProduct = $cartweaver->db->db_fetch_assoc($rsCWGetProduct));

That should do it. Now, when you click the link, the page populates with add to cart button code for each sku for that product.

The add to cart button code looks like this:

<form action="details.php?prodId=31" method="post" name="AddToCart">
 <input name="qty" type="hidden" value="1">
  <input name="skuid" type="hidden" value="59">
  <input name="prodId" type="hidden" value="31">
  <input name="submit" type="submit" class="formButton" value="Add to Cart">
</form>

For proof of this take a look at the graph in this article on Practical Ecommerce

Ecommerce Sales Growth Flat in Q1 2009

You notice that yes, sales did dip in the last quarter of 2008... but only by 3%! That's after huge growth in 2007, and while the rest of the economy was in a full blown free fall for most of 2008 ecommerce was still growing. And now after only one quarter of being slightly down, business has leveled off and is already showing signs of growth for the second quarter.

For a lot more information on the topic simply look at these Google searches on the following topics:

• ecommerce growth in the first quarter of 2009
• ecommerce growth projections for 2009

Compared to most every other sector of the economy, ecommerce is "where it's at" to see growth over the next eighteen months.

In many ways the down economy is driving this growth. More and more people are shopping online in pursuit of better prices. Consumers also realize that they can save a lot of money by comparison shopping for larger ticket items online in a fraction of the time and virtually for free.

So, what's all this mean for web developers? — You have a story to tell!
You have something in your bag of tricks that can help your clients grow their business, even though fewer customers may be coming through their front door. The customers are still out there, but they are shopping online! Do a little research and put together a presentation. Show your clients, or potential clients, that adding ecommerce capabilities to their online presence isn't a "should do" it's a "must do!"

When it comes to finding more business in a growth market, when it comes to helping business find more sales in a seriously down economy, you have a story to tell. You have help you can offer. So take a little time, get your presentations in order and go tell it. The result is better business for your clients, and more business and grateful, loyal clients for you. Now that's a real opportunity!

1. Have you spoken at CFUnited in the past?  What would you tell someone who hasn't been to CFUnited before?

No. I'm very excited to be speaking this year!

CFUnited is THE ColdFusion conference. It's the "must attend" best-of-breed conference because of the caliber of speakers and the no sales hype / real information focus of the event.

2. Why should people attend your session(s)?

Even in this down economy, one business sector is still experiencing growth... eCommerce. More and more developers are getting asked by their clients to develop eCommerce sites and they are finding it to be a more complex, specialized skill set than they expect. They are expected to not only develop sound eCommerce applications but know about many other things such as payment gateways, PCI compliance, security, merchant accounts and so on. My session will cover all these facets of eCommerce development.

3. Do you have any projects in the works that you will be revealing at CFUnited?

Yes.  Can't say much more than that right now.

4. Besides your topic, what other sessions are you looking forward to?

I'll be like a kid in a candy store!  Having difficulty narrowing down my choices so far!

5. What are some of the hot topics you'd like to see at RoundTable discussions?

Anything Bolt. (the new dedicated ColdFusion Development Application)

6. Where can people find you at CFUnited?  (At the bar, networking, working, in your room, etc.)

At my session, and on Twitter... I'll be tweeting a lot and will tweet meet-up plans: http://twitter.com/LawrenceCramer

7. What's the latest news with you? Has anything changed since last CFUnited?

A lot! The economy has presented not only challenges but huge opportunities! Whenever you shake things up, new openings emerge.

8. What is unique about CFUnited?

It's focus! It's an opportunity to learn, not be "sold".  It an opportunity to learn about ColdFusion and related technologies and to meet and network with the best in the field.

9. When you are not working what do you like to do in your free time?

Go sport touring around the west with my wife and friends on my 2008 Kawasaki Concourse 1400, and do a little wine tasting. I'm a bit of a wine buff and Washington has a lot of great wine!

10. Feel free to make up your own question and then answer it.

Q: Besides the sessions, what makes CFUnited worth the cost of going?

A: The networking!  If you go DON'T be a wallflower! Get out there, meet and greet and make new friends and contacts.

See you at CFUnited!!

There is a selection in the Cartweaver menu that allows you to place a log in form on any page you like, you could create a log in page. Then with just a little modification to you site check to see if the logged in variable exists signifying that the user has logged in successfully, if so allow them to access the product pages, if not route them back to the log in page.  Just a few lines of code at the very top of the pages you wish to protect - something like this...

This example is done is ColdFusion...

<cfif NOT IsDefined("Client.CustomerID")>
  <cflocation url="YourLogInPageName.cfm" addtoken="no">
<cfabort>
</cfif>

Here is the same in ASP...

<%
'If user has not logged in, then redirect him to our login page
If Session("CustomerID") = "" Then
    Response.Redirect("YourLogInPageName.asp")
End If
%>

Here is the same in PHP as well.

<?php
session_start();
$_SESSION["customerID"] = 1;
if (!isset($_SESSION["customerID"
]) || (isset($_SESSION["customerID"]) && $_SESSION["customerID"] == "0") ) {
     header("Location: YourLogInPageName.php");}   
?>

 Pretty simple solution!