A few impressions from the first ever E€ Open Source Convention in Amsterdam.

• The main street between central station and central square was really full with people. Stuffed.
• I got into my smoke-free room on the third attempt. First I was handed a smoking room, then a smoke-free room with nonfunctional key and finally everything went fine. Good excercise.
• I went through the two last hours of my presentation on the spot in the grand ballroom. My Rails tutorial has been attracting most people of all the tutorials (yay!) so it was moved there instead of Amsterdam room.
  

• The hotel is poshy. You thought the breakfast buffé on the Baltic sea ferries costs something. Think again. Having breakfast in the wintergarden here makes you 22€ poorer.
• I’m feeling both pretty excited and surprisingly little nervous about the tutorial. I guess the practice is starting to pay dividends.
• The free conference wifi doesn’t stretch all the way to my room so I ended up paying 12.50€ per day to Swisscom. The whole conference would have been 60€ but I’m here only for 3 days so where’s the bargain?
• I won’t be wearing an AJAX Amsterdam shirt during my presentation. I contemplated buying one in the airport but then the whole idea struck me as a bit too corny so I let it for Paul Everitt in his Model-Driven AJAX tutorial.

I created a Flickr set for the convention and will be updating it during the week. Stay tun

I will start a week-long journey today which will include first an orienteering relay in southwestern Finland and then EuroOSCON in Amsterdam.

My tutorial in EuroOSCON is my first big presentation so you can imagine I have some butterflies in my stomach already. The flexible path and show-don’t-tell theme of the tutorial hopefully makes it a bit easier to survive the three-hour gig. I’ve practiced the whole tutorial already quite a few times and still have a few days left to hone the last glitches. Needless to say, I’m pretty excited.

As my tutorial will be a whirlwind tour through Rails, it pays off to at least know what’s Rails is about before the tutorial. Coincidentally, ONLamp.com has just launched Curt Hibbs’s article “What Is Ruby on Rails” that does a great job explaining what Rails is. My tutorial will then tell you how that will benefit you.

The only people who never experience failure are those who are not pushing the envelope of what mankind is capable of doing.

—John T. Preston in Success Factors in Technology-based Entrepreneurship

UPDATE We lost. I am now (or at least in a few weeks) officially a criminal. And so are at least a million other Finns. Welcome to the club.

If you’re living in Helsinki area, please take part in the demonstration against the new copyright law that is about to be ratified by the Finnish parliament tomorrow. I’m deeply concerned about the new law that will make

• circumventing copy protection (e.g copying music from DRM CD’s to my iPod),
• talking about DRM circumvention methods
• and group purchases of books from Amazon.com

illegal.

Not only is the proposed law arguably unconstitutional (even according to the constitution committee of the parliament), it is also so strongly against the common sense of justice that I find its passing utterly incomprehensible. That doesn’t seem to stop the parliament from making the decision, tho, so I’d be grateful if as many of you as possible would gather around the parliament house tomorrow and relay my wishes to the MP’s.

The manners the local recording industry executives (“If you’re on Mac, by a CD player”) and ministers have shown during the battle is a whole ‘nuther story so I won’t bore you to death with it. Just drag your friggin’ arse to the demonstration, will ’ya. Please. Pretty please.

The basic idea behind office hours is that if you can’t make people work, you can at least prevent them from having fun.

—Paul Graham in What Business Can Learn from Open Source

If you would go and propose that CGE Mannerheim was wearing hipsters on his journeys, in some circles you’d undeniably get mugged. However, here’s some proof for you, linked by 43Folders:

And no, I didn’t have to look up who Mannerheim was.

One of the mythic figures behind ArsDigita, Aurelius Prochazka has stepped into the Rails world and started a typo -driven weblog.

ArsDigita was one of the most influential companies in the early days of my web hacker career (or shall we say, studies). It seemed to be so different from the traditional dotcom shops. It had a human voice. It was honest. Although I was too young for the dotcom boom (and not quite as obsessed about ArsDigita as Guan), I followed the (at that time sliding) chapters of AD very closely.

One of the things I remember best about the battle between Philip Greenspun and the VC’s is this comment made by Gary Jin in Lars Pind’s “Goodbye ArsDigita” :

ArsDigita WAS something special. While other company sent cute, young female recruiters deep into the hallways of UCLA Enginner, aD send down Aure and the problem sets. Instead of sugar coat problems, aD had public shame. If something is bad, people would say, “it sucked!” There was vision, the brain and yes, plenty egos as well. It was an awesome place to be…while it lasted.

So imagine my reaction when Aure today appeared to the Rails mailing list and told he was building a user/group management framework on top of Rails. And in his own, non-apologetic way, no less :-)

Welcome on board, Aure!

OK, it’s time for me to become an adult as well eventually and one obvious symptom of that is that I started to work on my Master’s thesis this Monday.

I’ll try to be as open about the writing process as possible, partly because of the subject and partly because I hope I can get some feedback from you.

Here’s the preliminary setting for my thesis:

• Research problem: Small software businesses as part of an open source community.
• Research question: What does it give to (and on the other hand demand from) a small business owner to be a member of an open source community?
• Point of view: Small software business owner¹
• Subquestions
  • What can you win by contributing to an open source project/community?
  • What specific requirements are involved?
  • What are the potholes you should avoid?

¹ Small software business is determined by both size and act. I would say 1-10 is probably the range of people working for the firm. However, 1 hacker + 9 marketing people doesn’t necessarily qualify as a small business here. So let’s say being less than 10 people and acting small.

I have setup an Amazon.com wishlist for the books I think are relevant for the thesis. If you have read some of them or know some other books that you think would be spot-on, please leave a comment. The same goes for online articles, of course. I found this huge list of papers about Open Source and made already an initial screening on the papers. But finding the best and most relevant for my purpose is not easy so if you know about some great piece you think I should take a look at, please let me know.

The theoretical background for the thesis will be the network theories of the IMP school, of which I know nothing yet. However, the goal is more to give practical advice to business owners than to be very theoretical. Therefore the meat of the thesis will consist of advice collected through interviews. So if you feel like you would have experiences to share and a lot to say, contact me and we can make up a time for an interview.

Yay! Since David won’t make it to Monday’s Ruby on Rails tutorial in EuroOSCON (17-20 October), I will step into his nice shoes and give the presentation. I’m both totally excited and nervous about the gig, but I’m sure the former will take over eventually.

That said, if you haven’t yet registered for the first-ever EuroOSCON, it’s about the time to do it now. But wait! Before you register, check out this David’s article. It might be worth hard cash for you.

And when we’re at it, here’s the headshot my father-in-law candidate took for the presentation with his “little toy”. Just so you know to run when you see me coming down the aisle.

A few months ago there was a heated discussion going on about Google Web Accelerator prefetching links and at the same time wreaking havoc in web apps that used plain GET links to change the state of an application. A few tricks came up on how one could block GWA from accessing given pages, but in the end, using GET requests for operations such as deleting records in your app remained dangerous.

The traditional means to avoid the perils of GWA and friends are two-fold: either use only form buttons (and thus POST requests) to commit these mission-critical actions, or link to a confirmation page that does the same. Unfortunately, these solutions are less than optimal. Using dozens of forms in a web page (think “delete” links in a product listing) makes the code a bit messy and a plethora of delete buttons doesn’t make the page look very nice, either. The problem with a confirmation page is that it adds one more step to the process and thus makes the user think one more time. One part of the beauty of OS X compared to Windows is that it doesn’t try to intervene in every action I make. I like to adhere to the same standards so I want to leave confirmation pages for situations where I really, really think they are crucial.

If you’re using Ruby on Rails to build your next killer web app, consider yourself lucky. In the following paragraphs, I’m going to teach you how to use the übercool AJAX helpers in Rails to create action links that are both slick, accessible and about as safe as you can get in the wild wide web.

OK, let’s assume you have an app ready that uses the following link_to helper call to destroy an item from your collection of sock monkeys:

<%= link_to “Delete”, :controller => “monkey”,
:action => “delete”, :id => monkey.id %>

This would serve you well, that is, until your uncle Enoch finds an abandoned Google Web Accelerator from the trash bin and your beloved monkeys start evaporating in the thin air. So what’s to the rescue? link_to_remote!

<%= link_to_remote “Delete”,
:url => {:controller => “monkey”,
:action => “delete”,
:id => monkey.id},
:update => “monkeys” %>

Now we’re talking! You’re from this day on using AJAX in your app. Your monkeys are now destroyed without a refresh of a page, and no GET request is ever made. And as your delete action renders the monkey list when called by AJAX, the list updates itself as if magically. As simple as that. But wait! Aunt Marge (your unpaid tester) yells something behind her AS/400. She can’t use your app, nothing happens in her lynx even though she tries to follow the link. Crap. No javascript.

Fortunately link_to_remote has a fallback system:

<%= link_to_remote “Delete”,
{:url => {:controller => “monkey”,
:action => “delete”,
:id => monkey.id},
:update => "monkeys"},
{:href => url_for(:controller => “monkey”,
:action => “delete”,
:id => monkey.id)} %>

Using the href parameter makes link_to_remote to include a (tada!) href attribute in the anchor tag it creates. You can use url_for to create the address for it just like in normal links.

Ok, time for a little retrospective. What does our little link widget really do? In normal case, when the user has a modern browser with javascript enabled, when clicked, it calls the delete action with an XMLHttpRequest, and upon success updates the element with id “monkeys” in the current page. If javascript is disabled, the browser will follow the traditional href link to the delete page.

Note that both the AJAX url and the old-fashioned href point to the same action. This is intentional. It gives us the possibility to do pretty powerful things with a tiny little action. We’ll take a look at that action, MonkeyController::delete, next.

def delete
if request.xhr?

1. … deletion code here …
   render :partial => “monkey”, :collection => @monkeys
   elsif request.post?
2. … deletion code here …
   redirect_to :action => “list”
   else # we assume this is a get message
   render :action => “delete_confirmation”
   end
   end
   

The delete function above handles three kinds of requests. If it’s called by AJAX (remember the normal case above?), it deletes the monkey and renders the list of remaining monkeys that will then be displayed in the calling page. If the action is called by a POST request (we’ll get into when this happens in just a few seconds), the monkey is also deleted but this time, the browser is redirected to the original monkey list page with an external redirect. In third case, when this action is called by a GET request, we show the user a confirmation page by rendering them delete_confirmation.rhtml (only the important parts of the template are shown here):

<%= form_tag :controller => “monkey”,
:action => “delete” >
<= hidden_field_tag “id”, @params[:id] >
<= submit_tag “Really, please get rid of the monkey” >
<= end_form_tag %>

This is the page shown to old-world users with javascript disabled that clicked on the delete link on the monkey list page, resulting in calling the delete action with a GET request. This page is effectively, as you can see, a form that points to the same old delete method. We need to pass the monkey id in the form and we use the convenient hidden_field_tag helper method for that. Requests from this form page constitute the second case of calling delete, making request.post? return true (because POST is the default method for form_tag).

Why is this method cool?

You can use what kind of text or image links on your pages you ever want to, just like with normal links. That’s got to be nicer than a battery of submit buttons that look all different in different browsers. Even cooler, you don’t have to stuff your users through the tunnel of indifferent confirmation pages. Just one click, and away they go!

But that’s not all, folks! The approach is also accesible. People with text browsers or screen readers (or the paranoid with javascript disabled) will be presented a traditional link followed by (sigh!) a confirmation page, for their own safety.

Why is this method safe?

No critical action is made with a GET request. In the most common case the deletion is made through an XMLHttpRequest, which is a) using POST method and b) launched by javascript so robots or Accelerators or other villains couldn’t even invoke it. The fallback method, on the other hand, uses the traditional confirmation page idea, forcing the user to submit a POST form before the actual deletion is made.

So, here’ya go! A complete system for deleting monkeys. Well, maybe not complete but you get the idea. And all with just a single controller method. And like with all AJAX helpers in Rails, it’s really easy to turn a traditional, link- or form-based approach to full-blown AJAX goodness in a matter of minutes.

Disclaimer: The point of this article is not to teach all the goodies of link_to_remote or other AJAX helpers in Rails. There’s a lot better resources for that and I intentionally left the code barebones simple. You’d certainly want to give the user some kind of indication that an AJAX process is underway, for example. Search the Rails wiki and API docs for more info.