Closer To The Ideal

Well, maybe “broken” is too strong a word. The CSS failed to load. Which happens sometimes. Which is part of why semantic markup is important. How much does the user experience survive the lack of style sheets? This from the front page of Old Navy:

Just curious, but does anyone know some common reasons why the CSS files might fail to load?

Also curious about the marketing. The front page of the site is aimed entirely at women. Do women buy clothes online more than men?

Things that surprise me. Simplyamazing asks a question:

I’ve been very concerned about a particular website that has a login page that is not SSL. I’ve always assumed this type of login POSTs data in the clear (that is, you can read it clearly by parsing the HTTP stream and plucking out values of interest). If the login page is already secure (ie “https://www.ourverylargebank.com/login.asp“), then all traffic is encrypted.

This being said. I’ve found a site that does exactly this, yet they claim, that because they are POSTing to an SSL page (ie in the FORM tag:
target=”https://www.ourverylargebank.com/processlogin.asp” ), it is still SSL secure.
I disagree. Am I wrong? Is there something I don’t know or understand about the protocols? How could a target page retroactively encrypt incoming POST data?

Others on the forum say that the connection will be securely encrypted. Simplyamazing tests this and then reports:

I was worried that it might send the data along with the initial handshake in the same pass where the data would sit in a receiving buffer until the connection was made – now I realize this does not make any sense and my paranoia is unfounded.
This is something I never really considered before as I’d always, by virtue of everyone else doing it, put a login form in an SSL page.
I ran ethereal (network sniffer) and tried different tests – indeed, it is being encrypted.

I am surprised to learn that a form on a non-encrypted page is secure, so long as it posts to an encrypted page.

I’ve written before about the error messages I’ve encountered on the Sprint PCS website. I’ve been unable to log into the Sprint PCS website this month – I get some bizzare error messages instead.

Today I figured I’d try to use my phone to pay the bill. I hit “*2″ which dialed customer service for me. I reached an automated voicemail system. It asked me to type in my phone number, so it could look up my account information. I did so. It then told me that I owed Sprint $513. I was stunned. By my calculations, I owe something like $200. I pay about $97 a month, and I owe last month and this month. I’m not sure how the amount doubled.

Eventually, the automated system gave me the option to talk to someone. I pressed the button.

A pleasant, helpful woman got on the line and asked for my telephone number, so she could look up my account information. I gave her the number and she said they had no account information for me. I explained that I’d had this account with Sprint since March of 2001. She explained that she worked for Nextel, she didn’t have account info for Sprint customers (the two companies are merging).

This is puzzling. If Nextel doesn’t have any of my account information, then why should my phone auto-dial Nextel when I press the buttons for customer service? Also, if Nextel has no information about me, how did the automated system tell me that I owed $513?

What happened next is also puzzling. I said, “Okay, can you transfer me to Sprint Customer Service?” She said she could not transfer me there. She could, however, give me the phone number. Why can’t the phone company transfer me to the number they want me to go to? I find that confusing.

I dialed the number she gave me.
Sprint PCS also had an automated system. It asked me to type in my telephone number, so it could look up my account information. I typed in my telephone number. It said there was no account with that number, and it suggested I type it again. I assumed I’d mis-typed it, so I tried it again, carefully. Again, the automated voice system told me that there was no account with that number. I didn’t know what else to do, so I typed in the number a 3rd time. Again it told me there was no such telephone number.

I couldn’t think of what to do then. The automated voice system did not give me any other option. It kept asking me to type in my telephone number. It asked me 4 more times, and then, when I did nothing, it hung up on me. It never offered to transfer me to a human operator, who might have been able to resolve the situation.

I’ve had this account for 6 and half years. Right now, I seem to be completely locked out of it. The computer at Sprint PCS claims my account doesn’t exist. At Nextel, the computer says I owe the incredible amount of $513, and then the operator says she has no access to my account information because it is over at Sprint.

I don’t need to know many of the details to tell that the merger of Sprint and Nextel databases is going badly. If I had stock, I’d sell it. This is the worst customer service experience I’ve had in many years.

I’ve already written about Sprint PCS and its broken website. I’m now visiting the site ten days later, and I’m surprised to see the error isn’t fixed yet. This is from today:

You’ll recall from my previous post that Sprint PCS wrote me on the 17th and said they’d contact me within 3 business days to follow up regarding this matter. I’ve yet to hear from them. Of course, my phone service just got cut off because I have not been able to pay the bill. So maybe they tried to call but couldn’t get through. Ironic, yes? If only they’d let me into their site, I could activate my phone and they could call me to tell me, no doubt with great sincerity, that Sprint PCS really cares about its customers.

I was helping a client move their site from GoDaddy to another web server. I logged into GoDaddy and found the MySql database and made a backup. Then I got sidetracked for 15 minutes. When I started working again, I got this error message (screenshot below). GoDaddy is right to log me out after 15 minutes of inactivity, that much is good security. But they tell me where I am suppose to go in the text, without providing a hyperlink. I can only get out of this page by hand editing the URL in the address bar. Badly done.

I find this quote very interesting:

Business realities force apologies. To cope with these difficult realities, we need code and, frequently, we need human beings to apologize. It is essential that businesses have both code and people to manage these apologies.

…

We try too hard as an industry. Frequently, we build big and expensive datacenters and deploy big and expensive computers.

In many cases, comparable behavior can be achieved with a lot of crappy machines which cost less than the big expensive one.

That’s from Pat Helland an ex-Amazon architect. His point is that businesses can get way with building imperfect systems that will occassionally fail, so long as the business realizes that sometimes it will have to apolgize. The simpler systems will be much cheaper than a complicated system that will offer a higher rate of reliability.

Yet another story about a badly programmed website, with really bad error messages.

I went to pay my monthly cell phone bill. Just last month, SprintPCS instituted a new policy, requiring stricter passwords with more letters and numbers in them. So I was forced to change my password. Perhaps I was also in a hurry, as I did not write it down in the usual place.

Today, unable to remember the new password, I clicked the link they offer for “Forgot your password?” I came to the screen you see in the first image.

I typed in my “username”, which is simply my telephone number. When I hit the submit button, I got, in response, a blank white page with the text “Error: 500″. That’s it. Nothing else. Just that text on a blank white page. You can see it in this second image:

I offer this anecodote as one more small piece of evidence for the case that most web sites are horribly programmed and poorly tested. I don’t mean to pick on SprintPCS, since there are many sites that are just as bad, but this just happens to be the broken website that I interacted with today.

Mind you, the above incident happened this morning, around 11 AM, and now it is 11 PM. I just went back to get screenshots. Twelve hours later, the problem is still there.

I sent SprintPCS an email about this. I have not yet heard back from them. I’ll update this post if I do hear from them.

UPDATE: wonderful response time. I just got this, on the 17th. The irony:

Date: Mon, 17 Sep 2007 14:08:18 -0500 [02:08:18 PM CDT]

From: Sprint Customer Solutions <ecare@cc.sprintpcs.com>

To: LAWRENCE@KRUBNER.COM

Subject: Re: Subject: ID # 20070914212929 (KMM38317571I123L0KM)

Hello Lawrence Krubner,

Thank you for contacting Sprint.

A ticket has been submitted in reference to the difficulty you are experiencing logging into your account online at Sprint.com. The ticket number is 16880851.

A follow-up call will be made to you within 36 business hours.

Thank you again for contacting Sprint. We appreciate your business.

Mary O.
E-Care
Sprint
“Where our customers come first!”

Refer someone to Sprint and get $25.

So after 3 days, they send me an email in which they promise to contact me within 3 days. Then they close with “Where our customers come first!” Hate to think how we’d be treated if we came second.

An email I just sent my co-workers:

I fixed the problem on account.php. The videos and audios were positioning themselves relative to “trackList” instead of relative to “your_audio_video”. I fixed it by adding:

position:relative;

to the div with the id of “your_audio_video”.

Please read the 2nd paragraph from page 114 of “The Zen Of CSS Design”. It’s a good point to remember.

For an interior element to position itself relative to the element that encloses it, that enclosing element must have one of these lines:

position:relative;

position:absolute;

I promise myself that at some point I will go back and re-read this article by Ben Nadel.

Ivan Uzunov has posted his top 10 modifications to the String prototype in Javascript. While all modifications to the prototype of one of Javascript’s built-in classes is fraught with complications, some of these methods seem very useful. I wish they were in the core of the Javascript language. To split an array into a string is something I do all the time in PHP, so I wish Javascript had something like this:

This extension splits the string by given separator and returns an array with trimmed items. It uses the trim() extension above:

String.prototype.splitrim = function(t){ return this.trim().split(new RegExp(’\\s*’+t+’\\s*’)) }//test splitrim
test = ‘ testing , splitrim ‘;
var arr = test.splitrim(’,’);
document.write (’”’ + arr[0] + ‘”’);
document.write (’”’ + arr[1] + ‘”’);

I’m a little amazed at the ability of Javascript to mimic other languages. Prototype has added some features that allow Javascript to imitate some aspects of Ruby. This article gives Javascript a set of methods that allow a close imitation of standard object inheritance, as seen in languages like Java or C#. The author offers the standard qualifiers:

The following is a discussion of a technique I’ve used over the years to simulate the feeling of Object-Oriented Programming in languages like C# and Java. The keyword here is “simulation”. This is not necessarily equivalent to what you would encounter in those languages. JavaScript is a very expressive language and, as a result, there are a wide variety of techniques you can employ to build re-usable and extensible code. What I describe here is by no means the final answer on that subject.

As a side note, this article will use OOP terminology common to Java and C#; however, this vernacular is technically incorrect when discussing JavaScript in general. So, if you find it offensive to mix that terminology with JS then close this page now! For the rest of you, keep in mind that I am merely presenting an idiom. I tend to build libraries, so this particular style of JS coding fits my needs well. Others will argue that it is pointless to write JS in this way. If you decide to use this approach or even to roll your own OOP JS, be prepared for debates much like the tab vs. whitespace argument.