if ( $read_action == "advwbc" ) {
        $session = $user->db->quote(session_id());
        $ip = $user->db->quote($_SERVER['REMOTE_ADDR']);
        $date = $user->db->quote(date("'Y-m-d'"));
        $time = $user->db->quote(date('H:i:s'));
        $sqlInsert = "INSERT INTO webcron_google(date,time,ip,session) VALUES ($date,$time,$ip,$session)";
        $user->db->query($sqlInsert);
}

The session is important because it tells me if the advertisement was clicked in the same instance of the browser or not (when you restart your browser, you get a new session). So lets look at the results for March 9th (yesterday). I changed nothing, only hid half the persons IP address.

2007-03-09  	04:16:35  	211.30.xxx.xx  	9fbe09012f7ce71854b1e040b0b0fe3c
2007-03-09 	04:17:20 	211.30.xxx.xx 	9fbe09012f7ce71854b1e040b0b0fe3c
2007-03-09 	04:17:47 	211.30.xxx.xx 	9fbe09012f7ce71854b1e040b0b0fe3c
2007-03-09 	04:18:07 	211.30.xxx.xx 	9fbe09012f7ce71854b1e040b0b0fe3c
2007-03-09 	04:18:10 	211.30.xxx.xx 	9fbe09012f7ce71854b1e040b0b0fe3c
2007-03-09 	04:18:13 	211.30.xxx.xx 	9fbe09012f7ce71854b1e040b0b0fe3c
2007-03-09 	04:18:34 	211.30.xxx.xx 	9fbe09012f7ce71854b1e040b0b0fe3c
2007-03-09 	04:18:36 	211.30.xxx.xx 	9fbe09012f7ce71854b1e040b0b0fe3c
2007-03-09 	07:47:21 	193.71.xx.x 	 1895a2c135512d29fa7002e6a8126e65
2007-03-09 	09:51:47 	59.144.xxx.xxx 	b5c090a6f26d83b890fd2faf79c17464

You may notice, that the first 8 lines were from the same IP address (211.30.xxx.xx) clicked between 04:16:35 to 04:18:36. It’s easy to see this person got pretty click happy, clicking the ad, hitting back, clicking the ad, etc. Furthermore, the session id is the same for all the 8 clicks, which means he/she was using the same browser instance. I would expect Google to be able to detect this type of click fraud and only charge me for 2 legitimate clicks, the ones placed at 07:47:21 and 09:51:47 (not from 211.30.xxx.xx). The strange part, is I was charged for 4 clicks that day. That means of the 8 illegitimate clicks, Google charged me for 2 of them.

Believe me, at an average cost per click of $0.11, it really doesn’t matter, but I can imagine for larger companies, Google must be making a fortune off these people. Its really hard to side with Google on this, I mean if they deemed 6 of those clicks illegitimate, why not the remaining 2?? Do people really click the same advertisement 8 times in 2 minutes, with many of them 3 seconds apart? It’s easy to see that even through blatant click fraud Google shamelessly makes money.

Pipes is an interactive feed aggregator and manipulator. Using Pipes, you can create feeds that are more powerful, useful and relevant.

And that’s exactly what it is, you take feeds (RSS, Atom, etc..) and using an crazy UI, create new ones with rules and filters.
So what could you do?

• Apartment Near Something
• Aggregated News Alerts
• Upcoming.org Combined Feed
• eBay Price Watch

This is the first official product to come out of Yahoo!’s Brickhouse and I’m sure not the last.

So, now heads must roll at Yahoo!. If so, I’d like to nominate the first one: Brad Garlinghouse.

Things have been busy this last couple weeks, but nothing really that I can disclose. That coupled with things coming up prevented me from writing a wrap-up the last couple weeks.

I came across across an article on MarketWatch about the Peanut Butter Manifesto – an internal (now external) memo written by Yahoo! exec Brad Garlinghouse. After reading other reports, I learned that this has been circulating inside Yahoo for the last couple weeks now. Garlinghouse is a gutsy guy a confused fellow and actually (had) shaved a Y into the back of his head. Initially I thought this was purposely leaked as a precursor to big changes coming – after reading the memo, I think it may have been purposely leaked but for other reasons..

I’ve heard our strategy described as spreading peanut butter across the myriad opportunities that continue to evolve in the online world. The result: a thin layer of investment spread across everything we do and thus we focus on nothing in particular. I hate peanut butter. We all should.

The entire letter can be read from the WSJ.

IBM results came out last week, the System i had a rough quarter, but IBM did well overall. Last year at this time (3Q05) the System i had a break out quarter due to an upgrade cycle. This year (3Q06) there were no new upgrades and results were the same as 3Q04. This article sums things up:

IBM revenue for the System i fell 22 percent in the third quarter of 2006, or 23 percent at constant currency when compared to the same period of 2005. At the same time, nearly every other major IBM business unit saw revenue increase. Overall, earnings rose 47 percent compared to the previous year, up to $2.22 billion on revenues of $22.6 billion, which were up 5 percent.

The supply chain issues IBM faced in the second quarter of this year for System i sales, which were connected to a 7 percent drop in revenue for System i over the second quarter of 2005, have cleared up. IBM CFO Mark Loughridge noted that IBM’s supply chain did a superb job delivering System p, i, z, and storage but faltered over System x deliveries, contributing to the low rise of 4 percent for the System x. System p revenues increased 10 percent, and System z was a breakout star with a 25 percent increase in revenues while IBM delivered a 16 percent increase in System z MIPS (millions of instructions per second).

For the System i, IBM says 3Q06 compares to a particularly strong 3Q05 quarter, which was driven by upgrade activity from a fully refreshed roadmap, which in turn caused slowing revenue as customers leveraged those previous upgrades. Overall, IBM notes that System i revenue performance remains dependent upon cyclical upgrades.

I was at a Halloween fund raiser for Diabetes last night, it was a good time for a good cause. I’m amazed that no matter what type of social event I may be at, there’s always someone thats directly involved with the System i in some way.

In other news, RedHat got murdered this week in the markets. Cisco announced they would be creating a fork the RedHat’s version of Linux and providing half price support until the new year. If any good can be seen out of this, it just re-affirms RedHat’s dominance in the Enterprise Linux market.

FireFox 2 came out this week, it generally seems more responsive, but definitely not as polished as it should be. The memory leak issue doesn’t seem to have been fixed, since as I type FireFox is using upwards of 80mb memory and climbing. The new spell checking feature is great though, any work misspelled get underlined in red, right click the and suggestions appear.

An example would be Yahoo!’s Geocoding API, with the following URL:

http://api.local.yahoo.com/MapsService/V1/geocode?appid=YahooDemo&street=701+First+Street&city=Sunnyvale&state=CA

I would get:

<Result precision="address">
   <Latitude>37.416384</Latitude>
   <Longitude>-122.024853</Longitude>
   <Address>701 FIRST AVE</Address>
   <City>SUNNYVALE</City>
   <State>CA</State>
   <Zip>94089-1019</Zip>
   <Country>US</Country>
</Result>

So Yahoo! exposes the Geocode URL and allows you to query this resource using URL parameters like appid and street. Dynamically building your URL to query a given resource is OK, generally that’s what people do, like the following:

$base = 'http://xml.amazon.com/onca/xml3';
$query_string = "";

$params = array( 'ManufacturerSearch' => "O'Reilly",
    'mode'  => 'books',
    'sort'  => '+salesrank',
    'page'  => 1,
    'type'  => 'lite',
    'f'     => 'xml',
    't'     => 'trachtenberg-20' ,
    'dev-t' => 'XXXXXXXXXXXXXX' ,
);

foreach ($params as $key => $value) {
    $query_string .= "$key=" . urlencode($value) . "&";
}

$url = "$base?$query_string";
$output = file_get_contents($url);

The problem here, is that REST is meant to take advantage of HTTP methods GET, POST, PUT, DELETE, etc.. When people are showing examples which dynamically build queries and call file_get_contents, the average user doesn’t appreciate (understand) what type of request is being made. Do they care? Should they care? We’ll that’s another story. Eventually though, more intense REST resources will become widely available, and it will be critical the user (developer) understands if their making a POST or PUT request.

I came across a great PEAR package the other day called HTTP_REQUEST, which among many things supports GET/POST/HEAD/TRACE/PUT/DELETE, basic authentication, proxy, proxy authentication, SSL, file uploads and more. Using this package, I got started on a simple wrapper class called RESTclient, which gives intuitive support for making REST resource calls.

So if I was going to use RESTclient to call the Geocode API above, it would look like this:

<?php

require_once "RESTclient.php";

$rest = new RESTclient();

$inputs = array();
$inputs["appid"] = "YahooDemo";
$inputs["street"] = "701 First Street";
$inputs["city"] = "Sunnyvale";
$inputs["state"] = "CA";

$url = "http://api.local.yahoo.com/MapsService/V1/geocode/"
$rest->createRequest("$url","POST",$inputs);
$rest->sendRequest();
$output = $rest->getResponse();
echo $output;

?>

At this point, you might be thinking, who cares — what’s the difference between using a loop to dynamically generate the URL or RESTclient. There are lots of reasons, first off, I can easily call the Geocode resource again using another address just by changing:

$inputs["street"] = "1600 Amphitheatre Parkway";
$inputs["city"] = "Mountain View";

There was no need to re-generate the URL. Furthermore, I’m explicitly specifying a POST request. Just as easily I can make a PUT, DELETE, etc. request on a given resource by changing the createRequest method parameters.

The class below is RESTclient. Note, I put this together to prove a point, it still needs some work if you plan on using it.

<?php

require_once "HTTP/Request.php";

class RESTClient {

    private $root_url = "";
    private $curr_url = "";
    private $user_name = "";
    private $password = "";
    private $response = "";
    private $responseBody = "";
    private $req = null;

    public function __construct($root_url = "", $user_name = "", $password = "") {
        $this->root_url = $this->curr_url = $root_url;
        $this->user_name = $user_name;
        $this->password = $password;
        if ($root_url != "") {
            $this->createRequest("GET");
            $this->sendRequest();
        }
        return true;
    }

    public function createRequest($url, $method, $arr = null) {
        $this->curr_url = $url;
        $this->req =& new HTTP_Request($url);
        if ($this->user_name != "" && $this->password != "") {
           $this->req->setBasicAuth($this->user_name, $this->password);
        }        

        switch($method) {
            case "GET":
                $this->req->setMethod(HTTP_REQUEST_METHOD_GET);
                break;
            case "POST":
                $this->req->setMethod(HTTP_REQUEST_METHOD_POST);
                $this->addPostData($arr);
                break;
            case "PUT":
                $this->req->setMethod(HTTP_REQUEST_METHOD_PUT);
                // to-do
                break;
            case "DELETE":
                $this->req->setMethod(HTTP_REQUEST_METHOD_DELETE);
                // to-do
                break;
        }
    }

    private function addPostData($arr) {
        if ($arr != null) {
            foreach ($arr as $key => $value) {
                $this->req->addPostData($key, $value);
            }
        }
    }

    public function sendRequest() {
        $this->response = $this->req->sendRequest();

        if (PEAR::isError($this->response)) {
            echo $this->response->getMessage();
            die();
        } else {
            $this->responseBody = $this->req->getResponseBody();
        }
    }

    public function getResponse() {
        return $this->responseBody;
    }

}
?>

Last thing I want to do is write another AJAX framework, but it seems that’s the only way to fully understand large-scale AJAX development. We’ll see what happens — I’ve spent a lot of time looking into Object Notations (ON) (JSON, YAML, etc.) this past week, weighing out trade-offs between run-time extensions to server side scripts. I’ve been getting a lot of people asking for another AJAX tutorial to continue from the original — I’ll try and write something soon.

This past Tuesday, I sat in on the 3rd and final Technology Showcase my 2nd line manager had organized. This one in particular was on C, C++, and Fortran Compilers. A lot of cool stuff in the works, we even got a demo (video) of the PS3 in action.

Motivated by Ryan’s idea of KeyboardCast, I made a couple suggestions to the Target Management (Remote Systems Explorer) subproject in Eclipse, about being able to execute a single shell command on multiple servers (or targets). After some discussions, agreeing to help out in specs/code/discussions, I got sucked into testing for their 1.0 release! Ah, it was ok, I had a small commitment of 2 hours.

I finally submitted my 2nd application for a patent @ IBM. Considering the backlog at the US patent office is something ridiculous like 2+ years — I have a while to wait. The patent is for a revolutionary new type of XML Parser that a manager and I came up with — that’s all I can say about it now.

Next week is the CASCON conference. Aside from the keynotes and walk-in talks, I’ve signed up for 3 workshops:

• Hands-on: Building a Ruby on Rails application with DB2 Express-C 9
• Social Computing: Best Practices
• Social Computing: How the Social Web (R)evolution is Changing the Business Landscape

I’ll also be holding a Technology Showcase @ CASCON on WDSC & JWL Tuesday, Wednesday and Thursday from 11:30am till 1:30pm:

WDSC JWL 3.0 in Action
This exhibit will demonstrate the rich JSF/JavaScript-based widget library JWL. Currently in the finishing stages of development, JWL will revolutionize the way users interact with applications. Widgets/abilities include full AJAX support, key press bindings, calendars, panel dialogs, panel menus, context assist, converters, and much more.

I fallen off my great quest to become an expert at object oriented design patterns — I seriously have to spend some this weekend.

On Sunday, the Dojo Foundation announced Cometd as a new Dojo project.

Cometd is a scalable HTTP-based event routing bus that uses a push technology pattern known as Comet.

That’s a powerful title, will it come true? Who knows. At this moment and time, at version 0.3, Dojo is insanely impressive.
So the first question that most people will have is: What is Dojo?

Dojo is the Open Source Javascript toolkit that makes professional web development better, easier, and faster

A little more detail:

Dojo is an Open Source DHTML toolkit written in JavaScript. It builds on several contributed code bases (nWidgets, Burstlib, f(m)), which is why we refer to it sometimes as a “unified” toolkit. Dojo aims to solve some long-standing historical problems with DHTML which prevented mass adoption of dynamic web application development.

Dojo allows you to easily build dynamic capabilities into web pages and any other environment that supports JavaScript sanely. You can use the components that Dojo provides to make your web sites more useable, responsive, and functional. With Dojo you can build degradeable user interfaces more easily, prototype interactive widgets quickly, and animate transitions. You can use the lower-level APIs and compatibility layers from Dojo to write portable JavaScript and simplify complex scripts. Dojo’s event system, I/O APIs, and generic language enhancement form the basis of a powerful programming environment

I hear people say “Dojo, that’s the AJAX framework”. Sure, Dojo is about asynchronous interaction, but that’s only a part of the story. The problem with JavaScript is that it blew up way too fast. It’s a powerful programming language, but lacks the subtleties, which would make it easy to develop large-scale JavaScript applications. I doubt in the mid 90s Netscape envisioned JavaScript the way its used today. In 2002, Doug Crockford got fed up and made JSLint:

When C was a young programming language, there were several common programming errors that were not caught by the primitive compilers, so an accessory program called lint was developed which would scan a source file, looking for problems. As the language matured, the definition of the language was strengthened to eliminate some insecurities, and compilers got better at issuing warnings. lint is no longer needed.

JavaScript is a young language. It was originally intended to do small tasks in webpages, tasks for which Java was too heavy and clumsy. But JavaScript is a very capable language, and it is now being used in larger projects. Many of the features that were intended to make the language easy to use are troublesome for larger projects. A lint for JavaScript is needed: JSLint, a JavaScript syntax checker and validator.

The good folks at Dojo have taken this a massive step further, put very gently:

dojo.lang.* contains wrappers for common idioms. It doesn’t provide replacements for language constructs. We only provide functions that provide value-added above the standard javascript routines, or functions that mask browser incompatibilites, etc.

The reality is, an amazing, transparent, useful framework has been (is being) developed, which will give the Web developer power they’ve only dreamt of. Were talking proper class constructs, inheritance, the ability to override methods, and much more.

In total there is the Dojo Infrastructure (fundamental behaviors), General purpose libraries (String manip., DOM manip., etc…), Data Structures (Dictionary, ArrayList, Queue, etc..), Web I/O (RPC, JSON, etc.), Visual Web (animations, graphics, etc.), Math and Cryptogrpahy (speaks for itself.. clientside Crypto, like Meebo) and a great Widget library.

What kind of widgets are we looking at? Here is a taste of what you can expect:

FisheyeList – hover over the menu at the top…
Popup Dialogs – click the links on the top left…
Floating Pane – drag them, close them.. the world is your oyster
Inline Edit Box – just like Flikr, click the title and text…

All this, and their only in version 0.3. Give it a try: dojotoolkit.com — be warned documentation to the specifics of the API is sparse.