ZgPHP meetup conference 2013

On 14th of September (this Saturday) our friends from ZgPHP user group will held a second anniversary jubilee ZgPHP Meetup and a full blown one-day PHP conference. The conference will be held in Croatian chamber of commerce offices (HGK), Nova cesta 3-7 on the second floor (entrance is located on south side of the building, same entrance as Lidl). For further details check out the conference web site.

See you there!


Payment processing in the region and PayPal integration woes

From mid March, companies in Croatia can finally receive electronic money transfers via PayPal (read background story in my article published in Nacional).

Payment processing isn't something new in Croatia, but PayPal is. On-line stores were able for years to process user credit cards via some of our local popular credit card processing services like T-Com Pay Way or Webteh - WebPay (or directly through connections with each bank - less popular method). But only recently (a year ago), with arrival of Kolektiva and similar sites oriented to wider online consumer public, online payments started to become more popular, widely accepted and less frightened to a regular Joe.

In our e-commerce web development work so far, we had chance to work in close with following regional internet payment service providers:

And just recently - the PayPal.

No matter PayPal is mature product, integration was not walk in the park. From developers standpoint, I would definitely commend T-Com Pay Way, Webteh and qVoucher services for ease of integration and support they have. In contrast to PayPal's undocumented features (or lack of documentation and examples) or EMS's infinite redirects to 3rd party pages (enforced by other parties) in payment process.

After some headache & time spent at the PayPal sandbox (self-contained environment within which you can prototype and test PayPal features and APIs) we finally managed to get it working.

We used widely used HTML way to integrate Website Payments Standard with our shopping cart (please see “Third-Party Shopping Carts – The Cart Upload Command”) since integration via API has been proven to be more complex and undocumented than Facebook's SDK.

For security we used Encrypted Website Payments (please see “Protecting Payment Buttons by Using Encrypted Website Payments”.

Encrypted Website Payments relies on public-key cryptography using OpenSSL which is available both as external program that can be executed from PHP and as php extension. Prepare to enter world of pain with this one, since most of examples use executable file to do actual encoding.

Using OpenSSL as extension with PayPal is not straightforward, best example can be found at PayPal SDK in php toolkit.

We implemented support for both IPN and PDT notifications:

  • PDT (Payment Data Transfer) – is secure method to retrieve details about PayPal transaction after (and if) user chooses to return to our site after paying on the PayPal. It should be used only to display information to the user. Our system is not depending on it since there is no guarantee that this action will be executed.
  • IPN(Instant Payment Notification) – is direct PayPal to our system communication. In order to verify authenticity of IPN data received from PayPal should be checked and then sent back to PayPal in exact order it was received. PayPal should respond with “VERIFIED”.

Please note that although PayPal send newline as CR+LF (%0D%0A), PHP returns these new lines as LF (%0A) – so, newlines transformed by PHP into LF must be replaced with CR+LF before data is sent back to PayPal. This bug can easily be reproduced if you enter both Address line 1 and Address line 2 during payment, because those two lines PayPal combines into one field separated with CR+LF.

You can try all all this, or you can just contact us for consulting and/or implementation services. :)

Will Internet Explorer 6 finally die on August 31, 2009?

We have been using very strange setups here at the office to test sites on Internet Explorer 6. Lot's of us still use Windows XP, and some of us still had default Internet Explorer 6 on our computers. When IE8 was released, we didn't upgrade immidiately so we could still test sites in default IE6 installations (lots of different fake/multi IE setups throw most bizzare errors, so testing under default IE installation was a must).

But couple of days ago we finally give in to the dark forces of Windows Auto update, and we upgraded to Internet Explorer 8.

The only correct way now for site testing under different Internet Explorer versions is by using virtual machine of some sort. Vmware is option, but you have to build your own virtual setup which can be a pain. However, Microsoft has been good enough to finally provide developers with Internet Explorer Application Compatibility VPC Images for their Virtual PC. You can download completely free, perfectly legal and working images of followign operating systems packed with IE's:

  • Windows XP SP3 with IE6,
  • Windows XP SP3 with IE7,
  • Windows XP SP3 with IE8,
  • Vista with IE7 and
  • Vista with IE8.

All XP images will expire on August 31, 2009, which is the end-of-life for good old Windows XP, and hopefully end-of-life of Internet Explorer 6. Hello Windows Seven! :) (Btw, I've tried RC1 of Windows Seven and it ROCKS, not only because of the name).

View source crashes Firefox v3.0.9

Since I updated FF to 3.0.9 (on Win XP), view source doesn't work. Even "firefox -safe-mode" crashes browser every time. Thank you Mozilla Html Validator plugin! Hope 10.000 error reports I sent will help you.

update 27-04-2009: Yes, my friends were right. Html Validator plugin was causing this. After updating to v0.8.5.6 problem gone. And note to FireFox plugin developers - please DON'T put this in install.rdf without being completely sure that your plugin won't break anything (maybe 10% of plugins can do this):



Ha! I completely missed new function implemented in php 5.3 - old'skool "goto"! :) I am not particularly happy. Not happy at all.

Outputs: Bar

Online tickets for U2 concert in Zagreb = fail

U2 is (aside from Lepa Brena) - the most anticipated concert of the year in Croatia. Marketing campaign was pretty strong (so I guess organizers invested some money) and commercials strongly advertised online ticket sale which started just couple of minutes ago (at 00:01AM).


Unfortunately for U2 fans, online ticket sales maybe did start, but they sure did end pretty fast. But not because web shop run out of tickets, but because web shop and organizers of the concert ran out of professionalism.

Look guys, if you decided to run so strong advertising campaign across couple of countries which loudly and clearly says: "Ticket sales start online on Friday at 00:01", I suppose one who does all that, would also build a website which can sustain such number of customers?

Well, I guess not.

Exactly the same thing happened some time ago when Croatian Football Association launched online reservation of world cup tickets (if I can recall correctly). I am not big sports fan but many of my friends are and they were very pissed.

Servers are so dirty cheap, and downtime costs a lot of money (nerves, reputation...), Especially if downtime happens a minute you launch your service. My personal preference/advice regarding server configuration in time of special events or service launch is - tend to over engineer your network! EC2, EBS, S3 (Amazon Web services) and other cloud computing solutions do their job pretty good in situations like this.

Otherwise you get this beauty...

Letter Đ mistery – Ð!=Đ and ð != đ

We spent couple of hours trying to figure out this one, so we decided to share it with our fellow readers and hopefully, save some time and unnecessary stress for them. UTF-8 is defacto standard encoding for multilanguage websites. PHP5 doesn't have native support for it, but you can integrate it. MYSQL supports utf8, but not utf8_croatian_collation. But you can also hack your way around that for sorting. If you are not dealing with Croatian letters and UTF-8, you probably won't encounter this problem. However, if you ARE using UTF-8 read on!

We are redesigning one large website and naturally, some content from old website has to be migrated to new site. Since we don't have access to their database, we have to manually copy content from old website's HTML source. Client's old site is in UTF-8. Imagine following entry in old HTML source:


This is a select tag with list of cities in Croatia, the city in example is Đakovo. So as I said, we are copy-ing large amounts of data from old HTML's, and we do not care why old site displays this city as "&#208;akovo" and not as "Đakovo". After we pasted "Ðakovo" into our engine, we momentarily started to get all sorts of different errors. The most bizare one was comming from our utf8_strtolower function which had to return string "đakovo". Instead it was returning string "ðakovo". Wicked!

After some digging, we found out that there was nothing wrong with our utf8 php methods nor our mysql database. We found out that the letter Ð (hex d0 00) we pasted from HTML was just not the letter Đ (hex 10 01) we needed. Somebody (or something) very brilliant, used letter Eth instead of standard Croatian letter D with stroke.

Eth (Ð, ð; also spelled edh or eð) is a letter used in Old English, Icelandic, Faroese (in which it is called edd). In the Unicode universal character encoding standard, upper and lower case eth are represented by U+00D0 and U+00F0. These code points are inherited from the older ISO 8859-1 standard. In HTML, eth is represented by the Latin character entities Ð and ð.

Đ (lowercase đ) is a letter of the Latin alphabet, formed from D with the addition of a bar or stroke through the letter. This is the same modification that was used to create eth (ð), but eth is based on an insular variant of d while đ is based on its usual upright shape. In Unicode the letter is represented as U+0110 LATIN CAPITAL LETTER D WITH STROKE and U+0111 LATIN SMALL LETTER D WITH STROKE.

So there you have it. No matter the letters look the same, beware what you copy/paste. :)

We got Super Mario

So anyways, it is bleedin' hot outside, therefore, logical conclusion is that I should make Super Mario out of Post-It papers on the wall. Check it:

Super Mario

It really looks awesome in our chill out ... sorry, I mean, in our conference room.
Super Mario

So how are you spending your hot hot hot summer days?

How HRT failed in their intention to become Croatian BBC

This one goes to all our foreign readers which would otherwise probably be left out from knowing news of the week in Croatia - Croatian National Television (HRT.hr) bluntly copied British Broadcasting Corporation (BBC.co.uk) website!

The shit hit the fan few days ago and whole Croatian web community got pretty pissed off. HRT spokesman said (in defence to accusations of stealing BBC's design) that HRT wishes to be Croatian BBC, and ok - I absolutely respect that. I also respect their understanding for the need to redesign the site. The old HRT.hr website was 8-10 years old and not something to look at.

But lets get one thing straight - I totally and absolutely disrespect the method of execution of their intentions. Whoever did the production of this monstrosity lacks the proper knowledge and experience... 10 years of experience in web development field at least.

Client is always right, but clients are not web designers (no matter how bad they would want it to be), and our sole professional and moral obligation is to notify client of possible breach in copyright laws, breach in functionality or any kind of possible side-effect that some of their ideas could do to harm the project, harm them self or harm web developers reputation.

Not once, but every time, we ask client - which websites do they like, who are their competitors, who is their role model in business... And based on our previous experience, knowledge, research, strategic planning and comprehensive user tests - we produce results. Results which are specially suited for our client. Not fake copy of website they wish to have.

As our friend Maratz nicely wrote, and I couldn't agree with him more: "This is the embarrassment of the decade for the Croatian web community.".

Compare and cry (tm):

More voices:

Updated 20.05. - Big up to our comrades in arms at BBC. And thanks to Alan Connor (co-editor of BBC Internet Blog) who linked to my article, and hey I really don't know how I missed this beauty - http://www.rtl.hu/. It seems that BBC was true inspiration for many "web designers". But, RTL.hu is light AGES ahead of HRT.hr. Whoever did the job, they did it well. There is just a small we-copied-bbc-design fact... but hey. :)