Search

Archive for the ‘Technology’ Category

Startup Lunch - This Friday!

April 1st, 2008

Ever experienced Speed Dating?

As finding friends/partners is to Speed Dating, finding investors/future-employees is to Startup Lunch.

Startup Lunch is an initiative on the lines of (and by) Proto.in and in concept, is very similar to speed dating.

The startup founders are seated on one side and the candidates get to say hello and have a quick conversation to talk about what the background of the founder is, why he started the company and what sort of person he is looking for, while asking questions to the candidate about the reason to join a startup and what his/her passions are and ten minutes later the same process continues with the next founder. Within an hour, you would have met/spoken to most of the startups, and by the end of the day would know whom to get in touch with for your first/next job.

The event, at present is organized across India - in Bangalore, Chennai, Mumbai, Delhi, Pune and Hyderabad.

Luckily, Pune’t meet has been clubbed with Open Coffee Club Meet. More details about the startup lunch are here

Its an unique opportunity for me - I’ve never met another budding entrepreneur in person - specially when he/she has a business plan in his/her hands. It would be awesome to see what all my peer fellas are upto. And specially important to see how ApnaBill.com is received amongst them.

Oh yes, I’ll be giving a short intro about ApnaBill.com at the Startup Lunch. More about it later…

Can’t really wait till Friday! Can you?

Posted in ApnaBill, Life in Pune, Startups, Technology, Web 2.0 | Comments (5)

Issues, issues and bugs - squashed!

February 10th, 2008

This weekend, I was bogged down with concurrency related problems with ApnaBill.com - all of which were solved with the 62nd svn commit.

Different scenarios which we thought could have been possible

User A and User B both attack the same coupon at same time
User B tries to lock a coupon which was previously locked by User A
User A tries to lock multiple coupons at time - knowingly!
User A accidentally locks multiple coupons at a time

More problems arise specially when you have no control over the payment gateway pages (ie. when you are using a redirect to a payment gateway).

When does the timeout occurs
What happens if a timeout occurs
What if the transaction was _killed_ midway
How to deal with timeouts and locking/unlocking mechanism, etc

The newest addition to ApnaBill.com code in the payment gateway interaction arsenal

Luckily, almost all problems were solved for ApnaBill - All we expect from the user is to follow what’s shown on screen. Even otherwise, he should be good! For everything else - as they say - is the dear support staff

Like that alert box? Try http://www.bioneural.net/2006/04/01/create-a-valid-css-alert-message/

Hmm, I think, we should profile all the user displayable messages before we launch. I want to make sure that all have the same tone.

PS: Me and Sandy have never brainstormed more on any other issue than concurrency handling.

Posted in ApnaBill, Rails, Startups, Technology, Web 2.0 | Comments (0)

How to effectively deal with a redirecting Payment Gateway and prevent a possible DoS

December 16th, 2007

I am at a position where I have to think in advance that how should I be coding the interactions with our (redirecting, not API based) payment gateway. What can be the best design practice - for us (as a coder), for our website (as a product) and for the end user (usability).

Keeping everything in mind together and working towards a solution is interesting. It made me think pretty nicely to come up with a solution which satisfies all scenarios (except the ones, over which I have no control).

Scenario

Your website X uses a Payment Gateway (PG). When a user Z initiates a transaction (Tx) - a Tx ID and amount value (minimalistic variables) are sent to the payment gateway. On the shopping cart side, the product which Z is buying, is locked inside the database so that some other user should not buy the same product. If the user makes a successful Tx with PG, your shopping cart is notified of the status & everyone is happy!

Problem Statement

Issues arise when the shopping cart is dependent on timeout values from the PG. There can be two worst cases in this scenario…

The user Z closes the browser (before completing the Tx) after he successfully opens the PG. By doing so, your shopping cart locks the product in your DB but is never able to unlock it back (because you will never receive a timeout communication from the PG) - until unless you run a separate thread or a cron job which keeps on freeing up locked products based on timeout value. If you have a large online store, doing 10000Tx simultaneously, this problem would lock 10000 of your products for the entire timeout value (in case an attacker launches an intelligent DoS on your store).
The user Z just keeps the browser window with PG open. A timeout has to occur before it is communicated back to the shopping cart.

Solution

Note - I have not yet implemented this in any of my products - this is just a theory!

In the first scenario, open up the payment gateway as a frame inside your website - with you controlling the top header like frame & the PG controlling the other frame. Further, create a constant pingback AJAX connection to your shopping cart through the top frame. Once the AJAX connection dies, you have an almost sure shot way of knowing that the browser is no more alive, or Z’s is no longer connected. Your cart logic can then take appropriate actions of unlocking your product. - This solves problem scenario 1

The second scenario is the worst of the worsts! Browser has not been closed, and the user Z can make the Tx anytime before PG expires his Tx. What we can try here is put up a javascript clock which keeps ticking like a timer - again, we can use our top frame as thats the only part that we control when a PG is displayed. This will keep informing the user about the urgency to finish the Tx. This timer can change colors from green to yellow to red, signifying increasing priority, etc. Moreover, on the server side - one can either have a separate thread/cron-job to unlock the locked products - or - before any new access is made to the locked up DB, the cart logic an check up which all Tx’s are in a stale state & free them up. This will surely slow down the system a bit, but this would almost render the DoS attack useless. That solves problem scenario 2.

This is just my maiden attempt at Payment Gateways. If you think, I can improve my idea, feel free to add your suggestions in the comments section.

ApnaBill.com would be definitely using some (if not all) of these concepts.

Posted in ApnaBill, Rails, Startups, Technology, Web 2.0 | Comments (0)

Opera Mini 4 - Early morning review :)

June 24th, 2007

Its 6:33 AM now & I was about to go to bed before mom offered to make me some tea so I decided to pick up bro’s laptop & was checking out J2ME design patterns when I saw Opera Mini 4 Beta release news on Airlan San Juan’s Blog. I decided to give it a shot before I hit the sack!

The beta version is smaller in size than the 3.1 version - but packs a whole lot of cool new features!!!

The Beta version now has mouse support & panning/zoom support - something very similar to Microsoft’s DeepFish project & somewhat like the Series 60 Browser. The Beta still uses similar UI as used by the 3.1 version. Browsing was undoubtedly better with the Beta version as it rendered the pages (almost) exactly as they would appear on a PC browser and the ability to navigate to anywhere on the page using a mouse pointer was fantastic!

However, when the page loads - the text gets reduced to unreadable size. So if a web page is new to the user, this method of pan & zoom is of little use because sometimes its difficult to guess where that interesting piece of information lies… The pan/zoom feature, btw - works even while the page is still loading.

The bugs - browser UI is very unresponsive. I had to wait for almost 2 seconds each time for the joystick click to actually fire the event. Uploading files is still not supported (not a bug, but a future feature maybe). And I still cannot set Google as my search engine at the home page screen - Moreover, AJAX is not fully supported - I tried replying to a scrap on Orkut & the event required a full page reload.