Off and Away is a neat travel bidding site that lets you bid on travel deals for pennies. (The bids cost roughly a buck, though.) Curious at how their timer was put together, biz-partner Bob took a peek at their JavaScript. Somewhat surprised to find that they hadn’t minified it, he was even more amused by their credit card function, aptly named $.fn.creditcard_shizzle.

When writing and testing code, it’s really tempting to put in junk data or in-jokes or other fun bits. As a development company, we’ve banned that outright, even in development environments, because we’ve discovered that somehow, some way, our little joke will end up live, released to clients or their customers, or even worse, appear in big bold letters in the middle of a demo. Nothing quite matches the sheer terror and stomach-pit feeling as having “stupid mcassface” show up during a demo.

Clearly, Off and Away’s devs/founders have a sense of humor and since this is source code and not customer-facing, this isn’t really a big deal. It’s not even vulgar. But it’s amusing to stumble across these sort of gems, as long as they’re not in the middle of a demo. For more fun, search swear words on Google’s Code Search. You’ll find some exasperated comments, angry rants, and outright bitterness, to be sure. (Hell, even Microsoft’s done it.)

Off and Away

How S3 Versioning Works
Versioning is a critical feature many developers had requested as data stored on S3, while maintained in triplicate across the S3 file-system automatically, is still vulnerable to sweeping delete operations by developers, errant scripts, or other causes. Moreover, developers had to manually version changing files if they wanted to preserve the ability to roll-back to an earlier revision or undo a “delete”. In any event, a lot of custom code had to be created to replicate these behaviors, and most solutions weren’t particularly graceful.

Versioning is easy to enable and brilliant for Amazon: make a simple API call to enable versioning for an entire bucket and all changes to the files within that bucket will preserve versions. Moreover, deletions of files through the typical DELETE API call will simply create a delete marker, making the file unavailable for all intents and purposes, but preserving its presence and all of its versions in the S3 filesystem, until its permanent deletion is called for. It’s brilliant for Amazon because you pay the additional storage fees for each version and for each “deleted” file that hasn’t been permanently destroyed.

This means that versioning can be easily enabled on any existing S3 implementation with out breaking compatibility with existing code. Naturally, developers will need to rewrite their delete calls to make use of the version delete options, but for an application with little-to-no deletions, this is a feature implemented with a single API call.

Amazon also introduced Multi-Factor Authentication. MFA works with security code-generating key fobs that act as a physical token one must have in order to perform an action. In this case, if you enable MFA, you need the token to log in and manage your AWS account, and you can also optionally require the token to commit a permanent deletion of a file version. For the uninitiated, it’s considered multi-factor as you need two types of authentication to login or make deletes on your account. (Your AWS username and password for account management and your AWS public/private key for API calls each make up the other half of the multi-factor equation with the MFA code.)

The S3 Trash Bin
Using MFA, it becomes possible to create a highly robust and secure safety net that prevents the wholesale deletion of an S3 account’s contents without first enforcing an additional review step. After enabling versioning and MFA-Delete mode for a bucket, a developer’s application will continue to function to the end-user as expected. This means very little rewriting of code needs to be performed to get these features up and running. A simple trash bin script could then be created which would identify all files whose current version is a delete marker, and present them to an admin. Since permanent deletions require the MFA code to be appended to the API call, only the individual with physical access to the code (which recycles every 30 seconds) would be able to commit the delete operations necessary. After reviewing the files queued for permanent deletion, they’d enter the code and the script would be sent off to the races.

Naturally, this still leaves some room for error: the script that commits the permanent deletes would need to be scrutinized to ensure that it itself is bulletproof, but beyond that, this should protect against nearly all accidental deletions, and establish a command and control hierarchy for an organization. It’s important to reduce the sheer number of individuals who have complete deletion privileges for myriad reasons, and this helps accomplish that. The MFA key fob is available for all of $13 and you’re off to the races. You simply input your serial number on the AWS site, and Amazon’s servers knows what the code it’s generated should be based on the time and a seed that’s private to them.

More on Amazon AWS Multi-Factor Authentication
S3 Versioning | Amazon Developer’s Guide

Anonymous functions, also known as closures, allow the creation of functions which have no specified name. They are most useful as the value of callback parameters, but they have many other uses. Closures can also be used as the values of variables; PHP automatically converts such expressions into instances of the Closure internal class.

PHP has very few predefined classes that are part of the core language, so naturally I was intrigued by the Closure class. The PHP Manual has this to say about the class:

The predefined final class Closure was introduced in PHP 5.3.0. It is used for internal implementation of anonymous functions. The class has a constructor forbidding the manual creation of the object (issues E_RECOVERABLE_ERROR) and the __invoke() method with the calling magic.

The invoke magic method is also a new feature in PHP 5.3. It is called when an object is used in the context of a function (e.g. $object($parameter);). Since Closure objects will be used like functions, this is a critical feature of the Closure object. The Closure class may be perfectly equipped to act like an anonymous function, but it does not provide any extra utility beyond that. A var_dump() of a closure will reveal the functions parameters, but there is no way to get any other information about the Closure (like the actual code of the function). Trying to serialize the Closure throws an Exception and json_encode() just returns an empty JSON string. To make matters worse, the Closure class is final, so there is no way to extend it.

That simply wasn’t going to cut it for me. I wanted to make my own Closure class that was at least able to do the following:

1. Invoke the Closure (with __invoke()) just like the PHP Closure class
2. Retrieve the actual code of the Closure
3. Retrieve detailed data about the Closure’s parameters
4. Retrieve the names and values of any variables inherited from the Closure’s parent’s scope (with the use construct)
5. Serialize and unserialize the Closure

I decided to play around with the Reflection API to see what kind of information I could get from the Closure. A Closure is a function, so using the ReflectionFunction class provides the same information about Closures as it does about any other functions. PHP 5.3 also added the isClosure() method to the ReflectionFunction (in case you weren’t convinced that reflection would be helpful). After some tinkering, it became apparent that I would be able to accomplish all of my desires. I will walk you through the construction of my “SuperClosure” class and explain how the creative use of Reflection allows us to find ways around the problems normally blocking the ability to have my desired features.

1. Grant the ability to invoke the Closure

The first goal was to create the basic SuperClosure class that both encapsulates and allows invocation of the Closure. To do this I wrote a simple class with a constructor and the magic __invoke() method. I also included an accessor method (getter) for the actual Closure. In the constructor I created an instance of the ReflectionFunction class and stored it as a class member that helped allow invocation of the closure with a variable number of arguments. It also helped me accomplish other things later. The following code shows the basic class upon which I will be building. The complete will be shown at the end of the article.

class SuperClosure {

	protected $closure = NULL;
	protected $reflection = NULL;

	public function __construct($function)
	{
		if ( ! $function instanceOf Closure)
			throw new InvalidArgumentException();

		$this->closure = $function;
		$this->reflection = new ReflectionFunction($function);
	}

	public function __invoke()
	{
		$args = func_get_args();
		return $this->reflection->invokeArgs($args);
	}

	public function getClosure()
	{
		return $this->closure;
	}
}

The __invoke() method allows the SuperClosure object to be used exactly as if it was a Closure object. I had to recreate this functionality for the SuperClosure class since I was not able to extend the Closure to begin with. In order to pass arguments through to the real Closure, I used a combination of the func_get_args() function and the invokeArgs() method of ReflectionFunction to ensure that any variable number of arguments could be used. I could have also used call_user_func_array() function, but I prefer Reflection, and since I already had an instance of the ReflectionFunction, the invokeArgs() method seemed like a better choice.

2. Retrieve the actual code of the function

Secondly, I added code that allowed the SuperClosure class to find and store the actual code defining the closure. This feature is actually the key to doing the serialization later and is the most complicated part of the program. To accomplish this portion of the program, I used the instance of ReflectionFunction from Step 1 and the SplFileObject class, an SPL class which provides a nice object-oriented interface for dealing with files. The getFileName(), getStartLine(), and getEndLine() methods of the ReflectionFunction class allowed me to retrieve all the information I needed to find the source code of the Closure function. Using the SplFileObject to open and read from the source file and in combination with some string manipulation, I was able to obtain the closure’s source code. The following code shows the protected _fetchCode() method used to parse the closure’s code out of its source file:

protected function _fetchCode()
{
	// Open file and seek to the first line of the closure
	$file = new SplFileObject($this->reflection->getFileName());
	$file->seek($this->reflection->getStartLine()-1);

	// Retrieve all of the lines that contain code for the closure
	$code = '';
	while ($file->key() < $this->reflection->getEndLine())
	{
		$code .= $file->current();
		$file->next();
	}

	// Only keep the code defining that closure
	$begin = strpos($code, 'function');
	$end = strrpos($code, '}');
	$code = substr($code, $begin, $end - $begin + 1);

	return $code;
}

The only limitations with the current version of this function are that you cannot have multiple closures on a single line and you cannot use the word “function” anywhere besides the actual closure’s declaration.

3. Retrieve detailed data about the Closure’s parameters

Retrieving information about the closure’s parameters was as simple as adding a method that simply returns the result of the getParameters() method the SuperClosure’s instance of ReflectionFunction. That’s all. The getParameters() method returns ReflectionParameter objects which have several methods for getting information about the parameters including their names, values, default values, and more.

4. Retrieve the names and values of any variables inherited from the Closure’s parent’s scope

One of the biggest problems I had was retrieving the names and values of the variables added to the Closure’s scope with the use construct. There isn’t a documented way of doing this as far as I know, but I was able to figure out a way to do it after playing around some more with the ReflectionFunction class (it is just so helpful). These variables are actually included in the results of the getStaticVariables() method. If the closure declares any variables with the static keyword, these will also be included in the results. To get around this I added the _fetchUsedVariables() method that uses a combination of the getStaticVariables() method and some string manipulation of the Closure’s code (from Step 2) to find only the variables that were inherited from the parent’s scope. The following code shows the _fetchUsedVariables() method:

protected function _fetchUsedVariables()
{
	// Make sure the use construct is actually used
	$use_index = stripos($this->code, 'use');
	if ( ! $use_index)
		return array();

	// Get the names of the variables inside the use statement
	$begin = strpos($this->code, '(', $use_index) + 1;
	$end = strpos($this->code, ')', $begin);
	$vars = explode(',', substr($this->code, $begin, $end - $begin));

	// Get the static variables of the function via reflection
	$static_vars = $this->reflection->getStaticVariables();

	// Only keep the variables that appeared in both sets
	$used_vars = array();
	foreach ($vars as $var)
	{
		$var = trim($var, ' $&');
		$used_vars[$var] = $static_vars[$var];
	}

	return $used_vars;
}

5. Grant the ability to serialize and unserialize the Closure

Finally, I implemented the serialization capabilities. Since an actual closure object cannot be serialized (it gives a fatal error), I had to be creative to come up with a way to do my own serialization. The code I wrote for Step 2 and Step 4 made this possible. The sleep magic method allows you to hook into the serialization process, so I used this method to prepare my SuperClosure class for serialization. In order for my class to be serialized, I needed to first stop the Closure object and the ReflectionFunction object representing the Closure from being serialized. The __sleep() method should return an array of the class members you are serializing, so I simply left those variables out of the list. Because I was serializing the Closure’s code and static variables, it made possible in the __wakeup() magic method to recreate the Closure object using the code. To do this I had to use the extract() function on my array of used variables to import them back into the scope. Then I performed an eval() operation on the Closure’s code in order to recreate the Closure. eval() is always a risky operation, but in this case it makes sense. If you are planning to use this code for any of your own projects, I urge you to take precautions. The following code shows the complete SuperClosure class with the additions of the __sleep() and __wakeup() methods.

class SuperClosure {

	protected $closure = NULL;
	protected $reflection = NULL;
	protected $code = NULL;
	protected $used_variables = array();

	public function __construct($function)
	{
		if ( ! $function instanceOf Closure)
			throw new InvalidArgumentException();

		$this->closure = $function;
		$this->reflection = new ReflectionFunction($function);
		$this->code = $this->_fetchCode();
		$this->used_variables = $this->_fetchUsedVariables();
	}

	public function __invoke()
	{
		$args = func_get_args();
		return $this->reflection->invokeArgs($args);
	}

	public function getClosure()
	{
		return $this->closure;
	}

	protected function _fetchCode()
	{
		// Open file and seek to the first line of the closure
		$file = new SplFileObject($this->reflection->getFileName());
		$file->seek($this->reflection->getStartLine()-1);

		// Retrieve all of the lines that contain code for the closure
		$code = '';
		while ($file->key() < $this->reflection->getEndLine())
		{
			$code .= $file->current();
			$file->next();
		}

		// Only keep the code defining that closure
		$begin = strpos($code, 'function');
		$end = strrpos($code, '}');
		$code = substr($code, $begin, $end - $begin + 1);

		return $code;
	}

	public function getCode()
	{
		return $this->code;
	}

	public function getParameters()
	{
		return $this->reflection->getParameters();
	}

	protected function _fetchUsedVariables()
	{
		// Make sure the use construct is actually used
		$use_index = stripos($this->code, 'use');
		if ( ! $use_index)
			return array();

		// Get the names of the variables inside the use statement
		$begin = strpos($this->code, '(', $use_index) + 1;
		$end = strpos($this->code, ')', $begin);
		$vars = explode(',', substr($this->code, $begin, $end - $begin));

		// Get the static variables of the function via reflection
		$static_vars = $this->reflection->getStaticVariables();

		// Only keep the variables that appeared in both sets
		$used_vars = array();
		foreach ($vars as $var)
		{
			$var = trim($var, ' $&amp;');
			$used_vars[$var] = $static_vars[$var];
		}

		return $used_vars;
	}

	public function getUsedVariables()
	{
		return $this->used_variables;
	}

	public function __sleep()
	{
		return array('code', 'used_variables');
	}

	public function __wakeup()
	{
		extract($this->used_variables);

		eval('$_function = '.$this->code.';');
		if (isset($_function) AND $_function instanceOf Closure)
		{
			$this->closure = $_function;
			$this->reflection = new ReflectionFunction($_function);
		}
		else
			throw new Exception();
	}
}

Conclusion

With some cleverness and reflection, I was able to create the SuperClosure class and extend the Closure’s normal capabilities. Although my class does not enhance the typical use of a PHP Closure it does make it possible to serialize and transport a closure and provides an interface for examining the parameters and inherited variables. This means that we can do:

$closure = new SuperClosure(
	function($num1, $num2) {return $num1 + $num2;}
);
$serialized_closure = serialize($closure);
$unserialized_closure = unserialize($serialized_closure);
echo $unserialized_closure(1, 5);

without worrying about errors. Also, it would technically be possible to send closures through a remote service.

From what I have read in the PHP Manual, this class may have to be changed in the future. The Manual states this regarding anonymous functions:

Anonymous functions are currently implemented using the Closure class. This is an implementation detail and should not be relied upon.

So according to this, future versions of PHP might implement closures differently, and my class would have to be rewritten.

If you would like a copy of the code from this article (and an example of its use) you can find it on my Github account.

What makes Speed Tracer different?

Developers have long used Firebug to identify what AJAX requests were causing bottlenecks and to analyze responses to those requests. Firebug is an extremely powerful tool and does a serviceable job with this approach, but Speed Tracer takes things one step further, analyzing the “sluggishness” of your application by examining how busy or blocked the UI is in your browser. This can help developers analyze why their application feels slow, instead of simply focusing on network-based bottlenecks.

Speed Tracer makes use of specific, unique APIs built into Webkit for this very purpose, which gives it a unique advantage compared to other profiling tools. Instead of simply guessing and checking, developers will now have full visibility into what’s causing their applications to appear slow:

Using Speed Tracer you are able to get a better picture of where time is being spent in your application. This includes problems caused by JavaScript parsing and execution, layout, CSS style recalculation and selector matching, DOM event handling, network resource loading, timer fires, XMLHttpRequest callbacks, painting, and more.

Very cool stuff. What’s more, it’s free, open source, and available for users of Google Chrome right now. Check out their tutorial below:

Google Speed Tracer

Developing a “web 2.0″ application brings with it a host of new challenges previously unfelt or easily ignored with older, single-page-load-per-action apps. The browser has evolved from a simple page renderer to an application platform that busily executes JavaScript and receives, parses, and displays loads of new data without ever leaving the page. Developers are now struck with the challenge of ensuring their applications manage memory properly and efficiently—your JavaScript can leak memory, killing the user experience on your site, but also impacting the user’s complete experience with their system across the board.

To date, it’s been a bit of a struggle to manage memory, since developers are essentially forced to rely on their operating system’s memory managers to even monitor the memory usage of their browser. Even then, testing can be frustrating, as Firefox, for instance, stores all tabs in the same process. Google Chrome is multi-threaded; each tab is its own process. Chrome also features its own built in task manager, so you can identify which page is using exactly how much memory, CPU, and bandwidth. Even at its most detailed, the stats available only show aggregate memory and virtual memory usage—these abstract figures make troubleshooting individual pieces of your code difficult to say the least.

The folks over at Mozilla’s Developer Tools Lab are looking to change that by building a memory analysis tool that helps devs understand exactly how their application is using memory, and the behavior of the cycle (garbage) collector:

We plan on the initial implementation of this tool to be simple. For memory usage, we want to introduce the ability to visualize the current set of non-collectible JavaScript objects at any point in time (i.e., the heap) and give you the ability to understand why those objects aren’t collectible (i.e., trace any object to a GC root). For the cycle collector, we want to give you a way to understand when a collection starts and when it finishes and thus understand how long it took.

Ben Galbraith and the team are soliciting help and feedback, so if this is an issue you’ve had to deal with in the past, make sure you comment.

A New Memory Tool for the Web | Ben Galbraith’s Blog via Ajaxian

Lunascape presents an interesting product, though one that’s only in the Alpha stage, so I’m sure we’ll be seeing a lot of things evolve from them. As a developer, I have Firefox, Internet Explorer and Google Chrome all installed and at the ready. It’s pretty simple, though a bit annoying, to boot up IE to make sure a page renders properly, even though we develop under Firefox.  (There are FF extensions that make this a simple right-click affair, however.) Lunascape simplifies the process a bit by allowing you to switch a tab’s rendering engine just with a right-click. And it works, for sure.

But I begin to question the utility of a browser that lets me switch rendering engines, but provides me with very few debugging tools or console access. We develop under Firefox because of things like the Web Developer extension and Firebug. These superb debugging tools let us delve into the DOM and help us identify our many AJAX transgressions. Without these tools, though, the workflow isn’t improved enough to justify a switch from just running the browsers separately.

Now, Lunascape currently supports IE extensions, so perhaps Firefox extension support is on the horizon… but this seems like something that could be very difficult to accomplish, given that XUL (which powers Firefox and the window chrome surrounding it) is a part of Gecko that exists a bit existentially to the site being rendered: Though, if Lunascape itself is XUL-powered, then that would help considerably.

Even still, the appeal just isn’t there for me. Lunascape clearly is betting on its three-trick-pony concept, but that only appeals to developers who know what a rendering engine is. Firefox is a considerably better browsing option for regular end users, so they’re left needing to improve the value proposition for developers and to give us a reason to switch. And they haven’t done that yet. One way they could start is by offering advanced debugging tools, better if they’re rendering engine-specific. Another might be to allow for regression testing in IE: Allowing us to render in older IE engines, like how IETester works.

For now, I plan on leaving this in the Alpha bin it came in and working with FF 3, Chrome/Safari and IE, side-by-side.

See also: TechCrunch & Lifehacker‘s coverage. (The latter, whose screenshot we borrowed.)

PHP is a very easy language to learn and use because it has a syntax that is a simplified sampling from C++/Java and Perl. People who use these languages pick up PHP fast, and people who haven’t used any languages often learn PHP with as much ease as they would learn Perl.

A bit about namespaces

Most languages have namespaces in one form or another. A namespace is a lot like a class: it is a named entity that houses functions and classes, whereas a class is a named entity that houses properties and methods. Namespaces are found, in one form or another, in most popular languages. In C++ there are explicit namespaces and the namespace keyword. In Java, since you are allowed to have classes nested within classes, classes act as namespaces. Namespaces make it easier to organize and call your code. If you have a bunch of classes that work together to do something you might name them in a similar way. For example, we here at the Studios sometimes use the following classes:

Canopy_Xml_Document
Canopy_Xml_Document_CDataSection
Canopy_Xml_Document_NodeList
Canopy_Xml_IWritable
Canopy_Xml_Exception

With namespaces, we could define a namespace Canopy, add to it a namespace Xml, and then add classes Document, Exception and interface IWritable. We could also add a Document namespace and add classes CDataSection and NodeList. Then we could just tell PHP that we want to refer to things in a certain namespace. We would simply write:

use Canopy::Xml;
$D = new Document(); //$D is equivalent to a Canopy_Xml_Document


In the beta builds of PHP 5.3, the terminal “::” called the scope resolution operator (SRO) is used to denote namespaces. So, in the same way that one would write Class::staticMethod() one could write NamespaceA::NamespaceB::functionInNamespace(). This is the same operator used in C++, and it is intuitive since it refines a name to a scope where that name belongs.

PHPs SRO problem

Recently, PHP has had to abandon using the SRO, forego the syntax of other languages and has had to make up their own way of denoting a namespace. One reason for this is that bare words in PHP can have multiple meanings. For example, in PHP you can do:

const('A','constant');
function A() { return 'function'; }
class A(){ public _toString(){ return 'class'; } }


such that

echo A; // constant
echo A(); // function
echo new A(); // class


all do what you’d expect. But in namespaces, there’s some ambiguity introduced. Consider rather A::B::C() is namespace A, class B, static method C, or namespace A::B, function C. In C++ you’re not allowed to have a symbol like A, B, or C represent multiple types of things, so using the SRO does not arrive at ambiguity there. (Instead, you get an error.) But since PHP does allow for that type of thing, the internals team had to choose between:

1. Not allowing namespaces to have functions, but rather only classes, thus raising the ire of the community.
2. Using some terrible terrible other operator to indicate namespaces, thus raising the ire of the community. (Quoth internals team member: <@CelloG> % is also possible but holy god almighty it is fugly
3. Put off namespaces until (or if) something decent can be figured out, thus raising the ire of the community.

The team decided on 2, going with the \ character.

What’s that mean for the language?

The discussion was concerned with preventing unanticipated behavior from just making a rule to disambiguate rather a function or static method is called. I feel that throwing an error (or warning and choosing one) whenever that situation arises would be a perfectly acceptable solution. I would also have been happy to see them further follow Java’s lead and allow classes to be nested. Then there is no ambiguity between a static method and a function because they are the same. This would probably require much more work and you would have to allow class definitions across multiple files, but I feel this is a better option than ‘\’. To that end I would have enjoyed option 1 over option 2.

The most cited complaints about PHP is how there is little consistency in function names and in argument order. This new ‘\’ operator adds to the “weird-factor” which makes it more difficult for people to read and use the language. It further marginalizes PHP, adding to a series of minor but obnoxious issues proponents are embarrassed by.

The language is adrift with little direction, trying to address the wants of its developers, and adding a terminal is payment for a lack of planning and a general stubbornness of the internals list to consider namespaces back when the 5 changes were initially being discussed. On one hand I feel like this has ominous portents for PHP, but on the other, I’m really happy to have namespaces. For our domain, it still doesn’t make sense to jump ship to Groovy or Python, and it would take a lot of new terminals to push us over the edge. And while it’d be nice to see PHP not give more ammo to detractors, however menial, the discussion log makes it clear what issues they were struggling with.

Frederik Holmström points out another flaw with the backslash, as well, but many commenters note that the internals team knew there was no perfect solution here.

The system being merit based really helps the community entirely moderate itself. Ask Metafilter (and MeFi in general) is a great community because it’s ruled by moderators who filter the signal-to-noise ratio to something entirely reasonable. But it’s simply a core group of four people, one of whom is the founder, and they were trusted to understand how things are done on MeFi. Making the community control of SO merit-based is similar in some ways to how Wikipedia is governed. The community members who clearly care the most get the most power, but in a way that should be self-policing and self-balancing.

Most importantly, the site’s purpose is to provide easy access to clear, concise answers to your programming-related questions, without having to subscribe or buy in or worry about the accuracy of the answers. Because the site is highly editable in that your posts can be edited by highly-enough ranked mods, we’ll hopefully see a holy grail of sorts for answers to all the very obnoxious problems we run into day in and day out.

Check it out:

Stack Overflow

When I began my career at the medium sized company, I initially saw my project managers as a pain in the ass. All I was interested in doing was coding. I had my own ideas of how the project or feature was going to be done and I thought that I could handle deadlines and project requirements better than they could. Was it really necessary to ask me multiple times a day what I was doing and what percentage of the project was still left to be done? PM’s gave new meaning to the phrase “avoid like the plague.” In all honesty, I wondered why in the hell these people were even hired to begin with. I just could not see the role of a project manager as being all that important.

Of course, after a bit of development work and experience doing projects with and without them, I found myself having moments of… “OMFG…where is my project manager?” As developers, void of project managers, we often get carried away with the art that is code. We plan for one thing but, weeks post-deadline, end up creating something entirely different. Does it work? Usually. Is it beautiful? Maybe. Is it what was promised to the customer? Well, no.

I’m not just talking about instances where a simple login feature ballooned into a grand hierarchical authentication scheme. I’m also talking about those projects, that for some reason or another, we just despise working on and push off completion; sometimes even writing substandard code just to get it over with. And don’t forget those projects that are just so complex that we’re not even sure if we are starting at the right place, much less dedicated to a deadline of any sort.

It seems that the problem here is not one of competence—most of us could, if we really tried to, stick within initial specs and scope. To me the problem lies in the fact that without the role of the project manager on the team, we lack the time and task management designed to keep us on track. We are trained in how to solve problems of logic through good coding principals and design. We are artists. Our canvas is digital and we sometimes let our creativity and desire for compounding beauty interfere with the job we were hired to do. We are not trained in restraint; the project manager is, at least in theory.

Depending on your experience, I suppose this next statement may be gospel or blasphemy, but to me, it is gospel all the way. The successful completion of any project hinges upon a solid development methodology based in clearly defined project goals, block specifications, complete use cases, and the division and distribution of task level development. A good project manager will be able to take high level design specs and goals from a product manager or customer contact and break them out into clearly defined and manageable building blocks. Each block can then be broken down into feature/requirement sets which can finally be tasked out to the developer/s for completion. This is the job of the project manager, not the developer. Developers should only be given spec’d out tasks with detailed use cases and an explanation of exactly what should be done. It is then up to the developer to determine how the task will be done.

Now, this is not to say that developers are not to be involved in planning or design phases of projects; by nature, they have to be. However, design and planning meetings involving developers should be focused on the technical goals of the project or block, not on management and product/customer level concerns. These meetings must be narrow in focus and should have a clearly defined result. For instance, determining the database schema for the project or settling on a development framework. The layer of abstraction here is critical in keeping the project within scope and to prevent developers from expanding on or reducing the project deliverables. Once the meeting objectives have been met, project managers should then be able to chunk and task out the technical specs to the team of developers.

Now, up until a little while ago, I hated the word “task.” Every morning I would check my email and see, “You have been assigned a new task from…” after which my head would sink low and I would seriously contemplate my career path yet again. I would constantly wonder why everything had to be a task: a task to change a misspelled word, a task to add 5 pixels of spacing to the end of the page. Wouldn’t it just be easier to send me an email or IM or for goodness sake, just turn around and tell me? Surely this couldn’t be the Zen that is programming? However, recent experience has taught me that, by God, we all need tasks just like we all need competent project managers!

Task assignment, and by extension, a good task management system (note that a task/project management system is very different from a strict bug tracking system) is an absolute necessity for project management. Proper task etiquette enabled by a solid and complete project management system serves many purposes. First and foremost to developers, it serves as our grocery list. It tells us EXACTLY what we have to do, when it needs to be done by, and contains a history of the problem or feature (most PM system tasks have comments/histories and file attachment capabilities). From the management side of things, a PM system will track the number of hours developers spend on each task which can then be used for billing or other performance metrics. It also can serve as a yardstick in determining the level of project completion by showing a variety of statistics based on ticket assignment, time used, percentage of tasks complete for a given project, and developer performance.

Not to sound too preachy (or take too much of an aside), but I have come across a number of good techniques gathered from the various project managers and lead developers I have worked with in the past that I would like to share and recommend that people use.

Quote Tasks

Make use of quote tasks. It may take a little more time and to some it may seem really useless, but in the end it will serve as a good measure of your time estimation abilities and speak to the thoroughness of your work. The way it works is that for every task you are assigned, unless fixing the problem will take less than 10 min., in the comments section you should list the files and line numbers that you will need to make changes to in addition to a brief one liner explaining the expected change. You then assign the ticket back to your project manager to quickly review. If your time estimate falls within the allowable project time, then you will get the task back and no matter how many days or weeks may pass, you will know immediately what needs to be fixed and where.

Notate Completed Tasks

When tasks are complete, you should list each file and line number range that you made modifications to and provide a one or two sentence description of changes (in addition your regular brief outlining the totality of changes). This makes tracking changes easier for those who may follow you and serves as a written history in a developers words of exactly what was done for the task.

The Six-Hour Work Day

One small tip on time management and allocation I learned from my last PM was to only allot 6 hours of estimated work in a day. He said that the remaining 2 hours are spent on bathroom breaks, water cooler conversations, task switching ramp up, nerf fights, etc. At first I thought this was strange. Could bathroom breaks really take up 2 hours of my working day? But as I was tasked on this schedule, it seemed to work out pretty well. While I didn’t exactly lose 2 hours doing random things, what did happen was that I was rarely under pressure to squeeze out tasks leaving me less stressed and able to produce better quality and more thoroughly tested code and documentation. Funny thing, comparing a “6 hour” work day with the regular, “get as much work done in the 8 hours you are here” approach, I felt more productive and competent under the 6 hour routine. Give it a try, you may be surprised.

Developers as Project Managers: Warning

Developers should never be placed in the role of a project manager; creating and managing their own tasks. However, sometimes there is little choice (little company resources, sole operation, etc). If this is the case, expect that as a developer you will be spending probably 1/4-1/3 of your day planning and managing tasks; not working on them. Be sure your boss knows this if they are not willing or able to task out projects properly to begin with. This is really for your sanity and for the thoroughness that comes with being a competent developer. Now, in the rare case where you as the developer are tasked with actually taking customer specs and being told to simply get it done, placing the entire development life cycle on you or your team’s shoulders, I strongly suggest that you ask management to hire a project manager. If that is not possible then maybe you should be dusting off that resume because project specing, chunking, and higher level project management duties like those are not your job. There is a good reason developers are not PM’s and PM’s are not developers.

The Devil’s in the Details

Nag, nag, nag. If you get assigned tasks that are too general in scope and you have any questions about exactly what it is that your PM or boss is asking for, send the ticket back and ask for further explanation. It usually only takes a few times doing this for your boss to get the idea of what information you need to get your work done right. Remember, training goes both ways; you learn from your boss as much as your boss learns from you. It’s better to take the time upfront and get accurate and detailed specs than for you to guess and have to go back and rewrite something down the road.

All that being said, there are a number of development methodologies out there to help you and your team develop software in an efficient and smart manner. Now, as I’ve made crystal clear, I’m not a PM so I don’t claim to be an expert on any development methodology, but I take particular affinity to Agile development methods like Scrum. Any methodology where you as a developer are protected from business processes (changes in specs/customer expectations, etc) external to your core job function is a winner in my book. Avoid the traditional waterfall and cowboy coding approaches as they are highly inflexible and in the former case, plain stupid as a development methodology for any business.

So there! I hope I’ve been able to give a little personal experience to you developers out there (and you managers) who may be a little too code-centric. Don’t ignore the management side of your business. It can save your sanity and make you a better developer in the process!