You’re not seeing the wrong thing – you’re seeing an email with no images. Even after telling Gmail to turn them on, all the status icons point to a server that’s returning 404 errors.

So basically, this email and the service is useless to me because of a server being offline. The reality is this is something that could have been handled easier if a bit more thought had been put into the design. For this email in particular, there are ways that you could show a particular service was working using something as simple as a style=”color:green” declaration. That way, if the image server is down or the user doesn’t have images turned on, it will still show a prompt to the user.

See, simple? If a little thought had been put into the design of the email, I wouldn’t be an unhappy customer today.

Set Godin had a good take on this recently, blogging about simple issues could be fixed with a bit of design. The key takeaway from his post is this:

My thesis is that digital interactions demand more organized and situationally smart displays. My other point is that it’s not hard to avoid broken if you pay attention to the way people actually use what you make.

Something to think about as more and more of our communication with our various constituencies is electronic.

The Adobe Design Achievement Awards celebrate student and faculty achievement reflecting the powerful convergence of technology and the creative arts since 2001.  The competition – which showcases individual and group projectscreated with industry-leading Adobe creative software – honors the most talented and promising student graphic designers, photographers, illustrators, animators, digital filmmakers, developers and computer artists from the world’s top institutions of higher education.

A board of Educator and industry luminaries advises over the awards. There are 9 board members, 6 educators and 3 luminaries.  To learn more about this year judges visit the ADAA microsite .

The 2012 Adobe Design Achievement Awards give higher education students and faculty from around the world the shortcut to brilliance to propel their careers in the future. Higher education students and faculty can submit entries created with Adobe software to earn a chance at winning recognition, travel, Adobe software, and cash prizes.  Both individuals and groups may enter up to three unique projects in the following categories during the entire duration of the contest.

• Interactive Media: Browser-Based Design, Non-Browser Based Design, Application Development, Mobile Design, Game Design, Installation Design, Innovation in Interactive Media in Education
• Video and Motion: Animation, Live Action, Motion Graphics, Innovation in Video and Motion in Education
• Traditional Media: Illustration, Packaging, Photography, Print Communications, Innovation in Traditional Media in Education

Finalists will receive Adobe software and a trip to Los Angeles, California where they will be honored in an awards ceremony during Adobe MAX, October 20-24, 2012.
Category winners will also receive a cash award of US $3,000.  For a complete list of prizes for both individual and group visit the ADAA microsite (http://www.adobeawards.com/us/about/prizes/).

The competition is FREE to enter and open to all students, faculty, and staff of higher education institutions around the world.  Participants may submit up to 3 times in 13 different student categories and 3 faculty categories. Students are advised to submit their projects for every academic term from May 2011 through June 2012.

Submission Deadlines:  We are in the third and final submission period that closes on June 22, 2012 with the semifinalists being announced in July 2012. Submit Now:  www.adobeawards.com

So I was disheartened this past week when Adobe announced they had found a security issue in Photoshop CS5.5. The good news: they let everyone know about. The bad news: they wanted people to pay to upgrade at CS6 in order to fix the flaw, which is basically unheard of. From the security bulletin:

Adobe has released Adobe Photoshop CS6 (paid upgrade), which addresses these vulnerabilities. We are in the process of resolving these vulnerabilities in Adobe Photoshop CS5.x, and will update this Security Bulletin once the patch is available.

I could understand if this was a $0.99 app. Photoshop and the Creative Suite is an expensive piece of software. It’s worth every penny, but it’s an expensive upgrade, especially considering that CS5 came out in April, 2011.

The web, unsurprisingly, lost its collective mind about Adobe not issuing a patch for CS5, a product it still claims to support. I saw many tweets, posts and tumbles about it last night and this morning.

Now comes word that Adobe is changing its position and will update CS5 with a patch at an undetermined time. From their blog:

We are in the process of resolving the vulnerabilities addressed in these Security Bulletins in Adobe Illustrator CS5.x, Adobe Photoshop CS5.x (12.x) and Adobe Flash Professional CS5.x, and will update the respective Security Bulletins once the patches are available.

The good news is that Adobe has seen the error of its ways and will issue a patch. What I wonder is how such a decision was made in the first place. If there has been a security patch for any type of software, operating system or not, it’s always been patched. Heck, even Microsoft says it will issue security patches and other fixes for Windows XP until 2014, and it came out in 2001.

How far up the chain of command did this idea go, and why didn’t someone along the way say “hey, people are going to freak out about this”? Now that we’re firmly in the social age, a company such as Adobe must realize that the word of something like this can spread around the globe in literally seconds.

tl/dr; Adobe will patch Photoshop, but at what cost to its image and reputation?

The challenge: un-hack their WordPress then login and make sure everything is cool. The FTP part was easy – I just re-installed WordPress’ core files. I could go on here about why its important to keep your WordPress up to date, but I’ve done that before.

Since the person whose blog this is was out of the country, I couldn’t contact them to get a login, and since they were having login troubles anyway due to the hack, we were kind of stuck.

One of the things I like about WordPress is that it’s user-friendly for end-users, but underneath the hood is a pretty serious framework. I’m constantly finding new features, functions and calls to do things I want WordPress to do that it might not ordinarily by default.

In my case, I needed to get a user into WordPress. After some poking around and reading documentation, I found a WordPress function, wp_insert_user, which will put a user into the system. I found you couldn’t just call this from a post or a page, but I found wrapping it in a function, putting it in the functions.php file of the theme and calling it on page_init worked pretty well. Here’s the code:

function ft_insert_user(){
	$newUserData = array (
	   'ID' => '',
	   'user_pass' => wp_generate_password(),
	   'user_login' => 'mike',
	   'user_nicename' => 'mike',
	   'user_url' => '',
	   'user_email' => 'mike@highedwebtech.com',
	   'display_name' => 'Mike',
	   'nickname' => 'Mike',
	   'first_name' => 'Mike',
	   'user_registered' => '2011-10-16 08:54:47',
	   'role' => 'Administrator'
	);

	$newUserId = wp_insert_user( $newUserData );
}
add_action( 'wp_head', 'ft_insert_user' );

The trick with this is I let WordPress generate me a password. I didn’t get a password in my email, but it was easily reset and I was able to login. However, I wasn’t an admin (I’m sure my code about could be better.) After some Googling, I found this PHP script which can be run outside of WordPress (but in your web root) that will assign a specific role to a specific user. This script assumes you know your user ID.

<?php
/*
 * Updates user role using WordPress function wp_update_user.
 *
 * Simple script to be run at webroot. Update user_id and new_role to taste
 * and run as regular PHP file on command line.
 *
 * @package WordPress
 */

require( './wp-load.php' );

// id of user to update
$user_id = 2;

/*
 * Basic list of user roles
 *
 * administrator
 * editor
 * author
 * contributor
 * subscriber
 *
 */

// user role to update to
$new_role = 'administrator';

// update user role using wordpress function
wp_update_user( array ('ID' => $user_id, 'role' => $new_role ) ) ;

?>

Now, I was an admin user and could check the theme and all other settings that are available to administrators, including installing plugins, starting with Better WP Security, developed by higher ed’s own Chris Wiegman.

The thing to remember is that with method, you need to have FTP or shell access to the area that contains the theme or web root. You can’t just use these functions on any WordPress site.

Pretty much like Dropbox.  Except Google-ified.

I’ve been a faithful Dropbox user for a few years now, and it really has become an indispensible part of my workflow. All my things are synced and working on files from home or the office is brain-dead simple. Thanks to Dropbox referrals, I’m currently rocking 20GB of free storage, and depending on what project I’m working on, I am using only a little or a pretty decent part of that allotment.

Enter Google Drive. I applied for my account yesteday afternoon and come late evening, I had an email saying it was ready for me. I downloaded the Mac app, which looks and behaves just like Dropbox’s app. After syncing up with the mothership, it downloaded everything that was in my Google Docs folder. Which is OK, I guess, though I didn’t really need it. I use those in Google Docs.

Google Drive works just like Dropbox in that it puts a folder on your computer where you can drag files/folders to and they automatically sync up to your account. I found the uploads to be fast and unobtrusive. I found a way to un-sync my Google Docs, which freed up a little bit of space (I have a lot of Google docs.)

Here a few thoughts…

I like Dropbox’s public folder, where I can put things, right click on them and get a URL that I can share easily with people. That’s been handy for uploading ZIP files, large photos, you name it, it’s been super easy. Just this week, Dropbox added a feature to allow you to create a link to any file in your Dropbox. This is interesting, as it’s not a direct download but a link to Dropbox’s site and users can download your file from there. I saw a comment yesterday on Reddit I believe that said “isn’t this what got Megaupload in trouble?”

That basic functionality is missing, at least right off the bat, in Google Drive. There’s no public folder. To make a document shareable, I have to go to the browser-based version of Drive and select sharing, and much like Google Docs, I can pick people who can see my document or open it up to the whole world. I wish it was a little easier.

My other thoughts were about pricing. With Dropbox, new users get 2GB for free. With Google Drive, users get 5GB for free. Obviously, 5 > 2. But I’ve referred enough people that I’ve got 20GB from Dropbox. 20 > 5. But, Google allows people to buy more space. Isn’t that nice of them.

For $2.49 a month, I can get 25GB of storage, and as a bonus, I’ll get 25GB in Gmail as well. That’s a pretty interesting price point. What really caught my eye was for $4.99 a month, I could get 100GB of storage and syncing. That’s a crazy prize. 100GB at Dropbox will run you $19.99 a month. It will be interesting to see if Dropbox lowers their prices in response.

The thing here to remember is that Google has the biggest storage and data network in the world. Dropbox uses Amazon’s S3 service, so there is fixed costs it has when it comes to storage. That 100GB of storage from Amazon will run the average person $10, but at how much data they store, I’m sure they get a huge price break. Still – $4.99. Wow.

And then there’s privacy.

Both Google and Dropbox have had their share of privacy issues recently, and may people are freaked out with Google having access to all kinds of data now that they can use to index and ultimately sell ads against. This tweet from Merlin Mann was interesting.

Yes, if you store your data in Google Drive, they will have access to it. In fact, if you read their TOS, they’ll do more than access it:

That’s kind of scary. Dropbox’s terms are a bit less scary (H/T Jesse Lavery.) Are you willing to trade your info for the convienence of having your files anywhere and everywhere? Something to think about.

TL/DR; Google has free cloud storage, you can pay for more, privacy is something to pay attention to.

One way is help WordPress (which is built on PHP) and MySQL by caching some expensive queries, that is, queries that return large result sets or you join lots of tables together on certain values. In our case, we’ve installed APC on our dedicated server and are trying it out as a user and opcode cache for some WordPress data to help speed things up. Here’s some ways you can do the same:

On one of our page templates, we query WordPress for a custom post type, in our case a calendar of events. Since some of our sites have many events, this query can take a bit of time to execute. We can help out by storing the result of the MySQL in memory and calling that as needed.  Here’s some code:

$cachequery = "bb_".$blog->ID;
$cacheexpire = 1800;

if($mypost = apc_fetch($cachequery)){
 echo "<!-- cached query -->";
}else{
 $mypost = query_posts($args);
 apc_store($cachequery,$mypost,$cacheexpire);
 echo "<!-- caching this -->";
}

The first we do is declare a variable, $cachequery, which is specificially generated per site, using the blog’s ID and a prefix depending on what template and query we’re using. In our case, the bb_ stands for big button, a template that looks like this.

At this point we also define how long we want this data to be cached. In this case, I say 1800 seconds, which is 30 minutes. This could probably be longer, such as 3600 seconds, but I’m working to find a sweet spot of speed and making sure the user is always seeing good data.

On line 4, you’ll see that we need to do is see if APC and PHP are currently storing any data for our variable. If there is good data, it is stored in the $mypost variable, and we echo a response, which is optional.

If PHP doesn’t a result from APC, the data hasn’t been cached yet. So we run the query, store it in the $mypost variable, and write the value to the APC store. Also, if the data is older than 1800 seconds, APC will return an invalid response and the query will be run fresh. This happens because we set the expiration time in the apc_store function.

APC has a nice PHP page you can install that will give you a report of how APC is doing and what data is being cached. It makes some nice graphs, but also allows you to explore the user-generated data, such as what we cached above. Let’s look at one of our stored variables and what APC is actually caching.

If we view the detail for an entry, we can see what’s being stored, in this case the array that WordPress returns when we use the get_posts or query_posts functions.

I’ve been keeping an eye on WordPress and the APC status for a few days now, and all seems well. I think this is also something I’d look into when building a non-WordPress PHP application as well. Faster is always better.

Several months ago we made a change to our default search experience on google.com — when you’re signed into Google, we add SSL encryption to increase the privacy and security of your web searches. The change encrypts your search queries and our search results page, which is particularly important when you’re using an open, unsecured Internet connection.

With Twitter and Facebook also starting to go SSL by default, it got me thinking. Is it time for our .edu websites to go all SSL? We currently encrypt some areas, but making all our webpages be secure, whether they are collecting data or not, may be something to start considering.

I think it would show some credibility to users, and would add an additional layer of protection for forms that currently aren’t secure, such as event registration, feedback forms and surveys. Yes, some this data is not the most sensitive, but it’s always better to be safe than sorry[1].

Implementing SSL on a site is trivial, and not terribly expensive. NameCheap.com offers SSL certificiates starting at $9 USD a year and going up from there. That small cost, even at $125 USD per year, is worth the piece of mind.

Will adding SSL give your website a performance hit? This used to be the case, but not as much anymore. It’s nothing that can’t be offset by a little  optimization on the developer end. Even something as simple as GZIP’ing and minifying your CSS and javascripts may balance out any (perceived) hit in performance due to SSL. Adam Langley of Google writes this about SSL performance:

In January this year (2010), Gmail switched to using HTTPS for everything by default. Previously it had been introduced as an option, but now all of our users use HTTPS to secure their email between their browsers and Google, all the time. In order to do this we had to deploy no additional machines and no special hardware. On our production frontend machines, SSL/TLS accounts for less than 1% of the CPU load, less than 10KB of memory per connection and less than 2% of network overhead. Many people believe that SSL takes a lot of CPU time and we hope the above numbers (public for the first time) will help to dispel that.

As a test, we’ve been using SSL in our WordPress admin areas. I haven’t noticed any difference in performance, and it was a good first step in rolling it out site wide (which at this point would be just checking a box.)

[1] If you have bad code, forms or not, on your website, it won’t matter if you have the best security in the world. Bad code is bad code.

From his site:

The experiment was: if I put out a brand new standup special at a drastically low price ($5) and make it as easy as possible to buy, download and enjoy, free of any restrictions, will everyone just go and steal it? Will they pay for it? And how much money can be made by an individual in this manner?

Since the launch over this past weekend, he’s sold over 110,000 copies of the concert worldwide, more than making back his production expenses.

Again, from his blog:

The show went on sale at noon on Saturday, December 10th. 12 hours later, we had over 50,000 purchases and had earned $250,000, breaking even on the cost of production and website. As of Today, we’ve sold over 110,000 copies for a total of over $500,000. Minus some money for PayPal charges etc, I have a profit around $200,000 (after taxes $75.58). This is less than I would have been paid by a large company to simply perform the show and let them sell it to you, but they would have charged you about $20 for the video. They would have given you an encrypted and regionally restricted video of limited value, and they would have owned your private information for their own use. They would have withheld international availability indefinitely. This way, you only paid $5, you can use the video any way you want, and you can watch it in Dublin, whatever the city is in Belgium, or Dubai. I got paid nice, and I still own the video (as do you). You never have to join anything, and you never have to hear from us again.

What can we in higher ed marketing learn from Louis C.K.?

1. Transparency

Louis has been more than transparent during this process, disclosing his costs to produce this special, how many he’s sold and what he’s made in terms of money. In higher ed, and not just the marketing/communications side, we are bad at transparency. Other than annual reports, we aren’t very transparent about our financials and other data.

Yes, we now all have net price calculators, but how effective are they when every one I’ve tried at different institutions (and I’ve tried dozens) often throw in a big loan at the end to make my net cost $0.00. That’s not helpful.

2. Price your product right

Not a day goes by that there isn’t an article about the cost of college and student loan debt and so on. I know – not only do I work in higher ed, I’m still paying student loans from my undergraduate degree. Personally, I’d love to get a Master’s degree, but frankly can’t afford it. There are plenty of offerings online, from Masters in Criminology to Business, but most is still priced out of reach.

Stanford is currently running classes online, for free, such as an introduction to databases and a course on AI. That’s really neat. While it’s not feasible for every college to offer free programs, there’s opportunity to rethink our offerings and their various price points.

For example, I’d gladly pay $2,500 for a structured, certificate program from a place like Stanford. It’s not a full Master’s, but it’s the right price point that makes it easier to justify and pay for compared to a full Master’s program, that may cost upwards of $30,000.

Sidebar: if anyone wants to give me a full-ride Masters in IT, IT Leadership or the like, let me know. I’d get a Master’s at my current university, which is a very good one, but they don’t currently have a program for what I want to do, career-wise.

In Louis’s case, $5 was the magical price point. It’s enough to make him money and cover his costs, yet priced right for consumers who were able to bypass the middle man, in this case, the large media corporations.

3. Control is ok, but information wants to be free

We live in a much smaller world today compared to years past. I listen to cloud music and live edit a document with a colleague in the UK, at the same time. Yet, we are forced to live under archaic rules about where and who can consume digital content.

I’ll leave you with one final quote. Also, I paid my $5.

I learned that money can be a lot of things. It can be something that is hoarded, fought over, protected, stolen and withheld. Or it can be like an energy, fueled by the desire, will, creative interest, need to laugh, of large groups of people. And it can be shuffled and pushed around and pooled together to fuel a common interest.

Bret Victor invents tools that enable people to understand and create. He has designed experimental UI concepts at Apple, interactive data graphics for Al Gore, and musical instruments at Alesis. Amazing stuff in this video.

For more on Bret, see http://worrydream.com.

This talk was given at CUSEC 2012.

These types of emails would include account setups, password resets, etc. Since we host our WordPress installation off-campus, somewhere in the tubes between there and our mail system here the mails were being eaten, quite possibly by a large, scary email-eating koala bear. In reality, it was probably an overzealous filter somewhere on our campus end that couldn’t guarantee that emails coming from our Rackspace box to campus really were legit and really were from a University account.

This made creating user accounts very labor intensive. Instead of just emailing login details, password reset requests and more directly to the user, we found ourselves creating an account for a person and immediately resetting their password, and then giving them the login details. Same went for password changes, they were never getting the transactional email to reset their passwords, so they were calling us. Not efficient.

Enter SendGrid. They are one of a few providers of email service, but unlike MailChimp or Constant Contact, they aren’t about the marketing and list management end of emails. They are about providing a delivery gateway to ensure that emails reach their intended destinations with a high degree of reliability.

After setting up an account at SendGrid (look for the free plan at the bottom of this page to try it out. You get 200 emails per day and we’ve never come close to reaching that), SendGrid’s documentation directed us to a page about integrating SendGrid with WordPress.

Using the WP Mail SMTP plugin, we are able to now avoid using the default wp_mail() and PHP mail commands from our server and instead we have our transactional email sent via SendGrid. To keep the admin panel from showing up and potentially confusing users, even admin users, the plugin allows you to put some details in your wp-config.php file. That code looks like this:

define('WPMS_ON', true);
define('WPMS_MAIL_FROM', 'webmaster@gallifrey.edu');
define('WPMS_MAIL_FROM_NAME', 'Gallifrey University CMS');
define('WPMS_MAILER', 'smtp');
define('WPMS_SET_RETURN_PATH', 'false');
define('WPMS_SMTP_HOST', 'smtp.sendgrid.net');
define('WPMS_SMTP_PORT', 587); //
define('WPMS_SSL', '');
define('WPMS_SMTP_AUTH', true);
define('WPMS_SMTP_USER', 'YOURACCOUNTNAME');
define('WPMS_SMTP_PASS', 'YourAccountPasword');

And what do you know, they’re getting through. Our support calls and requests have dropped, and we can focus more of our limited resources on developing great sites and content with our campus partners. Win-win for everyone.

SendGrid isn’t just for these types of emails – it does much more as you can see in this video:

As you dig more into their system, you’ll see they offer email handling, reports and all sorts of other analytics – they don’t just handle transactional email.

So, SendGrid is and will be a part of any web projects for us (and me outside of John Carroll) going forward. It’s just one more thing I won’t have to worry about.

And that, my friends, is a good thing.