All Posts Tagged With: "ebay"

Adam’s Fall Conference Schedule

Now that’s I’m back from FOO Camp, I’m checking my calendar to see what conference events I have coming up. For those of you keeping track (hi mom!), here they are:

  • Microsoft PDC: September 13-16 in LA. I haven’t managed to wrangle a chance to speak yet. :)
  • Zend/PHP Conference: October 18-21 in Silicon Valley. Speaking about eBay Web services. Final talk TBD.
  • ApacheCon US 2005: December 10-14 in San Diego. Speaking on “Consuming Web Services Using PHP 5”.

I may also go to Web 2.0 and the 4D Summit, but I have yet to finalize those events.

The ApacheCon talk should be quite cool, as I will be showing off nifty real-world web services examples. For example, sucking del.icio.us RSS bookmarks into a WordPress blog, or mashing up eBay Web services search results with the Google mapping API. Here’s the full abstract:

As we move into the world of Web 2.0, PHP developers must increasing include Web services in their toolkit of skills. This session covers how to implement REST and SOAP clients using the latest PHP 5 extensions, such as ext/soap, SimpleXML, and xsl.

This is not an academic talk discussing theory and specifications. Examples show applications of popular Web services, including del.icio.us, eBay, and Google Maps.

Don’t be left behind. Come to this session and learn how to integrate Web services into your code.

I have most of the code already written in various places, so there’s only the problem of creating the slides. Once I know more about my other talks, I will pimp them here, so stay tuned for all the details.

Back from LinuxWorld

I’m back from LinuxWorld. Slides from my talk (well, similar slides, I modified them slightly) are available.

I have to say, I haven’t loved going to LinuxWorld for the past 2 or 3 times, but today was the first time I was able to tell why. At first, I thought it was the presence of all the large vendors (IBM, Novell, CA, Intel). Actually, those booths are more funny than annoying. (See the CA dancing penguin from January, 2004.)

It’s actually the hardware/IT nature of the show. I’m a software guy. I’m not interested in your network monitoring applications or your license deployment systems. I guess they’re necessary in large IT setups, but I don’t want to hear people screaming at me about them over their loudspeakers.

Still, it’s good to see my friends working the show. Even unexpectedly ran into Rick from Zend hanging out at the Intel booth. Talked to a couple people at the MySQL showcase, including the SugarCRM folks.

Did a little bit of eBay evangelism with the Zimbra folks. They make an Exchange server replacement, but they also have an AJAX mail client interface that will scan messages and hyperlink phrases (similar to the Google Toolbar). Seems only natural that they’d link to eBay items, don’t you think?

In the end, I ditched the O’Reilly and MySQL parties., as I couldn’t bare to stay at LinuxWorld until 7 pm. Too much work and chaos.

LinuxWorld SF 2005

Fresh off my trip to Portland for OSCON, I will be hitting the Moscone Center on Tuesday for LinuxWorld. I’ll be speaking on the eBay Community Codebase at the O’Reilly booth at 1:30. Come on by and say hello.

eBay SOAP using PHP 5 ext/soap and AJAX

I’ve been playing around with a nifty skunkworks project using our SOAP API, the ext/soap extension in PHP 5, and the fad du jour of AJAX.

Progress has been moving a long at a nice clip, as long as I can find time to work on it. One of my main goals is to more extensively test the compatibility between ext/soap and eBay’s SOAP interface. With the release of PHP 5.0.4, you can finally make SOAP API calls to our servers. I’d done enough to confirm this, but I’d done minimal testing to verify if this applies to all 100+ API calls. Now I’m trying to throw some real-world tests at the extension.

The bad news is that I’ve found a bug. The good news (for PHP) is that the bug is on eBay’s end. :)

The eBay SOAP API is almost 18 months old, but historically many of our developers have used our legacy XML API, which is based on a different codebase. That older codebase has extensive burn in and testing. The newer SOAP codebase is still well-tested (we have over 10 dedicated API QA engineers in addition to the many millions of API calls made by developers), but there are some dark little corners that are not as well-lit.

It turns out I stumbled down one early this morning involving our Motors site. Apparently, according to our SOAP API, the car I’m searching for has 154242 miles and, by an odd twist of fate, was also released in the year 154242. Heh.

We’re in the process of a giant migration, where all the legacy XML API developers move over to share the new SOAP API codebase. (You don’t need to move over to SOAP as part of this transition, but the data schema is changing to one that’s more well-thought out and coherant.) I suspect as we close in on the cutoff date of next June, we’ll run into a few more of these buglets. This is why we’re encouraging people to start porting sooner rather than later.

Unfortunately, when you expose so much data in so many different ways off of a dynamic database driven site, you’re never going to be able to find everything ahead of time. Fortunately, with more eyeballs, all bugs are shallow, and I know our API team will roll out the fixes in no time.

On the AJAX side, JavaScript is a surprisingly cool language. Its always gotten a bad rap, but I believe that’s more due to browser incompatibility issues than fundamental core design problems. For example, in this project I’m using a function closure within a function closure. How zany is that?

Much magic indeed.

Heading to OSCON

I am heading to OSCON on Sunday afternoon. I will be there all week.

On Tuesday, I am participating in the mother of all PHP user group meetings, and on Thursday I am speaking on Services_Ebay.

Please come on by.

Let me know if you want to hang out. When I’m not at the show, I will be off drinking draft Fred.

Introducing eBay Community Codebase

Unlike many Web services, eBay has a large number of commercial developers who pay us money to hook up to our site. However, we’ve never gotten as many open source developers using our Web services as I want.

The obvious reason is that we charged money for access to our Production API servers, and even then we only gave you a miserly 50 calls per day. Happily, we have finally gotten rid of the $100 self-certification fee. Now you can join up at the Individual Tier and start making calls against real live eBay data without paying us a nickel.

We also upped the calls limits to 10,000 API calls per month. We think this should be enough for people to be able to write meaningful applications, but if you’re running into the limit, let me know.

Additionally, we introduced the eBay Community Codebase. Another one of the issues writing eBay Web service applications is that our APIs are quite extensive — we have over 100 APIs calls and they’ve available for 22 different countries worth of sites (plus eBay Motors). It’s possible to write some pretty complex applications. Complex enough that you’d want to work together with others on a project.

Community Codebase is a central repository of open source eBay projects with hosting, version control, mailing lists, bug trackers, and more. (Think of it as SourceForge for eBay. Actually, think of it as CollabNet for eBay, which is what it really is.)

We’ve stocked the pond with a few of our own projects, including our eBay/TiVo mashup. We’ve also been quite excited to see a bunch of other contributions, including a PHP SDK, a Perl DBD interface, and a Java category cacher.

I’m also revving up Services_Ebay development, but that’s the topic of another post.

Please come on by and check out the eBay Community Codebase.

Securing the eBay Marketplace

It’s Day 2 at the eBay Developers Conference.

Security is always a trade off between convenience and safety. Over the years, eBay has continually worked at balancing the two issues, and we’ve learned a lot. In “Securing the eBay Marketplace,” our Chief Security Architect, Liam Lynch, is sharing key points.

So far, he’s covered

  • SQL injection attacks
  • Filtering input
  • Cross site scripting
  • Phishing attacks
  • Hashing versus encryption
  • Federated identity and authentication
  • And a few more that I’m missing

Right now, he’s going over the OWASP Top Ten.

One of the interesting points that Liam’s making is that security isn’t a one-time thing. It’s an evolving notion. Also, security isn’t an absolute.

For example, eBay allows sellers to embed HTML inside an item listing. This presents a security risk, as people can try and use this to do malicious things. We could easily eliminate this issue by eliminating HTML, but that doesn’t make for very interesting item descriptions. Therefore, eBay’s set up a series of input filters to only allow “good” HTML and strip out the “bad” HTML. This isn’t easy, as the concept of “good” and “bad” is always changing, as we strive to strike the proper balance between the two.

Blogging eBay Developers Conference and eBay Live!

In an new experiment for eBay, we’re blogging the eBay Developers Conference and eBay Live!.

eBay Live! has always put out a Daily Chatter print newsletter, but apparently daily is too slow for 2005. :)

I know we have over 10 people signed up to blog the Developers Conference, so updates should be fast and furious over the conference WiFi network.