While Batchbook does have the pretty cool web forms which can capture contact data from any ole web form, it doesn’t give you total flexibility with filling in customized data fields. In our case, we wanted to create companies rather than individuals as part of a sales pipeline so we needed to have more control than the web forms currently allow.

Start with a contact form

Here’s the HTML form that we’re using – it still uses the original web form field names so all I’ve done here is changed the form ACTION to point at my CFM instead of Batchbook:

<form method="post" action="https://ourserver.com/form.cfm">
<input type="hidden" name="location[address][country]" value="US" />
<h2>Sign-up Now!</h2>
<table class="form">
<tr><td><label>Company *</label></td></tr>
<tr><td><input type="text" name="company[name]" size="30" /></td></tr>
<tr><td><label>Account Type *</label></td></tr>
<tr><td><select name="supertags[sales first contact][plan]"><option value="">Select a plan - you can change later</option><option value="Plan 1">Plan Uno</option><option value="Plan 2">Plan Dos</option><option value="Plan 3">Plan Tres</option></select></td></tr>
<tr><td><label>First Name *</label></td></tr>
<tr><td><input type="text" name="contact_details[first_name]" size="30" /></td></tr>
<tr><td><label>Last Name *</label></td></tr>
<tr><td><input type="text" name="contact_details[last_name]" size="30" /></td></tr>
<tr><td><label>Email *</label></td></tr>
<tr><td><input type="text" name="location[email]" size="30" /></td></tr>
<tr><td><label>Phone *</label></td></tr>
<tr><td><input type="text" name="location[phone]" size="30" /></td></tr>
<tr><td><label>Organization Address</label></td></tr>
<tr><td><input type="text" name="location[address][address_1]" size="30" /></td></tr>
<tr><td><label>Address 2</label></td></tr>
<tr><td><input type="text" name="location[address][address_2]" size="30" /></td></tr>
<tr><td><label>City, State Zip</label></td></tr>
<tr><td><input type="text" name="location[address][city]" size="15" />, <input type="text" name="location[address][state]" size="4" /> <input type="text" name="location[address][zip_code]" size="10" /></td></tr>
<tr><td><label>Company URL</label></td></tr>
<tr><td><input type="text" name="location[website]" size="40" /></td></tr>
<tr><td><label>Do you have an existing service?  If so, which:</label></td></tr>
<tr><td><input type="text" name="supertags[sales first contact][existing_service]" size="40" /></td></tr>
<tr><td><label>Date of next event:</label></td></tr>
<tr><td><input type="text" name="supertags[sales first contact][date_of_first_event]" size="15" /><br /><small>Format date like mm/dd/yyyy</small></td></tr>
<tr><td><label>Questions/Comments</label></td></tr>
<tr><td><textarea name="supertags[sales first contact][customer_comments]" rows="10" cols="50"></textarea></td></tr>
<tr class="submit"><td><input class="button" type="submit" value="Request Account" /></td></tr>
</table>
</form>

It’s the same contact form you’ve whipped up 100 times before. If you’re using the built in web forms, the field names must match what is above. If I was writing my form handler from scratch I would have selected more normalized names.

Note that we a hidden field at the beginning – not all of the data must be user editable. Of course, I could also just set it in my form handler. The country value is a holdover from the original web form.

Process those fields

Our next step is to process that form submission with ColdFusion and use the Batchbook API to create my contacts and populate my custom data fields:

< !--- credentials --->
<cfset variables.api_key = 'YOUR-SECURITY-KEY' />< !--- get this from "Your Account", right column --->
<cfset variables.root_uri = 'https://[YOUR HOST].batchbook.com/service' />

<cfhttp url="#variables.root_uri#/companies.xml" method="post" username="#variables.api_key#" password="x" charset="UTF-8" timeout="30" throwonerror="no">
	<cfhttpparam name="company[name]" value="#form['company[name]']#" type="formfield" />
	<cfhttpparam name="company[notes]" value="" type="formfield" />
</cfhttp>
< !--- cfdump var="#cfhttp#" --->

<cfif structKeyExists(cfhttp, "responseheader") AND isStruct(cfhttp.responseheader) AND structKeyExists(cfhttp.responseheader, "location")>

	<cfhttp url="#cfhttp.responseheader.location#" method="get" username="#variables.api_key#" password="x" charset="UTF-8" timeout="30" throwonerror="no">
	</cfhttp>
	< !--- cfdump var="#cfhttp#" --->

	<cfset xmlCompany = xmlParse(cfhttp.fileContent) />
	<cfset id = xmlCompany.company.id.xmlText />

	< !--- now add location to company --->
	<cfhttp url="#variables.root_uri#/companies/#id#/locations.xml" method="post" username="#variables.api_key#" password="x" charset="UTF-8" timeout="30" throwonerror="no">
		<cfhttpparam name="location[label]" value="work" type="formfield" />
		<cfhttpparam name="location[email]" value="#form['location[email]']#" type="formfield" />
		<cfhttpparam name="location[website]" value="#form['location[website]']#" type="formfield" />
		<cfhttpparam name="location[phone]" value="#form['location[phone]']#" type="formfield" />
		<cfhttpparam name="location[street_1]" value="#form['location[address][address_1]']#" type="formfield" />
		<cfhttpparam name="location[street_2]" value="#form['location[address][address_2]']#" type="formfield" />
		<cfhttpparam name="location[city]" value="#form['location[address][city]']#" type="formfield" />
		<cfhttpparam name="location[state]" value="#form['location[address][state]']#" type="formfield" />
		<cfhttpparam name="location[postal_code]" value="#form['location[address][zip_code]']#" type="formfield" />
		<cfhttpparam name="location[country]" value="#form['location[address][country]']#" type="formfield" />
	</cfhttp>
	< !--- cfdump var="#cfhttp#" --->

	< !--- set default values for sales super tag and capture user-provided information --->
	<cfset arrSuperTag = arrayNew(1) />
	<cfset arrayAppend(arrSuperTag, "super_tag[existing_service]=#URLEncodedFormat(form['supertags[sales first contact][existing_service]'])#") />
	<cfset arrayAppend(arrSuperTag, "super_tag[date_of_first_event]=#URLEncodedFormat(form['supertags[sales first contact][date_of_first_event]'])#") />
	<cfset arrayAppend(arrSuperTag, "super_tag[customer_comments]=#URLEncodedFormat(form['supertags[sales first contact][customer_comments]'])#") />
	<cfset arrayAppend(arrSuperTag, "super_tag[plan]=#URLEncodedFormat(form['supertags[sales first contact][plan]'])#") />
	<cfset arrayAppend(arrSuperTag, "super_tag[requested_demo]=#URLEncodedFormat(form['supertags[sales first contact][requested_demo]'])#") />
	<cfset arrayAppend(arrSuperTag, "super_tag[active]=true") />
	<cfset arrayAppend(arrSuperTag, "super_tag[paperwork_sent]=false") />
	<cfset arrayAppend(arrSuperTag, "super_tag[agreement_back]=false") />
	<cfset arrayAppend(arrSuperTag, "super_tag[announced_on_facebook]=false") />
	<cfset arrayAppend(arrSuperTag, "super_tag[buddy_check_complete]=false") />	

	<cfhttp url="#variables.root_uri#/companies/#id#/super_tags/sales.xml" method="put" username="#variables.api_key#" password="x" charset="UTF-8" timeout="30" throwonerror="no">
		<cfhttpparam type="header" name="Content-Type" value="application/x-www-form-urlencoded" />
		<cfhttpparam type="body" value="#arrayToList(arrSuperTag, "&")#" />
	</cfhttp>
	< !--- cfdump var="#cfhttp#" --->

	< !--- create person--->
	<cfhttp url="#variables.root_uri#/people.xml" method="post" username="#variables.api_key#" password="x" charset="UTF-8" timeout="30" throwonerror="no">
		<cfhttpparam name="person[first_name]" value="#form['contact_details[first_name]']#" type="formfield" />
		<cfhttpparam name="person[last_name]" value="#form['contact_details[last_name]']#" type="formfield" />
		<cfhttpparam name="person[company]" value="#form['company[name]']#" type="formfield" />
	</cfhttp>
	< !--- cfdump var="#cfhttp#" --->
</cfif>

Some notes about the above:

• What’s my password? Your password is X. Or Y. Or Z. It doesn’t matter – Batchbook only authenticates you on your unique key which is sent as the username. The password can be anything.
• If you’re new to REST APIs, I suggest enabling the CFDUMPs as they will show you how data comes and goes. Plus, you’ll see what the response headers look like (hint, they aren’t all 200 OKs).
• Associating people with companies – there is no official way to do this. Just make sure the “company” value for the person is a string match for the company record and Batchbook will make the magic happen on their end.
• There is basically no error checking or exception handling here – I’ve got my code wrapped up in some try/catch and I fall back to sending an email to us if all else fails. Plan for failure. At some point the API will be down or the Internet will break and you need to have a contingency plan when dealing with remote third parties.

The above code took me a day or two of toying around to get working properly. While the docs are pretty good, my experience is that API implementations never quite match their documentation. Getting super tags to work (key to our sales process) took a lot of fooling around plus some assistance from the very helpful Eric Krause at Batchbook.

Next post will be how we’re integrating the results of this sales pipeline with Email Center Pro to dynamically generate and send out contracts in preparation for our sales cycle this winter.

Don’t let a little bit of hate make you second guess yourself. Success usually comes at the end of a very long road of perseverance.

That’s why I was surprised to get an email this morning from my buddy Trevor Peace who found our project for the 2005 DARPA Grand Challenge not just online but actually still functioning! Fun to reminisce!

We built a real-time Flash leaderboard that showed where the automated vehicles were on course from a GPS location feed. This was one of the few projects that I worked on that was an “event”. E.g., it wasn’t launched and then took on a life of its own. Instead, the shelf life for this was just a few weeks with a particularly important 36 hours during the race through the desert near Primm, Nevada. That kind of pressure brings new emphasis on testing. Especially when your customer is the Department of Defense!

The lack of permanence on the web makes me envious of people who work with their hands for a living. I’m sure this is a “grass is greener” feeling but the kind of work where you physically create or sell something has a lot of appeal to me at this stage of my life. It’s also a lot easier to explain to your grandparents.

Why would you expect someone to provide a higher level of availability and more features at a cost lower than you can do it yourself?

You can argue about economies of scale but fundamentally it’s on the mark. Amazon (and the other grid/cloud providers) have to pay for the same hardware and infrastructure that we do except they have even more strenuous requirements. And since they’re not a charity, there has to be some profit in there, too.

But many of the reasons to wait on cloud computing, at least the Amazon variety, changed today with the announcement of three new services:

• CloudWatch – Web services-based resource and performance monitoring of EC2 services at $0.015/hr or $10.80/month.
• Auto Scaling – A key feature of add-on services like RightScale, Auto scaling will add or remove server instances on the fly. Most web sites experience some amount of seasonality whether it be time of day, day of week or month of year and this will reduce costs by scaling up only as needed. It’s included as part of CloudWatch.
• Elastic Load Balancing – Yes! Instead of setting up an instance and running keepalived or haproxy to route traffic between multiple servers, Amazon now has load balancing at $0.025/hr or $18/month and it can span multiple availability zones (~physical data centers). You also pay $0.008/GB of data transfer handled by the load balancer. 100GB/month would cost you $0.80.

Why is this news?

It means EC2 just got cheaper as you scale up.

For my company, we run a two-node cluster primarily for high-availability. To actually keep this highly available, we also have to run a pair of load balancers managed by keepalived. This works quite well but it’s 4 separate boxes with power supplies and disks consuming power and taking up rack space. Those are all the downsides to having your own rack space. At least in California, power is the most expensive part of physical hosting and also the biggest restriction. It took a fairly exhaustive search to find a datacenter where we could get 30A into a single cabinet.

If we had our current architecture in EC2 today, my interpretation is we could eliminate our two load balancers to save $144/month (small instances are ~$72/month) and replace them with $11 worth of Elastic Load Balancing. If we added monitoring, we should be able to add web servers as demand dictates for additional savings by not having a second web server running 24/7.

Most smaller web companies want five nines but can’t afford it nor manage it. Historically we run our service just short of 99.99% uptime which is fairly expensive and difficult to achieve but provides a scant 3.5 hours of downtime per year. Most companies can tolerate this. These new features of EC2 are making it inexpensive to take advantage of EC2s promise: on-demand scalability with high-availability.

How to save money with EC2

When I agreed it was insane to expect someone else to do something for you for less money, it was if you compare apples to apples. Everyone has a base architecture that has something like a database server, web server and mail server. You simply cannot expect to save much, if any, money in your initial configuration. The only meaningful way to save money with cloud computing is to reduce the incremental step in costs as you add capacity. If a colocated solution offers you additional 10 units of web server performance for $1000/month and you can buy the same performance in 1-unit increments for $100/month, then you save money anywhere between 10 and 20 units. Virtualization and auto-scaling make it possible to reduce your investment to the minimum required capacity on a minute-by-minute basis to drive the most value from cloud hosting.

I think it’s time to start running some tests…

• The erroneously named Web application autopsy is actually a recap of a SXSW panel looking at four different companies at four different stages. The interesting bit here is each company, Wufoo, Blinksale, Feedburner and RegOnline each shared some hard numbers from their operations.
• From there I read through to Underbelly of a web app. We have a lot of this stuff already taken care of – the billing, customer service and other automation pieces that make the actual operations of a company manageable.
• The link about stat tracking caught my eye and pointed to Joe Kraus’ Confessions of a startup addict. This is not new by any means but I realized that we weren’t doing a very good job of tracking revenue by customer so I dropped into Eclipse and threw together a Statistics Service for my app that will generate this data for me broken out by plan and date. Having metrics to gauge progress (and more importantly, motivate) is key to success but so easy to ignore.
• Someone in one of these pages referenced StartupSchool.org, which is supposed to happen again in 2009. I found a link to videos of their talks which I’m going to watch this weekend for some inspiration.

Got any good business / startup / entrepreneurial readings? I also came across Bill Flagg’s blog when I went looking for more info about RegOnline and the guy who participated in the panel. It’s no surprise given my company is MotorsportReg.com that I would be interested in the success of RegOnline.com. I found Bill’s blog to be frighteningly similar to my own thoughts about the web, applications, customer service and so forth. We seem to read a lot of the same books as well but what I found valuable about his posts were the amount of actual data and insight he shared from RegOnline’s operations.

P.S., when are you no longer a “startup”? Time? Revenue? Ever?

Two thousand and eight was a blur for me – it seemed like a pretty good year but I was inspired by my Dopplr annual report to look more closely at what it entailed. Here’s what I found:

High Level Statistics

• Traveled 51,306km in 11 trips including one around-the-world for three weeks
• Wrote 76 blog posts, mostly about technology
• Struggled with living in the surburbs
• Succumbed to Facebook
• Learned to hypermile truck to cope with $5/gal diesel prices

Now, in Technicolor Detail

1. January
   • Technically it was 2007, but I surprised Jennifer for her NYE birthday with our a trip to Vancouver
   • We celebrated my dad’s 60th birthday in Winters with family at the Buckhorn. Also celebrated arriving alive having navigated flooded country roads en route.
   • On January 11th, I proposed to Jennifer in the Santa Clara Rose Gardens and she accepted! We’re getting married this April.
2. February
   • Went back in time for a modern-day ANSI art exhibit; something I didn’t think I would ever see.
   • Mark and I had a booth for MotorsportReg.com at the SCCA National Convention in San Antonio, Texas. It was a great event for us.
   • I took one day off in February.
3. March
   • Traveled to Salt Lake City to present at a BMW CCA conference. Went snowboarding at Snowbird and my burning legs told me I was way out of shape.
   • I took one day off in March.
4. April
   • In April I was working around the clock, eating microwave dinners at the office, trying to complete a major rearchitecture of MSR that was already months behind schedule.
   • Attended the Indo-Japanese wedding of Brian and Mala Masuda in Santa Barbara. Had some of the best wedding food ever!
5. May
   • Released major rearchitecture of MotorsportReg.com May 3rd. Had performance issues but, like usual, worked around the clock to resolve. Saving grace was incredible customer goodwill earned from years of great customer service – the bump in the road was forgiven.
   • Spent rest of month recovering.
   • Steven graduated with his Masters in Florida. Congrats!
   • Actually had fun at my 10-year college reunion at Santa Clara University.
   • Memorial day camping at Shaver Lake near Yosemite. It was cold, rainy and miserable, but we still managed to have fun defeating the elements with blue-tarp-o-mania and waiting for Dan and Dacia to arrive.
6. June
   • Decided being out of shape sucked, joined the Jewish Community Center gym around the corner from my house.
   • Traveled for R&R to Puerto Vallarta for five days. Injured my back boogie boarding in 2 feet of water. Made gym membership useless.
   • Dexter, our tuxedo rescue cat, arrived from Utah to much rejoicing.
   • Drove my racing kart for the second time in six plus months. There goes the racing season…
7. July
   • Jennifer and I spent a day at the Fitzgerald Marine Reserve enjoying wine and cheese on the beach. Watched sea lions lounge around.
   • Left on a three-week around-the-world trip to cover the 2008 TransSyberia Rally from Moscow, Russia to Ulaanbaatar, Mongolia for SpeedTV.com courtesy of my friend Marshall Pruett.
   • Slept in the Moscow Kempinsky looking out window at St. Basil’s Cathedral and the Kremlin.
   • Flew in a Soviet-era helicopter to watch the first stage of the rally race.
   • Visited cousin Patrick in Rome.
   • Took overnight train to Munich and stayed with former business partner Rob who was interning with IDEO.
   • Went to Hockenheim to see the Formula 1 German Grand Prix! Bought Kevin a sweet Red Bull hat that I secretly wanted to keep.
   • Flew to Mongolia via Beijing, China. Two weeks before the Olympics, I went to Tiananmen Square and completed a hat trick of communist capital photos (Vietnam, Russia, China).
   • Explored the countryside of Mongolia and watched the final stage of the rally. American team disappointingly broke down the day before the final stage. Flew back to California.
   • A sad day: returned Dexter the cat to the rescue shelter. He spent his entire time with us under the bed or dinner table and needed other cats to feel comfortable.
8. August
   • Labor Day weekend in San Francisco for food and touring and a trip on the Niles Canyon Wine Train near Fremont. Jennifer tricked me into my first pedicure complete with a glass of chardonnay. Ffffffabulous!
   • Jennifer was hospitalized with a kidney infection. It was scary for awhile but everything turned out OK. Kaiser Permanente did a great job taking care of her.
   • After three years of putting together paperwork, my dad, brother and I applied for dual Italian citizenship at the Embassy in San Francisco.
   • Flew to Las Vegas for Jason’s bachelor party-pa-looza
9. September
   • Just three weeks later, I became an official dual citizen of Italy! So much for lazy Europeans!
   • Kevin and Natalie chowed down with us at the Kendall-Jackson Heirloom Tomato Festival.
   • Celebrated my 32nd birthday. Jennifer buys me a bike and tells me to get on it. Embarrassing.
   • Surprised my mom for her 60th birthday with her parents and a cousin in Redding.
   • Was a groomsman in Jason and Nicole’s wedding in Morgan Hill. Got my boogie on.
10. October
    • Received my Italian passport and right to work and live in the EU. Sweet, sweet success.
    • Working with Mark Mazelin, got serious about cfpayment, my open source project for credit card and e-check processing for ColdFusion developers.
    • After twelve months of planning and execution, gave up on trying to reach PCI DSS credit card security compliance in a two-man startup. Outsourced to the tune of $2k/month.
    • Cried like a failure for the balance of the month.
11. November
    • Recovering from boogie boarding gone wrong, signed up with Jennifer for Fuse Gym boot camp.
    • Voted for Barack Obama on November 4th
    • Made a foursome of it with Kevin and Natalie for the almighty three-michelin star restaurant The French Laundry. Having achieved such highs (and emptied my wallet at a supersonic rate), readied ourselves to die (happy).
    • Relocated our mystery Christmas tree farm using Google Maps and felled our second annual Silvertip (the only real Christmas tree)
    • Having left most of our holiday decorations in storage, went for the “modern” look of little more than lights.
    • Got busted by the Aventino apartment complex for having lights on our balcony. Fascists: 1, Brian: 0.
12. December
    • Raced as part of four-driver Team Bimmerworld in the NASA 25 Hours of Thunderhill enduro achieving a goal I set several years ago.
    • We took our engagement photos with Tanja Lippert… this wedding thing is getting serious.
    • Took a rock climbing class at REI in Saratoga.
    • Jennifer’s niece Zoey stayed with us right before Christmas; we made cookies and took her to see the Festival of Lights. Experienced schizophrenic alternating squeals of joy and crying for mommy.
    • Celebrated Kevin’s 30th birthday in style in San Francisco after having a great dinner at Fish and Farm with Jason and Nicole. Partied with Spec Miata master Jason Hoover before he moved to Atlanta. Dan showed up, because he knows everyone. Went big, went home (to hotel) and puked my brains out.
    • Spent two days recovering.
    • Celebrated Jennifer’s 33rd birthday with a house party

This slide by Adam Nash of LinkedIn via Christina that describes the skills of a successful Product Manager for a web company. It graphs what I love about my job as an entrepreneur: the opportunity to participate in many disciplines. This week I coded a major new feature, negotiated a travel booking commission deal and put together a 15-minute video for a convention next week. Oh, and I answered some customer support email too.

Is a product manager just an entrepreneur with a support organization? Or put another way, is an entrepreneur a product manager with a support organization of themselves?

I feel lucky to do what I do. I don’t love my job every day, like being in the office today for the fourth or fifth Saturday in a row, but I’d far rather be passionate and working overtime than be apathetic from 9-5.

I came across this example on the Mozilla Calendar project today and it does a great job of introducing the process so that even a novice developer could poke around with the source. That poking might lead to a small patch. That small patch would get her name in the credits. That ego boost might lead to bigger contributions which might eventually generate a future project leader. There’s a lot of talk about the long tail of customer acquisition and market sizing but I think more talk should focus on the long tail of cultivating people and projects.

What are you doing to help people pick up something you’ve created and run with it? It could be a tool, library or even an API you’ve published. If open source projects could find a way to increase contributions just 10%, it could be a watershed shift for community produced software.

So here’s the catch-22; you want to use a secure vault option that eliminates the “storage, transmission or processing” of credit cards from your network so that PCI DSS does not meaningfully impact you. But you need the credit card number in order to ship it off to your fulfillment or third-party partner. What to do?

The answer is a secure proxy combined with secure remote data storage. We need to be able to transparently put sensitive data like credit card numbers and expiration dates into an encrypted vault without the number traversing our network. This part exists today. But we also need the ability to tell the PCI DSS-compliant server to take that credit card number and send it somewhere else, without the number ever coming back to our network.

In order to scale, the proxy must not be customized on an API-by-API basis. Rather it should be generic and be customized by configuration. As a user of the secure proxy, I would define my API endpoint via a secure web interface (Thanks to Peter Bell for ideas here). This lets the proxy operator grab my endpoint and add an appropriate outbound firewall rule. Specifying the endpoint prevents a compromised server from arbitrarily sending data off to hackerz.ru. Each of my proxy requests would include at least three options:

1. GET or POST
2. Request format like SOAP, REST, RPC-XML, etc.
3. Key/value pairs to send along as parameters

With this proxy, I could relay my sensitive data to any server on the Internet facilitating integration with vendors who won’t or can’t write their own integrations. A payment gateway, a third-party fulfillment center, an airline booking engine, whatever. I could specify placeholders for data to be pulled from the secure vault to be included in the request. The secure proxy API would let us control a remote PCI DSS-compliant server putting our entire network out of scope and reducing our compliance requirements to obtaining a certificate from the secure proxy operator to satisfy requirement 12.8.

For startups and small organizations, this approach would protect sensitive data for a minimum of cost and effort. Compliance is a major time and money suck for any organization but especially so for small teams who are trying to focus on building a successful business. For large organizations with ample internal resources, this approach may still be valuable as it offloads the liability associated with sensitive data to a third party. Oh doesn’t TJ MAXX wish they had one of these?

Thoughts? Anyone else need one of these?