Dan Hulton's blog

Two years. Six major content releases. Twelve major event releases. The glorious return of tournaments. The less-than-glorious internationalization and Chinese launch (and then shutdown). Dozens of new mice, hundreds of new items, and thousands and thousands of new players. It’s been a wild ride.

But as of today, HitGrab and I officially part ways.

I leave my responsibilities in good hands. Hands that were there before I was, even. MouseHunt will continue on, and oh man the secrets I know. The plans I am in on. The places this game is headed, they are exciting.

I am also headed for exciting places. I’m joining Panvista, an enterprise mobile shop just up the road, to help them make their web backend even more awesome. They use a lot of tech I’m already proficient in and can lend my expertise to, but also a lot of tech I’ve been wanting to learn.

I’m going to miss a lot of people. Co-workers, players, friends all. But I’ll still be on MouseHunt, I’ll still be on Facebook, and I’ll be just down the road. I’ll still come visit (and DOMINATE the Street Fighter ladder).

I’ll make a lot of new friends too, though. Panvista’s full of interesting and passionate people, and even as I’m sad to say goodbye to Hitgrab today, I’m really looking forward to starting at Panvista next month.

To everyone who’s made this such an awesome two years: Thank you so much! You all know who you are, I’m sure – if you’re thinking you might be one of those people, you are. And to everyone who’s going to make the next two years and beyond just as great: Hello! Looking forward to spending more time with you!

You may not like it, and I may not like it either, but it’s true.

You’ve probably heard about the rocky launch of the SimCity reboot. If not, here’s the skinny: EA shoehorned online-only DRM onto SimCity and didn’t have enough/stable servers on launch, and people who shelled out $60 couldn’t play their single-player game because of that.

I admit, I was pretty lenient with Diablo 3 when Blizzard did the same thing. Perhaps it’s because I really wanted Diablo 3′s new auction house to work (I am a sucker for games with markets). But I can still see the line of reasoning Blizzard had:

• Diablo 2′s trading was very difficult.
• We can implement an auction house (cribbed from WoW) to solve this.
• Battle.net games of D2 were super-popular because items were stored server-side and therefore not duped.
• Limit Diablo 3 to Battle.net-only games so that NO items are ever duped.

I get that. I don’t really agree with how it turned out, but I get it.

EA’s though process for online-only can be most charitably described as:

• Players can create cities together in Regions to work together.
• These Regions have to be server-side, because you can’t guarantee everyone will be online at the same time.
• Therefore all cities must be server-side because of reasons (*cough*DRM*cough*).

It’s pretty obviously one of those things that was tacked on to justify online-only DRM, especially because it leads to egregious and obvious abuses. For example, imagine I’m selling your city power from my fancy nuclear power plant. I wait until your city is well and truly dependant on me and have just finished a new expansion. I then sell my nuclear power plant, dooming my city (which I never really cared about), but also dooming yours to crime, fires, and destruction. Worse, I could simply, honestly, just lose interest and stop playing. My city decays, and so too does yours, if it relies on any of my utilities. This is really going to happen to a lot of people.

But here’s the thing.

In a few years, none of this is going to matter. EA, Ubisoft, all the big publishers are going to keep on doing this, and people are going to keep buying those games regardless. And while this is happening to single-player games, actual multi-player games that literally don’t work without a server directing the action are going to continue to be popular as hell. In time, the technology and techniques required to reliably scale and handle these players are going to be well-understood. And your internet will be always-on, too.

Eventually, people complaining about always-on DRM are going to look like people who complained you needed a videocard to play a game. And some time after that, they’ll look like people complaining you need electricity. Online-only DRM is absolutely going to be subsumed into what we expect out of “a game”. (There will of course be exceptions – you don’t need a videocard to play NetHack, for example. But NetHack is an outlier.)

I don’t like it, obviously. But I recognize I’m part of an old guard that grew up without the internet, and without walled gardens, and revelled in the freedom we had there. Kids today… I’m actually writing these words: Kids today don’t know the world I grew up in, and don’t appreciate what they’ve lost.

Of course, by the time they’re my age, they’ll likely be ranting about something even more frivolous that kids of the future don’t appreciate (like actually holding physical phones, maybe), so I can’t be too upset.

I was asked a seemingly-innocuous question lately that actually turned out to be pretty interesting: “Do you do much object-oriented programming in PHP, like design patterns?” (I’m paraphrasing, actually, I am terrible at remembering exact quotes.) And while I very frequently find myself pretty deep in class structures, I wouldn’t say I do a lot of design-pattern-style OO programming.

Honestly, I find that – at least for PHP – a great many design patterns are completely unnecessary. PHP has enough functional chops that you can avoid needing to implement many of the uglier patterns, although you’re going to find people who try, I’m sure.

Some Good Patterns, Though

The Observer pattern is pretty solid, honestly. Essentially, you can use it to allow objects to “observe” specific points in time and specific events, and then react to them. The really nice thing about intelligently implementing the Observer, is that it makes it very easy to extend a base engine with modular add-ons. You can then turn on or off these modules without affecting the rest of your application, and debugging becomes a lot easier too.

When Are Patterns Better?

There are definitely some situations where I prefer design patterns to functional programming, specifically in the case of factories vs. currying. Since I’m far more likely to be working with many sets of objects instead of bunches of discrete functions, factories are easier to understand and use, even though you can use currying to build your own frankenfunctions to do similar things.

When are Functional Methods Better?

Oh man, I love passing functions as parameters in PHP. How about for when you want to do a custom array sort? Or when you want to trim every string in an array? Or setting up that Observer pattern above, triggering events inside your main engine? It’s such good times.

Compare this to the Chain of Command Pattern. Just look at that crazy thing. Holy moly.

I’ll just pass functions, thanks.

So Why Shoehorn Design Patterns Into PHP?

If you programmed in Java, read Design Patterns: Elements of Reusable Object-Oriented Software and it changed your life, you may want to bring those same design patterns across to PHP. Some of them will be a good choice, but some of them will just be comfortable bad choices. They’re comfortable because you’re used to implementing and maintaining them, but they’re a bad choice because PHP provides you with better tools to get the job done.

The real trick – as with anything else in programming – is know when to use what.

I recently read a tweet that really set me to thinking:

Nothing is quite so shocking as writing code which runs fine the first time.

— cliffski (@cliffski) January 8, 2013

I’ve had this same thought many, many times throughout my career, but I can’t help but notice that it’s been in entirely different contexts.

Phase One: Sweet! No Syntax Errors!

When first learning how to code, or later on when learning new languages, it can be pretty shocking when you hit the compile button and your console doesn’t light up like a christmas tree. You may not have typed a lot of code, but you didn’t have to Google any function signatures or anything, and it compiles and runs. Mostly. I mean, it doesn’t do what you want to do at all, but it still compiled, right?

Modern IDEs mostly mitigate this stage, due to real-time syntax checking. I don’t think I’ve had more than a syntax error per week since switching to a competent IDE (Sublime Text 2, if you’re wondering).

Phase Two: My function works!

Eventually, you get comfortable enough with a language to be able to write a solid chunk of code – perhaps a whole, medium-sized function – run it, and have it run as you expect. This is always a delight when it happens, as you’ve demonstrated the ability to hold the current problem space in your mind long enough to solve it and commit it to code. I imagine this is roughly how a juggler feels once they get the basic three-ball rotation down.

Phase Three: I AM A GOD.

It’s been maybe a half-hour, perhaps even as long as an hour since last you hit the compile button. You’ve been in multiple files, up and down the class structure, at all levels of project complexity. You’ve changed dozens, close to hundreds of lines of code, maybe even rewritten a whole class or low-level algorithm. You’re just… in the zone. Eventually you realize how long it’s been since you’ve tried out your changes, and ever-so hesitantly run them. Then, before your very eyes, everything works as intended.

The only possible answer? You are a tiny god, completely in control of your environs.

Phase Four: Oh no, where’s the bug?

Exactly the same as above, except you are old enough and wise enough to know that the fact that it didn’t break on run means that the bug is subtle, hidden, and dangerous.

Time to write more tests.

Just a head’s up – don’t use eBay to sell anything. Save yourself the time, effort, and money. That’s the tl;dr. But here’s the rest of the story:

So the iPhone 5 was coming out, and I very carefully determined the optimal time to start an auction for my iPhone 4. I wanted it to end after my iPhone 5 had arrived, and ensure that it arrived on a “good day” for last-minute bidders. I had spent a few hours on this, as I expected to get at least a couple hundred dollars and a good ending time could mean $50 or more on the price difference.

Mid-way through the auction, I saw that my little ol’ iPhone 4 was going for around $600, which is outrageous. Some quick Googling later, and I found out that this is apparently a very common phenomenon in the electronics category. Unscrupulous sellers will register fake accounts and bid up items competing against theirs to make their own auctions look better. The only solution is manually policing your bids and removing any from people with less than 3 positive feedback.

And that’s really the only solution! eBay offers tools to automatically block people with less than 0 feedback, but not any positive numbers. Further, eBay doesn’t offer any way to report these users (at least none that I found, and I looked for a while). So I spent the entire rest of the auction looking in on it frequently, manually pruning suspicious-looking bidders.

Finally, the auction wound down for a reasonable price. I contacted the winning bidder and… nothing. No response by email or through eBay or anything. I waited the requisite number of days and sent a second-chance offer to the next person on the list and… nothing. The same for the third and fourth. No responses from any of them at all.

A little upset, I decided to just leave negative feedback for the original bidder and relist. But… there’s no way to do that! Since I last stopped using eBay, they removed (or hid) the ability to leave negative feedback for a buyer, making their whole reputation system pointless and their automatic bid screening system useless.

Stymied at leaving negative feedback, I at least figured I’d relist, which I did with an additional paragraph about how I’d cancel bids from people with bad or no feedback scores. (Which is also difficult to do, by the way – a manual form found nowhere convenient to your actual bid list.) But the same exact thing happened, except this time the eventual winner didn’t read the auction clearly enough and didn’t realize that the phone was locked to a different carrier. All the other second-chance offers I sent out were completely ignored as before.

Frustrated, I cancelled that auction and decided to sell on Kijiji or Craigslist or through friends or something. I definitely wasn’t going to deal with eBay again.

Except that now I have to. It seems that they think I still owe them $2.00 for the privilege of wasting weeks of my life fighting scammers in their decidedly anti-seller system. I’ve tried to contact support by email, but that option doesn’t exist – the only option they provide for contact is a phone number that Google searches say can have up to hours long wait times that I have no interest in waiting through.

Eventually I found a vestigial web form for reaching out to customer support, where I detailed my case. It promised a response within 24 to 48 hours. Well, I got one within ten minutes, which directed me to phone them, and not to reply to that email because it is not monitored.

Look, in the end I just want to not constantly get these collection reminder emails. It’s not worth my time to spend an hour or more waiting for and then arguing with a customer support representative over this. So fine, I’ll pay it. Whatever.

But it definitely is worth a half-hour of my time to write up the truly awful, terrible, reprehensible experience I’ve had with eBay’s shitty service and customer support system.

eBay, I hope the word of mouth you get from this is worth the $2.00 it would have cost you to just refund those fees. You know, if you had a reasonable customer support system set up to allow for it.

When I was younger, I enjoyed an afternoon playing the board game “Stock Ticker”. It was a new concept to me (no board to travel around), it dealt with money (and getting rich), and I was playing it with some really great friends. All in all, it was an enjoyable experience.

But what stayed with me through the years was the question: “Wouldn’t this game be more interesting if the player had more agency?” As it was, the game was very, very random, with interesting decisions only really happening near the Off Market line – and even those were just betting with higher variance. Over the past few weeks, I’ve been thinking about how to do that, and I think I’ve come up with something fun to play.

I’ll definitely try putting together a prototype and guilting my friends into playing it, but for anyone else interested, I’m putting the rules online as well. If you try a game, let me know!

Insider Trading

Sometimes being a super-wealthy financial mogul isn’t enough anymore. You have to be the best super-wealthy financial mogul. And that involves proving your worth. You and up to five other players play the part of well-connected and unscrupulous capitalists, attempting to settle a bet: With just $5000 and your own resources, how much money can you make in five years? The winner gets the best table at the country club, while everyone else is forced to eat at the servant’s table. Ugh.

Materials

• Game board: A tall board with 5 Price columns and five Quarterly Report squares. Five companies are depicted thereon, with each company having a column and a square all its own. The Price columns go from “BANKRUPT ($0)” at the bottom to “SPLIT ($200)” at the top in $10 increments. The $100 row is specially highlighted.
• 5 Price Markers, one for each company.
• 10 Quarterly Report cards. These cards have the numbers 1-6 on them, alongside a value adjustment, such as +$10 or -$30.
• 50 Influence cards. These cards have Quarterly Report-altering effects on them, such as “On a 6, +$10″, or “For all rolls less than 3, roll again.” They also have a cost listed, indicating the amount of stock that must be forfeited to activate the Influence card.
• A whole whack of play money.

Game Setup

1. Place the game board on the table, with markers for each company in the middle of the board at the $100 level.
2. Give each player $5000.
3. Shuffle the Influence deck and deal out 3 Influence cards per player.
4. Shuffle the Quarterly Report deck and deal one on each company’s Report square.
5. Give the First Trader token to the winner of a roll-off (highest wins, ties re-roll).

Turn Order

1. Purchase Phase:
   1. Play starts with the First Trader.
   2. Choose a single Quarterly Report card to secretly peek at. This card *cannot* be shown to any other player, but the peeking player *may* choose to share the information gained. The information shared does not have to be complete, accurate, or even correct.
   3. Buy stock from the board, or sell stock you own. Stock is bought and sold to and from the bank, and for the price currently listed on the board.
   4. Play passes to the next player clockwise, until all players have played.
2. Influence Phase:
   1. Players may play Influence cards face-down on top of company Quarterly Report cards, provided they pay the cost of the Influence card in shares of stock *for* that company.
3. Report Phase:
   1. Reveal each company’s Quarterly Report and Influence cards in turn from top to bottom. Then, roll for each company in turn from top to bottom and resolve their Quarterly Report and Influence cards.
   2. Any stock that has reached “SPLIT ($200)” has split! Anyone who owns that stock receives an additional amount equivalent to their current amount, doubling the amount they own. The stock’s price is moved back to $100.
   3. Any stock that has reached “BANKRUPT ($0)” has gone bankrupt! Anyone who owns that stock forfeits it entirely. The stock’s price is moved back to $100.
4. Cleanup Phase:
   1. Quarterly Report cards go back in the deck, which is re-shuffled. Deal out one card on each company’s Report square, as before.
   2. Influence cards go into the Influence discard pile. Players draw Influence cards to bring their total back up to 3. Players may choose at this time to discard *one* Influence card, though they will have to wait until next turn to refill. If the Influence deck runs out, reshuffle the discard pile as the new Influence deck.
   3. The First Trader token is passed to the next player, clockwise.

Winning

The game progresses for five game years, or twenty game quarters. The winner is the player with the most value in their portfolio, including cash on-hand and stocks at current board value.

Recently, one of Retuers’ blogs was hacked, and false stories were posted as if they were real news.

Now, while that’s news in and of itself, the big takeaway that’s relevant to me and PanicPress is that if Reuters can have one of their blogs broken into, anyone can.

Obviously, they use secure passwords at Reuters, and have backups, and keep their blogging software up-to-date – the works. Well, okay maybe not “obviously”, but it’s a solid guess. They probably take as many precautions as the can, and they still managed to be hacked and have false stories posted.

Would PanicPress have made a difference? Very possibly! One of the most important concepts in security is the concept of layers – that is having a whole bunch of security systems in place, all working in tandem. PanicPress provides yet another layer of security that WordPress doesn’t otherwise offer, and even if a hacker managed to guess or steal a legitimate reporter’s password, it’s highly unlikely they’d be using it from a known IP. PanicPress would have detected that and alerted the administrator, who could have shut down the admin section before the hacker had a chance to post those fabricated stories.

I’m really looking forward to launching for real – the “todo” list is getting much, much shorter by the day, while the need for PanicPress grows.

Nerd humour time.

I’m having some trouble with my coffeescript compiler. Every time I try to get my webserver to compile a new coffeescript file as part of developing this new website of mine, I get the following error:

env: node: No such file or directory

Near as I can tell, this means that “node” doesn’t know where the “coffee” script is (“node” being the execution environment used to run the “coffee” script, which compiles coffeescript into javascript to be run in the browser).

For a little bit, I was concerned that this was because I didn’t have my environment variables set up correctly for the _www user (the user that Apache normally runs as), but then I recalled having changed the user Apache runs as… to me.

Perplexed, I uttered: “The hell? Dan should know where coffee is!”

…

Yes. Yes Dan should know where coffee is.

I’m gonna go pour myself a cup right now, actually.

EDIT: Solved thanks to the internet and this kind fellow.

Well, it sure has been a while since I’ve posted. I have that terrible habit, of course – I get so involved in Doing Other Things that I neglect the ol’ blog in-between. Apologies. Won’t happen again. (Yes it will.)

Now while I love doing what I’m good at, I wanted to take a break from not posting to share what I’ve been working on:

PanicPress – A WordPress plugin that adds a critical extra layer of security on top of your blog. The moment an attacker tries to access your WordPress administration section, you get a warning text.

But let’s take that one step further – reply to that text with one of your own reading “panic”, and the entire administration section will shut down with a convincing-looking PHP error, giving you the time necessary to find out and fix what’s broken. Once you’ve solved your problem, texting “safe” will restore the administration section and let you get back to posting uninterrupted.

I’m nearly ready to launch the site – about 90% or so. But as they say, the first 90% takes 90% of the time. The last 10% takes the other 90% of the time. I expect to launch with a Minimum Viable Product within a week or two.

If you’re interested in hearing about the launch on Day One, hit the Sign Up page anyway! I’m collecting email addresses from interested parties, and the moment I finish putting the site live for real, I’ll send an email out to everyone on that list. (And after that, I’ll discard that list forever, so please don’t worry about spam on my behalf!)

In the meantime, if you wouldn’t mind visiting the site and clicking the little “Like” button up in the corner, oh and if you could go and like this Facebook page too, that would be a real help. Anything you can do to spread the word!

The only thing worse than this video:

Is the comments beneath it.

lol, is this supposed to be “hot” or something? I guess this kind of marketing works on virgins or something, but it’s funny how much this shit doesn’t even faze you once you get a girlfriend. Try again, Ubisoft — this bitch is hideous, your game looks generic, and you should probably fire your marketing department.
BTW, it’s pretty obvious that your marketing bots gave you 600 of those likes.

Wow, this chick(?) is hideous… What terrible marketing. She looks like some Las Vegas tranny with bad plastic surgery (sorry) and this is supposed to make me want to play this game? Even if you didn’t objectify ugly women to sell your shit game I probably still wouldn’t play it; looks like every other generic brown shooter.

I love how they purport to attack the sexism in the ad, while throwing out phrases like “this bitch is hideous” and “Las Vegas tranny”. My god, the irony in the sentence “Even if you didn’t objectify ugly women to sell your shit game”… So hold on, objectifying women upsets you, and you focus on whether the woman in the ad is pretty or not to judge her value?

The internet makes me so sad some days.