Cross Platform Mobile Applications with Phone Gap

Friday, April 23rd, 2010

This week I spent most of my time writing a mobile application. The app, which I will write about in a later post, has about ten screens and makes heavy use of RESTful web services. The goal is to have native versions for both the iPhone and Android. Other platforms will be considered if time is available.

After playing around with the iPhone and Android SDKs, it became apparent that cross platform mobile development is extremely difficult. Just between the iPhone and Android, there is no code-sharing. Write twice, test twice, deploy twice, support twice! That is going to make adoption into the enterprise slow.

While reviewing the forums, I came across a few cross platform development kits. The premise with them is that you write standard HTML5, CSS, and JavaScript. That code is then wrapped up into a native app for the appropriate device. I focused my attention on PhoneGap (http://www.phonegap.com). According to the PhoneGap website, you can create apps for; the iPhone, Android, Blackberry (OS 4.5), Symbian, Palm, Windows Mobile, and Maemo (Click here for more information).

After reading through the PhoneGap documentation, I chose the JQTouch and JQuery JavaScript libraries to help simplify my app development. Without JavaScript experience, I was able to build the entire web app in three days. Moving the web app to a native app was even easier. For the iPhone, I create a PhoneGap project from the included template. I then copied my web site into the appropriate directory, hit the “Build and Run” tool button, and boom, I had a native iPhone application that behaves exactly like my web app. Android was equally easy, except I’ve had a few minor problems in both the native Android application and the Android chrome browser, but no show stoppers.

Development went so fast on the mobile applications, that I finished well ahead of the back-end developers. Because of that, I’ve got to wait on the submission to the appropriate app stores.

A nice side-benefit of using this development model is that I also have a mobile version of the website. This can be pushed to my webserver and used in the event that someone does not download the app from the store.

PhoneGap has been officially approved (read here) for use with the new iPhone OS 4.0 Terms and Conditions.

Another framework that I’m very interested in checking out for cross platform mobile development is Appcelerator (http://www.appcelerator.com/). Until this framework has been officially approved for iPhone OS 4.0, I’m going to hold off on my review.

Please share any nightmares you’ve had about cross platform mobile development.

Fourteen Minor Updates iPhone 4 OS Needs

Friday, April 2nd, 2010

There has been a lot of hoopla going around about multi-tasking in iPhone OS 4.0. While that is certainly the must have feature, the following list are not as prevalent, but equally important.

1. Orientation Lock. Currently there is not a way to read email or browse the web while laying down. MobileRSS has an excellent implementation of Orientation Lock.
2. AppStore Shopping Cart. When you buy a new application the AppStore quits to load your new application. However, more often than not, I have updates for existing applications available. I end up launching the AppStore at least twice for every new application that I download.
3. Folders on the Home Screen. I have about six pages of icons on my home screen. This makes it difficult to keep my information organized. Ideally, I’d like to put my five movie related apps in a “Movie” folder and my seven games into a “Games” folder.
4. Voicemail in Background. While listening to voicemail, you cannot leave the app without the voicemail stopping. What if you need to take a note with an account number?
5. Call Log App. While on a call, you are not able to view the call log. Sometimes you need to look-up a phone number.
6. Voice Control Commands. Voice control was an excellent addition to OS 3.0. However, I find that I want two more commands. “Redial” and “Back”. Redial is obvious. A lot of times I say a command like “Call Mom Mobile,” and the iPhone will return and say “Multiple Matches Found, Ron Schwartz, Ron Johnson or Ron Thomson?” I should be able to say “Back” so that I can issue a new command since the interpretation in this case is wrong.
7. Calendar Improvements. The calendar allows you to create recurring appointments, but it does not let you create recurring appointments like “Every first wednesday of the month” or “The last Thursday of the month.”
8. Updated Keyboard. Like the Android keyboards, the on-screen keyboards need to have predictive words above the keys. Too often a simple typo early in the word means back-spacing the entire word.
9. The weather app needs to be improved. While the main screen of the app is fine, when you click the “Y!” icon in the lower left, the yahoo page provides no additional information. Because of this shortcoming, I’ve downloaded WeatherBug, but now I have two weather icons since there is no way to remove the built-in icon.
10. Notes Desktop Editor. This is self explanatory.
11. Bluetooth Keyboard. It is absolutely unacceptable that we still do not have an external keyboard for the iPhone.
12. Missed Call / Voice Mail Badges. If I miss a call and that person leaves a voicemail, I get a badge with the number two. However, it is really a single event that I should be notified of.
13. SMS Timestamp. Add the timestamp, or the option to see the timestamp, for every SMS. I maybe neurotic, but sometimes I want to know when a particular SMS was received, not just the approximate time the thread started.
14. Rename iTunes. It is no longer just for tunes.

Did I miss anything? What do you think needs to be in iPhone OS 4.0?

The future in three words – “Universal Data Plan”

Thursday, April 1st, 2010

Like most people, I’ve got a bunch of mobile electronic “stuff” in my life. Stuff such as:

• iPhones

• Laptops / iPads
• Portable GPS Units
• Watches
• Automobiles

All of these items are mobile – meaning they are not stationary objects like a printer or desktop computer are.

The problem is – none of these items are interoperable. The introduction of the iPad shines a bright light on this problem. My guess is that most people with an iPad also will have either an iPhone, or another smart phone. But if you want mobile Internet connectivity from the iPad, you will need to take out another Internet data plan. Why can’t I tether my iPad to my iPhone?

But this opportunity is much bigger than just sharing my iPhone data plan with my iPad or laptop.

While I was in Florida last week, my GPS unit continually returned bad results because the mapping and point-of-interest (POI) data is over two years old. Why can’t my GPS unit use my iPhone’s data plan for mapping and POI searches.

Why can’t my watch use my iPhone to synchronize the time.

Why can’t my car sync it’s stereo, GPS, and clock with my iPhone.

I’m sick of saying “why can’t…” The future is a single universal data plan. The plan can be tied directly to a mobile phone, or the mobile phone can just be another user of the plan.

Do you think this will be the norm in ten years?

Apache Wicket applications have baked in protection against the number 1 and 2 Most Dangerous Programming Errors

Sunday, February 21st, 2010

Wicket has been my framework of choice for the past year. There are many reasons for this, but one of the big ones is security. Wicket applications have built in protection against Cross Site Scripting (XSS) and SQL Injection attacks, numbers 1 and 2 respectively on the CWE/SANS top 25 most dangerous programming errors. A developer has to consciously enable this functionality for wicket applications to be susceptible.

Developers that assume input to their applications is well formed are at risk for an XSS attack.
An XSS attack involves typing custom javascript code into a search box. For example, entering the text
<script>alert("You are XSS Susceptible");></script>
into a search window and clicking the search button – in an unprotected website – would popup a browser dialog box saying “You are XSS Susceptible”
A hacker could have a field day knowing that your application is interpreting javascript commands.

Wicket automagically protects against this by escaping all user input by default. So instead of executing the above code after clicking search, a wicket application will receive it as

<script>alert(&quotYou are XSS Susceptible");></script>

This effectively prevents XSS attacks.

SQL Injection attacks are number two on the CWE/SANS list. A SQL Injection attack is when a developer uses the application URL to pass database specific data. For example, suppose there is a PERSON database table, Every person has a unique identifier named ID. When a web application wants to request the web page for a particular person, the URL might look like this:

http://unsecure.website.com/getPerson?id=1

where the parameter id is the value from the database that we are querying. Behind the scenes, the SQL in the application might look like this:

SELECT * from PERSON where ID=request.getParameter("id")
which translates to
SELECT * from PERSON where ID=1

Without proper validation and exception handling, a malicious user could enter the following URL:

http://unsecure.website.com/getPerson?id=1&20;or&20;1=1

which would make an unsecure website execute the following SQL
SELECT * from PERSON where ID=1 or 1=1

You can see how this could be very dangerous as the where clause is now always true.

Wicket’s component based framework protects against this attack by allowing you to pass java objects between pages and encodes the parameters into the user’s session. This prevents URL encoding variable. A typical Wicket URL looks like this:

http://secure.wicket.website.com/?wicket:interface=:1:user:toProfile::ILinkListener::

Again, a developer can override this behavior and pass URL parameters, and there is a time and place for that, but by default, it’s nice to have the built in security.

Finally, since Wicket doesn’t use PHP File Inclusion (#14 on the CWE/SANS list), it gets that built-in security as a freebie!

iThink iPad iGood and iBad

Friday, January 29th, 2010

With Apple’s big announcement of the iPad, Steve Jobs said that in order for it to be successful it had to be “far better” at browsing, Email, photos, videos, music, games and eBooks than both the iPhone and a laptop.

In my opinion, the iPad is a “tweener” device. It is between an iPhone and a MacBook. It’s too big to fit in your pocket and too small to be a useful computer. This device will not be a far better experience at a minimum for email, and music. During the key-note, there were a total of five words typed on the iPad’s keyboard. Though the keyboard is substantially better than the iPhone’s keyboard, it is not comparable to a laptop keyboard. A lack of tactile feedback and smaller keys are going to make typing on the iPad an interesting experience. Also, music may look and sound great on the big screen of the iPad, but since the iPad is not a portable device, i’m not going to take it out with me for a run along the lake.

That’s not to say the iPad is all iBad. I think the huge success of the iPhone as a gaming device will make the Sony’s and the Nintendo’s of the world very nervous. The iPad should be the best in class eReader when it comes out. And, in time, the business and medical community will jump on board the iPad. Anyone that has had a doctor’s visit where the doctor is spending more time typing into a computer than looking or talking to you will understand that a great medical system can use the iPad for data entry. Also, a 1.5 pound iPad plus a 0.5 pound pico projector makes a great solution for any road-warrior.

In summary, iThink i’m going to wait on purchasing the iPad.

Three Reasons I Chose JBoss Application Server for the CL Tracker

Wednesday, December 2nd, 2009

I recently completed the Cutaneous Lymphoma (CL) Tracker  (See press release here).  To summarize, the CL Tracker is a small medical application, built on an open source stack consisting of the Apache Wicket Framework, JPA, Hibernate, Jasper Reports, Spring and MySQL. For deployment, I had plenty of options for open source containers and application servers available, but JBoss set it self apart for the following reasons:

1) Unzip and go.
I’m a huge fan of software that does not need to be installed to use. Just unzip JBoss and launch the run script and there is a fully configured application server ready to go. When I’m done with my project, I can delete the JBoss directory and it is completely removed from my system. All software should be that clean.

2) Simple JNDI datasource setup
Once JBoss is setup (see #1 above), to deploy CL Tracker, I just need to copy the WAR file and configure the datasource in a simple XML file.

3) Enterprise features and support
I can take comfort knowing that support contracts are available as well as enterprise features like high availability and clustering.

iPhone Development – Stay on Target

Thursday, August 27th, 2009

It’s no good, I can’t maneuver!

Stay on target.

We’re too close!

Stay on target!

My wife will probably call me a geek for quoting Star Wars in my post, but I feel like our lunch time iPhone development adventure is closely mirroring Luke’s quest to destroy the Death Star.

It can be difficult to find the time to maneuver around real life projects to pursue our off hours iPhone development. Our once weekly meetings have remained fairly consistent, but it is hard to get development done in the span of about an hour.  We seemed to be in a constant state of baby steps.

Today, we are taking a big step forward by releasing video of the alpha version of the CityTech CMIS viewer.  Hopefully within the next two to three weeks we will submit it to the AppStore.  Check out the video of the alpha version here:  http://blogs.citytechinc.com/gkorsnick/?p=25

More later…

iPhone Preferences – Easy as 1-2-3

Thursday, May 21st, 2009

Today, I started my first task for the CityTech iPhone application – the preferences pane.  Surprisingly, this was a very easy.  Here are the first few steps:

1)  Open your project in Xcode
2)  Create a new File
3)  Choose “Resource” from the iPhone section
4)  Choose “Settings Bundle”

This creates your settings page and links it to the Settings app on the iPhone.  Additionally, the copied Settings.bundle file has some example preferences already included.  Click the “Build and Go” button to launch the iPhone emulator.  Hit the home button on the emulator and launch the Settings app.  Click your app from the list and you are good to go.  Exit the iPhone Emulator with command-Q.

To modify your preferences, open the tree for “Preference Items.”  Our tree  has five items.  The first item, of type “Group” groups the following four items together on the preferences page.  After that, I just added my four text fields using the + sign on the right side of the table.  For each item you can set:
* Type (TextField, Slider, etc)
* Default Value
* Title (the question)
* Keyboard Type
* Secure (for passwords)
* Identifier (how your app will reference this field)

The only thing I had trouble with was moving the items once I added them.  Originally I added password at the top and couldn’t figure out how to move it to the bottom.  A simple drag of the mouse didn’t help.  I ended up deleting the line and adding a new one at the bottom.

For more detailed information, read the “Application Preferences” section in Chapter 9 of Apple’s “iPhone App Programming Guide”

Loose project plan
———————————–
Step one – design app.           [done]
Step two – break ground.        [done]
Step three – setup backend.  [done]
Step four – code app
a) Preferences                       [done]
b) Web service calls
c) Search
d) Results
e) Viewer
Step five – test app
Step six – package app
Step seven – submit to apple for approval

Social Networking – Old School

Thursday, May 21st, 2009

Over thirty years ago, Kay took a class in hotel / motel management.  There she met Barb and they developed an instant friendship.  Although Kay left that career path in favor of an MBA, the friendship between Kay and Barb flourished and they continued to regularly socialize.

Fast-forward to 2009.  Kay’s daughter Bridget was working for a small corporate communications firm when the economic meltdown surprised the world.  As her company collapsed, she eventually got laid-off.  In an effort to find another job, Bridget embraced social networking sites like Facebook, Twitter and LinkedIn in her quest for a new and hopefully better job.  Kay, offered to search her own network of friends for any leads for Bridget.  Bridget reluctantly agreed figuring it couldn’t hurt, but had low expectations.

Kay contacted her long-time friend Barb to ask if her son might know of any job openings.  This is where I come in – Barb is my mom.  My mom cleverly deduced that since I work with computers, and Bridget worked in marketing for computers as an “Online Media Specialist,” perhaps there would be an opportunity for her at CityTech.  Not knowing what an “Online Media Specialist” is, I forwarded her resume to the powers that be at CityTech.  One thing lead to another and Bridget was hired as the CityTech Marketing Communications Manager.

The moral of the story:  The more things change, the more they stay the same.   While it is great to embrace technology, it shouldn’t be at the expense of developing relationships.  In this case the last place that Bridget would have expected a good job lead ended up being the best one.

Welcome aboard Bridget.  Here’s to the original social network, school!

iPhone Development – Interface Builder

Tuesday, May 19th, 2009

Last week the iTeam was back in action.  One iTeam member, code name George, created the project and setup our screens in Interface Builder(IB).  IB is one of the tools included in xCode. IB lets you lay out your screens, navigation and digital assets.  When complete, you can then run the app in an iPhone emulator.  IB is very useful when writing business applications, because when done, you just generate the stubs, and then plug in your business logic / navigation.  Hopefully the rest of the application will be as straight forward as IB.

Next week: Preferences…

Loose project plan
———————————–
Step one – design app.       [done]
Step two – break ground.     [done]
Step three – setup backend.  [done]
Step four – code app
a) Preferences
b) Web service calls
c) Search
Step five – test app
Step six – package app
Step seven – submit to apple for approval

Welcome to the blog of:

Jeffrey Schwartz