Drupal, Internet

How to Install Janrain Federate on Drupal 6.x

I’m in the middle of doing an installation of Janrain Federate on our Drupal 6.25 installation. Janrain Federate is a single sign on solution for Web servers. This is an enterprise solution so it means your nonprofit should be ready to deal with what it means to personalize the Web experience for your users.

There seems to be very little discussion on how to do this on Drupal. You need to have some intermediate Drupal skills to do it. Basically, you will need to understand how your themes, custom modules and template.php interact to emit Javascript and HTTP headers.

You’ll have to follow the steps below on multiple Drupal servers. After you’re done, you should be able to login once on a Drupal server and automatically be logged into all the other servers that you installed this Janrain Federate on. It’s very cool. It doesn’t even matter which browser you’re using. If you log in on IE in one instance, you’re automatically logged in on all the other ones (assuming that you have logged in with the same username/password combination and/or social signon on those other instances previously).

The following directions are for Drupal 6.x installations.

1. Install Janrain Engage module: http://drupal.org/project/rpx. The 6.x-2.x-dev release dated 2012-Oct-25 is probably your best bet for now. There was a recent change in the Drupal API that made earlier versions stop working. Thank me now — I have just saved you several days of phone calls with Janrain. You’ll also have to work with Janrain on setting up a Janrain Engage, Capture and Federate account for yourself.

2. Depending on your theme, you need to make a call to a Javascript hosted on Janrain. It looks like this:

<script src="https://[your ID here].janrainsso.com/sso.js"></script>

Referencing external Javascript in Drupal is a bit annoying. Suffice it to say you can either hardcode this in your header (which I do when I’m still testing code out) or do it the “right way” and do it in your template.php file. See http://drupal.org/node/171205#comment-879179 for a good discussion of this issue.

3. Janrain needs you to run some Javascript. The code at Janrain looks like this:

<script src="https://example.janrainsso.com/sso.js" type="text/javascript"></script>
<script type="text/javascript">
JANRAIN.SSO.CAPTURE.check_login({
sso_server: 'https://example.janrainsso.com',
client_id: '123abcxyz42',
redirect_uri: 'http://example.com/oauth_redirect',
logout_uri: 'http://example.com/logout.php',
xd_receiver: 'http://example.com/xdcomm.html'
});
</script>

I had to modify it with the help of Janrain because we use multiple development environments (dev, staging and prod). This means the code had to be domain-independent.

JANRAIN.SSO.ENGAGE.check_login ({
sso_server: 'https://[your ID here].janrainsso.com',
logout_uri: '',
xd_receiver: 'http://' + location.hostname + '/xd-receiver',
token_uri: 'http://' + location.hostname + '/rpx/token_handler'
});

Because you’re using the the Janrain Engage module, you don’t need to pass a client_id. The Engage module will already have inserted it into the Janrain.SSO.ENGAGE namespace.

I saved the Javascript into a file called janrain.js. I then changed the .info file for my theme and wrote this line in the scripts section. Your theme’s info file is probably at: sites\all\themes\[theme name]:

scripts[] = js/janrain.js

I believe it’s better off being the first script you list in your info file but you may have to move this around to make sure it doesn’t interfere with other Javascript you’re running on your site. It shouldn’t as the JANRAIN.SSO.ENGAGE namespace is fairly unique.

4.Create a new page called XD receiver, stick this into the Body:

<script src="https://autismspeaks.janrainsso.com/static/xd_receiver.js" type="text/javascript"></script>

Yes, I know it’s in the body but it doesn’t matter where this is. Give it a friendly URL that will end in “/xd-receiver”. I guess theoretically you could rewrite your template.php to emit this reference when only that URL is presented or better yet, put it into a custom module for your theme but for the sake of my sanity, let’s just put it on a page. If you really want to clean this up, again check out http://drupal.org/node/171205#comment-879179 for more information.

5. The final step is to change your privacy policy in order for Internet Explorer to respect the cross-domain nature of the SSO protocol you’re using with Janrain. In order to make this work with Internet Explorer, Drupal has to emit a specific HTTP header. For the Web site I work on, autismspeaks.org, that’s handled in a custom module that’s been written to handle this sort of thing. It’s probably the best way to deal with it. Here’s how it looks:

function [your custom module name]_set_page_headers(){
drupal_set_header("P3P:CP: IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT");
}

Once the module has that function in it, you have to call the function from template.php. It looks like this:

function autismspeaks_preprocess_node(&$vars) {
[your custom module name]_set_page_headers();
}

The header itself WILL require you to change your site’s privacy policy. It’s a shorthand for other privacy policies that you need to implement as an organization. In other words, this isn’t JUST a coder issue, you will have to discuss this issue with business people. I took the time to unpack what it means to put up the HTTP header put up by that P3P header. The information can be found at: http://www.p3pwriter.com/lrn_111.asp

IDC
Identifiable Contact Information: access is given to identified online and physical contact information (e.g., users can access things such as a postal address)

DSP
The privacy policy contains DISPUTES elements.

COR
Errors or wrongful actions arising in connection with the privacy policy will be remedied by the service.

ADM
Information may be used for the technical support of the Web site and its computer system. Users cannot opt-in or opt-out of this usage (same as tag ADMa).

DEVi
Information may be used to enhance, evaluate, or otherwise review the site, service, product, or market. Opt-in means prior consent must be provided by users.

TAIi
Information may be used to tailor or modify content or design of the site where the information is used only for a single visit to the site and not used for any kind of future customization. Opt-in means prior consent must be provided by users.

PSA
Information may be used to create or build a record of a particular individual or computer that is tied to a pseudonymous identifier, without tying identified data (such as name, address, phone number, or email address) to the record. This profile will be used to determine the habits, interests, or other characteristics of individuals for purpose of research, analysis and reporting, but it will not be used to attempt to identify specific individuals. Users cannot opt-in or opt-out of this usage (same as tag PSAa).

PSD
Information may be used to create or build a record of a particular individual or computer that is tied to a pseudonymous identifier, without tying identified data (such as name, address, phone number, or email address) to the record. This profile will be used to determine the habits, interests, or other characteristics of individuals to make a decision that directly affects that individual, but it will not be used to attempt to identify specific individuals. Users cannot opt-in or opt-out of this usage (same as tag PSDa).

IVAi
Information may be used to determine the habits, interests, or other characteristics of individuals and combine it with identified data for the purpose of research, analysis and reporting. Opt-in means prior consent must be provided by users.

IVDi
Information may be used to determine the habits, interests, or other characteristics of individuals and combine it with identified data to make a decision that directly affects that individual. Opt-in means prior consent must be provided by users.

CONi
Information may be used to contact the individual, through a communications channel other than voice telephone, for the promotion of a product or service. This includes notifying visitors about updates to the Web site. Opt-in means prior consent must be provided by users.

HIS
Information may be archived or stored for the purpose of preserving social history as governed by an existing law or policy. Users cannot opt-in or opt-out of this usage (same as tag HISa).

OUR
Ourselves and/or entities acting as our agents or entities for whom we are acting as an agent.

IND
Information is retained for an indeterminate period of time. The absence of a retention policy would be reflected under this option. Where the recipient is a public fora, this is the appropriate retention policy.

CNT
The words and expressions contained in the body of a communication — such as the text of email, bulletin board postings, or chat room communications.

Still around? Make sure your business owners understand that the P3P header does require you to have real human-readable policies that match with the HTTP header your site is now emitting. Well, believe it or not that’s the end of this tutorial. Feel free to ask questions in the comments below.

How relevant was this post to you?
Why did you post this???I do not think this was necessary.Not bad. I will save for later.I really needed to read this!This bit of knowledge will make me look good. (No Ratings Yet)
Loading ... Loading ...

Internet

Want to see a new Google Community for nonprofit technologists?

Hey all, Google Plus now has communities and I’ve made one for nonprofit technologists. It’s at:

https://plus.google.com/u/0/communities/105979228113489699226

Please join if you’re a coder or an architect. It’s really a group for people who implement technology. Front-end dev code is also very welcome. I tend to specialize in Drupal/web analytics code lately so there’s already a PHP snippet to use Drupal even better with Quantcast. I’m dropping off code I’ve written for people to take a look at and I hope others will too.

On another note, if you need to get your social media groove on, this community is not recommended for you. I think I’ve pretty much had enough of nptech articles talking about how awesome social media is. That’s great but nonprofit technology encompasses a much larger set of issues that aren’t being tackled directly anymore.

How relevant was this post to you?
Why did you post this???I do not think this was necessary.Not bad. I will save for later.I really needed to read this!This bit of knowledge will make me look good. (No Ratings Yet)
Loading ... Loading ...

Analytics, Blackbaud, Google

Did Blackbaud finally fix conversion tracking?

For those of you who don’t know, Blackbaud Sphere was historically bad at conversion tracking using Google Analytics. Here was the problem:

User goes to a Sphere-hosted Walk-A-Thon page. User gets specific Analytics code related to that Walk-a-thon. For example, here at Autism Speaks, we use custom variables in Google Analytics to define a Walk specifically. On a page where user is at a Walk. One line in the Google Analytics for that page should look like this:

_gaq.push(['_setCustomVar',1, "Walkers",  "WNFAS2012-WashingtonDC",  3]);

In the past, this was all well and good until a user would get midway through a transaction. Strangely, the Google Analytics code on this page would get switched to something generic that applies to all of the pages.

_gaq.push(['_setCustomVar',1, "Walkers",  "Walk Now for Autism Speaks",  3]);

I didn’t make that change. It was automatically applied by Sphere. This makes it difficult then to segment both pages under the same Walk.

Even worse, the whole funnel was impossible to track because the URLs didn’t sufficiently change with each change of state in the transaction. The first page in a transaction funnel would be called something like donorPledge.asp and then the next page would be called donorBilling.asp but the page after that would ALSO be caused donorBilling.asp. There was no way to write a regular expression to separate the two donorBilling.asp pages because the query strings for the pages were also identical or when not identical were tied to the user’s session so it wasn’t very useful as a way to identify where a user was in the middle of the funnel.

I talked to Blackbaud about this around January of 2011 and the solution they suggested (deleting the generic tracking code in a Walk template) didn’t fix the problem. Ever since then, I’ve had a few people take a look at it and nobody had a solution.

However, I did backtrack today and tried to do a general donation to an Autism Speaks Walk in Washington DC. Lo and behold, the custom variable code was not swapped out. Not only that, the steps were named properly:

  1. donorPledge.asp
  2. donorBilling.asp
  3. donorRecognition.asp
  4. donorConfirmation.asp

It might actually be possible to do a conversion funnel!

I will be tracking this closely of course. I’ll have more information by Monday or Tuesday after I’ve had a few days of data to confirm it.

UPDATE (10/28/2012):

No dice. There’s a page right after donorBilling.asp called checkBilling.asp that shows up for a few seconds and it disappears. I need some documentation from Blackbaud on the set of URLs that actually makes up a full transaction. The checkBilling.asp page just comes out of nowhere and I’m not even sure what Google Analytics code is on it. Even worse, there seems to be a submitReg.asp somewhere in the mix as well.

How relevant was this post to you?
Why did you post this???I do not think this was necessary.Not bad. I will save for later.I really needed to read this!This bit of knowledge will make me look good. (No Ratings Yet)
Loading ... Loading ...

Analytics, Blackbaud, Google

Google Analytics is broken on Blackbaud Sphere — help fix it

Google is passing around a survey asking nonprofit users for their experiences trying to use Google Analytics with Blackbaud Sphere. Go here: https://docs.google.com/spreadsheet/viewform?formkey=dFRGOUJfQnlJTVlkNmtPaHlCMVFOTkE6MQ

Some background here… Not only is Blackbaud terribad at doing ecommerce transaction tracking.  It’s also pretty horrible at conversion funnels. If you try to set up a conversion funnel in Blackbaud Sphere for anything but a one-step donation form, there’s a pretty good chance that Sphere will not present Google Analytics correctly during the transaction. This makes it impossible to track a user’s session as that user appears on your web site, searches around for a Walk-A-Thon to donate to and then steps through whatever steps are needed like donating to a team or registering for the Walk. I’ve brought it up with Blackbaud repeatedly and with vendors who live in the Blackbaud universe. Nobody has been able to crack this nut. I’ve done pretty close analysis on this and it’s as if there’s some sort of phantom page that gets thrown up after a form submit and the response to that submission and poof– it’s all gone. The Javascript doesn’t get presented and the user’s funnel is gone forever

I’m hearing word that a bunch of nonprofit techies at a Google conference have banded together to ask Google to intercede for us. If you’re a Blackbaud Sphere customer, PLEASE fill out that form. As a Google user, I’m happy they’re trying to help. I would LOVE to see Blackbaud and Google working together on these issues but somehow I think one of those parties isn’t going to be necessarily forthcoming. Guess which one it is?

 

How relevant was this post to you?
Why did you post this???I do not think this was necessary.Not bad. I will save for later.I really needed to read this!This bit of knowledge will make me look good. (No Ratings Yet)
Loading ... Loading ...

Blackbaud, eCRM, Google, Internet

API Examples for Nonprofit Technologists

If you’re evaluating a company for how well-documented their product is, the best bet is to look at their API documentation. It should look like this: https://developers.google.com/analytics/devguides/reporting/core/v3/reference or like this, https://dev.twitter.com/docs/api.

However, I just happened upon a nicer and more understandable format at:

http://weblog.bocoup.com/documenting-your-api/

Notice the general openness of the documentation. It’s as if the people on the other side actually want you to adopt their API and add copious notes and don’t saddle you with a goofy interface.

Anyone willing to post a nonprofit CRM API that looks at least as good as Google’s or Twitter’s? Feel free to go nuts in the comment section.

I have the feeling we’re not going to see something like that from Blackbaud.

 

 

 

 

How relevant was this post to you?
Why did you post this???I do not think this was necessary.Not bad. I will save for later.I really needed to read this!This bit of knowledge will make me look good. (No Ratings Yet)
Loading ... Loading ...

Blackbaud

Blackbaud Sphere Remarkably Bad at Google Analytics Ecommerce Tracking

Preface: I work at Autism Speaks as their Web architect. These are my opinions and not the opinion of Autism Speaks.

Let it be said that Blackbaud Sphere is incredibly long in the tooth. Until last year, Blackbaud had left the copyright notices on Blackbaud Sphere stuck at 2008 when they purchased Kintera. However, Blackbaud has a tendency to push implementations on top of Sphere that just exacerbate the difficulty of using Sphere.

Let’s take a quick look at Blackbaud’s e-commerce tracking implementation of Google Analytics. For years, there had been NO implementation. Despite constant entreaties to Blackbaud, there was no movement on e-commerce tracking. To be fair, we weren’t asking for the simple Analytics reports that show bounce rate or unique visitors. Those were already available. This was the e-commerce portion of Google Analytics where donations and purchases were actually tracked within Google Analytics. These reports are not meant to be used by accounting professionals as Sphere’s financial transaction reports are still the final arbiter. However, there is a tremendous value to Google Analytics e-commerce statistics as they show you how your efforts on the Web are contributing to your actual bottom line. With these statistics, I can tell you how much revenue is generated by different kinds of visitors to the Autism Speaks Web site. It’s the kind of key performance indicator that can really drive decision making.

Despite Blackbaud’s seeming disinterest in this matter, we headed out on our own. Between myself and a very skilled front-end developer, Deron Hurst, we managed to cobble together an intricate system at Autism Speaks for tracking e-commerce conversions within Sphere. We could track transaction IDs, event IDs, even the circumstances under which a transaction took place. It was no joke how sophisticated this conversion tracking system was. For instance, we have product SKUs like:

272001-Autism Speaks Tribute-Memorial-registration-team-start-waysgive

This SKU would tell us which event ID this transaction was under as well whether or not it was a team registration and even the the marketing source (somewhat similar to a Google Analytics campaign source)  that tracked where the user had previously been right before the transaction took place. Fine and dandy yes? And it was, until of course we started to see transaction and revenue numbers spike up. Apparently, Blackbaud had decided to surreptitiously add e-commerce tracking to Sphere! And of course, without telling us, it started to double our numbers. Seriously, they released a new version of Sphere and didn’t bother to add their new e-commerce tracking “feature” to the release notes.

I asked our Blackbaud rep if we could even turn this “feature” off as it was interfering with our tracking reports, but apparently it can’t be removed (or won’t). What I’ve had to do is basically filter these reports out. However, the Blackbaud version of e-commerce tracking is laden with misunderstandings about how e-commerce works. For instance, the major problem behind Blackbaud’s implementation is that they don’t seem to understand what a SKU is. Let’s take a look at the Wikipedia definition of a SKU at http://en.wikipedia.org/wiki/Stock-keeping_unit:

stock-keeping unit or SKU  is a number or code used to identify each unique product or item for sale in a store or other business.

It is a unique identifier for each distinct product and service that can be purchased

One would think that there should be a unique ID for each kind of donation a constituent can make on Blackbaud Sphere. There should be SKUs for every kind of donation at every kind of event. For a nonprofit like Autism Speaks, there should be hundreds of SKUs detailing all the different kinds of donations a constituent can make. Well, let’s see how Blackbaud Sphere tracks SKUs. Uh oh, it looks like Blackbaud Sphere only has TWO SKUs in its reports. Yes, for some bizarre reason, Blackbaud has decided to implement SKU incorrectly and put the words “Gift” or “Registration” into the SKU. In the real non-Blackbaud world, SKUs are unique. In Blackbaud’s world, all donations or registrations are given one of two SKUs. This means that Google Analytics can’t tell you now if an event in New York or an event in Los Angeles or anywhere in between got more donations than normal or not. It’s like saying a red shirt, blue shirt and yellow shirt are the same item. If you were making shirts, you would never know which shirt was selling well and which one wasn’t. By lumping all gifts or registrations into two SKUs, Blackbaud managed to rob Google Analytics of its power to quickly pinpoint in real-time which event is doing well or not. So how bad can this be, you say to yourself?

But wait, there’s more! Blackbaud also only uses one product category, “General Fund”, which I assume is going to be different for every nonprofit depending on the way you list the way money is funneled within Sphere. However, it’s clear that inserting accounting categories into e-commerce transaction analytics is just improper. It’s a misuse of what “Product Category” means in Google Analytics. Product Category is supposed to help you keep track of product categories not the fund into which the revenue is to be directed to. For instance, a clothing manufacturer will want to know whether a particular kind of clothing is doing well: t-shirts, sweaters, shorts. They don’t want to know what fund a transaction is going to. As a result, there’s no easy rollup of different kinds of donations and registrations. In other words, the e-commerce reports generated by Sphere to Google Analytics is a broken implementation and near useless for doing more sophisticated analyses of constituent donation patterns. In other other words, you will not gain competitive advantage from using Blackbaud’s Google Analytics e-commerce tracking reports.

It’s enough to make you wonder if there is anyone awake over at Blackbaud. E-commerce is supposed to be a major reason nonprofits use Blackbaud in the first place but the way Blackbaud implemented the tracking systems that watch over e-commerce are sorely broken and apparently undocumented. As of right now, I would recommend they withdraw their badly broken implementation, read a few Wikipedia articles and do it the right way, hewing to common sense, industry standards of how e-commerce is supposed to work.

Relevancy Ranking
Why did you post this???I do not think this was necessary.Not bad. I will save for later.I really needed to read this!This bit of knowledge will make me look good. (2 votes, average: 3.00 out of 5)
Loading ... Loading ...

npmarketing, Online Fundraising

Earliest donor wall in history?

So I was in the Metropolitan Museum of Art and I end up looking at this fairly nondescript statuary. What was the significance of this?

The museum had a placard next to it (which I will reprint in its entirety):

Marble inscribed statue base

Roman, ca. A.D. 160-170

Fletcher Fund, 1926 (26.60.70a,b)

The base is said to have been found near Rome, but the inscription is in Greek. It records the dedication of a statue in honor of Pompeia Agrippinilla, a priestess, which was erected by fellow members of the Bacchic cult to which she belonged. Listed are more than three-hundred Greek personal names, together with some seventy Roman names; about one-third of the total are those of women. The names seem to represent all levels of society, from senatorial rank to slaves, and are ordered according to stuats and function in the cult. Their titles give some indication of the size and complexity of an ancient sacred procession. They included a leader (possibly dressed up as Bacchus), priests and priestesses, bearers of images of the god, bearers of mystic baskets, cowherds, torch bearers, a phallos bearer, a flame bearer, an instructor, men and women dressed in skins of newly sacrificed animals, sacred cave guards, and large nubers of followers called Bacchoi and Bacchai.

This may be a donor wall akin to the sort of thing nonprofits put in the entrance to their buildings or on their websites. Apparently, the need to honor the donor has gone on for quite some time! Sadly, the need for bearers of mystic baskets and a phallos bearer has gone the way of the dodo.

How relevant was this post to you?
Why did you post this???I do not think this was necessary.Not bad. I will save for later.I really needed to read this!This bit of knowledge will make me look good. (No Ratings Yet)
Loading ... Loading ...

Internet

Five years from the start of work on Twitter…

Tonight, I got to listen to a marketing class over at St. John’s college over in Queens, New York discuss the use of social media and how it would apply to Autism Speaks (I work there now as their Web architect). They were just as immersed in it as much as anyone else and they were all so very young (at least to this 41 year old). It’s amazing to me how quickly popular culture has picked up on social media. It’s only been five years since work started on Twitter and notice the use of “140 characters” as a lyric by a boy band.

How relevant was this post to you?
Why did you post this???I do not think this was necessary.Not bad. I will save for later.I really needed to read this!This bit of knowledge will make me look good. (No Ratings Yet)
Loading ... Loading ...

Convio

Convio goes public!

Convio (CNVO) went public yesterday! The IPO did quite well considering the circumstances.

When assessing the two tech IPOs of the day, the second being a hardware manufacturer, an industry analyst said:

“You can keep selling the same (software) code over and over again. On the hardware side, that stuff is obsolete. By the time it is released, there is already something better in development,” said Morningnotes.com founder Ben Holmes.

Convio was hoping to raise $56.5 million with this IPO.  The good news for me is that I can now more easily follow Convio in the same way I follow Blackbaud. Unfortunately, the market is down today so it looks like Convio’s stock price will stay at the $10 range today. It did go up as 10.885 on it’s opening day. I hope Convio’s stock price rises as we certainly need more competition for the Blackbaud juggernaut.

Relevancy Ranking
Why did you post this???I do not think this was necessary.Not bad. I will save for later.I really needed to read this!This bit of knowledge will make me look good. (1 votes, average: 5.00 out of 5)
Loading ... Loading ...

Internet

Do me a favor — vote for Perla Ni on the Huffington Post

Huffington Post is looking for readers to vote for the ultimate game changer in Philanthropy.

And I think the readers have so far voted Perla Ni, head of greatnonprofits.org, to be the ultimate game changer. I’d like her to keep that lead and to do so, I urge you all to consider throwing in a vote. She’s trying to create a Yelp for Nonprofits which is sorely needed in the nonprofit world. Any time I see someone promoting democratic oversight of nonprofits, I’m all for it.

Relevancy Ranking
Why did you post this???I do not think this was necessary.Not bad. I will save for later.I really needed to read this!This bit of knowledge will make me look good. (2 votes, average: 5.00 out of 5)
Loading ... Loading ...