The Week in Freelance: July 16th

Posted: July 16th, 2010

Freelancer Rage, Another Extension of Your Driving

Posted: July 14th, 2010

Photo by I Like (Flickr)

Photo by I Like (Flickr)

I’m not ashamed to admit that some of my biggest mistakes (and biggest lessons) as a freelancer came as a result of letting my emotions get too far out of control and take over my decision making.

Such as the time long ago when I sent Mr. Henderson an email to the effect of, “YOU HAVEN’T PAID YET. PLEASE PAY NOW!” just three days removed from handing him a $50 invoice.

Then there was the other time when I dropped some f-bombs on beloved colleagues who have been providing me plenty of work the last three years. All without receiving a raised voice in return. Looking back, they did give me money to shut the f#!@ up… ah, nevermind.

The thing is I don’t know of one freelancer who never gets angry, no matter how trivial the reason is. Part of it, if not all, is due to the stress in our lives and our work. Some days nothing seems to go right and those who happen to touch a nerve, even the slightest bit, suddenly become victims of an “earful”.

Since, in most cases when a punching bag isn’t readily available, we get a nice relief of stress by unleashing that fury upon the client. As soon as we cool off, we’re left with a few nagging thoughts over what just happened.

  • We could lose this dear client of ours (assuming you like the person)
  • You now have a rep as a hothead and not fun at all to work with
  • Face it, you’re probably an asshole too

It was immediately after the aforementioned colleague-bashing when I came upon my own realization that this can never happen again. Not even to clients I’ve made voodoo effigies of and poked nails in.

Fast forward two years later, I’ve outgrown my hothead-asshole persona and another weird thing happened as well.

Business improved. This while following only a few simple rules.

1. Stop

There will be a point after reading that email your blood gets boiling. Stop whatever you’re doing (yes even if it’s the middle of your work). Do not reply. Step away from the computer. It would be wise not to punch it either.

2. Vent (in private)

Here is where you can get crazy with the voodoo dolls or go out and buy a punching bag. You can also try my personal favorite, pacing back and forth in your office pretending to give an angry speech to your client. Just keep this out of public view, OK?

Then there are the more practical venting techniques such as a five-mile run or hitting the gym. Or just get an ice cream cone. Ice cream always brings a smile when you pretend the scoop of ice cream is the client’s face melting.

3. Ignore

This is the hard part, but just let it go for the rest of the day. Get back to other work and just concentrate on that. I know thoughts of murder will seem to permeate your head but, if you relax, it will let go.

Another ice cream cone may help if not.

4. Answer (the next day)

Great, you just had a refreshing night of sleep and are in a proper mood to answer the client diplomatically. No threats or more ice cream needed. Plus you can tone down that memorized angry speech into polite arguments for that pending email.

* * *

Have you ever responded to a client in anger and regretted it later? Please share in a nice comment.

WebDev Corner: Are You Making This Mistake In Your MySQL Queries?

Posted: July 12th, 2010

Photo by Koke (Flickr)

Photo by Koke (Flickr)

I have a lot of respect for the designers who get their hands dirty and learn a little PHP and MySQL to code those websites themselves. I can sympathize with you that it doesn’t seem different from learning Chinese. Maybe not that hard but you get the picture.

Unfortunately, I see a common mistake made, not only by designers but programmers too, that leaves your database vulnerable to hackers. We’re talking leaving the door wide open with the keys still in the lock.

Let me explain with a piece sample code retrieving make-believe contact info from a database:

$query = "SELECT name, email FROM contacts WHERE id='.$_GET['id'].'";
$result = mysql_query($query);

Now here is where it can get dangerous. Since the “id” is retrieved directly from the $_GET variable in the URL (for example http://somewebsite.com?id=2), that leaves the query vulnerable to an injection attack. Let’s say we type the following in the browser:

http://somewebsite.com?id=’ OR 1=1

We then get the resulting query after the injection attack that, instead of returning the info for a single name, returns the entire list of names in the contacts table. Note that the 1=1 is valid SQL and always returns a true result.

$query = "SELECT name, email FROM contacts WHERE id='' OR 1=1'";

OK, that might not sound like serious damage being done to the database. This one, however, will delete all the rows in the contacts table. Note that the semi-colon will stop the query leading up to the semi-colon and execute everything after. The ”=” is also valid SQL.

$query = "SELECT name, email FROM contacts WHERE id='; DELETE FROM contacts WHERE ''=''";

These are only a couple examples of what can be done once your database has been breached. Access to user logins, adding rows to tables to “deface” a website, or the dreaded access to private customer information are other possibilities. Not exactly something you want happening to you.

This can easily be corrected, though, by getting into the habit of escaping your database queries with the PHP function mysql_real_escape_string. More specifically, this function is to be used for every variable inside your query string and is only to be used in your query string.

For example:

$query = "SELECT name, email FROM contacts
          WHERE name='".mysql_real_escape_string($_GET['name'])."'
          OR email='".mysql_real_escape_string($_GET['email'])."'";
 
$result = mysql_query($query);

What the function does is escape a string by adding slashes to characters that can alter an SQL query into an injection. So instead of a harmful query being executed, the proper query with the unharming string parameter executes. Not to mention, your database is spared a happy hacker.

Now, some of you may have caught the fact that the $_GET variables were not verified for data integrity nor sanitized to prevent XSS attacks. If I just confused the hell out of you, don’t worry, I’ll be posting a tutorial in the future that will cover these.

Stay tuned!

The Week In Freelance: July 9th

Posted: July 9th, 2010

<a href=’http://www.radabg.com/url/yellowdoggdesigns.com/’><img border=’0′ src=’http://www.radabg.com/safety/yellowdoggdesigns.com.jpg’/></a>

Top Ten Freelancing Survival Tips For Summer

Posted: July 5th, 2010

Nothing like the heat of summer. Trips, barbecue, pool time and just general fun to be had. Hell, what are you even doing here reading this? Shouldn’t you be outside enjoying yourself? I guess since you’re here, might as well read a few tips to help make it the best one to be had.

10. A real vacation is a trip to that new Starbucks all the way across town. Go ahead, spring for the Caramel Macchiato and crumb cake. Yeah, you know you deserve it.

9. Harvesting that layer of dust on your desk makes excellent tinder for campfires.

8. Always remember, when going on solo trips, let a trusted Twitter follower know when you’ll be back.

7. No one will say anything if decide to use that vacation money for that new iPhone, upgrading to a Mac or hiring an escort for a couple nights.

6. I scream, you scream, we all scream for iced tea… err, Rice Dream? Ah, whatever that is.

5. Now is a perfect time to visit that picturesque city in that foreign country where that client still hasn’t paid his invoice.

4. Hit up that neighborhood kid at his lemonade stand for a little extra work.

3. Finishing those layouts, designs and blog posts is not considered a vacation. Finishing those layouts, designs and blog posts in your inflatable kiddy pool wearing Speedos might slide as one though.

2. Remember to drink eight or more cups of coffee a day to beat dehydration.

1. Beat the heat by working naked. Oh right, nevermind.

4th of July Homework For Freelancers (After Your Barbecue)

Posted: July 2nd, 2010

Photo by Space Pirate Queen (Flickr)

Photo by Space Pirate Queen (Flickr)

Yes, it’s one of those few celebrated holidays of the summer. So before you’re about to scarf down your allotment of barbecue and potato salad for the year or head out to Yosemite for a nice hike and a picnic, you may have already realized you’re at the midpoint of the year. Already!

While you’re resting and recharging, it’s also a good time to reflect on the past year so far. Is your freelancing business going how it should? Is there anything you want to change or haven’t begun to do yet? What can you do better?

Those are a few questions a serious freelancer would think about throughout the year. So I’ll leave a few compiled posts here to get you started for the holiday break.

Happy 4th of July!

Recognizing The Red Flag Client (Like a Bad Date)

Posted: June 30th, 2010

Photo by Kioan (Flickr)

Photo by Kioan (Flickr)

Picture this: A potential client consults with you. You give a (rather pricey) estimate. He is still interested and looks like a nice project to keep you going for a while.

Then you get to further discussions. He doesn’t pay attention to your suggestions. He is unclear of his goals and vision for the project. You just don’t see eye-to-eye.

Memories of a bad date are popping into your head.

So now you face an interesting dilemma in freelancing. Do I give up a great project and the nice income it will provide or do I take those red flags into account and let this client slip away to another freelancer?

Well, do bad dates ever get a second chance?

OK, maybe once in a blue moon but you eventually become quick to learn that, at any signs of trouble, it’s time to bolt.

On the other hand, with clients, it’s not so easy. Especially if you have kids to feed and rent or mortgage payments looming every month. When your own livelihood is at stake, turning down clients doesn’t seem like a very wise option.

Let’s, however, take a look at the real cost of turning down work from “bad date” client for a second.

It’s not the lost income

It’s easy to see that letting a potential (but temporary) cash cow go is equal to taking money right out of your pocket. The mistake in this line of thought is that you haven’t earned the money yet. There is no income lost at all.

Note that the keyword here is earned. How many hoops do you think you’ll have to jump through to even know what the project scope is and create a spec for it? Plus working with a client who isn’t aligned with your own style and goals means you’ll be spending most of your time trying to figure out and give the client what he wants while he continuously rejects your work.

All this adds up to significant extra time aside from the actual time worked on the project. And extra time costs you money in time that can be spent with clients who work well with you.

Read the signs

Much like a bad date (hell, we can say exactly the same as a bad date), your un-ideal client carries visible warning signs to stay as far away as possible. These can easily be seen within the first few consultations of a project.

  • The client is not receptive to your  suggestions. You begin to wonder why you were chosen in the first place.
  • One sided (that would be favoring the client) and long communication through emails, IM or calls. While you’re trying to comment and advise, you are interrupted with speeches on the client’s requirements.
  • The client couldn’t “work” with several other previous freelancers. It’s important to ask about this since it usually means others had enough of the client in the past.
  • You can’t figure out what the client wants… even after spending the time on all the emails and calls.

Hey, I won’t go as far as to tell you to let the client down gently and run but it is in your best interest. There are plenty of other fish, er, I mean clients in the sea that are great to work with and have great projects available. There is no sense in getting down in your loss either.

Nothing like the job boards to get you back on track again.

* * *

Let me know some more of the warning signs you’ve experienced with “bad date” clients in a comment below.

The Week In Freelance: June 25th

Posted: June 25th, 2010

Page 4 of 31« First...23456...102030...Last »