matthewc
Hero Member
- Jan 18, 2010
- 592
- 47
- Category........
- Visa Office......
- Inland (CPC-Vegreville)
- Job Offer........
- Pre-Assessed..
- App. Filed.......
- 27.09.2006
- AOR Received.
- 05.12.2006
- VISA ISSUED...
- 11.02.2008
- LANDED..........
- 31.03.2008
Cappuccino said:
No, they provide no API. I wish! I had to build my own from scratch. It literally has to connect to e-CAS, log in, and scrape the page to determine changes. (That's all automated, and over an SSL connection of course.) Most of the actual work is simply done using some custom php using curl and xpaths. The rest of the app is just comparing the current e-CAS pages to what's in the database, done with php, storage, done with the ezcomponents database library, and then of course emailing people, and figuring out when to deactivate trackers. There's a little more to it, but that's the nutshell.
I had one third party audit the code after I rebuilt it a while back. Contact me by email if you'd like to do the same. It's open source.
Cappuccino said:All this, of course, begs a more fundamental question. Why the hell don't CIC send an email to you when your ECAS status changes?
Believe me, I'd be so happy if they did. Maintaining the tracker sucks up time and is a pain. I continue to do it because of the thank you emails and because it wouldn't be fair to abandon the 800 people currently using it. When I built it when I was immigrating I had spare time. Now I really don't.
rizwan72 said:
Sorry to hear you fell for a scam. That's really unfortunate. Of course the tracker info is stored in a database - there's no other way it could work. However, there's a number of security best practices the site uses to limit the potential for problems. The main one is that it's as simple as possible... there's no way to "log in" once you've signed up, it's over-zealous about cleansing inputted data (during the sign-up process) and it stores the minimum amount of information possible for it to work (which I realise is still a significant amount of personal info).
End of the day, like Wayne said, it's always a trade off.
Anyone who thinks I, personally, am not trust worthy should not use the site. Simple as that. That is part of the reason why the sign up page explains very clearly what it is, who I am, and why I built it. Transparency is important to me.
Also, it's worth noting that if you deactivate e-CAS (by clicking that link to remove the status from the internet) then - of course - the tracker stops working too. It's rare, but that's actually happened a couple of times.
Given what goes on at CIC, I'd really like to think I'm far more careful than most visa officers.
That's actually not the case. The url is a subdomain of my personal website, but I actually run the servers were it's hosted as part of an ISP cooperative. It's not some old server sitting in a closet somewhere, it's actually in a state of the art facility that we source our upstream servers from.
Matthew
