Top 6 things you need to know when programming for the web

John Avis by | January 20, 2015 | Web Development

Over fifteen years of developing for the web, I've learned some lessons the hard way. There are some things they don't teach you in books and tutorials.
Over fifteen years of developing for the web, I've learned some lessons the hard way. There are some things they don't teach you in books and tutorials.

If you build it they will come

That is, if you build a form on a website, spammers and hackers will come to your site.

No matter how small and insignificant your website is, they will try and use it to send you spam, show spam on your website, or hack into your website so they can either show spam or get personal details.

You need to protected your website from every possible form of spam or hacking. Spammers and hackers can be very smart (some SQL injection techniques I have seen are really quite amazing), so you need to be smarter.

Your database is your bottleneck

In a complex database-driven website the database is the usual cause of performance issues.

If you are dealing with a website that handles a reasonable amount of users, then from the outset you need to ensure:

1. Your queries are as efficient as they can be.

2. Your database is indexed well.

3. You cache often used data that doesn't change frequently.

4. You use transactions only when necessary.

Error Notifications

I personally want to know about every 500 Internal Server Error, and I would suggest that you have every error emailed and/or logged (see don't rely on email below).

It can be a bit draining on a high volume website to see every error, but you may well find some problems that you didn't pick up in testing, some controls that may need validation, and probably plenty of hacking attempts.

Although you might not want to know about every 404 Page Not Found error, it's good to know about any 404 error where there referrer was also a local page. ie. you want to know about broken internal links.

Don't rely on email

Email isn't always reliable so it's never a good idea to solely rely on email for important information. I had an ecommerce website where some server settings changed and email from the website stopped working. Before I found out, every message that was sent through the contact form never made it through and was lost forever.

You should store everything that you send by email in a database table or at least a log file of some sort.

What time is it?

If you are storing dates and times in a database then you should store the universal time (UTC) rather than a local date/time. Even if it is a web site that is only for a specific country, think about the consequences if you were to move to hosting in a different region where the server time zone might be different, or what happens when daylight savings ends as the time goes back an hour and the last record in the database has a datestamp 1 hour before the previous record.

Keep a history

In many simple applications the developer will often choose just to overwrite information in the database when something changes.

For example, on an ecommerce website, if a price changes you might just update the same database row with the new price. But what if you need to know what price was being offered on a past date?

Or, in a content management system, what if someone accidentally updated the wrong page? They may have lost some valuable information if the database row has been updated.

For reasons like these, it's almost always good practice to implement some sort of history or version control system and insert a new row when data changes rather than overwrite the same row.

There are various ways of doing this. For example, you may keep multiple versions in the same table or create a separate history table.


If you develop in ASP.NET then see also my Things you need to know when programming in ASP.NET Web Forms post.

Related Posts

Web Development

Why Microsoft's ASP/ASP.NET may be the safe choice for development

by John Avis | February 15, 2018

Some reasons why developing using Microsoft's ASP/ASP.NET has been a good choice over the years.


Web Development

Is ASP.NET better than PHP?

by John Avis | September 21, 2016

This posts stems from my own curiosity. It's a question not a statement. I've been developing in ASP.NET for many years and I like it. I've dabbled a bit in PHP and there are some things I like and some I don't like, but maybe I haven't immersed myself in it enough to know what's great about it.


ASP.NET Web Forms Web Development

Things you need to know when programming in ASP.NET Web Forms

by John Avis | January 21, 2015

Web forms makes it really easy to create a simple website, but it is also really difficult to crate a complicated website. These are some of the things you will need to know sooner or later.

Comments

There are no comments yet. Be the first to leave a comment!

Leave a Comment
Tags
ASP.NET Html Forms ASP.NET MVC ASP.NET Web Forms ASP.NET Web Pages Bootstrap C# Classic ASP Cool Websites Databases eBay and PayPal Electrical Repairs General Hardware HTML/CSS Jquery/Javascript Media Center Mobile Phones Responsive Web Design SEO and Social Networking Web Design Web Development Web Security web+db Website Hosting Windows XP

About me

...mostly about web development and programming, with a little bit of anything else related to the Internet, computers and technology.

Subscribe

Get the latest posts delivered to your inbox.