Sunday-Edition

Leading Internet search engines have begun incorporating social media tools
to meet the niche needs of the ‘long tail’ market

Move over SEO, SMO has arrived. With Internet users contributing, tagging
and ranking content in Web 2.0, search engines like Google, Yahoo, MSN and
Altavista have been compelled to re-engineer their algorithms to incorporate
social media search. As a result, search engine optimization (SEO) is giving
way to social media optimization (SMO). Read the rest of this entry »

If your looking for well written books covering an array of technologies and design then check out Friends of Ed (an Apress Publishing Company). They offer the source code and sample files for all there publications which makes for a nice resource for learning something new (book purchase not required for source code download).

The MVC paradigm is a way of breaking an application, or even just a piece of an application’s interface, into three parts: the model, the view, and the controller. MVC was originally developed to map the traditional input, processing, output roles into the GUI realm. Think of it this way:

Input –> Processing –> Output
Controller –> Model –> View

The user input, the modeling of the external world, and the visual feedback to the user are separated and handled by model, viewport and controller objects. The controller interprets mouse and keyboard inputs from the user and maps these user actions into commands that are sent to the model and/or viewport to effect the appropriate change. The model manages one or more data elements, responds to queries about its state, and responds to instructions to change state. The viewport manages a rectangular area of the display and is responsible for presenting data to the user through a combination of graphics and text. Read the rest of this entry »

Every software application can conceptually be broken up into three layers: the front end, which consists of the user interface and application controls; the middle tier, which consists of the code; and the back end, which consists of the database, data structures and other assorted gremlins.

When building software, the trick is to design in such a way that when you place these layers one on top of the other, the parts fit exactly. This is far more complicated than it sounds, and fairly difficult to do at the best of times. But don’t let that discourage you - a number of tools are available to assist in this process…and one of the better ones is called a functional specification.

A functional specification can substantially simplify and streamline the process of application development. Intended to describe how a piece of software works, it provides a ready reference for software developers and aligns large and disparate development teams to a single goal. In the process, it provides technical clarity on how the different components of a particular applications are to be designed, implemented and integrated with each other, and (if used correctly) significantly reduces the time and cost component of any development exercise. Read the rest of this entry »

Balancing the pros and cons of the two most popular means of building web applications

When it comes to Web development these days, you have a lot of options. Many of these methods involve preprocessingóthat is, embedding code into HTML pages with special tags that signal to a preprocessor that they contain code, and that it should do something with it. Much like a CGI, this code is then run on the server, and it returns some content, which then assumes part of the shape of the resulting HTML page sent back to the browser. Both the open source scripting language PHP and languages within Microsoft’s ASP.NET framework fall into this category; JavaServer Pages (JSP) and Perl/Mason operate this way as well.

In this weeks weblog post I’ll focus on PHP, the technology Oracle has chosen to incorporate into its products, and ASP.NET. I’ll overview the various strengths and weaknesses of each, discussing in particular those areas that will help you make your decision on which to go with for your development project. There are a lot of factors to consider, and different projects may appeal to a different technology. In conclusion you’ll find a point-by-point comparison in terms of price, speed and efficiency, security, cross-platform support, and the advantages of an open source solution. Read the rest of this entry »

Good article summarizing the dangers of Cross-Site Scripting and how to prevent them. Examples are in Perl but the basic message is never trust anything from the browser.

Where cross-site scripting is concerned, particular caution needs to be taken if you allow visitors to your site to add content to it or “echo back” values they’ve submitted (such as a word they’re searching for).

These days it’s better to use PHP libraries like PEAR::HTML_QuickForm or PEAR::Validate to prevent oversights when using regular expressions to validate incoming data.

When you need to allow visitors to add marked up content, the most effective approach is BBTags (common to vBulletin and phpBB) - PEAR::HTML_BBCodeParser can help. “One to watch” in that area is KSES which is an “HTML and XHTML filter”, if you want visitors to be able to use native tags.

I also found these excellent articles:

http://www.phparch.com/sample.php?mid=16

http://shiflett.org/talks/apachecon2003

PHP is now running over a million web sites and with good reason. PHP is open source, it runs equally well on NT and UNIX, it’s well documented. PHP is no doubt stealing market share from Microsoft’s Active Server Pages, but the media has been unusually quiet about the issue. Even as Apache’s success has become front page news, PHP has gone largely unnoticed. Maybe Microsoft wants to keep it that way. Read the rest of this entry »