Web application development best practices
Can anyone point me to a Web site and/or book that discusses Web application development best practices?
I too mainly program web apps, and I think there are no such practices to speak of. Apply general software development good practices, and that's it. There *are* a lot of specific good practices in web interface design, but that's an area of usability, not programming. Refer to Krug, and Nielsen for that.
Some general principles apply much more to web app development, though - e.g. the "idempotent action" principle, which is that an action done by the user any non-zero number of times should have the same effect of doing it exactly once. Most systems do not conform to this principle, and as a result, e.g., pressing "reload" or "back" on a browser often leads to multiple purchases / bulletin board posts, though non were intended by the user.
One thing that makes web applications 'different' is the stateless nature of HTTP. Keeping track of state is something to watch. J2EE has some nice things like automatic creation of sessions, but the developer is still responsible for adding data to the session (and removing it when it is no longer relevant).
Never put user input strings into SQL-strings without stripping/escaping / \ * - ' "
Or better yet used paramaterised queries, and let the database library do the work for you.
I've been specialising in web application development since 1998, and I _still_ wonder about the best way to do this. Not just the programming but the whole development cycle.
> how does one best perform unit testing on web applications?
Sun Java BluePrints, illustrates design patterns and best practices
Evgeny Gesin /Javadesk.com/
Try to apply general application architecture patterns such as model-view-controller and the command pattern. That will make your application maintainable and extensible.
Better yet: Considering that over 90% of users run IE and how pathetic an HTML interface and how painful the connection-less HTTP protocol are... first, make sure it doesn't make more sense to write your application as an ActiveX control that you simply embed in a web page so as to minimize the cost of deployment while offering fast and content-reach UIs. Sure solved the issue on our side :-)
Speaking of automated testing, generally there are some lightweight tools/modules that can be used to emulate server environment.
To jz's comment I'd add separating style from markup by avoiding excessive layout tables, font tags, etc in the HTML and using CSS to style the appearance of the pages as much as possible. In my experience this eliminates a lot of complexity in the front-end and improves maintainability and readability of the UI code.
Look at http://www.serverside.com : site specialized in J2EE related info. Lots of good articles and news.
I meant http://www.theserverside.com
One thing I'd say is that if you declare your document to be of a certain standard then the page ought to validate according to that. I'm amazed at how many people describe their page as adhering to a standard when all they ought to have is <html>.
>Can anyone point me to a Web site and/or book that
Fog Creek Home