|How to properly build a PHP website?|
Where and in which order to put the code?
This is more so a fundamental question...
I started rewriting my ASP content mgmt system in PHP earlier this year... and as one would guess and hoe, I came across a lot of things I could do better these days. Utilising PHP provides different solutions to problems.
[I am quite shocked and amazed about what I managed to build over the past 10 years in 7,100 lines of code, some of it has grown like a cancer and other bits are quite nice.]
Now that I have almost finished the rewrite, with lots of reflecting, I started wondering about the question: What is the proper way to build a non-shopping web site?
To be more specific: I am wondering where to put various bits, such as:
1. the page build itself, incl MySql queries, etc.
2. input parameter validation of querystrings, GETs, etc.
3. hotlink protection
4. db-driven redirects
5. blog form, submit, validation
8. 404 handling (or is it better to have on page dealing with all errors?)
9. spam protection (form spammers)
I am not after code, but a logical (best practice, or most effective) flow and arrangement.
Is there a point in handling all rewrite rules (hotlink protection, image serve from different directory, old->new link redirects in PHP code, or split these functions to .htaccess and PHP code?
Following that, where to put what?
Maybe my question is too big -- something I realised when writing this down... :o)
Is there a good book out there going through all these steps?
I did some further research on the 'unknown' drivers for my questions...
It looks like my intensive occupation with coding has led to the fundamental questions of software design, such as coupling, cohesion and decomposition of a system into modules.
The rewrite gave me the bigger picture, the issues surrounding code maintenance, etc.
Maybe there is no answer to my question, except to understand software design better, which would then led to the proper assembly of code components to form a better larger system.
The web developer tool set is much more than code. Knowing which component handles which area best is part of the overall analysis, design and development process. For example, logging and tracking. Logging and tracking HTTP requests are handled quite well by the underlying HTTP server itself. You can push as much data as you like into the log files and forward them to a post-processing script that runs on your server too. Also, perhaps you want to grab HTML <form> requests and log/track them. If so, you can use your server-side PHP application to write the information to a database table, system file, and/or email yourself with failures or possible hack attempts.
I have written a whole page of related info dotted throughout this thread... [webmasterworld.com...]