Writing my first commercial web app with html/js/perl/mysql - HTML forum at WebmasterWorld - WebmasterWorld

Forum Moderators: open

Message Too Old, No Replies

Writing my first commercial web app with html/js/perl/mysql

Even the simple things became difficult!

Dabrowski

6:01 pm on Mar 27, 2008 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

ok, I used to call myself an experienced web programmer. Suddenly I feel like a novice again.

The first thing I've attempted is a signup/login system, which has taken me 3 weeks of my spare time so far!

I now *almost* have my signup pages working, to make it more user friendly I split relevant sections into 5 pages. Now, my only criteria is that the last 4 are optional and are not required for basic browsing of the site. I don't want URL's a mile long with the users form data in them, and I don't want unnecessary redirect pages.

Oh...and it should work with JS disabled.

...and being security conscious it should be session-hijack proof.

How hard can it be?

Well after 3 weeks pulling my hair out and drawing flow diagrams on pub napkins I've finally got my signup pages working with all the above criteria. The thing I struggled most with is the whole multi-page form thing.

I now consider myself to at least be back to 'knowledgable' but am looking forward to more hurdles as the site progresses.

I'm really posting this not as a question but I'm interested to know how other people have overcome these problems?

Trace

8:22 pm on Mar 27, 2008 (gmt 0)

10+ Year Member

In the good old days of classic ASP it used to all be about sessions OR posting data to hidden form fields for multiple page forms.

I haven't had to custom code a members area from scratch in years.

rocknbil

6:24 pm on Mar 29, 2008 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

I'm really posting this not as a question but I'm interested to know how other people have overcome these problems?

I have a pile of wood out back and a splitting maul nearby. Many times the hair has stayed firmly planted and monitors have escaped destruction due to the placement of said woodpile.

Oh you mean the programming stuff. :-)

You build it, it fails. OR someone finds a flaw. You rebuild it. Again, another flaw. Eventually you have a few subs you copy and paste that are relatively bullet-proof. I just use a cookie with encrypted values that expires for the whole enchilada. :-) If cookies are disabled, I have to resort to hidden fields and post (as opposed to get, to avoid query strings.)

stef25

4:22 pm on Mar 30, 2008 (gmt 0)

10+ Year Member

i have a few good books like the o'reilly cook books which explain how to set up a login system, multi page forms and other elements of a web app, pointing out all the usual caveats in one or two page chapters. they certainly dont supply plug and play scripts, but do save you some time.

as you come up with working solutions, add them to your script snippet library. you can further enrich this with things like form validation code, xss filters, and various other classes you find online and in books. no need to reinvent the wheel. a good toolkit saves alot of time and keeps you from going bold :-)

Dabrowski

12:45 pm on Apr 3, 2008 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

There's just soo much going on in the background to make the sessions work properly, I never realised!

There's what to do if a user uses their forward/back button on multi page forms, what to do if the session's timed out, what to do if they refresh a page (dual submittal of data), what to do if a user somehow goes direct to a page from a bookmark or something and doesn't even have a session cookie...(pause for breath)...validating the user to make sure his session hasn't been hijacked.

I think I've got them all cracked, but there's probably many more to come!