This is more so a fundamental question...
I started rewriting my ASP content mgmt system in PHP earlier this year... and as one would guess and hoe, I came across a lot of things I could do better these days. Utilising PHP provides different solutions to problems.
[I am quite shocked and amazed about what I managed to build over the past 10 years in 7,100 lines of code, some of it has grown like a cancer and other bits are quite nice.]
Now that I have almost finished the rewrite, with lots of reflecting, I started wondering about the question: What is the proper way to build a non-shopping web site?
To be more specific: I am wondering where to put various bits, such as:
1. the page build itself, incl MySql queries, etc.
2. input parameter validation of querystrings, GETs, etc.
3. hotlink protection
4. db-driven redirects
5. blog form, submit, validation
8. 404 handling (or is it better to have on page dealing with all errors?)
9. spam protection (form spammers)
I am not after code, but a logical (best practice, or most effective) flow and arrangement.
Is there a point in handling all rewrite rules (hotlink protection, image serve from different directory, old->new link redirects in PHP code, or split these functions to .htaccess and PHP code?
Following that, where to put what?
Maybe my question is too big -- something I realised when writing this down... :o)
Is there a good book out there going through all these steps?