big projects - good and bad coding

#1
[eluser]Mutsop[/eluser]
Hi,

I'm curious about how different the coding should be between small and big projects (big!).
What are your opinions on this?

How about security (especially this question)? How about libraries?
Anything special I need to take into consideration when I start a big project?

Would it be better for mappings to use doctrine? or any other likes Propel?

I mean I love codeigniter, I just created my first site (well actually second one, but thats an intranet website). It's so easy to use, and so powerfull!

So I'm actually looking on ways you would program or just some opinions.

Regards


fyi: its a project I'm willing to spend months on, maybe rewrite everything after a while... But its rather for fun than anything else.

#2
[eluser]n0xie[/eluser]
My two cents:
- Take a look at modules. It's a nice way to group related functionality together. To make your application truly modular, you need to think about decoupling and how you are going implement it.
- Think about your ACL beforehand. How/where do you want to check for permissions? The reason most developers write their own implementation is because the requirements for ACL can differ greatly between projects.
- Read about security issues with PHP in general. Get yourself familiarised with terms like XSS, CSRF, SQL injection and Session Hijacking. There are no silver bullets but there are a lot of good practices that can take care of 90% of the common exploits.
- Code defensively.

#3
[eluser]Mutsop[/eluser]
He n0xie thanks for your reply...
I do have a few questions.

[quote author="n0xie" date="1295361556"]My two cents:
- Take a look at modules. It's a nice way to group related functionality together. To make your application truly modular, you need to think about decoupling and how you are going implement it.[/quote]

I've been studying the decoupling/DAO procedure a few weeks ago but for vb.net.
Strangly enough, it's excactly the same Smile The only difference was that I used them for the data layer... What I see here is that he also uses it for module views and controllers?

[quote author="n0xie" date="1295361556"]
- Think about your ACL beforehand. How/where do you want to check for permissions? The reason most developers write their own implementation is because the requirements for ACL can differ greatly between projects.[/quote]

Any interesting examples on this?

[quote author="n0xie" date="1295361556"]
- Read about security issues with PHP in general. Get yourself familiarised with terms like XSS, CSRF, SQL injection and Session Hijacking. There are no silver bullets but there are a lot of good practices that can take care of 90% of the common exploits.[/quote]

I found a few websites on this matter, but what I can't find is, how do you trace back from where a hacker has been able to use the exploits?

[quote author="n0xie" date="1295361556"]
- Code defensively.[/quote]

What do you mean by that? Do you mean security wise?


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.