web前端编程编程_完善Web编程的6个步骤

web前端编程编程

I've never met a perfect developer, but I've met several who have taken significant steps towards becoming one! Use the following tips to develop better, faster applications:

我从未见过一个完美的开发人员，但是我遇到了几个迈出重要一步的人！ 使用以下技巧来开发更好，更快的应用程序：

Step #1: Write for Lots of Visitors

步骤＃1：为大量访问者写信

A common mistake for most developers is to focus so much on making something work that they don't think about how it will work when 100 people hit it all at once. Sometimes 100 simultaneous visitors seems SO far away that developers just figure they'll fix that problem when it comes up. That's the wrong attitude to have - there often is no simple, magic patch to fix the problem. If that's the case and if you're the developer, then you might as well start looking for another job, because you may have just torpedo-ed the whole project.

对于大多数开发人员来说，一个常见的错误是过于专注于使某项工作正常工作，以至于他们没有想到当100个人一次全部完成这些工作时，它将如何工作。 有时候，同时出现100位访问者似乎太遥远，以至于开发人员认为他们会在问题解决时解决。 那是错误的态度-通常没有简单的魔术补丁可以解决问题。 如果是这样，并且您是开发人员，那么您不妨开始寻找其他工作，因为您可能刚刚对整个项目进行了鱼雷处理。

There's no need to be extreme, either. You don't need to start off with a replica of Google's server farm. As a developer, you just need to plan for a few things. Plan on the application being copied onto another server to split the load, or pieces of the application being served remotely, or even multiple copies of the application running for different customers with separate databases.

也不需要极端。 您无需从Google服务器场的副本开始。 作为开发人员，您只需要计划一些事情。 计划将要复制的应用程序复制到另一台服务器上，以分散负载，或者远程管理该应用程序的各个部分，甚至为具有不同数据库的不同客户运行该应用程序的多个副本。

A good example from my own experience is thumbnailing. It's extremely easy to write a quick script in PHP that will take a JPEG and resize it by 50% and write out the resulting file. If 100 people are doing it at the same time, you can reasonably expect that the server is going to be really busy. What I did in one of my projects was to write the thumbnailing code so that it was a standalone application. Then, once more and more people used the product, we were able to easily move the thumbnailer application over to another server without rewriting lots of code or worrying about tearing out vital chunks from the main application.

根据我自己的经验，一个很好的例子是缩略图。 用PHP编写一个快速脚本的过程非常容易，该脚本将采用JPEG并将其大小调整50％并写出结果文件。 如果同时有100个人这样做，则可以合理地预期服务器将非常繁忙。 我在一个项目中所做的就是编写缩略图代码，因此它是一个独立的应用程序。 然后，越来越多的人使用该产品，我们能够轻松地将缩略图应用程序移至另一台服务器，而无需重写大量代码或担心从主应用程序中删除重要的代码块。

A hundred visitors every second is common for some projects, and some servers see tens of thousands of hits per second. If you get into the good habit of writing code that could be used by 100 people at once without crashing the server, then you'll instantly be far better than most web programmers out there.

在某些项目中，每秒一百个访问者很常见，而某些服务器每秒看到数以万计的点击。 如果您习惯于编写一次可以让100个人使用而又不会使服务器崩溃的代码的良好习惯，那么您将立即比那里的大多数Web程序员都要好得多。

Step #2: Become a DBA

步骤2：成为DBA

Okay, maybe not a FULL database administrator, but knowing the ins and outs of your database is extremely important to getting the best performance out of your applications.

好的，也许不是FULL数据库管理员，但是了解数据库的来龙去脉对于从应用程序中获得最佳性能非常重要。

Any good PHP/MySQL developer should:

任何优秀PHP / MySQL开发人员都应：

- Be able to know how to use DESCRIBE and EXPLAIN to analyze tables and their indexes, as well as the queries that are being run.

-能够知道如何使用DESCRIBE和EXPLAIN分析表及其索引，以及正在运行的查询。

- Be familiar with the basics of how indexes and keys work.

-熟悉索引和键如何工作的基础知识。

- Know when to use the different datatypes (example: don't use a TINYINT for an auto-incrementing primary key on a large table).

-知道何时使用不同的数据类型（例如：不要在大型​​表上使用TINYINT作为自动递增的主键）。

- Should always try to avoid using the "SELECT * FROM..." query (specify the column names you want instead of the * symbol).

-应始终尝试避免使用“ SELECT * FROM ...”查询（指定所需的列名而不是*符号）。

There is a LOT more that can be learned (persistent connections, unsigned vs. signed integers, subqueries vs. joins, dealing with temp tables, etc), and every bit learned will enable you to make the most of every interaction your script has with the database.

有很多可以学的东西（持久连接，无符号与有符号整数，子查询与连接，处理临时表等），并且所学的每一点将使您能够充分利用脚本与之进行的每次交互数据库。

Don't fret - learning the basics does not take as long as you might think.

不用担心-学习基础知识不需要您想的那么长。

Step #3: Don't Reinvent the Wheel

步骤＃3：不要重新发明轮子

I frequently see questions on Experts Exchange about how to write certain applications - shopping carts, chat programs, etc... Sometimes there is a valid need to write something from scratch, and sometimes it turns into valuable experience. Usually, if you're a developer, you just want to write it because it sounds like fun. If you are writing something for live, production use, then you should strongly consider finding an existing version of what you're trying to build. Lots of ideas sound simple at the start, but when you start adding in all the security measures, UIs, error handling, unexpected feature requests, etc, that 2-hour project can easily turn into a 200-hour mess.

我经常在Experts Exchange上看到有关如何编写某些应用程序（购物车，聊天程序等）的问题。有时确实需要从头开始编写某些内容，有时又会变成宝贵的经验。 通常，如果您是开发人员，则只想编写它，因为听起来很有趣。 如果您要编写供生活和生产使用的东西，那么您应该强烈考虑寻找要构建的现有版本。 一开始很多想法听起来很简单，但是当您开始添加所有安全措施，UI，错误处理，意外的功能请求等时，这个2小时的项目很容易变成200小时的混乱。

Step #4: Be Willing to Buy

步骤4：愿意购买

Sometimes, the "existing version" may be something you have to buy. At that point, you have to weigh your potential time against the cost of the product. Sometimes, your time IS money and $50 up-front could be saving you $5000 in the long run. I've seen some commercial apps sold for under $100 that came with their full source code and a license allowing you to do whatever you want with the code (except sell it as your own).

有时，“现有版本”可能是您必须购买的东西。 此时，您必须权衡潜在时间与产品成本。 有时，您的时间就是金钱，从长远来看，预先支付50美元可以为您节省5000美元。 我见过一些售价不到100美元的商业应用程序，其中包含完整的源代码和许可证，可让您随心所欲地使用代码（除了自己出售）。

Step #5: Never Trust Anyone

步骤5：从不信任任何人

Cliché, I know, but it's the best advice you can ever take when developing web applications. Sure, most of your intended users probably are not malicious hackers, but security measures are not there to protect you and the server from all of the nice people. It only takes one successful hacker to bring on the world's biggest headache. If your application is small, then the security breach might just result in your web site being defaced. If you're storing sensitive data, like credit cards, then one break-in could result in identity theft for thousands of people, and a PR nightmare.

我知道，陈词滥调，但这是开发Web应用程序时可以接受的最佳建议。 当然，您的大多数目标用户可能不是恶意黑客，但是没有安全措施可以保护您和服务器免受所有好人的攻击。 只需一名成功的黑客，就可以带来世界上最大的麻烦。 如果您的应用程序很小，那么安全漏洞可能只会导致您的网站被破坏。 如果您要存储敏感数据（例如信用卡），那么一次闯入可能会导致成千上万人的身份盗窃和PR噩梦。

Learn to write your applications so that you expect the majority of your users are going to try to be searching for security holes. Cross-site scripting (XSS) and SQL injection are some of the most common attacks nowadays, and they can be mostly prevented by filtering your data (e.g. strip out < and > characters out of fields that should contain someone's name), and escaping the data going into your queries. I also frequently see applications that allow files to be uploaded without any restrictions on the file extensions. This means I can write my own PHP script, upload it, and run it on your server! Easy to overlook, and extremely dangerous.

学习编写应用程序，以便您期望大多数用户都将尝试搜索安全漏洞。 跨站点脚本（XSS）和SQL注入是当今最常见的攻击，通过过滤数据（例如，从应包含某人姓名的字段中删除<和>字符）并转义，可以大体上防止跨站脚本（XSS）和SQL注入。数据进入您的查询。 我还经常看到允许文件上传而对文件扩展名没有任何限制的应用程序。 这意味着我可以编写自己PHP脚本，将其上传并在您的服务器上运行！ 容易忽视，并且非常危险。

There are some tools like ParosProxy (good, free) and Burp Professional Suite (better, but not free) that will scan your site for vulnerabilities and give you reports. Never release a web application without running a vulnerability scan on it first.

有一些工具，例如ParosProxy（好，免费）和Burp Professional Suite（更好，但不是免费），它们会扫描您的网站中的漏洞并为您提供报告。 在未首先对其进行漏洞扫描的情况下，切勿释放该Web应用程序。

Step #6: Learn How to Debug Better

步骤＃6：了解如何更好地调试

It still surprises me how many people do not have good debugging skills. They rely solely on error messages, and when those aren't helpful or don't even show up, they are lost. To debug better, you should start by thinking about your program as if it were a car going from point A to point Z. I'll use PHP scripts as an example again.

仍然令我惊讶的是，有多少人没有良好的调试技能。 它们仅依靠错误消息，而当这些消息没有帮助或什至不显示时，它们就会丢失。 为了更好地调试，您应该首先考虑程序，就好像它是从A点到Z点的汽车一样。我将再次使用PHP脚本作为示例。

If the car starts at point A but never reaches point Z and you don't know where it stopped, then you need to go looking for it. The easiest start is to go halfway into the program, to point M, and then put up a line of code that will notify you somehow if the car passes by. Here is where things like print(), file_put_contents(), and mail() become your best friends (if you HAVE to debug a live application, then use file_put_contents() or mail() to avoid debugging information being shown to real visitors). I will frequently put in something like:

如果汽车从A点开始但从未到达Z点并且您不知道它在哪里停下来，那么您需要去寻找它。 最简单的开始是进入程序的中间，指向M，然后放一行代码，如果汽车经过，它将以某种方式通知您。 这是print（），file_put_contents（）和mail（）之类的东西成为您最好的朋友（如果您必须调试实时应用程序，请使用file_put_contents（）或mail（）以避免将调试信息显示给实际访问者） 。 我会经常输入以下内容：

file_put_contents("mydebugging.log",__LINE__."\n",FILE_APPEND);

file_put_contents（“ mydebug ging.log”， __线__。” \ n“，FILE_A PPEND）；

and copy it and put it in several key locations throughout the code, and then run the application once. When it stops, I open up the mydebugging.log file and I can see how the car progressed through the script - which points/lines it touched, and approximately where it stopped. Add in a few more debugging lines in that approximate area and continue the cycle until you've identified the exact point where the program stops.

并将其复制并放在整个代码中的几个关键位置，然后运行该应用程序一次。 当它停止时，我打开mydebugging.log文件，可以看到汽车如何通过脚本进行前进-触摸的点/线以及大约停止的位置。 在该大致区域中添加更多调试行，并继续执行该循环，直到您确定了程序停止的确切位置为止。

Often times, that's enough to tell you WHY the program stopped at that point and how it got there. Sometimes that's not enough, which is when I pull out print_r(), which dumps the contents of any variable (array, string, whatever). Since variables often are responsible for WHY a program goes one way and not the other, it's important to see their contents before and after the decision in question. Again, using file_put_contents() in different parts of the application can let you see how a variable was created, changed, etc...

通常，这足以告诉您为什么程序在此时停止以及如何到达那里。 有时这还不够，这是当我取出print_r（）时，它会转储任何变量（数组，字符串等）的内容。 由于变量通常是为什么一个程序负责的原因而不是另一种原因，因此在有关决策之前和之后查看其内容很重要。 同样，在应用程序的不同部分中使用file_put_contents（）可以让您看到如何创建，更改变量等。

As long as you use those two basic techniques correctly, debugging should become an easy task. Still time-consuming, but easy.

只要正确使用了这两种基本技术，调试就应该很容易。 仍然很耗时，但是很容易。

There are tools for almost every programming language, including PHP, which will give you more debugging capabilities (breakpoints, watches, etc). If you can get these tools and use them, then you'll have an even easier time. However, the techniques described above should be applicable to debugging almost any type of language, so learn them well.

几乎所有的编程语言都有工具，包括PHP，它将为您提供更多的调试功能（断点，监视等）。 如果可以使用这些工具并使用它们，那么您将获得更轻松的时间。 但是，上述

翻译自: https://www.experts-exchange.com/articles/1235/6-Steps-to-Better-Web-Programming.html

web前端编程编程