Coding Languages

Resources to learn languages

• Lynda.com - Free to all McCombs students
• Udemy.com - Signup for an account and see many classes go on sale.  Great way to learn web development (recommend Rob Percival's "Complete Web Developer" course).
• W3School - perfect site for beginners to learn HTML/CSS/JavaScript/Bootstrap
• TheNewBoston
• CodingBat
• CodeAcademy

LAMP Stack development

• For local development download XAMPP (for Mac) or WAMP (for PC)

  • This comes with an Apache server, MySQL database, and a FTP client. Drop all your php files into the htdocs folder in C:/xampp, start up your apache server in the xampp control panel, then open a browser to navigate to localhost:[portnumber]/url to see your php renderings.
  • You can choose to download a separate MySQL onto your computer if you wish. After installation, navigate to C:/Program Files/MySQL/MySQL Server [5.7]/bin. Use the following command to access the database: mysql -u [username] -p (-h [host ip] if you are accessing a remote mysql database)
  • Create reasonable modules. PHP lets you break down code into smaller segments and join them together to render a complete page. Make your code shorter so it's easier to maintain and make changes. For example, you can create a header.php with the common header every page shares, then you can simply use the <?php include header.php ?> in every other page to re-use the code you've written.
  • Download XAMPP control panel
  • MySQL server
  • PHP modulation

• Best practices

  • Keep that in a central file, so you don't have to write a connection string every time a page needs to be linked up to the database.
  • You can use objects in PHP-- OOP makes your complex logic so much easier to organize.
  • Keep your files stored in proper folders. Your css files should be in a folder called "assets", images should be in a folder called "images", shared files like connection string, headers, footers should be put in "includes" folder.
  • This is something that a lot of people overlook. Improper php code is especially vulnerable to common attacks such as cross site scripting, cross site request forgery, and sql injections. To do the best job we can here are some tips:
    • Escape all user inputs
    • Users may enter data that gets executed as part of the query, but if they enter say in the username field - john'; drop table tblUsers;. The query that now gets executed may look like SELECT * FROM tblUsers where username = 'john';drop table tblUsers';. The solution here is to use the built in real_escape_string([input]) to sanitize all user inputs. (Google it for details)
    • Use HTTPS if you can
    • Not all clients will support this, but ask if they can get a HTTPS connection. This will encrypt the communication between clients and the server.
    • Don't store your passwords in PLAINTEXT
    • If you are making a log in page, please store only the hashes of the passwords. When the user logs in you should hash their input and compare it with the hash you stored in the database. Further, md5 and sha1 are not safe hashes and are being phased out, for industry standard hashes use sha-256 and above [This is done very easily in php, simply use hash("sha256", STRING) function]. Finally, using randomly generated salts for each user is also standard practice. Read the Wikipedia page for an overview as to why it is important : https://en.wikipedia.org/wiki/Salt_(cryptography) 

• Deployment

  • FTP/FTPS - Use a FTP client (Filezilla, WinSCP) to copy all your php files to the designated server with proper credentials.
• Other Insights/Tips
  • Phpstorm and Jetbrain IDEs for free - Jetbrains, the maker of IntelliJ IDEA Java IDE (which powers Android Studio) and other IDEs, offers free licenses for students with a .edu email address. One of these IDEs, Phpstorm, can prove very useful to 374 teams building web applications with Php, Javascript, and HTML/CSS. With early warning on coding errors, git/svn integration, and FTP/SFTP deployment, Phpstorm is a great tool. Student can get it at https://www.jetbrains.com/student/ 
  • Use MAMP to run PHP and MySQL server locally. MAMP, free of charge and runs on both Mac and Windows, installs a local server environment and allows you to have access to a local PHP server and MySQL server. Instead of using the online code editor, a local PHP server given through MAMP will give you more flexibility and control over your code and development environment.
    • https://www.mamp.info/en/

Email notifications in PHP - Click here for more details on how to setup email notifcations in PHP

CSS

Use for developing any general interactivity between website and user

Use when styling a website after HTML structure is established

• Know that there are CSS tools and frameworks that are readily available for use, such as Twitter Bootstrapor Semantic UI
  • Twitter Bootstrap: a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It is the most popular framework used due its massive library, large support,and naming scheme.
    
    
  Other good tips to keep in mind:
  • How you name classes is absolutely key: the general principle is names should be short and sweet. They should be intuitive so other teammates/contributors/leads can understand what a variable does quickly.
  • There is a difference between IDsand classes and how they are called:
    • ID can be used to identify one element, whereas a class can be used to identify more than one
    • Classes are preceded by a full stop (“.”), while ID’s are preceded by a hash character (“#”)
  • An HTML element/div can implement more than one CSS class–use this to provide HTML all the style that is needed . 
  • Browsers interpret classes from left to right and from up to down. This means that any similar functionality implemented before could be overwritten by something as a browser interprets the page.

Javascript

Use for developing any general interactivity between website and user

• Learn how to use basic Javascript
• Understand how websites dynamically update in response to user activity via Javascript (ex. checkboxes, alerts, or displaying calculated results) 
• There are special types of variables in javascript that store data in slightly different ways○Session variables are variables that exist only while the user's session with an application is active.
  • Session variables are specific to each visitor to the app. They’re used to store user-specific information that can be accessed by multiple pages in a web application.
  • Session variables are valuable when you have no need for a database. When you need to hold data only for the time a user is on a page like our app required, consider using this as a tool.
  • For more information on other special types of variables, such as cookies, local storage, watch this explanation: https://www.youtube.com/watch?v=AwicscsvGLg

• hide() and show() - not working for <option> tag in IE and Safari
• Want to test inline JavaScript, HTML, and PHP code? Use a demo editor to validate if your form works prior to pushing it to your system.
  •  http://www.w3schools.com/php/showphp.asp?filename=demo_form_validation_complete  
• Inserting a graph: http://www.chartjs.org/docs/#chart-configuration-hover-configuration

For RESTful applications, Postman offers free input/output testing for all your application’s end-points.  It will also come with in-depth documentation on how to use your backend end-points if needed for technical clients.