ISSET INTERNET
PROFESSIONALS
How to approach CI projects which
go beyond the ‘homepage’
Who we are
 Jeroen van der Gulik
    Lead Developer Isset
    jeroen@isset.nl


 Rommert van Til
    Project Manager
    r...
What we do
 Isset Internet Professionals targets companies with an
 ambition on the internet.
 We provide solutions for pr...
What we are currently doing
 Building custom web applications / websites.
 Building connectors/ middleware applications.
 ...
Why we chose CodeIgniter
Avoiding the DreamWeaver effect.
The DreamWeaver Effect
General pros
 Lightweight
 Fast (!)
 Open Source
 Very good documentation
 Very good User Community
 Simple (KISS)
 MVC
What we think is important
 All we need is routing + database abstraction.
 Easily extendible/ adjustable.
 Simple Caching...
What we discovered
 Application framework, not a website framework.
 Forces a team to work in the same structure.
 CI is f...
What we will talk about
Why not Expression Engine?

                                           Client server 2
Client server 1



                ...
Topics
 Making what the client needs
 Database Driven Development (DDD).
 How we design our projects
 Project file organiz...
The Client
Making the Client happy
 Force the client to participate.
 Three tier communication : developer(s), project
 manager, clie...
Database Driven Development
 Think about the data structure first.
 Generate template CRUD based on DB scheme
How we design our projects
 Making a test environment
 New project
 Migration
 Middleware / connector / webservice
Make a test environment
 Make sure that it matches the production environment.
 Replace all e-mail addresses and cell phon...
New Project
 Prerequisite : no database, no legacy system.
 Database Driven Development.
 Plan meeting(s) to write the des...
Migration
 Prerequisite: any project that has a database or legacy
 functionality.
 Should we migrate to CodeIgniter?
 Wha...
Migration Path
 Make legacy application work next to CodeIgniter.
 Be aware of sessions (authentication).
 Be aware of abs...
Middleware / connector / webservice.
 Prerequisite; the application has to communicate with
 other applications.
 Demand (...
Taking care of responsibilities
Project file organization
 Depends on scale and environment
 Learn about symlinks!
 Separate system from site root if poss...
Source control management
 Just do it.
 Git/ SVN/ Mercurial/ Bazar: Use what works for you
 We chose SVN because of genera...
Extending Classes (base classes)
 Base Controllers will make your life easier
 For details: Jamie Rumbelow
 Use MY_Control...
MY_Controller
DB Routing / MY_Router
 How to match database records with controllers that do
 not exist.
 If a controller exist, the con...
Example Lookup Table
Exceptions
Tackling the layout / template issue
 Default template
    Overwrite when needed with variations
 Little template partials...
Template sections
Issues with ‘standard’ solutions
 80% was easy (click ‘n go)
 15% was hard (modify base code/ write workarounds or
 custom...
ICF (Isset Content Framework)
 NOT a CMS
 Generating editable content sections.
 Using default template most of the time, ...
ICF database scheme
Logging
 Especially important when making middleware.
 Helps when playing ‘the blame game’.
 Log incoming, outgoing reques...
Example E-Mail Logging
 ‘Build’ the email to send
 Save it to a database
 Pass it to an email queue / cronjob
 Update the ...
Example Email Database Scheme
Security
 Sanitize input, escape output.
 Be aware of XSS (CI provides some security).
 Be aware of Cross-Site Request For...
Example 1 - PyroCMS
Example 2 - SyntaxCMS
<img src=“http://domain.tld/admin/users/delete/1” />
How to prevent CSRF
 Any destructive action should always be taken with a
 POST (update and delete).
 Cross Site POST is e...
Making sense of SEO / SEM efforts
 Keeping track of the position for a given landing page in
 combination with a search st...
You can (in a few months)
 Visit sedindex.com (next monday)
 Pre register
 Find more information
 We will get back to you ...
Questions ?

Thanks for listening. We hope you enjoyed it
Isset Presentation @ EECI2009
Isset Presentation @ EECI2009
Isset Presentation @ EECI2009
Isset Presentation @ EECI2009
Isset Presentation @ EECI2009
Isset Presentation @ EECI2009
Isset Presentation @ EECI2009
Isset Presentation @ EECI2009
Isset Presentation @ EECI2009
Isset Presentation @ EECI2009
Upcoming SlideShare
Loading in …5
×

Isset Presentation @ EECI2009

427 views
374 views

Published on

Isset Internet Professionals talks about how to approach projects which go beyond the 'standard' homepage @ EECI2009

Published in: Technology, Education
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
427
On SlideShare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
6
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Isset Presentation @ EECI2009

  1. 1. ISSET INTERNET PROFESSIONALS How to approach CI projects which go beyond the ‘homepage’
  2. 2. Who we are Jeroen van der Gulik Lead Developer Isset jeroen@isset.nl Rommert van Til Project Manager rommert@isset.nl
  3. 3. What we do Isset Internet Professionals targets companies with an ambition on the internet. We provide solutions for problems related to the web using internet technology. Isset only works with professionals who are up to date on current internet problems as well as solutions. We are purely functional and technical.
  4. 4. What we are currently doing Building custom web applications / websites. Building connectors/ middleware applications. Optimizing and monitoring SEO performance on a technical level (not ga). Migrating a large custom build webshop. We are currently developing an in house application that will be make sense of SEO / SEA.
  5. 5. Why we chose CodeIgniter Avoiding the DreamWeaver effect.
  6. 6. The DreamWeaver Effect
  7. 7. General pros Lightweight Fast (!) Open Source Very good documentation Very good User Community Simple (KISS) MVC
  8. 8. What we think is important All we need is routing + database abstraction. Easily extendible/ adjustable. Simple Caching mechanism. Has few ‘conventions’. Has many ‘add-ons’. Easy to add external classes/ libraries
  9. 9. What we discovered Application framework, not a website framework. Forces a team to work in the same structure. CI is fast so you can write ‘sloppy’ code. CI plays nice (mostly) with Zend which is a good thing CodeIgniter is relaxed.
  10. 10. What we will talk about
  11. 11. Why not Expression Engine? Client server 2 Client server 1 Middleware application Client server N
  12. 12. Topics Making what the client needs Database Driven Development (DDD). How we design our projects Project file organization Source control management Extending Classes (Base Classes) DB routing Layout/ Templating ICF (Isset Content Framework) Logging Security (CLRF, AR) Making sense of SEO / SEM
  13. 13. The Client
  14. 14. Making the Client happy Force the client to participate. Three tier communication : developer(s), project manager, client(s) Make a ‘design’ document. Make sure both the client and the developer can understand the document. Use the project manager as mediator. Use feature list to determine if all requirements are made. Don’t use vague terminology. Prevent scope creep.
  15. 15. Database Driven Development Think about the data structure first. Generate template CRUD based on DB scheme
  16. 16. How we design our projects Making a test environment New project Migration Middleware / connector / webservice
  17. 17. Make a test environment Make sure that it matches the production environment. Replace all e-mail addresses and cell phone numbers with traceable test data. Don’t use offensive test data for fun, just don’t use it.
  18. 18. New Project Prerequisite : no database, no legacy system. Database Driven Development. Plan meeting(s) to write the design document with the client. Use agile approach (small iterations so the Client can see progress and test).
  19. 19. Migration Prerequisite: any project that has a database or legacy functionality. Should we migrate to CodeIgniter? What is the database scheme like? (DDD) What is the scope of the legacy functionality? How maintainable is the legacy code? Are their 3rd party components? What is the platform? Bottom line: start from scratch or migrate functionality over time.
  20. 20. Migration Path Make legacy application work next to CodeIgniter. Be aware of sessions (authentication). Be aware of absolute paths. Be aware of User Generated Content. Avoid changing existing code; move functionality into CodeIgniter.
  21. 21. Middleware / connector / webservice. Prerequisite; the application has to communicate with other applications. Demand (api) documentation up front. Log every transaction (request and response). Avoid connecting to third party databases directly. Clearly outline the responsibilities. (next slide)
  22. 22. Taking care of responsibilities
  23. 23. Project file organization Depends on scale and environment Learn about symlinks! Separate system from site root if possible Separate application from site root if possible Separate public (or assets) Use what works for you
  24. 24. Source control management Just do it. Git/ SVN/ Mercurial/ Bazar: Use what works for you We chose SVN because of general acceptance Use sensible commit messages
  25. 25. Extending Classes (base classes) Base Controllers will make your life easier For details: Jamie Rumbelow Use MY_Controller Use different base controllers according to the purpose of the (sub)application Alternatively use modules
  26. 26. MY_Controller
  27. 27. DB Routing / MY_Router How to match database records with controllers that do not exist. If a controller exist, the controller will be executed. Else it will do a db lookup. Make a table that has the external url eg http://mysite.tld/home with an internal controller e.g. pagecontroller/page/1 Make exceptions for things like news, blog items etc. in the router file For heavy traffic websites, make a pre-system cache hook.
  28. 28. Example Lookup Table
  29. 29. Exceptions
  30. 30. Tackling the layout / template issue Default template Overwrite when needed with variations Little template partials like navigation, sidebars etc. Every partial can be associated with model(s) and/or view(s). INCMS uses db records to define the relation between pages and partials. Complete separation of logic en layout (mvc) Making a new layout for a site is easy.
  31. 31. Template sections
  32. 32. Issues with ‘standard’ solutions 80% was easy (click ‘n go) 15% was hard (modify base code/ write workarounds or custom modules/plugins) 5% was not doable (restrictions by standard solution) Standard solutions that did work were either expensive or far too complex for the end user We hope that Ellis Labs will provide the ‘ultimate’ solution with Expression Engine 2.0
  33. 33. ICF (Isset Content Framework) NOT a CMS Generating editable content sections. Using default template most of the time, specific templates when necessary. Best of both worlds: making basic content pages easy, making complex pages doable. (using standard CI framework). 80% of a website is just content. 20% of a website is custom made. No restrictions! Think custom ajaxified ‘shiny’ contact forms clients love to torture developers with.
  34. 34. ICF database scheme
  35. 35. Logging Especially important when making middleware. Helps when playing ‘the blame game’. Log incoming, outgoing requests. Log email / sms / whatever. Logging is cheap but provides valuable debug information. Logging 404 can help determine routing issues, SEO issues, hacking attempts. Logging executed queries can help find bottlenecks. Logging to a DB makes analyzing data easy.
  36. 36. Example E-Mail Logging ‘Build’ the email to send Save it to a database Pass it to an email queue / cronjob Update the record when send Log if any errors occur
  37. 37. Example Email Database Scheme
  38. 38. Security Sanitize input, escape output. Be aware of XSS (CI provides some security). Be aware of Cross-Site Request Forgery (CSRF). Be aware of (MySQL) typecasting when using Active Record.
  39. 39. Example 1 - PyroCMS
  40. 40. Example 2 - SyntaxCMS
  41. 41. <img src=“http://domain.tld/admin/users/delete/1” />
  42. 42. How to prevent CSRF Any destructive action should always be taken with a POST (update and delete). Cross Site POST is easy so gives no security. Use a token to verify that the send POST data is coming from the website. Michael Wales wrote extensively about it: http://www.michaelwales.com/codeigniter/protecting- against-csrf-exploit
  43. 43. Making sense of SEO / SEM efforts Keeping track of the position for a given landing page in combination with a search string Monitoring Google PageRank Measure cause and effect listing milestones in conversion / visitor timeline. Relate all search strings to conversions. Adding search strings to a campaign that are cheaper but also make a conversion Exclude search strings from a campaign that are expensive but never make a conversion.
  44. 44. You can (in a few months) Visit sedindex.com (next monday) Pre register Find more information We will get back to you in January 2010
  45. 45. Questions ? Thanks for listening. We hope you enjoyed it

×