These are the most common and most annoying mistakes I see in web development code on a daily basis. Well, Ok, it’s the things that annoyed me most TODAY, but it’s not unique. It’s mostly PHP and MySQL stuff here, but the same abuses take place anywhere the language allows it.
1. Database prefixes. I find so many database tables that use a “table” or a “tbl” prefix. Are you serious? Do you think we don’t already know it’s a table we’re looking at? Likewise, some developers find it somehow necessary to use “column” or “col” in their column names. I mean really… do you pin your own name upside down on your shirt? Seriously, this type of labeling is completely unnecessary and it probably reveals you as the half-baked amateur that you are. Label your column names descriptively: too little info is bad, but too much is no better.
The one exception I make to this rule is this: be verbose with your primary keys because you’ll use those in all of your join statements. I know it’s easier to code if every table uses the ubiquitous “id” as the primary key, but if you ever have to do complex MySQL joins for reporting queries you’ll appreciate the fact that user_id or post_id references the same thing no matter which table it’s used in. Continue reading Top 5 Script Kiddie Mistakes→
This can happen to the best of us. Hacks suck. There is no formulaic response to them that is guaranteed to fix your site, but I’m going to outline a few steps that might get you back in the saddle and hopefully help you identify the extent of the damage. The most common type of hack I see is against sites running known systems (like WordPress) where the hacker modifies the index.php file and prints extra code into the pages. This causes visitors to inadvertently download malicious code and it causes Google to black-list your site. Did this happen to you? Keep reading… Continue reading Help! My Site Was Hacked!→
It is vitally important to keep your email account as secure as possible. Google is one organization that emphasizes security, so take advantage of it! For Google Mail, it is easy to enable 2-step authentication. The idea is simple: in order to log in, you must provide something that you know (your password) and something that you have (your phone).
Think about this for a moment… normally if someone gets ahold of your email password, they could read your email (or impersonate you!). Think about it a bit more: once a hacker is in your email, they can visit other sites (like Facebook, PayPal, or ???) and they can easily click the “I Forgot my Password” link, and POOF: they’ll be able to log into any site that uses that email address. Continue reading Securing Your Email via 2-Step Verification→
This is a topic that Brian and I have spoken about in several posts, but take a minute to think about it: what could happen if a hacker cracked just one of your passwords? You may not think your information is really very special… so what if someone reads your email to your mother, right? Well, let’s think about this a bit…
In the past, we’ve looked at how to easily rip DVDs on the Windows platform. That method still works great, unless you’re on a 64-bit version of Windows. For those of us now running Windows 7 64-bit, we have a problem: DVD43 – a required decrypter used in the previous tutorial, does not get along well with 64-bit versions of Windows.
My beefs with Microsoft are many, however, I will tip my hat to Bill Gate’s many generous donations to charity. That’s really the most remarkable thing about Microsoft: it gave birth to one of the most magnanimous philanthropists of an entire generation, and no words can express thanks for that.
WordPress is so popular that it is taking over — it’s behind 22% of all new sites on the internet, but this sets a dangerously poor coding standard. Our infrastructure is crumbling!
Yes, this is a rant. My beef today is this: the WordPress manager might be easy to use, but under the hood, it sucks. There, I said it. It’s awful architecture and it has taught thousands of web developers that it’s Ok to write piss-poor code. This has single-handedly dumbed-down a whole generation of developers by setting a bad example. WordPress is the junk food of coding standards: ubiquitous, tastes good, but lacking any nutritional value.
I’ve ranted about WordPress before but what put me over the top today was the Suffusion Theme. It looks like a clean layout, so I thought I’d give it a try. Holy flaming monkey balls, was I in for a shock!