First application, question about design process

[kdubbie]

Hello, everyone.

 

I've been learning php for a little while now.  I keep getting side tracked with work and such but I finally feel like I am ready to start planning my first real application. But before I simply start, I was hoping that you all fine people can aid me in the planning process.

 

The project I am starting with is a Simple 6 page website.  On one of the pages I want a form that allows users to input their contact information and submit it to a database.  One of the other pages will be an admin login page. Upon logging in, I want to be taken to a page that has a button which says "View User Information" and once clicked it will display all the records from the database into a table on the page. (and that's it, no other objects will appear on the page except the View User button, the logout button and table of results)

 

Now I understand that this might be really easy for most of you, and probably don't need to formally plan it out. But say for example, a friend asked you to create this application and he also requested you document the process from start to finish. Again, I only ask because I am having a hard time finding a tutorial that explains the whole start to finish process of creating an application (correction, sorry there are plenty of tutorials that tell you how to create an application, but most of them are newb type tutorials, that never truly reflect the necessary steps one should take before launching a REAL working application)...I feel like I would be able to figure it by piecing tutorials together, but I am afraid of missing out on something important.

 

This is the process I would do now.

 

1. Create website

2. Create form

3. Create database in PHPmyadmin

4. Create script that takes form data, validates it and inserts into database

5. Create login page

6. Create redirect page for logging in, that also has a log out feature.

7. Create script that logs the user in, validates and takes them to the redirect page.

8. Create script that when the user clicks the button, all records in the database are displayed in a table.

 

If you were creating this application, what would your process look like? 

 

Or, a more general question, how do you all plan out the applications you build before you start.  Do your create a bulleted Outline?  Pseudocode?

 

 

Thanks, any insight would be GREATLY appreciated!

 

 

Oh yeah.....

Security seems to be another topic most tutorials don't tell you anything about. Sure they show you how to insert a new record into a database or display the contents of a database, but usually say nothing about precautions and best practices one should take before launching an application to the public.  So in my example above, what security measures should I take before launching this application? 

 

Thanks again.

[KevinM1]

Here's how I normally roll:

 

1. Figure out and design the domain.  'Domain' is what a site does.  In your case, your user information form and admin functionality.  I construct entities based on how the information needs to be handled, and map the relationships between them.  These are my models, and any logic that isn't tied into site control or display goes in here.  There are constraints here - a user shouldn't be able to do whatever they want with all the data.  The models are designed to only accept functionality that falls in line with the purpose of the site.

 

2. I flip it around and plan/design the front end.  Mockups, wireframes, etc.  I try to figure out the best way for a user to view/manipulate the data on the site.

 

3. I make changes to both the domain model and front end mockups until they both mesh and do their collective jobs efficiently

 

4. Once my domain model is complete, I map it to a database.

 

5. I work on the site-specific code - navigation between pages, filling out templates/views, etc.

 

6. Release.

 

Keep in mind, testing goes on during each phase, as does validation and security when/where needed.  Websites are layered, so it makes sense that a lot of the things that don't fit into one particular step happen multiple times where needed.

 

As far as general security, look into SQL injections, session hijacking, cross-site scripting (XSS), and cross-site request forgery.  For your hosting, be sure that your files and folders have the proper permissions, and that your FTP has a strong password.  P1zz@1! or P@ssW0rd doesn't cut it.

 

Finally, there's no 100% set way on how to write an app.  Most developers tend to start with the back end/business logic parts because content is the most important part of a site.  A site can be well designed, or even downright pretty to look at, but the visual appeal doesn't have much of a lifespan.  Repeat visitors are due to content.  This isn't to say the front end isn't important - far from it.  A well-designed site facilitates the consumption of content.  A bad design is sure to drive visitors away.  There's a reason why companies spend millions on branding, design, navigation, mobile presence, etc.  But, at the end of the day, content is why people keep coming back.