Download - Isset Presentation @ EECI2009
![Page 1: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/1.jpg)
ISSET INTERNET
PROFESSIONALSHow to approach CI projects which
go beyond the ‘homepage’
![Page 2: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/2.jpg)
Who we are
� Jeroen van der Gulik
� Lead Developer Isset
� Rommert van Til
� Project Manager
![Page 3: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/3.jpg)
What we do
� Isset Internet Professionals targets companies with an
ambition on the internet.
� We provide solutions for problems related to the web
using internet technology.
� Isset only works with professionals who are up to date on
current internet problems as well as solutions.
� We are purely functional and technical.
![Page 4: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/4.jpg)
What we are currently doing
� Building custom web applications / websites.
� Building connectors/ middleware applications.
� Optimizing and monitoring SEO performance on a
technical level (not ga).
� Migrating a large custom build webshop.
� We are currently developing an in house application that
will be make sense of SEO / SEA.
![Page 5: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/5.jpg)
Why we chose CodeIgniterAvoiding the DreamWeaver effect.
![Page 6: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/6.jpg)
The DreamWeaver Effect
![Page 7: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/7.jpg)
General pros
� Lightweight
� Fast (!)
� Open Source
� Very good documentation
� Very good User Community
� Simple (KISS)
� MVC
![Page 8: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/8.jpg)
What we think is important
� All we need is routing + database abstraction.
� Easily extendible/ adjustable.
� Simple Caching mechanism.
� Has few ‘conventions’.
� Has many ‘add-ons’.
� Easy to add external classes/ libraries
![Page 9: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/9.jpg)
What we discovered
� Application framework, not a website framework.
� Forces a team to work in the same structure.
� CI is fast so you can write ‘sloppy’ code.
� CI plays nice (mostly) with Zend which is a good thing
� CodeIgniter is relaxed.
![Page 10: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/10.jpg)
What we will talk about
![Page 11: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/11.jpg)
Why not Expression Engine?
Client server N
Client server 2Client server 1
Middleware application
![Page 12: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/12.jpg)
Topics
� Making what the client needs
� Database Driven Development (DDD).
� How we design our projects
� Project file organization
� Source control management
� Extending Classes (Base Classes)
� DB routing
� Layout/ Templating
� ICF (Isset Content Framework)
� Logging
� Security (CLRF, AR)
� Making sense of SEO / SEM
![Page 13: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/13.jpg)
The Client
![Page 14: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/14.jpg)
Making the Client happy
� Force the client to participate.
� Three tier communication : developer(s), project
manager, client(s)
� Make a ‘design’ document.
� Make sure both the client and the developer can
understand the document.
� Use the project manager as mediator.
� Use feature list to determine if all requirements are made.
� Don’t use vague terminology.
� Prevent scope creep.
![Page 15: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/15.jpg)
Database Driven Development
� Think about the data structure first.
� Generate template CRUD based on DB scheme
![Page 16: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/16.jpg)
![Page 17: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/17.jpg)
How we design our projects
� Making a test environment
� New project
� Migration
� Middleware / connector / webservice
![Page 18: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/18.jpg)
Make a test environment
� Make sure that it matches the production environment.
� Replace all e-mail addresses and cell phone numbers
with traceable test data.
� Don’t use offensive test data for fun, just don’t use it.
![Page 19: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/19.jpg)
New Project
� Prerequisite : no database, no legacy system.
� Database Driven Development.
� Plan meeting(s) to write the design document with the
client.
� Use agile approach (small iterations so the Client can see
progress and test).
![Page 20: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/20.jpg)
Migration
� Prerequisite: any project that has a database or legacy
functionality.
� Should we migrate to CodeIgniter?
� What is the database scheme like? (DDD)
� What is the scope of the legacy functionality?
� How maintainable is the legacy code?
� Are their 3rd party components?
� What is the platform?
� Bottom line: start from scratch or migrate functionality
over time.
![Page 21: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/21.jpg)
Migration Path
� Make legacy application work next to CodeIgniter.
� Be aware of sessions (authentication).
� Be aware of absolute paths.
� Be aware of User Generated Content.
� Avoid changing existing code; move functionality into
CodeIgniter.
![Page 22: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/22.jpg)
Middleware / connector / webservice.
� Prerequisite; the application has to communicate with
other applications.
� Demand (api) documentation up front.
� Log every transaction (request and response).
� Avoid connecting to third party databases directly.
� Clearly outline the responsibilities. (next slide)
![Page 23: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/23.jpg)
Taking care of responsibilities
![Page 24: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/24.jpg)
Project file organization
� Depends on scale and environment
� Learn about symlinks!
� Separate system from site root if possible
� Separate application from site root if possible
� Separate public (or assets)
� Use what works for you
![Page 25: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/25.jpg)
Source control management
� Just do it.
� Git/ SVN/ Mercurial/ Bazar: Use what works for you
� We chose SVN because of general acceptance
� Use sensible commit messages
![Page 26: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/26.jpg)
Extending Classes (base classes)
� Base Controllers will make your life easier
� For details: Jamie Rumbelow
� Use MY_Controller
� Use different base controllers according to the purpose of the
(sub)application
� Alternatively use modules
![Page 27: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/27.jpg)
MY_Controller
![Page 28: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/28.jpg)
![Page 29: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/29.jpg)
![Page 30: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/30.jpg)
DB Routing / MY_Router
� How to match database records with controllers that do
not exist.
� If a controller exist, the controller will be executed. Else
it will do a db lookup.
� Make a table that has the external url eg
http://mysite.tld/home with an internal controller e.g.
pagecontroller/page/1
� Make exceptions for things like news, blog items etc. in
the router file
� For heavy traffic websites, make a pre-system cache
hook.
![Page 31: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/31.jpg)
![Page 32: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/32.jpg)
Example Lookup Table
![Page 33: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/33.jpg)
![Page 34: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/34.jpg)
Exceptions
![Page 35: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/35.jpg)
Tackling the layout / template issue
� Default template
� Overwrite when needed with variations
� Little template partials like navigation, sidebars etc.
� Every partial can be associated with model(s) and/or
view(s).
� INCMS uses db records to define the relation between
pages and partials.
� Complete separation of logic en layout (mvc)
� Making a new layout for a site is easy.
![Page 36: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/36.jpg)
Template sections
![Page 37: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/37.jpg)
Issues with ‘standard’ solutions
� 80% was easy (click ‘n go)
� 15% was hard (modify base code/ write workarounds or
custom modules/plugins)
� 5% was not doable (restrictions by standard solution)
� Standard solutions that did work were either expensive
or far too complex for the end user
� We hope that Ellis Labs will provide the ‘ultimate’
solution with Expression Engine 2.0
![Page 38: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/38.jpg)
ICF (Isset Content Framework)
� NOT a CMS
� Generating editable content sections.
� Using default template most of the time, specific
templates when necessary.
� Best of both worlds: making basic content pages easy,
making complex pages doable. (using standard CI
framework).
� 80% of a website is just content.
� 20% of a website is custom made. No restrictions!
� Think custom ajaxified ‘shiny’ contact forms clients love
to torture developers with.
![Page 39: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/39.jpg)
ICF database scheme
![Page 40: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/40.jpg)
Logging
� Especially important when making middleware.
� Helps when playing ‘the blame game’.
� Log incoming, outgoing requests.
� Log email / sms / whatever.
� Logging is cheap but provides valuable debug
information.
� Logging 404 can help determine routing issues, SEO
issues, hacking attempts.
� Logging executed queries can help find bottlenecks.
� Logging to a DB makes analyzing data easy.
![Page 41: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/41.jpg)
Example E-Mail Logging
� ‘Build’ the email to send
� Save it to a database
� Pass it to an email queue / cronjob
� Update the record when send
� Log if any errors occur
![Page 42: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/42.jpg)
Example Email Database Scheme
![Page 43: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/43.jpg)
![Page 44: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/44.jpg)
Security
� Sanitize input, escape output.
� Be aware of XSS (CI provides some security).
� Be aware of Cross-Site Request Forgery (CSRF).
� Be aware of (MySQL) typecasting when using Active
Record.
![Page 45: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/45.jpg)
Example 1 - PyroCMS
![Page 46: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/46.jpg)
Example 2 - SyntaxCMS
![Page 47: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/47.jpg)
<img src=“http://domain.tld/admin/users/delete/1” />
![Page 48: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/48.jpg)
How to prevent CSRF
� Any destructive action should always be taken with a
POST (update and delete).
� Cross Site POST is easy so gives no security.
� Use a token to verify that the send POST data is coming
from the website.
� Michael Wales wrote extensively about it:
http://www.michaelwales.com/codeigniter/protecting-
against-csrf-exploit
![Page 49: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/49.jpg)
![Page 50: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/50.jpg)
![Page 51: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/51.jpg)
![Page 52: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/52.jpg)
![Page 53: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/53.jpg)
Making sense of SEO / SEM efforts
� Keeping track of the position for a given landing page in
combination with a search string
� Monitoring Google PageRank
� Measure cause and effect listing milestones in
conversion / visitor timeline.
� Relate all search strings to conversions.
� Adding search strings to a campaign that are cheaper but
also make a conversion
� Exclude search strings from a campaign that are
expensive but never make a conversion.
![Page 54: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/54.jpg)
You can (in a few months)
� Visit sedindex.com (next monday)
� Pre register
� Find more information
� We will get back to you in January 2010
![Page 55: Isset Presentation @ EECI2009](https://reader036.vdocument.in/reader036/viewer/2022062303/557ad0dad8b42add288b4dc2/html5/thumbnails/55.jpg)
Questions ?
Thanks for listening. We hope you enjoyed it