Page 1 of 1
when to use what? (user interactive dynamic sites w/db)
Posted: Tue Jul 15, 2008 11:28 pm
by bhonan
So I'm becoming fully immersed in what I would call my first REAL website. For years I've know HTML and have at least made a few simple pages. However, just recently I have encountered a problem at work that just screams "BUILD A SITE TO HANDLE THIS!" Basically, I track and execute orders and the budgets for these orders. I need to be able to create reports, allow users to log in and make orders, manage those orders, execute the buy, get the order back to my customer, all the mean while using a ton of information in a fast paced environment. - All of this is currently done by hand. - excel has saved my life... but doesn't quite live up to the job...
Anyway, I've learned a bunch of PHP, how to use MySQL, Javascript, CSS, Flash... etc... I can make a site that does what I want. However, its not the most secure, and not the nicest flowing application. So my question is this. How do I structure the flow of information from a user to the database and back again? All the meanwhile adding information, calculating totals, allowing a user to submit then allowing me to edit and approve and add information and then send back that info to the user. I'm aware that I can POST a form, I can httpRequest my information and deal with it... but what is the best way? Should I always keep XML version of my database info around for users to access? I'm really not sure where to even begin with this. I've read a bunch of 'best practice' sites and they're all geared more toward user interactions and not with back-end structure. Yes, I understand that sites should be geared toward our users and not what we want, but isn't it also supposed to make our lives easier?
Anyway... sorry for the long note, if anyone can just point me to some sites to check out or some books to read, that'd be perfect. Hell even just a flow chart will help out. Thanks!!
Re: when to use what? (user interactive dynamic sites w/db)
Posted: Tue Jul 15, 2008 11:38 pm
by omniuni
First, design your site around workflow. Try to keep your navigation in one place and always visible. Use CSS to make a clear container where the current content will go. As you move through the steps, replace that content with what is needed at the moment. If you need to present more than what you can fit on a page, use javascript to show/hide and relayer the CSS. Don't use tables, and heavily rely on CSS, it will make things far easier in the long run.
You will likely want to store your information in a database of some sort, it will yield the fastest processing when required. Query a *.php for calculating things, and let a small javascript replace innerhtml every two seconds or so to have it update. Use as little javascript as possible, though, it will slow down the clients computer. Regenerating XML for the database every time there is a transaction sounds like a highly intensive task and not a good idea. Maybe use a cron to generate one an hour if you need it, or simply have an admin panel that you can enter and generate it on demand. If you need to work with a spreadsheet, CSV's are a great way to exchange data.
I would recommend avoiding Flash here because, well, it doesn't sound like you ABSOLUTELY need it.
Um.... I'm not sure if that helps with anything... but... good luck!
-Omni
EDIT: I fully agree with Califdon's post below.
Re: when to use what? (user interactive dynamic sites w/db)
Posted: Wed Jul 16, 2008 2:41 pm
by califdon
omniuni offered some good suggestions. I would place first emphasis, though, on the security issues. You mentioned them and are obviously aware of them. It sounds like you're dealing with financial transactions, and security is BY FAR the most important consideration! I would recommend that you read everything you can lay your hands on about Internet and web security. There's a ton of information available online. Read it ALL! (Well, I'm being a bit facetious, but when the security of your customers and your company are at stake, you have to treat this as Priority One.)
I agree with omniuni on designing pages for the customer's convenience. If customers don't accept it, it will simply fail. I also understand your focus on solving your back office needs. The two perspectives are not mutually contradictory. That said, it's no small task for someone who doesn't have years of experience designing just this kind of a system. As a personal recommendation, and with the understanding that you are in the financial brokering business, I would seriously recommend that you consider having an experienced professional do this development. If you were in the canine grooming business, I would be less insistent, but it takes only one breach of security or hacking incident to destroy your company's reputation, and even a slightly amateurish online presence could damage it.
Re: when to use what? (user interactive dynamic sites w/db)
Posted: Thu Jul 17, 2008 12:03 am
by bhonan
Thank you both for the great advice! I def make as much use of CSS as possible. I do feel my programming was becoming pretty javascript heavy, I guess that's why I'm curious of how all these pieces really fit together.
I do however have a follow up question. Specifically with querying the database. You say its the quickest and less labor intensive to query the database directly with a php file. This is the originally way that I started when I only knew php and html and css. (before jumping into the world of javascript and beyond) But doesn't seem secure.
First let me say there are no $ transactions on my site, and it will most likely be only available to those who have access to our company network, so security isn't necessarily my top priority, but I do feel that, at the very least for my education, I should at least have a basic concept of the flow of information from the user to the database and back. I can do this all directly with .php, but will using the htmlentities, escape functions, and a really nice mysql_prep() function that I got from my first online tutorial (lynda.com) really cut out me having to worry about sql injections and such? I'm looking for a detailed description of the flow of info from the user to the db and back.
Right now to submit a new request the user fills in the blank line provided at the top of the data grid then hits submit, that calls a new_entry() javascript function that does an httpRequest to a php file that handles the query then adds the new line to the data grid. Updates are similar, but each input has it's own onchange that makes the httpRequest and it automatically updates the field with the new data (this way I can tell if the db doesn't work, the field will change back to the old entry when the user reloads) When editing the data grid, I don't really want the page to reload. I tried just using php but when changing a record at the bottom, it automatically jumps to the top every time, and it's annoying as hell. (because the page reloads when the user submits the change)
For information that only updates once a day, m-f (i'm parsing a csv and importing it to my database) I've build a quick little "upload file" that takes the file and does the work. To display I was thinking of creating a function that queries the database and updates an xml if necessary, then display the xml, but traversing the xml files with javascript is so much more of a pain in the ass than just using php.
The reason I'm not quite so worried about the user side right now is that much of it has already been figured out (as far as how it looks) That, and people will pretty much have to use this system. I'm making it really easy for them. But then again, that's what's making this so much harder. Basically every page is different type of db query. data grids for one situation, inputs for another, displays for even more, printable versions of reports... etc etc... But with all these functions and queries... how do I keep them under control? Is a framework necessary at this point?
Sorry for all the questions. I really need to get into some classes, but today I worked from 9:30am - 10:30pm. (ok, so I was forced by my company to attend a concert, but dammit, that's my job!) But those hours are very common. I'm learning website development and design in my late nights and weekends. (yeah, freak) I've really made some amazing advances with my programming knowledge. I have a bs in math, so this kind of structure comes naturally for me. But I'm having trouble seeing the overview of the big picture. I know about MVC, don't quite get it though... and even less with the actual details of the whole thing... I tried ruby on rails, but I'd have to use a different server at work and not quite sure I really need something quite that powerful.
Anyway, Thank you very much for all your help thus far!! Hope to hear from you soon
Re: when to use what? (user interactive dynamic sites w/db)
Posted: Thu Jul 17, 2008 12:22 am
by omniuni
I'm not 100% sure I understand, but I'll give it a try.
try using a switch() statement. read from the address, what step their on (example: form.php?step=1) and include the php file with the appropriate query. ( include(step_1_query.php); )
Does that help at all?