A project needs to consider issues: project path, database design and permissions, security policy, log class implementation, page basic structure

Process for the entire project 1. Building a framework for the entire project "definition of Basic constants" "Implementing a framework requires tradeoffs and a good containment system"

2. Database design and Permissions control "user rights to access the database: Default newly created user does not have permission to manipulate data within the library: Grant statement is new and management" at the beginning of the project, the design of the database table structure is the key to the project. Design their own table structures, taking into account the various business aspects.

Notice the three-paradigm structure of the database: The data is inseparable: the first paradigm "relational database", "For each column field" for each row of data independence: Second paradigm "data for each row" data table not redundant redundancy: The third paradigm "use foreign keys to correlate tables" "But the third paradigm is not required, Because sometimes you need to consider performance "

3. Project safety issues: (1) machine brute force hack "plus verification code for defense" "CAPTCHA" (2) SQL injection "attack with SQL statement syntax: OR, semicolon end prematurely, comment, etc." (3) XSS " Cross-Script injection: Use HTML tags and script tags to implement attacks against servers "" http://baike.baidu.com/link?url=ge_b-RyirVjANAXF-XbVsYM3AB2N0zW9qEFO9_ Jktsltf3yfzusffux4ymsa-9enum1hnkqe0r4pehqvsowyvk "

The defense of both is by filtering the incoming data "the idea is that any submitted data is not trusted" "" filter out all the special symbols "" In addition, the incoming cookie data also need to be escaped: because there may be people simulating cookie data "

4. Log records through the log to help us better resolve the system during the operation of the things that occur, convenient debugging.

When the code is running, after a problem occurs, an error is thrown, and then the error is written to the file, which is the principle of the log.

So a more perfect system is the need to build a perfect log class, to achieve log management.

5. Dynamic loading and sorting column display problems

The dynamic load here does not have the effect of Ajax, but the data are all loaded, JS control is displayed "instead of Ajax asynchronous loading"

For the structure control of the whole page, the page HTML structure needs to be analyzed.

"It will be better, then desperate to work hard, no luck, then I have to work hard." 】

A project needs to consider issues: project path, database design and permissions, security policy, log class implementation, page basic structure