PHP development site to see: PHP Web Development Program

Source: Internet
Author: User
Tags lowercase php web development sql injection sql injection prevention system log

I. Development members

A) Project manager
b) Page Art
c) Page Development
d) Service-side program development
(e) System and data management
f) test and version control

Second, the site group development Concise process

III. Development tools and environment

A) server configuration
I. Web server: FREEBSD6.1+APACHE2.0+PHP5.0,SVN version Control Service (test machine only).
II. Database server: WIN2003 server+sql Server 2000+mysql5.0,clustered server Cluster service, mail server.
Iii. 100m/1000m Switch
b) Development tools
I. Front Desk: Macromedia Flash 8.0, Macromedia Dreamweaver 8.0, Adobe photoshop CS
Ii. background: Zend Studio 5.2, SQL Server Enterprise Manager, phpMyAdmin

Iv. Technical Rules

A browser compatibility policy: Compatible with IE5.0 above version, and compatible with FireFOX2.0 above browser.
B Search Engine Optimization: Focus on Baidu, Google, Yahoo Search optimization, the production of clear and clear site map.
c) Character encoding rule: Chinese website rate adopts GB2312 character standard.
d) file and folder naming: for compatible Win32 with UNIX systems, a rate is named with lowercase letters.
e) Common file naming rules:
I. Default home: Index.htm, index.html, index.php
II. Main CSS file: style.css
III. Main JS file: main.js
IV. Main program configuration file: config.php
f) Common file directory unified naming
I. Photo catalogue:/images or/pic
II. CSS Style Catalog:/css
Iii. JS script directory:/js
IV. template file directory:/TPL
V. Class or component directory:/class or/lib
g) page Scripting specification: Unified use of JavaScript
h) class, function, variable name in code: uniform use approximate english word name, such as: Defaultclass or Default_class
i) Code comment rule: the function or procedure in all programs must be annotated with an exact comment.
j) Database-related rules
I. Data tables and field naming rules: All lowercase letters are named and grouped with named prefixes such as: User table Group, User_passport, User_info, User_service ....
Ii. Date Type field: Unified use of Unix timestamp, char (12)
III. Primary keyword naming: All tables must establish a primary key named after the ID.
k) Template Component rules: Unified use of compatible version of the smarty, unified cache directory, to facilitate UNIX permissions under control.
L) Database virtual layer: Unified use of ADODB or PDO,SQL statements to be compatible with existing mainstream database rules.
m) factory pattern development rules: developing or inheriting component classes with comm.php as the center, unified control file invocation Io and class instantiation.
N Object-oriented development rules: All functions must exist in the form of class---> procedures.
o SQL Encapsulation rule: All SQL statements and database queries must exist in the procedure.
p) URL steering rules: To optimize search engines, try to use Apache mod_rewrite modules to beautify URLs, such as: Http://www.yourname.com/action.php?id=123 into: http:// Www.yourname.com/action/id/123 or http://www.yourname.com/action/id_123.html.

V. Website security and Maintenance strategy

A) server and database security:
I. Establish a sound virus defense mechanism, install a firewall, and shut down any unnecessary ports and services on the server.
II. Unified management of user rights, regular tracking of user and system events, regular review of the system log.
(b) Disaster recovery and backup mechanisms:
I. Set up a database cluster, keep at least one server synchronizing data to ensure that the database system can be automatically transferred to the normal server stable operation when the accident occurs.
II. Regularly back up files and data and save data and files in various ways.
c) Program security Policy:
I. SQL injection prevention: resolutely filter the unpredictable illegal characters, strictly do the database query, update the SQL statement test.
II. Do not use the source of unknown third party, not easily copy the unknown code to the server.



Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.