Should I Use HTML Server-Side Includes? - html

We've recently migrated from a full CMS to simple HTML/CSS/JS on NGINX. I do batch editing with RegEx search/replace in my text editor, but I'd like to simplify by putting common content in partial files and including them server-side. I've considered other solutions, but I'm working under some constraints:
It's important to us to have the site function whether javascript is present or not, so I prefer not to use client-side frameworks for including content.
I personally prefer compiled, templated solutions like Jekyll or Pug (Jade), but I have a pretty non-technical team I'm trying to support, and HTML is already a bit beyond their comfort level.
My problem is that I haven't found any up-to-date information about using SSI. (Most pages returned from web search look like they were built 20 years ago). The fact that no one seems to be talking about SSI in a modern context has me a little worried.
Are HTML server-side includes a reasonable solution for this situation? If so, are there performance or security issues I should watch out for?

Well security is not an issue if you ask me. These are just server side includes, and not user input. The performance is far from great, if you believe this. However, horsepower is cheap, and so is caching. It seems okay to me to use it.

Related

is developing an HTML web app using Notepad++ secure

I have started on a web app for the ORG i work for, using notepad++ for html and css and of course php and javascript. I must say that the ORG did not used to have software developers, all software they have is off-the-shelf or oracle forms and am a recent grad.
We got a new hire he has much more experience "he claims", the thing is that he has been criticizing me for using notepad++ for html, he instead suggests using ASP.NET in VS. His argument comes from security risks and better support point of view.
The web app will consist of a website for the visitors to browse, in addition to an intranet for employees to use onsite and globally.
So i am not sure if i am on the right track and he is showing off, or i should be following his advice "he could be our new IT manager".
I thank you very much in advance.
The editor you are using has literally nothing to do with the security of the programmed application. Notepad++ is perfectly fine, even though i would recommend something like Atom, Visual Studio Code or Sublime.
One thing they have as a "security advantage" over Notepad++ is, that it is easier to install plugins that try to check your code and point out possible bugs. Otherwise blaming the Editor for Security issues is nonsense.
I have no experience with ASP.NET, i tried it a few times but never liked it. I think it comes with some authentication solutions out of the box.
HTML and CSS have very little to do with security. JavaScript and especially PHP is what you have to be careful with. I would recommend to use some kind of PHP framework as there are often well tested authentication components included. Frameworks I know of are Symfony and Laravel (which is built on Symfony).

Cross-platform lightweight master pages

Currently I have a web site full of static pages. This minimizes web server load and guarantees that this site will run even on tiny Linux-based hardware web server.
I am seeking for an ability to make master pages for my site and I like the way used by Ruby on Rails, but this technology is redundant for a simple web site and is too heavy for a simple hardware web server.
I like the SSI, it is really lightweight and cross-platform, but it does not provide master pages, it only makes includes that each document should maintain by oneself.
I like an AJAX technology, but it is client-side dependent.
The IFRAME technology does the opposite to what I want - it references from master page to slave page, and I need the reverse.
Is there something else left?
Template-Toolkit, specifically the wrapper directive, should do the trick.
You can use ttree at build time to generate static pages, avoiding the need for any server side technology beyond a simple HTTPD.
Em.. php includes?
So: CSS, Javascript, Includes directories detailing reusable styling, client scripting, and markup respectively?
There is no way to get any form of master page in the way that you are talking about without server side scripting I'm afraid. The best you can hope for is a JavaScript file that loads other JavaScript files, and external stylesheets (one unusual method I saw was the creation of a universal stylesheet that imported many others - but I didn't see all that much benefit to organisation myself). You could always use iframes... but iframes, as you point out aren't designed for that sort of functionality. That sort of functionality was within the scope of frames, and that had unpleasant results.
If you want to use something like php your server will naturally have to support php, but it is a simple way to produce easy organisation of your pages without having to dive neck deep into a complicated framework like Rails. In my experience adopting a CMS, particularly that developed by somebody else can be more trouble than it's worth.

Jump-starting web development

I wrote a prototype for my software in Python as a desktop client-server program, but I want to do the real version as a web service. (I have seen the light? much better deployment and reduced cost) Trouble is, I don't know web development.
I already did something webdev-ish: I have a page with a form on it, that when submitted Apache will run my Python script, which will do some server-side tasks and then send the result on a new page back to the user. Its a very simple tool (doesn't use any DB or framework), but I suppose that's the basic idea of web-based services... I think. To me that was a workaround, I did not realize it is webdev-ish.
So I have a basic idea of how it works, and about 8 years of programming behind me, but I need to learn:
How to design web sites (XHTML and CSS?)
Javascript and AJAX
More advanced features of databases (Postgresql)
I'm thinking Python/Django is a safe bet.
Any suggestions on where to start? I'm not the type who has the patience to read a book; I would rather jump in and build something simple first, then bigger and bigger stuff, but I can't seem to get my head around learning web design - I still format everything with tables.
Cheers and thanks
Check out Django. Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design.
There will be a learning curve, but you might as well learn how to do it right the first time. Go through the documentation, and start building small Django applications. There are tutorials on the Django website.
And yes, you will have to learn HTML and CSS anyway.
Tables are not evil, by the way. You don't have to learn your first website with CSS, but you will need to learn correct CSS layout sooner rather than later. There are free CSS templates out there you can use, which makes the correct use of CSS much easier.
I only got slightly into Django, but I hear good things, so stick with it if you like the approach... inheritance & templating language
XHTML blocks just need to not overlap (markup container rule, good XML syntax with contained elements closing before new ones are begun). Honestly the simplest & most common approach to start web layout is PHP, so I suggest that as first alternative since it is so template-centric.
my favorite CMS is ZOPE, built and used with Python for scripting. Zope3 is more like Django, Zope2 I use more still (Python 2.4.x) has some internal syntaxes and methods to grapple with at first, but if you wish to try it I have a basic site editing framework.
the advantage is the object database hierarchy is just like site structure, inheritance of scripts, content objects (HTML chunks & contextual values), properties... so duplication is minimized, the whole site can be a simple template, reuse & extension maximized. navigation scripted, archive by month & listing contents scripted, footer once, sidebar inherited throughout site - override by cloning into subdirs and editing or specifying object/property for local instance closest to the URL path then seeking up to root.
users can have roles in sections, XML-RPC/HTTP/FTP all ZOPE methods including user-defined, so rich clients can workflow media effectively. batch process media uploads with default containers for each item and metadata (filename, type extension) so users get right to their details. ZOPE can host files or static, remote, whichever, so long as the app knows where to find them (one base property for the app or project root)
if you get into Django there is the ZODB standalone library part of ZOPE for persistent storage only, no ORB

Becoming a Web Designer: CMS, or by hand [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
I'm biting the bullet and becoming a Web Designer, there are just too many good opportunities out there. I'm a professional SW engineer, so I want approach this correctly. So far I'm fairly good at HTML/CSS/Javascript all completely by hand. I'm also good with jQuery and Django with mySql. I've made some cool sites but it takes TOO LONG if I want to do this for many sites.
Here is my question: Do I learn a CMS really well and use it (and be stuck with it) or do I spend that time developing some reusable HTML/CSS templates and do everything by hand?
So far my CMS experience is that there is overhead setting it up, and it you want a lot of customization you're doing CSS anyway.
If I go the CMS route -- which one?
What is the "best method" for Web Dev? I intend on creating a very diverse array of sites as well...
Thanks!!!
The future of web publishing is clearly in Content Management Systems for everything larger than a small personal site. People are not buying sites anymore for which they have to pay a professional every time a paragraph needs changing.
Make sure you know your HTML, CSS, and Javascript, but get familiar with one or more CMS's on the market, preferably one of the big ones that get you a big community, and the advantage of a widely known standard that it is easy to find people for. Learn how to customize it, how to build templates for it quickly and effectively.
One of the biggest flagships in enterprise-level CMS'es is certainly Drupal. From personal experience, I also know Joomla, but I'm not sure whether I'd recommend it to get started with - it tends to be a bit dirty on the code side sometimes. WordPress is successfully used as a CMS by many.
Look around on SO what systems people are happy with; if you want to get to know the concept of a certain CMS check out openSourceCMS who provide live demos of many CMS'es. There are also very robust commercial products out there that are better maintained than the open source projects.
There isn't a single correct answer for this IMHO. Basically, it comes down to:
Use the best tool for the job.
The best thing you can do for yourself is learn about what tools are available, and what they are capable of. Try to match each one to a scenario you think might be particularly suitable for a given solution.
You will find that if you invest a lot of time in learning something like Python / Django you will be able to create just about any site you can imagine, but then you might find that if all your client requires is a simple, mostly static company info site that something like Drupal might be more appropriate.
The baseline technologies like (X)HTML, JavaScript, CSS and SQL are used across all of them, so knowing these tools well in a generic context is also extremely valuable.
A truly well-equipped toolbelt is invaluable.
If you need a little number of pages, without any dynamics, render your site with your favorite language and numerous templates to html files and don't deal with anything but www-server.
Once you need a rather big site - use a tool which you already know well. (I using django and happy with it).
When a site is really huge - make your own CMS. But at first have a practice with tool like django. Until you know how it works - try not to deal with big projects at all.
I can advice to use statically typed language for anything, but i'm sure that you know benefits and caveats.
Python and Django is suitable almost for anything.
I am a Web Designer and recently I began using Wordpress. I've found it great so far, once I have my site ready in xHTML and CSS it only takes me a couple of hours to make the content editable.
I have also created about 3-5 themes my self, I've found creating Child Themes and using Themes like Twenty Ten as a parent, so I can use their functions etc.
I would highly suggest that you look into wordpress, especially if you want to speed up the process for creating websites.
Those two choices aren't mutually exclusive.
You should build reusable code regardless of which option you choose. With a CMS, there will already have some design decisions made for you of course, but I find myself building APIs and interfaces using Drupal all the time. In fact it's a measurement of quality.
There are also some frameworks that you might like too that will let you custom build and increase productivity. See The Zend PHP framework, Ruby on Rails, Kohana, Nanoc and the 960 CSS/HTML grid. You could say they are the best of both worlds!
If you are going to implement web sites for the general public, I'll go with Joomla. I managed to implement 9 websites in one year with this CMS. In my opinion, it is important to know PHP, HTML, CSS and Javascript pretty well before using Joomla (which you seem to know), or any other open source CMS for that matter. This way, you will be able to customize all aspects of the website (both frontend and backend) with ease. For example, when I don't find a plugin which does what I need, I just create the plugin myself.
However, if your aim is more on Web Applications rather than web sites, I'd go with ASP.NET and ExtJS, which seems to be today's trend for web applications since you will be combining the power of ASP.NET with the power of AJAX (ExtJs).
IMO, Python is more targeted for very large and complex projects (look at Google or Amazon).

Resources for getting started with web development? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 8 years ago.
Improve this question
Let's say I woke up today and wanted to create a clone of StackOverflow.com, and reap the financial windfall of millions $0.02 ad clicks. Where do I start?
My understanding of web technologies are:
HTML is what is ultimately displayed
CSS is a mechanism for making HTML look pleasing
ASP.NET lets you add functionality using .NET(?)
JavaScript does stuff
AJAX does asyncronous stuff
... and the list goes on!
To write a good website to I just need to buy seven books and read them all? Are Web 2.0 sites really the synergy of all these technologies?
Where does someone go to get started down the path to creating professional-looking web sites, and what steps are there along the way.
While I have built my knowledge largely based on using the internet to search out what I want to know (w3schools.com helped a lot, as did A List Apart), a few good books have helped me along the way, though they have been platform/language-specific, so I'll avoid mentioning them unless someone is curious. For me, at least, having a book open so that I don't have to resize windows or switch between them is very valuable.
The first part of your list is ok, but the last few items need tweaking. ASP.NET adds server-side functionality (for the most part) to your application. This lives outside of the browser and is thus quite powerful and easily shared with a variety of end-users.
The problem (some say) with server-side processing is that your application must make a new HTTP request when you ask for an action to be performed. So if you click on a link to a page that yields a new set of data, you don't get instant results. The page reloads, or loads a separate page.
Javascript solves this to a degree--it allows you to respond to user input instantaneously. Do you want to display the sum of two numbers when the user clicks a button? You can do it with Javascript.
The problem with Javascript is that it can't talk directly to databases, or explore your server's file system, or other stuff like that. It lives in the browser--period.
AJAX bridges the gap between your user's browser and your server. With AJAX, Javascript makes the HTTP request without refreshing your page or loading a new one. Javascript talks to a server-side script (not necessarily ASP, either--works with PHP, Rails, Coldfusion, etc.) and sends and receives information. And because Javascript isn't dependent on page loads, a quick, snappy AJAX script can almost give the feeling of a common desktop application, in which you don't have to wait for HTTP requests when performing simple actions on your application's data.
I think that this series of Opera Articles will give you a good idea of web standards and basic concepts of web development.
2014 update: the Opera docs were relocated in 2012 to this section of webplatform.org:
http://docs.webplatform.org/wiki/Main_Page
Ian's answer has a lot of weight. You could buy all those books and read them all and know nothing about web development. What you really need to do is start with something that is not nearly as big as Stack Overflow. Start with your personal site. Read some web dev/css articles on a list apart. Learn about doctypes and why to use them. Add some css and change the colors around. Go over to quirksmode and peruse the site. Add some js. Follow some links on Crockfords site. You will probably stumble across his awesome video lectures, which you should watch. Then after that go back to all the js that you wrote and rewrite it. Then pick a server side language that you want to learn. Python is pretty easy, but it really doesn't matter what you pick. Then come back and integrate all those together in your site. At this point you will at least be getting started with web development and will have worked with several different technologies.
EDIT: I forgot to mention. READ BOOKS.
Many developers that I have worked with in the past have gotten through their career without really advancing after a certain point. I could be totally wrong, but I attribute it to not reading enough books and relying on using their same bad code over and over.
You could go out and buy a bunch of books and start reading them and quickly get overwhelmed in the seemingly massive learning curve it takes to go from nowhere, which is where it appears you are, to a rich internet entrepreneur, which is where you want to be.
Alternatively, and what I would suggest is, you could define a problem you want to solve, and then go about finding the solution to that problem. Start with something small. "I have a problem: I don't have a web site about myself.". Define what you need to do to solve that problem, learn the basics, and do it. Then, define a new problem, which probably relies on the solution to the first problem, find what you need to do, and do it.
This is how all technology professionals evolve. My first website was a personal site with nothing but text. Then I added some jokes and some movie quotes. Then I got tired of man-handling all the updates to I learned how to put them into a database and retrieve them from the database for display. It goes on and on.
Call me when you've got more money from your financial windfall than you know what to do with.
If you really just want to jump in with both feet, I would suggest looking at ColdFusion from Adobe. The developer edition is free and runs on windows, os x and linux. The documentation is authoritative and extensive, there is a very active developer community and only a few books you might want to dig into. The definitive guide is a series of books that can be found on Amazon
The nice thing about ColdFusion is that you can use it as a stepping stone to other languages and remain productive along the way. You can even mix it together with Java since it is itself written in java. There are also lots of goodies built in that you would have to scour the web for or pay more for in other languages. Things like full text indexing, graphing, server monitoring, ajax based controls, flash/flex integration, asynch os calls, etc.
You even have the choice of building object oriented code or procedural code, although some people would not count that as a benefit. Those people rarely agree on which style should win, though.
Cheers!
I think sitepoint is the best resource for learning best practices in web development. They have great articles, good references, and probably one of the best forums. However the people there can be a bit grumpy. ;)
If you are a real nerd, reading the specs for HTML 5 and CSS is also a good way to learn.
I'm with Ian on this one. Reading books is all well and good, but nothing beats getting stuck in. I actually started with a Dummies Guide to ASP (that'd be "classic" ASP), back in 1999.
If I was going to start from scratch today I'd be looking at something that covered a full stack solution, whether Apache/PHP/MySQL, RoR or whatever.
ATM I have no experience of Rails, but it might be a pretty good place to start as it includes a lot of stuff that you'd have to figure out early on otherwise (integration with a Scriptaculous, a JS framework) - you can always learn what going on under the hood at a later date.
.NET is always an option, and if you're comfortable with Visual Studio it may be the way to go, but it's not the easiest thing to pick up otherwise.
If you know a bit of HTML but are basically new to server-side programming you might look at ColdFusion. It's actually extremely powerful and like Rails includes lots of "out of the box" benefits. There's a Swiss company called Railo who are currently in the process of releasing an Open Source ColdFusion engine that is affiliated with JBoss.
Last and not least - don't forget databases! Sooner or later you'll need to get to grips with some pretty serious SQL...
CFML (aka "ColdFusion" even though that's really an Adobe product, not the language) is definitely easy to learn, and if you want FOSS for CFML, in addition to Railo you can use Open BlueDragon which is a GPL CFML engine.
Designing with Web Standards is a great first read!
http://www.zeldman.com/dwws/
I would recommend this book:
http://www.amazon.com/MCTS-Self-Paced-Training-Exam-70-528/dp/0735623341/ref=sr_1_1?ie=UTF8&s=books&qid=1218830714&sr=8-1
I have just read it to take the exam, and although I knew the web theory part, I found it to be of great value.
This of course is a ASP.NET specific book, but that is what I would recommend learning anyways.
After you learn all the ASP.NET stuff, I would suggest reading up on JQuery.
Happy coding :)