Best Practices

Best Practices

116 bookmarks
Custom sorting
Mark's stream of verbiage: Improve reliability and maintainability by using stateless connections
Mark's stream of verbiage: Improve reliability and maintainability by using stateless connections

MySQL application developers have some problems with connection state. There is a lot of state which can be used associated with a single connection

* Transactions (autocommit, uncommitted work, when a transaction was started, isolation level)
* Temporary tables
* Session variables which affect behaviour
* Other session variables

If you can avoid all of these, then you can benefit from transparent auto-reconnection and transparent connection reuse / pooling etc.

#dev#mysql#documentation#clevermarks#bestpractices
Mark's stream of verbiage: Improve reliability and maintainability by using stateless connections
Ben Ramsey » Blog Archive » HTTP Status: 100 Continue
Ben Ramsey » Blog Archive » HTTP Status: 100 Continue
The 100 Continue status code is an informational response that tells the client application it can continue sending the request. In short, the client can make an abbreviated request of the service to check whether or not it should continue making the full request. The service can then respond either “yes” (100 Continue) or “no” (417 Expectation Failed) with an explanation of why not. In RESTful Web Services, Richardson and Ruby refer to this as a “look-before-you-leap” (LBYL) request.
#web services#dev#clevermarks#rest#bestpractices
Ben Ramsey » Blog Archive » HTTP Status: 100 Continue
Ten Commandments of Egoless Programming
Ten Commandments of Egoless Programming
What we need is a set of rules or guidelines to help developers keep themselves (their egos, actually) separate from their code. Hence our Ten Commandments for Egoless Programming, which you can also download in handy "stone tablet" format:
#dev#bestpractices#clevermarks
Ten Commandments of Egoless Programming
Code Refactoring Guidelines « PHP::Impact ( [str Blog] )
Code Refactoring Guidelines « PHP::Impact ( [str Blog] )
In software engineering, “refactoring” source code means modifying it without changing its behaviour, and is sometimes informally referred to as “cleaning it up”. Refactoring neither fixes bugs nor adds new functionality, though it might precede either activity. Rather it improves the understandability of the code and changes its internal structure and design, and removes dead code, to make it easier to comprehend, more maintainable and amenable to change. Refactoring is usually motivated by the difficulty of adding new functionality to a program or fixing a bug in it.
#dev#bestpractices#clevermarks
Code Refactoring Guidelines « PHP::Impact ( [str Blog] )
Jasypt: Java simplified encryption - How to encrypt user passwords
Jasypt: Java simplified encryption - How to encrypt user passwords

Almost all modern web applications need, in one way or another, to encrypt their users' passwords. We could say that, from the moment that an application has users, and users sign in using a password, these passwords have to be stored in an encrypted way.

There are some intuitive reasons for this: our data stores can be compromised, and so can our communications. But the most important reason is that we have to think of our users' passwords as sensitive personal data. Their passwords are their key to their privacy, so they are personal, they are sensitive, and no one (not even us) has the right to know them. And we must honor this if we want to gain our user's trust.

#clevermarks#security#bestpractices
Jasypt: Java simplified encryption - How to encrypt user passwords
Google Testing Blog: My Selenium Tests Aren't Stable!
Google Testing Blog: My Selenium Tests Aren't Stable!
The underlying message: When your tests are flaky, do some root cause analysis to understand why they're flaky. It's very seldom because you're uncovered a bug in the test framework. In order for this sort of analysis and test-stability improvement work to be done effectively, you may well need support and help from your team. If you're working on your own, or in a small team, this may not be too hard. On a large project, it may be harder. I've had some success when a person or two is set aside from delivering functionality to work on making the tests more stable. The short-term pain of not having that extra pair of hands focusing on writing production code is more than made up for by the long-term benefit of a stable and effective suite of end-to-end tests that only fail when there's a real issue to be addressed.
#testing#bestpractices#clevermarks
Google Testing Blog: My Selenium Tests Aren't Stable!
ZendCon: Writing Maintainable PHP Code - Professional PHP
ZendCon: Writing Maintainable PHP Code - Professional PHP

I’ve finally made it to my first Zendcon. Its nice to see some familiar faces and also nice to put new faces to familiar names.

I gave my maintainable PHP talk this morning. I love doing this talk. Thanks to everyone who attended. I’ve put the slides (pdf) up on my talks page.

Much of the material is based on Test Pattern columns that I’ve written for php|architect. Here are some of the specific columns.

Organizing For Change This is where I developed the outline for the talk Dependency Injection This is a more in depth discussion of code reuse and dependency injection Modeling Dependencies This is where I talk about coupling, layered design and abstraction A Closer Look at Cohesion This is where I developed my explanations of cohesion and the single responsibility principle Searching the Code Good designs are searchable

#clevermarks#php#bestpractices
ZendCon: Writing Maintainable PHP Code - Professional PHP
Design Patterns and Refactoring
Design Patterns and Refactoring
SourceMaking — is the best information source on the Web on such software development topics as design patterns, refactoring and UML. A lot of information freely available through the site's pages, so feel free to use bookmarklet to leave interesting chapters for further reading. You may start browsing the site by following one of these topics:
#uml#dev#bestpractices#clevermarks
Design Patterns and Refactoring
googleads.g.doubleclick.net|Untitled
googleads.g.doubleclick.net|Untitled
Pair programming has generated considerable controversy: some developers are enthusiastic about it, almost evangelical; others are dubious, even hostile. However, a large factor in this controversy is that programmers label a wide variety of practices under the "pair programming" umbrella. Thus, before our community can sensibly discuss how pair programming works, we first need to establish exactly what it is.
#agile#dev#bestpractices#pairprogramming#clevermarks
googleads.g.doubleclick.net|Untitled
CWE - 2010 CWE/SANS Top 25 Most Dangerous Programming Errors
CWE - 2010 CWE/SANS Top 25 Most Dangerous Programming Errors

The 2010 CWE/SANS Top 25 Most Dangerous Programming Errors is a list of the most widespread and critical programming errors that can lead to serious software vulnerabilities. They are often easy to find, and easy to exploit. They are dangerous because they will frequently allow attackers to completely take over the software, steal data, or prevent the software from working at all. The Top 25 list is a tool for education and awareness to help programmers to prevent the kinds of vulnerabilities that plague the software industry, by identifying and avoiding all-too-common mistakes that occur before software is even shipped. Software customers can use the same list to help them to ask for more secure software. Researchers in software security can use the Top 25 to focus on a narrow but important subset of all known security weaknesses. Finally, software managers and CIOs can use the Top 25 list as a measuring stick of progress in their efforts to secure their software. The list is the result of collaboration between the SANS Institute, MITRE, and many top software security experts in the US and Europe. It leverages experiences in the development of the SANS Top 20 attack vectors (http://www.sans.org/top20/) and MITRE's Common Weakness Enumeration (CWE) (http://cwe.mitre.org/). MITRE maintains the CWE web site, with the support of the US Department of Homeland Security's National Cyber Security Division, presenting detailed descriptions of the top 25 programming errors along with authoritative guidance for mitigating and avoiding them. The CWE site contains data on more than 800 programming errors, design errors, and architecture errors that can lead to exploitable vulnerabilities. The 2010 Top 25 makes substantial improvements to the 2009 list, but the spirit and goals remain the same. The structure of the list has been modified to distinguish mitigations and general secure programming principles from more concrete weaknesses. This year's Top 25 entries are prioritized using inputs from over 20 different organization

#security#bestpractices#clevermarks
CWE - 2010 CWE/SANS Top 25 Most Dangerous Programming Errors
Scaling Web Applications with HMVC – techPortal
Scaling Web Applications with HMVC – techPortal
The Hierarchical-Model-View-Controller (HMVC) pattern is a direct extension to the MVC pattern that manages to solve many of the scalability issues already mentioned. HMVC was first described in a blog post entitled HMVC: The layered pattern for developing strong client tiers on the JavaWorld web site in July 2000. Much of the article concentrates on the benefits of using HMVC with graphical user interfaces. There has been some suggestion that the authors where actually re-interpreting another pattern called Presentation-Abstraction-Control (PAC) described in 1987. The article in JavaWorld provides a detailed explanation of how HMVC can aid in the design of desktop applications with GUIs. The focus of this article is to demonstrate how HMVC can be used to create scalable web applications.
#dev#bestpractices#performances#clevermarks
Scaling Web Applications with HMVC – techPortal
InfoQ: Success Factors for Systematic Reuse
InfoQ: Success Factors for Systematic Reuse
Systematic reuse requires the interplay of people, process, and technology decisions that have to be executed within the context of real world constraints. Are there success factors that will make a difference to reuse? I believe so! This article provides five success factors that will help capture domain variations, ease integration, delve deeper into design context, work effectively as a team, and manage domain complexity.
#bestpractices#wk#clevermarks
InfoQ: Success Factors for Systematic Reuse
Selective Homeworkless Reviews
Selective Homeworkless Reviews
We describe a version of review/inspection called selective homeworkless review. In these reviews, moderators are taught how to select artifacts for review and review methodologies with little or no preparation. Many review and inspection methodologies are known in the literature and used in industry with very good results. The main issue we faced was not how to tune an existing inspection methodology, but rather how to get people to seriously and continuously inspect their artifacts. With the shrinking of the release cycle, people try to avoid front-loaded methodologies such as reviews, which seem to waste time early on. This is true both at the organizational level, where the overall cost is considered and at the day to-day level, where time for preparation needs to be found. Because the reasons for rejecting existing inspection techniques were more organizational than technical, the way our methodology overcomes these objections is as central to the paper as the selective homeworkless review methodology itself. We introduced selective homeworkless reviews three years ago. We now have convincing evidence that this methodology can be introduced even in organizations that are resistant to formal inspections, leading to significant improvements in quality.
#code review#bestpractices#clevermarks#wk
Selective Homeworkless Reviews
Ibuildings - Horizontally Scalable Web Applications - ibuildings.com
Ibuildings - Horizontally Scalable Web Applications - ibuildings.com
What Is Scalability? Scalability is not high performanceWhat goes up, must come downScalable by Design Loose CouplingCreate APIs, assemble applicationsScaling Your Application Horizontal vs. vertical scalingBreaking It Apart – Thinking in Pieces StaticDynamic Database Session ClusteringMemcached Session ClusteringAPIsScaling Your Database Database ReplicationDatabase FederationDatabase Sharding Alternative Data Storage Engines API-only data accessCouchDB and Amazon SimpleDbScaling to the Cloud Platform as a ServiceInfrastructure as a ServiceDegrade gracefully
#performance#bestpractices#clevermarks#wk
Ibuildings - Horizontally Scalable Web Applications - ibuildings.com
Getting Clean With PHP | Nettuts+
Getting Clean With PHP | Nettuts+
Data security is important and often undervalued by designers, developers, and clients alike. Since PHP 5.2.0, data sanitization and validation has been made significantly easier with the introduction of data filtering. Today, we’re going to take a closer look at these filters, how to use them, and build a few custom functions.
#php#security#bestpractices#reference#clevermarks#wk
Getting Clean With PHP | Nettuts+
Big Ball of Mud
Big Ball of Mud

While much attention has been focused on high-level software architectural patterns, what is, in effect, the de-facto standard software architecture is seldom discussed. This paper examines this most frequently deployed of software architectures: the BIG BALL OF MUD. A BIG BALL OF MUD is a casually, even haphazardly, structured system. Its organization, if one can call it that, is dictated more by expediency than design. Yet, its enduring popularity cannot merely be indicative of a general disregard for architecture.

These patterns explore the forces that encourage the emergence of a BIG BALL OF MUD, and the undeniable effectiveness of this approach to software architecture. What are the people who build them doing right? If more high-minded architectural approaches are to compete, we must understand what the forces that lead to a BIG BALL OF MUD are, and examine alternative ways to resolve them.

A number of additional patterns emerge out of the BIG BALL OF MUD. We discuss them in turn. Two principal questions underlie these patterns: Why are so many existing systems architecturally undistinguished, and what can we do to improve them?

#dev#bestpractices#architecture#clevermarks#wk
Big Ball of Mud