01242 244620
Get a free website review

Blog > Web Development > Improvement of Database Class & Code

Calendar Posted 27th April 2012 | Feed Icon
Justin

Security is of huge importance to us, which is one of the reasons we recently undertook a large upgrade of our framework to incorporate several extra security enhancements. This involved a wholesale review of the code and a lot of meetings to come up with the best way forward. We decided to move entirely to a class-based framework which has led to many varied improvements, some of which are explained below.

The class framework itself

We originally created our own code framework to afford us total control, flexibility and knowledge of every detail. As we offer bespoke website development this allows us to amend it to suit our clients’ needs easily and with no wasted effort. When it came to moving to a class-based framework there was no question of adopting a third party solution, so we decided to migrate the best bits of our old system to a pure Object Oriented framework whilst rewriting the remaining code from the ground up.

Initially this was quite a commitment for us in terms of time, but the investment has paid off and we are recouping time as bug fixing is reduced and code re-use significantly increased. This allows us to pass development savings onto our clients and to significantly cut development timescales. Essentially, our class-based code makes it a lot easier to build functionality once and then re-use it multiple times in several different scenarios with limited changes.

Security Enhancements

One of the main reasons for the redevelopment was to increase the security of our framework. In particular the underlying database module has been completely overhauled to ensure that all database accesses are filtered against several security processes before being run. The nature of our framework means that we can guarantee that all database calls have to run through these processes.

We also took the opportunity to review and refine our user and member login functionality following 2 penetration tests on our old system. The upgrades ensure that every system we develop will benefit from the full range of cross browser and other exploit prevention mechanisms we have employed. The new user system also ensures that security is maintained through all processes by kicking non-authorised users before any other calls can proceed.

Code maintenance and long term stability

The move to a class-based system has ensured that all of our code is more readable and therefore easier to maintain. This allows us to develop web software faster and more efficiently. The tightly structured framework ensures all developers create code using the same format and structure. All of our developers can easily jump into new projects and instantly understand the environment allowing them to be productive immediately with little learning curve.

Our use of industry standard version control software allows us to keep track of all the changes that are made to the code, allowing us to easily trace bugs to their source and ensure they are fixed for all revisions.

The re-development has also allowed us to fully document our code. This makes it even easier for other developers to understand and amend functionality.

Finally, we have further developed our editing and display functions to automatically provide paging and filter functionality. Along with several other useful functions such as the ability to export any list of results, this allows us to concentrate on developing more bespoke functionality for the benefit of individual clients. Obviously any enhancements which may be of use to future clients are incorporated into our centrally administered system for immediate deployment to the next project. This way everyone benefits from incremental changes.

by Justin | 27th April 2012

We use cookies to help make our website better.

At the moment, your preferences prevent us from using cookies. OK otherwise Find out more.

How we use cookies

Google Analytics is a marketing tool that allows us to see how our site is used, for example how many visitors we get and which pages are viewed most. This information is anonymous but requires cookies to track your actions on our website.

ShareThis is included in our blog pages to provide links to social media tools like Twitter and Facebook, and enable you to bookmark or recommend our pages. This code includes cookies so that ShareThis can track how people use its service.

YouTube is used where we display a video on our website, and includes cookies that track actions such as clicking on related videos.

You can find out more about cookies at www.allaboutcookies.org/manage-cookies

If you'd prefer us not to use cookies, please click here, or if you don't mind us using cookies please click here.