Results 1 to 15 of 15
  1. #1
    Join Date
    Apr 2012
    Location
    Detroit
    Posts
    23

    What Web Languages Should I be Using in 2012 for Web Standards Compliance?

    Hello everyone,
    I have semi decent knowledge on the XHTML, CSS, and HTML4 languages, but that was years ago that I would whip out website after website design just for the fun of it..

    Now that its been so long, I am quite rusty.. I fing myself researching how to do basic things again, that I knew exactly how to do before..

    I really like to use Aptana Studio, cssed, and this new beta program written in LaTeX called "Sublime Text 2" Seriously check it out! Its in a free evaluation stage right now, and I have yet to run into a problem yet. Good for coding anything, and supports syntax highlighting of nearly all programing languages. Also when I am on Windows (Rarely) I use Dreamweaver sometimes.. I just like how it has a quick switching live browser view.
    That being said, anyone know of a Linux supported IDE that has a live browser view like Dreamweaver does?


    But to get to my main question I came here for, considering that I said I havent been doing any web development for a couple years.
    Could someone please tell me what languages are the best of the web standards this day in age?

    Should I jump into HTML5? Is it stable enough yet? or should I stick to XHTML or HTML4 for a while?
    XHTML2 out yet? How long has CSS3 been out? etc.

    Any tips on those would be great. I would really appreciate it.
    I really want to get back to developing I just don't want to start relearning a language not even used anymore... and waste my time..


    Thanks for your time.
    Id appreciate any comments.
    Take Care.

  2. #2
    PHP 5+
    XHTML
    Jquery, Mootools, Jquery UI.
    CSS3

    Dreamweaver
    Xampp Server - for localhost.

    Jquery is very popular so far. People often use it. But it sometimes makes webpages so slow.
    CSS is so popular, too. It sometimes causes some cross browser issues. Don't forget to check out your codes on different browsers. This issue may drives you crazy.
    That's why I always use basic HTML tables, that's the way I do my job. I didn't like HTML5 at all. I'm not going to use it.

    People have been using CSS3 for so long time, but I'm okay with CSS2, too. That shouldn't be a big problem for you.

    Hope these helps.
    Regards
    - I am a PHP developer. I'm not a webhosting owner, I have never run a webhosting business before.
    - English is not my primary language.

  3. #3
    Join Date
    Apr 2012
    Location
    Detroit
    Posts
    23
    Awesome buddy. Thanks a bunch for the suggestions. That's the exact kind of answer I am looking for. That sounds great I am definitely gonna get to learning all of those a bit more.

    I think I might be good on the Xampp though, I have been really interested in the Firebird database. so I have been going with a FLAP stack.
    But I am sure that could always change, if I don't like it.
    Seems like Xampp is really user friendly..


    Also to keep in mind, I am really security oriented. so would using any of the languages you mentioned open my pages up to some easy security vulnerabilities?


    And another thing I wanted to ask everyone..
    Say I am using my FLAP or LAMP server stack, is there anyway I can use both Perl and PHP, and or even python as well? I have always seen you could substitute these, but could you stably run two or three together??

    Thanks again.

  4. #4
    PHP comes with some security problems.
    SQL Injection comes at first (if you use sql queries). You ought to use mysql_real_escape_string to stop sql-injection attacks.

    Example:

    PHP Code:
    <?php
    // We didn't check $_POST['password'], it could be anything the user wanted! For example:
    $_POST['username'] = 'aidan';
    $_POST['password'] = "' OR ''='";

    // Query database to check if there are any matching users
    $query "SELECT * FROM users WHERE user='{$_POST['username']}' AND password='{$_POST['password']}'";
    mysql_query($query);

    // This means the query sent to MySQL would be:
    echo $query;
    ?>
    Code:
    The query sent to MySQL:
    Code:
    SELECT * FROM users WHERE user='aidan' AND password='' OR ''=''
    Code:
    This would allow anyone to log in without a valid password.
    Detailed information could be found at: http://php.net/manual/en/function.my...ape-string.php

    There are some scripts which scan and guard your system against sql-injection attacks.
    Example: http://www.myphpscripts.net/?sid=1

    I've been using that script for long time. It works. You may have to use it through php.ini. It's up to you.

    There are also some sort of attacks like XSS, Brute Force. I always track login forms. In fact, I developed my own brute force guard software by PHP. I think, you can do same thing. XSS is a quite complicated attack technic. You should make research about cookies and sessions to prevent from Cross Site Scripting attacks (XSS).

    So, I have to talk about form filtering. Never, never trust end-users' values which are coming from a form. Always filter everything. PHP 5 comes with perfect filtering technics.

    Example: http://www.php.net/manual/en/function.filter-var.php

    You ought to use filter_var's email function if you wait an email address from your form. End-users might fill your form with <script> tags and try to hack your information. Never trust form values. Please, always filter every form value. You can track hack attempts and issue auto bans upon IPs by PHP. This job can be done with PHP+MySQL.

    I always configure my php.ini by myself. This file is so important. That's the file which you are able to set up your PHP settings. I always disable all PHP settings that i don't need.

    Security is important, yes. But getting regular back-ups might be more important.
    - I am a PHP developer. I'm not a webhosting owner, I have never run a webhosting business before.
    - English is not my primary language.

  5. #5
    Join Date
    Apr 2012
    Location
    Detroit
    Posts
    23
    I hate how if you accidentaly press some button that sends your browser back one page, you lose ALL the content you type... This has happened to me like 9 times already... I don't even realize what I pressed, and I always write such long detailed posts, and accidentaly go back, and lose it all... :/

    Anyways..
    Awesome, Thanks so very much, again!

    Great info.

    Never would of thought PHP had security risks, either. So thanks for clearing that up.

    Still curious as to whether I can use Perl, and PHP (& maybe Python) simultaneously in a LAMP stack. I have searched and searched and can't seem to find the answer..

  6. #6
    Join Date
    Feb 2011
    Location
    Columbus, Ohio, USA
    Posts
    334
    PHP and Python (For Server side scripting), HTML5 (for multimedia), XHTML, JavaScript, JQuery, Mootools.

    More recently, I've been starting to really like Python. It's a bit more complex than PHP but it's performance is better in large scale projects.

  7. #7
    Join Date
    Apr 2012
    Location
    Detroit
    Posts
    23
    Thanks bud. That is the exact layout I was thinking as well.

    That being said, does that mean I can use them both?
    I mean, would I have to choose only one for a server, and another for a different server? etc.

    I am also trying to figure out if MooTools is Linux supported..

  8. #8
    Join Date
    May 2012
    Posts
    8

    What to know?

    The way things are going you need your site to look perfect.

    You must be fluent with your:

    HTML
    CSS
    jQUERY

    If you want to be an expert I would look into:

    JAVASCRIPT

    If your good at it you can make sites awesome!
    Hope this helped!

  9. #9
    Join Date
    Apr 2012
    Location
    Detroit
    Posts
    23
    cool thanks.

    But inst Javascript probably the most unsecure of all the programming languages?

  10. #10
    Join Date
    May 2012
    Posts
    8

    Well...

    Javascript is fairly insecure but it does look amazing. It probably isn't good for something like a main page. More for a knowledge base or something.

  11. #11
    Join Date
    Apr 2012
    Location
    Detroit
    Posts
    23
    Yeah, it sure can be pretty, but it wouldnt be too pretty if there is some security risk..
    Plus there is a substantial userbase of the NoScript plugin in firefox, and others who simply just disable it...

    I wonder if there are other methods to pretty up a website and make it all fancy without JS..?

    Also I think something that should be taken into account here is, who is it insecure to? The end user? or could it be insecure to the server? Like SQL injection.
    Because I know JS can be used for many ways to infect a computer, etc. (effects the end user.) but I unaware as to whether it would pose a security risk to me as a server admin, for example..?
    Anyone able to clear this one up?

    Thanks for everything guys.

  12. #12
    Join Date
    Jan 2004
    Location
    Toronto, ON
    Posts
    1,104
    Quote Originally Posted by drophostuk View Post
    Javascript is fairly insecure but it does look amazing. It probably isn't good for something like a main page. More for a knowledge base or something.
    ??????? What?!

    Pretty much every single popular website in existence uses javascript on every single one of their pages...
    I specialize in neck beards
    https://thatshirt.com

  13. #13
    Join Date
    Jan 2004
    Location
    Toronto, ON
    Posts
    1,104
    Quote Originally Posted by insomnia24/7 View Post
    Yeah, it sure can be pretty, but it wouldnt be too pretty if there is some security risk..
    Plus there is a substantial userbase of the NoScript plugin in firefox, and others who simply just disable it...

    I wonder if there are other methods to pretty up a website and make it all fancy without JS..?

    Also I think something that should be taken into account here is, who is it insecure to? The end user? or could it be insecure to the server? Like SQL injection.
    Because I know JS can be used for many ways to infect a computer, etc. (effects the end user.) but I unaware as to whether it would pose a security risk to me as a server admin, for example..?
    Anyone able to clear this one up?

    Thanks for everything guys.
    Everything has the ability to be insecure, it's following proper development practices that reduces risks. Javascript is a client side language, it cannot affect a server... If it does, it's not javascripts problem.. it's poor coding practice allowing javascript to be used as a tool, but requires a server side language to actually cause the damage.

    Every single language has insecurities...
    I specialize in neck beards
    https://thatshirt.com

  14. #14
    Join Date
    Jul 2008
    Posts
    45
    Quote Originally Posted by paraiba View Post
    PHP comes with some security problems.
    SQL injection isn't a problem of PHP.

    In fact PHP drivers give you the ability to completely nullify these attacks by using mysqli_prepare or pg_query_params (for Postgres) which are more elegant solutions than escaping variables.

    To answer the OP's question, do you want to learn client side or server side programming? For server side:
    Javascript, Javascript, Javascript

    Server side javascript is on the rise with Node.js. People saying that it is slow have absolutely no idea of what they are talking about. With the latest work on V8 it is faster than PHP, Python, Ruby, etc. In fact only C/C++ and Java are faster than javascript/V8 (source: http://shootout.alioth.debian.org/).

    You can also share client and server code if you go with javascript.

    It is a relatively new platform but I believe that Javascript/Node is to PHP what PHP was to CGI programs 10 years ago.
    Cost effective and reliable website & server monitoring
    OnUptime - www.onuptime.com

  15. #15
    Join Date
    Apr 2012
    Location
    Detroit
    Posts
    23
    Okay, thanks for everything guys.
    I got some work to do!

    Yeah that answers my question as to the Javascript security issue, I will be doing server side scripting so I should not pose any security risks.

    I just knew how Javascript can be so easily used to silently install malware on unsuspecting victims pc's. Among the hundreds of other techniques hackers can use to deploy malicious code onto a victims system. I just didnt know as to whether it could be used on my own servers to somehow infiltrate me.
    I will still probably provide the Source code of my JS so people know its safe, and what not.
    Considering one of the sites I will be designing is for a Malware removal, and security website for a client/"friend" of mine.

    So thanks for everything guys. I think this all should be enough for now. Seems I got my work cut out for me.

    If anyone else feels like commenting, please only suggest something that hasn't been already, which you may feel also deserves its respect.

    Thanks folks.
    Take Care.

Similar Threads

  1. Web Standards
    By Deja Host in forum Web Design and Content
    Replies: 8
    Last Post: 08-17-2006, 08:06 AM
  2. A Web Standards Portal
    By xcoredotnet in forum Other Reviews
    Replies: 0
    Last Post: 02-26-2006, 07:40 PM
  3. Do any designers care about web standards?
    By innova in forum Web Design and Content
    Replies: 63
    Last Post: 09-15-2005, 11:47 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •