For the beginners – Creating quality code – Part 3

Welcome back to the series of articles, where we work our way from the scratch to creating an application with quality code. This is a continuation from the previous article where we created an initial application for a ticketing system, by designing and writing application layer code. In this part, we will improve that code to enhance security, maintainability and make it more extensible for future use. You can read the previous two articles of the series on the links below.

Part 1

Part 2

Step 4 – Improving the application layer

While we were able to create a nice application layer in our previous step, it suffers from some serious shortcomings that we need to address in order to make our application more robust and easily extensible. Let’s review first why we still need to improve on our application layer:

  1. It restricts coders and users to one page functionality only, if they are logged in. Cramping up any additional page does not look easy.
  2. The two external pages ‘view_tickets.php’ and ‘add_ticket.php’ might be directly accessed in the browser. If they are, we will need to add the same application layer for security in those page, which is never a good practice. Imagine having 10 more pages like those in the same directory and you will be copy/pasting the application code in all files.
  3. Our webpages will also need to display some common things in header/footer section when we create our display. That code will also need to be added to files other than index.php, again, which isn’t nice.

The trick here is to make minimum changes to the application layer code, so that while we add the required features to the application, it does not go out of control during our modifications. Let’s try to incorporate the first feature into our code:

<?php
  $page = '';
  session_start();

  $usertype = get_user_type();
  switch($usertype)
  {
     case 'coder':
        include('coder_pages.php');
        break;
     case 'user':
        include('user_pages.php');
        break;
     default:
        include('login.php');
  }
?>

Now although the above code solves the first problem, we still have to secure the other pages from directly executing in the browser. Here’s a very simple modification that I will do to make that happen.

<?php
  $page = '';
  session_start();

  $usertype = get_user_type();
  switch($usertype)
  {
     case 'coder':
        include('coder_pages.php');
        handleCoderPages();
        break;
     case 'user':
        include('user_pages.php');
        handleUserPages();
        break;
     default:
        include('login.php');
        displayLogin();
  }
?>

Looking at the above code you will see that the simple trick I have applied is not just include the other required files in index.php when required, but called a function to do specific processing. This means that all files other than index.php will only contain functions, and the only way to execute them is to go through index.php. Cool isn’t it?

Now since we are left with only one problem, and that is to create the display for all the webpages, I will leave that as an exercise to the user. You must remember that while you add that code to the application layer (which is solely now our index.php file), it should not change drastically so as to become messed up and difficult to understand. The application intent should also match exactly with the one we designed in step 2, after the modifications.

In the next article of the series, we will see how can we add the second layer of code to our ticket system, to add some functionality while maintaining our goal of creating good quality code.

  • Nana Yaw

    Thank you very much as i have really enjoyed the manner in which you have handled the first the lessons so far. I am really interested in web applications and this was one of the applications i decided to try and come up with. Initially i found things very difficult for myself. Even though i new what i wanted, i did not know how to begin but following you so far has been great.
    Please when will the next article in the series be made available. I can’t wait till we are through. Thanks once again

  • Oakley vault

    The eyewear brand companies Oakley vault sunglasses mainly for women with a couple of designs in the actual mens category. Known because of its colorful and unique sets, Oakley vault are easily recognizable using the embossed logo on the actual temples. The exquisite design is from the frames range from Oakley sunglasses outlet to classic aviator tones, with pastel and earthy colored lenses. The variety of colors the brand offers could be compared with the mood from the Cheap Oakley vault.