When it comes to web application security, there are a class of things that every web developer should know. Trust me, you need to learn these and you’ll use them on every project you do. Interviewers ask about this stuff, so learn about them and how to handle them in whatever language you’re using.
Welcome to Ask Away where I answer some of the questions sent to me or found on the web. Today’s question comes from a comment on one of my Reddit threads that I answered recently about language selection for high performance:
Welcome to “How It Started”, a feature where I talk about how different sites around the internet were built to give an idea of what’s involved in a real world web application. I hope to illustrate that some of the biggest websites today had very humble beginnings that are achievable by learning the basics of web development.
Welcome to Ask Away where I answer some of the questions sent to me or found on the web. Today’s question comes from a Reddit thread that I answered recently about mobile development:
The call came in around 3:00 PM and I ran outside to take it in private. The call was from the start-up in Michigan that I had been interviewing with for three weeks and they had finally made a decision.
I’ve seen a lot of posts on /r/learnprogramming and other places wondering how to get started with web programming. I’ve been doing this for about 15 years now and I’m here to give you some good news. Everything that I’ve done, from bill pay sites for Fortune 100 companies to lead tracking applications for small businesses, is essentially based on one simple concept and that’s CRUD.
Having been in web development for over 15 years, I’ve had to learn a lot of new technologies. When I started, JavaScript was something you avoided and no one had heard of CSS. Now, you’re nothing it you don’t know both of those like the back of your hand. Things change fast on the internet and you better be able to learn programming quickly. Most of that was on the job training and that means picking things up enough to be productive now.
When building your WordPress theme, you might have been planning it to be used mainly as a blog theme or perhaps you lean in the web pages direction. Either way, to make a fully integrated WordPress theme, you need to make sure both Pages and Posts are fully supported. And that means you should have a single.php and a page.php included in your theme and they shouldn’t look the same.
You may think this is obvious, but I’ve seen many times when a theme is geared just toward web pages or just toward blogs (the most common) and then have a junky default index.php for handling the other half because the theme wasn’t fully thought through. Posts and Pages are both first-class citizens in WordPress and should be treated that way. And your clients will love you if you do.
WordPress isn’t always the friendliest thing in the world to style and the WordPress menus are no different. To get at the WordPress menu CSS takes a couple of hoops to jump through, but I’ll walk you through them now to illustrate how it can be done.
Someone asked this over at http://wordpress.stackexchange.com and I put a lot of research into it, so I figured I’d post it here too.
Someone had asked how to go about securing RSS feeds behind a firewall in WordPress. It’s not an overly easy process so I dug in to try and figure it out.