Discuss the features of a web centered application, security concerns and Web application specification?
Features of a Web Centered Application
- The set of logically associated interactive operations which will complete a precise requirement of a business which has been explained by an experienced Internet user is known as a web centered application. In case of web applications, the application’s ‘business user’ is the web supplier and it’s this perspective which states what a ‘user requested functionality’ is. The website’s final user doesn’t directly impact either the requirements of design or the business functionality offered.
- A website can offer access to various web applications. It is quite critical to clearly form boundaries of the application at the very beginning.
- The web application’s architecture includes various elements. The main intention of counting decides the elements to be involved in the particular count’s scope. For various organizations, only the functionality that has been designed by the company’s developers is involved. Various types of web elements are –
- Functionality of business applications
- Security, for example, structures of access control, encryption of data, firewalls, etc.
- E-mail elements
Web elements are being altered and added, regularly.
- The various kinds of business operation which are offered by web centered applications differ significantly. Web centered application can be distinguished as either –
- Set of constant HTML pages
- Online applications –
- Information provision applications and simple form fill-ups
Fully operational applications of the business.
Benefits of a web application
Some of the major benefits of an application on the web are as follows –
- Cost Effective Development – Just like all web centered applications, the user will be capable of accessing the whole system via a unified environment. The interactions of the users and the applications’ requirements are to be properly assessed on several browsers and the application needs to be developed for only one operating system. Troubleshooting and development of the application will become quite simple due to this extra advantage.
- Accessible Anywhere –If an active connection to the Internet is present, then web systems can be accessed from anywhere and at any time. The ultimate charge is only given to the user in regards to the place and time of access.
- Easily Customizable – In comparison to desktop applications, web centered application can be easily personalized. The users can straightforwardly modify the settings and can update the web application, as and when needed. The information which is available to numerous users can be given a distinct look.
- Accessible to Various Range of Devices –The user is given the freedom to personalize numerous groups of users and the content that is available within these applications can be effortlessly formatted and thus, the information can be accessed from various devices. Various devices to which the content can be sent to are PDA’s, tablets, smartphones, etc. In this way, the data can be received and sent to numerous devices, simultaneously.
- Improved Interoperability – If a user were to unify all the web centered applications and utilize them in various devices concurrently, they are also capable of augmenting the operability of the application and this will make the job, effortless for the web application users. The application permits easy user integration and can isolate various jobs which can be done at the same moment. Additionally, it can be utilized to synchronize two jobs, together.
- Quick Maintenance and Installation – The modern web centered application offer a simple phase-by-phase installation to the clients and due to this, the users don’t require any external assistance for application installation. The update and upkeep of the application is also quite simple as the app notifies the user when new updates or versions are available. The client will only need to click the notification box and the application will update itself. After the latest update has been properly installed, notifications will be offered to the user and then, they will be able to utilize a better version of the application.
- Customizable to the Increased Workload – The simple policy of updates for these apps makes its operation quite simple and it will additionally increase the capacity of the processor. A number of desktop centered applications receive no updates at all. They utilize large amount of processor spaces and thus, their functionality is sluggish. The servers via which the web centered applications are provided is continuously scrutinized and this makes their functionality quicker and simpler. The apps can be utilized by a large number of users/clients and it will not cause any problems.
- Flexible Technology – The web centered applications could be used by any one of the 3 fundamental technologies, however the utilization is centered on the demands and necessities of a specific app. For small or low budgeted website, MySQL and PHP can be utilized however the best choice will to utilize an Open Source Platform.
Distinction between Server-side and Client-side Scripting
Client-side Environment – Generally, a browser can be defined as the client-side environment that is utilized to operate scripts. The processing of the scripts happens on the computers of the final users. The source code is sent to the users’ computers from the servers of the web application via the Internet and it runs directly within the browser. The language for scripting is required to be permitted on the computer of the client. At times, if a client is cognizant about the risks of security, then he/she might turn off the facility of scripting. If this situation happens, a message generally appears and notifies the user about the script which is about to run.
In a typical database attack, the hacker might perform an injection of illegal access codes to a destabilized SQL centered data channels like the web applications and preserved processes, so that processes be entered. The codes are created skillfully with the objective of executing them on the databases for unlawful intentions. By using SQL injections, the hacker will have complete access to the complete database. SQL injection can be performed at various locations and the most commonly utilized method of performing SQL injections is by gaining access to the database via the typically present fields of the website. These fields are forms for registration, form for login, forms for contact, forms for appointments, forms of patient information, etc. These website field offer a gateway into the database that is present for the website. These are considered to be points of attack as these field have been created from numerous companies and sources and are configured by various different users, at different points of time. Thus, an attack takes place when SQL commands are given to the website fields instead of the expected information. Improperly coded forms will allow hackers to utilize them as points of access to the database which is available on similar servers or various servers which are present on the same network.
Techniques for Prevention –
- ‘Least Privilege’ rule should always be applied and a low-privileged account for the database applications needs to be created so that access to the DBMS can be had.
- Strict Validation of data supplied by users and data from various possibly unauthorized sources from the side of the server – The validation of inputs from the client side can be beneficial, however, it can’t be depended on.
- SQL error messages are not to be returned by the users because they include data beneficial to the hackers. These information are queries, contents, and details regarding tables targeted. In Java, this can effortlessly be avoided via the utilization of exception handling or by directly detecting all SQL Exceptions.
- Enforcement of all data types needs to be given for every input. Class-specific general expressions can be utilized for data validation. Classes can also be applied through statements which have been pre-compiled with bounded variables like JDBC’s interface of PreparedStatement. Additionally, boundaries are to be checked so that overflows of buffer and errors of truncation can be prevented as these might cause DBMS crashes.
- Encoded fields of text input can likely contain challenging characters and these might be turned into alphanumeric versions via the utilization of 2-way operations like Base64.
Web Application Specification
This application has been created on a 3-stage architecture. 3-stage architecture includes a data tier, a data/business access tier and a presentation tier. The architecture segments the presentation interface from the business logic. The stream is – request is transferred to the business tier and then, it is sent to the server. The response from the server also goes through the same pattern, but the order is reversed. Creating a 3-stage system needs additional resources and programming.
- Web Server – Apache is quite beneficial due to the fact that it is extremely stable and fast. However, its graphical capability is restricted. It contains very restricted choices in regards to operating with a graphical interface. It contains a command line interface and facilitates communications by inputting commands.
- Middleware –PHP can be considered to be finest amongst the category of languages called middleware. The language operates finely with the web server. The middleware decodes requests from the World Wide Web. Then, it analyzes the request, cooperates with various programs and generates responses. After this, the response is shown in the user’s browser and serves the user requirements.
- MySQL – Relational DBMS is the best technique to save and access saved data. Relational DBMS is the first choice for any kind of web centered solution. Every leading database utilizes SQL or Structured Query Language.
Server-side and client-side scripting language.
PHP vs. Python
In the fight between PHP and Python, PHP ranks quite high in the popularity ladder and is considered to be the best open source scripting language in comparison Python. An individual can locate a large number of PHP developers and PHP developers will always have jobs. Nearly every well-recognized websites present on the Internet are encoded utilizing PHP.
- Language Syntax – PHP is quite easily available, well-recognized and easily identifiable. The curly braces and semi-colons are well-recognized and can very easily be identified by the users who have previously utilized a programming language like C, C++, etc. In comparison, Python is quite new and the switch from PHP to Python can be quite time consuming and difficult. Python utilizes black spaces as an alternative to curly braces and thus, coding will take some time to get used to. However, Python is gaining popularity and its advantages overshadows its disadvantages.
- Web Programming – PHP is the programming language that is utilized to create numerous webpages. Some individuals might utilize it to perform other jobs, however, its core objective is to create webpages. PHP can work on HTML templates and code injection can be done for its utilization. In comparison to Python, PHP can only be utilized as a language of programming for common objectives. It will provide a proper foundation, but can’t provide critical functionality.
- Lambdas – Until quite recently, Python had an advantage over PHP due to Lambdas. It can easily be utilized and the programming language will flow freely due to it being the properly utilized. However, due to the latest PHP update, PHP offers a function known as ‘create_function’ that is quite beneficial. Due to this, tasks are made easier and its operability is quite easy.
- Debugging and Profiling Tools – If an individual searches for debugging and profiling tools for Python, they will find that there are numerous links present. However, PHP also offers various links if the individual has utilized Google to search for the tools. PHP contains a large ecosystem and this is an added benefit over Python.
- Presently, various programmers will directly perform the coding for the whole project before analyzing the project. In comparison to PHP, Perl or Ruby offers various methods which the programmers can utilize to code a project. However, PHP also offers various techniques which can assist the programmer with their coding needs. However, with Python, the programmer needs to tackle a large problem because Python doesn’t offer any techniques. Performing the task will become quite challenging and thus, additional time and resources will be needed.
PHP vs. ASP
In regards to languages for programming, ASP isn’t as simple as PHP. There are various puzzling patterns present in ASP and thus, the learning curve for PHP is quite steep. Along with the difficulty of learning ASP, in comparison to PHP, ASP doesn’t have a large number of free online documentations and tutorials. This makes it difficult for a novice or an infrequent programmer to obtain the quality education that will be needed to utilize ASP. Compared to this, the programmers who are knowledgeable about Visual Basic and various programming languages available from Microsoft will find it easier to utilize ASP.
In regards to adaptability, PHP is freely available (open source) and doesn’t have any binding limitations. It can link with various different databanks. In comparison, ASP can only link to a limited number of databases. Additionally, the well-recognized database – SQL – can be utilized for PHP without any costs, but a programmer needs to pay to utilize MS-SQL for ASP.
In conclusion, the selection between ASP and PHP depends on a single factor – the level of comfort that a programmer feels while utilizing any programming language. If a programmer utilizes ASP, he/she will have high-level support and close incorporation with various products from Microsoft. Compared to this, PHP will be the choice of a novice or amateur programmer who just starting to learn programming and needs greater adaptability, a reliable and powerful programming language that is also easy to operate and maintain. PHP is also quite cheap.
Ccsp.sfu.ca,. (2013). mpub | Publishing @ SFU. Retrieved 16 April 2015, from http://www.ccsp.sfu.ca/tag/mpub/
Donaldson, T., &Fehily, C. (2009). Python. Berkeley, CA: Peachpit Press.
Kendall, K., & Kendall, J. (1999). Systems analysis and design. Upper Saddle River, N.J.: Prentice Hall.
Lerdorf, R., &Tatroe, K. (2002). Programming PHP. Beijing: O’Reilly.
Odell, J. (1998). Advanced object-oriented analysis and design using UML. Cambridge: Cambridge University Press.
Teague, J. (2007). CSS, DHTML, & Ajax. Berkeley, CA: Peachpit Press.
Umich.edu,. (2011). Basic Web Design Principles. Retrieved 16 April 2015, from http://www.umich.edu/~ece/resources/design.html
Welling, L., & Thomson, L. (2008). PHP and MySQL Web development. Upper Saddle River, NJ: Addison-Wesley.
Meloni, J. (2012). Sams teach yourself PHP, MySQL and Apache. Indianapolis, Ind.: Sams Pub.
Valade, J. (2007). PHP & MySQL for dummies. Hoboken, NJ: Wiley.