Raw PHP or Json

[Fait]

Hello,
I am building a social networking site designed for gamers from scratch raw PHP and only JQuery as the Front-End framework I could figure it out myself but I prefer to ask this community and get your take on it and please give me a quick reply otherwise I will have to figure it out myself.

First Question:
i'm using Ajax as the pagination which goes to a PHP file that loads more posts my question is for a high traffic site is json required for this or can I just use normal PHP and have it .append the results in JQuery and echo it out in PHP is that fine? I have no knowledge at all in JSon data or wat's the point with JSon honestly.

Second Question:
since my software is basically going to work the way facebook works for a status (I asume you know what a facebook status is) I am having some trouble getting the comments to display so what I have done is put a while loop inside a while loop to fetch the comments is this programmically acceptable? or is there a more efficient way. (bascially I have a status then you have the comments works the same as facebook)

Third:
How is this design? I don't have an alpha yet or nor is this even ready for a Alpha V1 but need to know if my project is worth in keeping development going if people see potential I keep going.
(DOWNLOAD THE ATTACHMENT ADDED THE IMAGE AS THAT)

 

[Fait]

????????????????????????
exact reason why I don't go on here often anymore 16 views and no replies

 

[Cierra]

Sorry you're not getting the responses that you want. I'm not good with that type of coding so no advice here, but here's a bump.

 

[Fait]

Thanks! 🙂

I don't know why FP is not is what it once was :/

 

[Cosmic]

Hey! I'm moving this topic to the Web Development forum instead, as I think it's a better fit. 🙂 Anyway, here are my thoughts:

i'm using Ajax as the pagination which goes to a PHP file that loads more posts my question is for a high traffic site is json required for this or can I just use normal PHP and have it .append the results in JQuery and echo it out in PHP is that fine? I have no knowledge at all in JSon data or wat's the point with JSon honestly.

Whast's important at the end of the day is user experience. Using JSON is the accepted standard for doing this type of thing among most web developers, but I think you should just do what you are most comfortable implementing, as long as the user experience turns out good in the end. 🙂

since my software is basically going to work the way facebook works for a status (I asume you know what a facebook status is) I am having some trouble getting the comments to display so what I have done is put a while loop inside a while loop to fetch the comments is this programmically acceptable? or is there a more efficient way. (bascially I have a status then you have the comments works the same as facebook)

It will work, although for performance, I highly recommend using an SQL join. Each query will take time to execute, so your site may end up being slow when you use queries in loops. When you do a single query that uses an SQL join, that will vastly improve performance. Example:

SELECT * FROM comments AS comment
WHERE comment.poster_id='10'
LEFT JOIN users AS poster ON comment.poster_id=poster.user_id

This will select not only comments, but also the associated user with one query. The same concept can be used for a lot of other things too. I won't go into the specify of how to do joins, but if you want to write quality web code, you need to learn how to do them eventually.

(DOWNLOAD THE ATTACHMENT ADDED THE IMAGE AS THAT)

I don't see an attachment. 😕

 

[Fait]

Will Reply to the rest of those as soon as I can and thanks for the response! 🙂

I am having one issue though and I cannot seem to resolve it.

I have created an infinite pagination for some reason say if A user creates or deletes A post the pagination then starts skipping posts and won't load them all.

if you need my code for this I be happy to provide it but it's painfully hurting my head.

Going to have another shot at it again once I resolve this issue but the last time I tried A SQL Join was putting all of the comments in to one posts which was kind off weird but I see what else I can do there as this would be more efficient.

Put the attachment in this post asap for some reason it didn't go through but too stressed about this issue at the moment.

 

[Cosmic]

If the code is stressing you out, it may be a better idea to use an existing social networking software instead of coding it yourself. I've seen some good products in this area, and a lot of them are free or open source, too. If you need to make custom modifications, you can usually write your own plugins, which would be a lot easier than coding the site from scratch. Coding it yourself can also lead to dangerous security vulnerabilities if you don't know exactly what you're doing, so that's another factor as well.

 

[Fait]

as far as I know PDO is very secure then the original PHP I can see what I can do but I like to code/program and don't like using third party software.

The activity on a site increases more when users see that you wrote the software yourself.

but I am open to security issues.

 

[Fait]

and maybe your right I am consdering giving up and not looking back

 

[Fait]

it's not stressing me out too much it's just that I never liked JQuery or Front End Coding and now the modern web forcing everyone to use it I be fine with plain PHP but that's not an option anymore.

I personally don't believe in using third party software I want to learn how to code and Mark Zuckerberg didn't rely on no one and I personally see it the same way.

I am going to get a certificate in web development soon aswill its just a learning curve.

I am a crazy person to have dreams too big i'm done with it

 

[Fait]

But that being said giving up won't get me anywhere.

I am good with PHP but when it comes to client side i'm horrible at it but it would be good if I could hire more developers but I don't trust many people due to the possbility of getting hacked.

 

[Fait]

Thought of a solution I don't know if it work as I haven't tried it what I can do is create a div or hidden input field so I can have the number of posts alerted back to me via JQuery then that will get the number of posts that was there before the page was loaded so for example if the original post count is 55 then a user posts another 10 it won't effect the original posts count and keep loading posts as normal

I am using < (lower then) certain post ID since the latest post ID will always be on a profile.

That's not going to work either if I pagination wasn't required think I would be fine it's the positioning that's complicated need to figure out how to get the correct positing regardless if a post get's created or deleted if I get this figured out think I be fine.

I'm also too far in the development too just cancel what I have and move to someone elses software.

Update: it's not just me I have checked facebook with a fake account and the same issue seems to happen I don't know why pagination has to be so complicated or if pagination isn't even required (I prefer to pay more $$ then to have to fix pagination issues) of course they do quite a few things to prevent from using pagination so much such as using sessions or whatever they use to detect when to use pagination but makes me in a better mood to know that there is no solution and im not the only one having this issue.

Web Development definitely has it's faults

 

[Cosmic]

as far as I know PDO is very secure then the original PHP I can see what I can do but I like to code/program and don't like using third party software.

The activity on a site increases more when users see that you wrote the software yourself.

but I am open to security issues.

You definitely need to use something like PDO to build SQL queries, but there are quite a few other security concerns which you have to be on the lookout for.

• All input needs to be escaped using htmlentities(), otherwise users can post HTML (this is called script injection)
• If you accept a GET or POST parameter and then display it right back to the user, it also needs to be escaped to prevent cross-site scripting attacks (XSS)
• All PHP include files should be protected from execution using either a .htaccess file (Deny from all) in their same directory, or by checking to see if a constant is defined when you load up the file, and defining the constant at the start of the program
• Passwords should be encrypted with either Blowfish or PBKDF2.
• Files that the user uploads should be stored in a secure manner. Make sure they can't upload executable files

Those are just a few examples, but making a secure PHP app is more than just using PDO. There are a lot of things you have to watch out for.

Curious: are you using an existing PHP framework?

it's not stressing me out too much it's just that I never liked JQuery or Front End Coding and now the modern web forcing everyone to use it I be fine with plain PHP but that's not an option anymore.

I personally don't believe in using third party software I want to learn how to code and Mark Zuckerberg didn't rely on no one and I personally see it the same way.

I am going to get a certificate in web development soon aswill its just a learning curve.

I am a crazy person to have dreams too big i'm done with it

I see what you mean, and I definitely won't discourage you from learning to code. Technically though, I on't think a pre-made script keeps a site from growing. If it does become successful, its owners can afford to pay a team of developers to port it over to a custom platform.

If you're really not a fan of writing JavaScript, it may be worth considering writing different kinds of software, or at least giving it a try. I'm primarily a desktop app developer myself. The Java Swing framework is a really powerful toolkit, and you can do some pretty awesome things with it. You can build desktop programs with GUIs that will run on any OS, and make them look pretty good, too. 🙂 Also, mobile app development may be worth a try. Otherwise, I'd recommend learning JS. It's a quirky language, and can be hard to debug, but you can do some amazing things with it.

The modern web isn't just about people liking to write code in JavaScript. It comes down to the users, I think. With JavaScript, you can write web apps with a strong user experience. You may prefer doing back-end work yourself, but I really do recommend you get into UX stuff. That type of working is really fulfilling, especially if you like impressing people with whizzbang features. 🙂

Also, you may want to try Ruby on Rails (a web framework for Ruby). It automated things that may solve a lot of problems you're running into.

But that being said giving up won't get me anywhere.

I am good with PHP but when it comes to client side i'm horrible at it but it would be good if I could hire more developers but I don't trust many people due to the possbility of getting hacked.

Developers don't need to have access to the site itself. Just set up a repository through something like Github or BitBucket. Everyone can test their code on their localhost using WAMP/MAMP, and you can upload the finished product to the site using FTP.

Update: it's not just me I have checked facebook with a fake account and the same issue seems to happen I don't know why pagination has to be so complicated or if pagination isn't even required (I prefer to pay more $$ then to have to fix pagination issues) of course they do quite a few things to prevent from using pagination so much such as using sessions or whatever they use to detect when to use pagination but makes me in a better mood to know that there is no solution and im not the only one having this issue.

Not sure if I understand your problem, but the reason why Facebook doesn't use pagination is a design choice, not a engineering one. They want the user to be able to keep scrolling down forever without having to click between pages.

 

[Fait]

I definitely won't be using anything that is outdated such as mysql PHP it will be the updated technologies such as PDO and I see PDO being the most secure due to this date.


I am aware at the moment to make development easier I am just using the normal $_POST or $_REQUEST but will be going through to code and adding a lot of security to the code and JavaScript side I need to add things like protection against XHS

I have considered using a PHP framework but since when I first started learning PHP 5 years ago and knew nothing about frameworks I am not currently and besides being too far in development I probably have to re-do alot of the code which can be quite annoying but something for me to consider and learn anyway to improve my skills I heard frameworks provide alot of short cuts 😛

I don't mind pre-made software for things like making a forum but it seems like custom web software seems to be more successful especially for a social site since all the Giant social sites have did it themselves. 🙂

as for JavaScript I think I will get the hang of it I know how to convert the variables to connect with PHP all I need to know is how to make JavaScript look alot cleaner besides that it isn't too bad just takes practice I think like anything.


I did do some basic Android development and it was not bad and was alot easier to keep the code clan since the Android Kit and IDE I was using helped to make sure everything was well maintained and neat so I might look in to doing some of that in the near future since I might need to build the app if the site did get alot of traffic see how it goes first 😛

When I do hire staff I hope I can trust them to do that I have been thinking what if eventually I have to sack/demote a staff member for a reason or they leave the team they would still have the source which can be dangerous thought about taking there name,address etc for security reasons but that might be illegal not sure.

I should explain cleaner was meaning the infinite pagination facebook has also skips posts if you delete a post from your timeline without refreshing the page so I am not the only one with that issue.

They do have a sort off pagination but think they use sessions or something to see what pages the user has opened with pagination so it reduces pagination for user experience something I should do as I build the project.

and I really appreciate the advice thanks! 🙂

it's a lot of hard work but if I keep working on it and my coding skills eventually I get there but I am doing alright just all takes patience I guess.

 

[Fait]

Tried all the Joins and even asked on StackOverFlow they said joins will work but you still need a neested loop I don't like that idea.

 

[Cosmic]

There are some problems that you do need to execute a query in a nested loop, unfortunately. For those I'd recommend doing some kind of caching, so that t only has to be computed once. Especially if you run into performance issues.

What code editor are you using? You mentioned that the Android IDE you were using helped a lot with code formatting. There are similar editors for PHP as well. The best IDE is a commercial product, phpStorm. Also good are NetBeans (an IDE) and Brackets (a text editor designed for web development).

For your issue with deleting posts off the timeline, may just be best to initiate a page refresh when someone deletes a post. I imagine the problem could be solved given enough effort, but sometimes it's just not worth it. 😛

Also, to emphasize: PDO only provides an extra layer of security against once specific attack, SQL Injection. Fundamentally, it's just another way of connecting to a MySQL database, just like the built-in PHP functions. Also, if you want to use PDO securely, you have to make sure to use it right, by using ? when putting a value into a query. You can still write code that's vulnerable to SQL injection using PDO if you aren't careful.

 

[Fait]

I don't like the idea but suppose I cache the data to prevent it from loading unnecessary data.
I got a desktop now since I started doing YouTube Videos so Notepad++ thinking about switching too Sublime soon.

definitely not worth it trying one more solution and if it doesn't work then might think about removing pagination for now this is the only worse issue I have ever had to deal with LOL.

and I understand that and still being careful what I am imputing to the database nothing is 100% secure. 😛 🙂