The Design of Software (CLOSED)

A public forum for discussing the design of software, from the user interface to the code architecture. Now closed.

The "Design of Software" discussion group has been merged with the main Joel on Software discussion group.

The archives will remain online indefinitely.

Learning to create websites

I've been offered an after-hours job to create a simple website, with a few menus, shopping cart and credit card checkout. I come from a VC++ background and wouldn't have the first clue about how to create a website. BUT I've been wanting to learn for a long time and being paid a small amount for it would help motivate me to do so.

Some questions:
1) Which technologies should I learn, and in which order? I'm most comfortable with MS software, so would prefer IIS with ASP.NET over Apache/Linux/PHP etc. I assume Javascript is important too?

2) How do I get started learning this? Any books or online tutorials recommended?

3) To start practising writing web apps, I assume I should just run IIS on my computer rather than worrying about hosting straight away?

4) Shopping basket/credit cards, neither the client nor I have any idea how to receive CC payments, any pointers?

5) Hosting? Any recommendations here?

6) Any ideas how I should charge for this, given my complete lack of experience?

Thanks in advance!
Friday, July 29, 2005
1) The problem you may have with this is the hosting compnaym, from what I can see it's more expensive using a hosting company that provides IIS and ASP, maily due to the licensing costs. Also it's likely you might need some sort of database behind it, again MS SQLServer would add to the cost. You don't need to set up Linux to run Apache, PHP and MySQL they run fine on a windows box.

2) There is a ton of books and online resources, don't have any particualr favourites but I'd get a basic HTML book and then one covering PHP and MySQL. I won't get a Javascript book as there is so many free examples on the web, if you have any decent programming experience you should be able to work out what's going on.

3) Yes run on a local machine, you can set up IIS or Apache pretty easily.

4) One thing to note on this is it's very expensive. It's normally done via a credit card processing company which generally charge a fixed monthly fee plus a fee per transaction, this is on top of the normal credit card processing fees. Not sure about the US but in the UK your client would also need a Mechant account with the bank. I'd get the client to look into this with their bank.

6) Personally I'd do it for free, or at least agree to a small site which if the client is happy with you can then expand on for a fee.
gilf Send private email
Friday, July 29, 2005
re point 4: take a look at Paypal's Merchant Tools
Friday, July 29, 2005
I think that proves my point somewhat, personally I think you can only really go for the Websites Payment Pro option without looking a little iffy (depends what the client is selling).

Thats $20.00 a month then 2.9% + $0.30 per transaction. Depends on what they are selling but you would need to sell a fair amount to make it worth while.

The other side of that is don't underestimate how difficult it is to get people to vist a site.
gilf Send private email
Friday, July 29, 2005
If you go the LAMP or WAMP way (Linux or Windows + Apache + PHP + MySQL), there are a few open source package that you would just need to configure to meet your user's needs. I'm guessing that should be simple enough to do with a few tutorials from and reference to
frankr Send private email
Friday, July 29, 2005
don't forget to learn about css, which will help you create a great lookin website. there are some good online tutorials, here's a link to one:
Friday, July 29, 2005
also you may need to obtain and learn about SSL certificates to transfer the credit card data from the client to the server.  If any credit card data is to be stored in a DB it needs to be encrypted.
Friday, July 29, 2005
+1 for frankr's comment.

I think that making a secure shopping cart won't be "simple" even if the web interface is. Taking off-the-shelf (and open-source) code that you can then modify is a great way to start.

You can also install an Apache/PHP/MySQL server on your local machine using EasyPHP ( to test your code.

Then get "Teach Yourself PHP, MySQL and Apache in 24 hours," an introductory HTML book (too many to mention!), and a couple of books on CSS. (I haven't found any one book on CSS to cover everything I need.)
EKB Send private email
Saturday, July 30, 2005
One more comment: PHP and Apache do not imply Linux. You can run PHP, Apache and MySQL on a Windows machine. Also, if you use something like EasyPHP then you don't have to mess with Apache -- the installer takes care of that. PHP is pretty straightforward (especially if C++ is what you're used to), and HTML you would have to learn in any case. EasyPHP comes with a nice web interface to manage MySQL that abstracts away most MySQL-specific features.

On the other hand, I've heard ASP developers rave about how easy it is to get a site up and running.
EKB Send private email
Saturday, July 30, 2005
If you go the PHP/MySQL route; for good introductory PHP/MySQL books I would recommend "PHP Cookbook" and/or "Web Database Applications with PHP & MySQL" both published by O'Reilly.  Of the two I would get the cookbook for sure.

For PHP/MySQL hosting I would check out they have great prices and a lot of 3rd party open source scripts that you can add to your account.
Sunday, July 31, 2005
Please, *please*, read up on web application security. If you don't study that topic, your first attempt at an e-commerce application *will* have security holes.

At a minimum, you should have a basic understanding of the following vulnerabilities and how to avoid them:

* SQL injection
* Other types of code injection that your platform is vulnerable to (especially PHP variable injection)
* Parent path attacks
* Session hijacking
* Authentication bypass
* Cross-site scripting

If you only learn one thing, learn this: You can never trust the client. If your application's security depends on the user's browser doing what you intended, or even that the user is connecting with a conventional browser, it is insecure.
comp.lang.c refugee
Tuesday, August 02, 2005
I've found the site to be quite helpful. Also I purchased a book called "PHP and MySQL Web Development" by Luke Welling and Laura Thomson, 3rd edition. It had easy to understand examples and very useful ones, including the kinds of things you want, i.e. e-commerce site.
Darwin Send private email
Thursday, August 04, 2005
As for CSS and appearance, use one of Eric Meyer's example templates ( ). Getting positioning and other issues right across browsers is no picnic, e.g. if you use a percentage div width in a fluid 2-pane layout (content and menu), in IEWin any contained list (like a menu) can inherit the % of the containing %, making tiny width menus... Eric's one of the easiest CSS gurus to understand.
Dave Everitt Send private email
Sunday, August 14, 2005
After thinking, here's some more focussed advice... I'd strongly advise that you:

1. embrace the openness of the (non-proprietory) standard web technologies (primarily Apache, Perl, Python, PHP, MySQL);

2. ensure that your HTML and CSS are validated (good code editors like BBEdit (Mac) or 'CSE HTML Validator Lite' (Win) do this, or you can use the page-by-page W3C's services:
 CSS validator:

You won't regret the above and your work will be more robust, portable and cross-platform. The whole idea of the web as platform-independent makes using tools that encourage that fundamental concept more logical... it might initially be easier to capilaise on the familiarity of your existing skills, but you might run into trouble later unless you get familiar with the stuff most web builders use.

Use CSS for site-wide and local styles, don't use outdated 'local' html formatting <font color="#whatever"> for anything.

One final thing, don't fall into the 'it works fine on my machine' trap! Test on other platforms and browsers... although (stating the obvious) if you install all the necessary, you can build, serve and test the whole site locally on your own machine before uploading (when Apache's up and running, use from your browser for your local host, or append /~username/ for your current login web directory).

BTW if you're working on a number of sites you can set up virtual hosts in Apache to use short 'test' names to bring them up locally. Read about setting up Apache here:
  Unix/Mac OS X:

Here's a handy link to setting up virtual hosts:
(On Mac OS X _don't_ edit the hosts file, but use 'NetInfo Manager', which overwrites it.)

Having been on this journey for some time, hope the above helps you avoid some of the pitfalls us web-veterans once stumbled into!
Dave Everitt Send private email
Sunday, August 14, 2005

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics
Powered by FogBugz