Monday, February 28, 2011

Common (Stupid) Mistakes Newbie Programmers Commit

It's a regular day in webland: checking your email, browsing websites, of course signing up for services online, then you encountered a form. You started typing in your preferred username, then you are going to press the tab key after you typed your password on the field when all of a sudden, you can clearly see the password you just typed. To your surprise, you shouted carelessly and everybody in the room looked at your screen, exposing the password you've been using for years.

You cursed that day, promising yourself you wouldn't ever come back to that site again. Ever.

That's one of the most common stupid mistakes newbie programmers commit. (I am not sure if they are to be called programmers.) But believe it or not, I recently experienced this.

Click the photo to zoom in and see the greatest mystery of all proportions.
It's the most basic part in creating forms requiring entering a password. I'm not an expert myself, but I believe even my 9-year old sister knows that we should hide our password.

Okay, enough with that part. Next thing: Sending passwords to your email

I believe that we have the authority to know our passwords. (Of course, we create them so we really know what our passwords are.) However, signing up with sites and sending you an email with your password in it is just a breach of your security rights. (Yes, I used that term.)

I believe that we are obliged to surf the web securely (e.g. entering a secured encrypted network when connecting with the internet). But no matter how we try to secure our confidential information (such as passwords), there are some sites who explicitly send you your password after registering to them.

First, you are not aware that they are going to send the password you entered to their database. Second, when you received the email they sent, intuition tells you that you should click it so you could see its contents. Lastly, once you clicked it, all of the contents will show, even your password, without even hiding it.

Next: Validating forms.

Of course, the basics are if you are asking for a phone number, the only input should be numerical values. If you are asking for the zip code, it should be 4 digits (for Philippine zip codes). There are lots of things to consider. But there are some hard headed programmers who even block correct input.

Case 1: Characters. In my case, my city is Dasmariñas City. It has an 'ñ'. I encountered some forms that don't recognize my city as a valid input just because of the 'ñ' character. In that case, I need to rename my city to Dasmarinas City.

Case 2: Email validation. Of course, the basic structure is: an email should have an '@' sign, and the domain name. However, there are some forms who don't recognize emails like just because there are two dots after the '@' sign.

Case 3: Unsecured forms. (What are these?) These are forms with fields that are not secured from attacks like SQL injections. E.g. when someone input "DELETE users from userdb;" on a field. You might not know what could happen. Solution: Check the input from function words before transferring it the database.

Case 4: Birthdate. There shouldn't be an option where you were born two years ago. (Or even today. My gosh. Am I really here? or am I just a subconscious character in your inception?)

Case 5: Enter, Repeat, Until No Errors Show. An error occured, you need to enter the <insert name here> field. Then, after it returned to the page, all of the input you typed were gone. And you are going to type all over again.

Case 6: Expired Captchas. When you are going to input plenty of information, requiring you to spend a minute or two, the expiration of captchas should be lengthy. Or else if this and Case 5 happened, you won't be able to get new registrations on your site since the beginning of time.

These are some of the basic mistakes a newbie programmer may commit. I'm not bashing them. I'm not even an expert with this. This is just to inform them in advance what mistakes they might make so they could save on their development time and spend it to expand their knowledge and hone their skills instead.

Article by Loading-Info

0 Switch to the Web version to comment:

Post a Comment

· Home · About · Support · Blogroll · Partners · Advertise · Credits · Disclaimer · Contact · .
Loading-Info © 2010++ creative commons license Powered by Blogger