Just a comment on the building a house, a house is a page, but as programmers (at least decent ones) we are no longer building single pages, we build a house template and fill it with various elements to define what the house is and what it does, so in essense you actually are not building just one house, you are building a city, some of which needs to be protected by a fortress, a fortress to protect the houses that need to be accessible to a few, but not everyone. If you teach people to build houses, they will have no idea how to build a fortress, and actually vise-versa if you teach people to build the fortress, they will not know how to build a house. If you are building a website (completely or as an extension), you have to do everything, you have to think about the UI, you have to think about security, you have to think about performance, you have to think about function, without knowing how to do either one, you can not make a whole, but without knowing how the whole works, you can not build efficient ones, and pull them together... Also you left out a database, your basement/foundation (html is really only the flooring, the walls and the roof, the stuff that you can see), avoiding to tell people how to deal and build a proper basement (and oh god how many times have i dealt with horribly designed databases, i have nightmares sometimes) doesn't prepare web developers for any real-world tasks any more then negating to explain to soldiers how to reload their weapons prepares them for the battlefield... Alex -- The trouble with programmers is that you can never tell what a programmer is doing until it’s too late. ~Seymour Cray On Fri, May 20, 2011 at 2:12 PM, tedd <tedd.sperling@xxxxxxxxx> wrote: > At 11:11 AM -0400 5/20/11, Alex Nikitin wrote: > >> Also to tedd, i would say that you should make it a series of tutorials of >> how to make simple user auth progressively more and more secure, i would say >> that would be a good learning experience for someone. Start with your basic >> code, introduce new concepts that will teach novice a little bit more about >> how the internet works, how sessions work, how it can all be exploited >> conceptually, and introduce ways to fix those issues with progressively more >> hardened code...? I think that that would be a great way of learning for a >> novice, i would say maybe 3 more tutorials, each progressively more secure; >> suggesting next one to introduce hashing, cleaning the code, and some of the >> initial concepts outlined above, then a system setup for https, going over >> tls renegotiation, setting up rewriting rules, etc, and changing the code >> with securing the session code and introducing login limits, and finally >> perhaps how to take make all of this system a bit more web 2.0 with jquery, >> ajax, and perhaps use that as the introduction of the next set of tuts of >> how to do this same thing with a database back end with references back to >> this auth system? I would have certainly liked to read a tutorial like that >> when i was starting out... And, i'm up to help, i'm sure others as well >> would not mind chiming in their $.02 :) >> > > Well... that's where I intend to go, namely, start with the basics and > continue with progressive disclosure. > > However, there is lot to address here. > > As I often explain to my students, a web site is like a house: > > 1. There's the foundation, flooring, walls, and roof, which is the > structure -- that's HTML; > > 2. There's the outside covering (paint, bricks, siding) and the inside > covering (paint, carpet, wallpaper), which makes the presentation -- that's > CSS; > > 3. There's the inside works, such as the plumbing, furnace, air > conditioning, and electrical, which provides functionality -- that's PHP; > > 4. And there's the light-switches that turn on/off, doors and windows that > open/close, rheostats that go up/down, faucets that turn on/off, and door > bells that remain silent or ring, which allows behavior -- that's > JavaScript. > > You put all of these items together and the entire house can do more than > any one of them can do by themselves, namely make a home. > > Additionally, how you arrange and combine these things together and have > them interact with each other is a topic of study that far exceeds the > knowledge of any one of them. > > Furthermore, if you include these things with how people react with web > sites (what makes people do things) then you'll have an excellent > introduction into problems in creating a good web site -- and that's my > ultimate goal. > > However, my first step is to put various things up for peer review and > listen/adapt to the feedback. That's what I'm doing. > > > Cheers, > > tedd > > -- > ------- > http://sperling.com/ >