Using Server-Side Technologies
It’s pretty hard to find a website these days that doesn’t use some kind of server-side scripting and a database. So many different options are available, from commercial products to open source products, that it can be really daunting to decide which direction you want to go. In the case of web servers, web scripting languages, and databases, the open source alternatives are just as good as (and in some cases, even better than) the commercial options.
This chapter isn’t going to walk you through the syntax of each of the various languages, and it isn’t an instruction manual about how to set up and configure your servers. Rather, it is a guide to some of the different options available, as well as an explanation of the differences between the various products.
Occasionally, you’ll have your choice of server technologies; and other times, you will be required to use what’s already in place. A lot of web scripting languages are reasonably easy to pick up for technically minded individuals. The concepts that we covered when talking about JavaScript—from basic programming logic to branching and iterating—can all be transferred to these languages. It does take a while to master even the simplest of languages, however. Chances are, if you’re asked to work on a project that is outside of your expertise, you should bring in a hired gun.
The server side removes barriers
In the early days of the World Wide Web, there was the saying that “content is king.” Although that’s still true today, visitors expect more from a website than just a passive reading experience. Putting up a static page with some interesting text and a pretty picture isn’t enough anymore; end users expect interaction. They want to be able to search things. They want to add things to their wish lists and shopping carts, and they want to tie into social media websites like Twitter and Facebook. News websites are a prime example of this evolution: readers are encouraged to discuss topics inline with the stories, and they’re asked to submit story ideas. Long gone are the days of the news editor sitting in her office deciding what is and isn’t newsworthy. Client-side scripting (JavaScript) isn’t enough anymore, either. To store input and interact with diverse data sources, websites have turned to server-side technologies.
JavaScript is limited in what it can accomplish, largely because of security concerns. Would you feel safe running an application on the Web that had free rein of your hard drive? How would you like a website that’s capable of reading and writing any file on your hard drive? Some people think that JavaScript already has too much power, so the option exists within browsers to disable it. As a developer, you need to have confidence that what you’ve built will be able to run for all your users, regardless of whether they have something enabled.
Web servers: dishing out hypertext
Together, the web server and web browsers comprise the bare essentials of the World Wide Web. Web servers are computers that are constantly (we hope!) connected to the Internet, and they host websites. They respond to HTTP requests from browsers, serving a host of different types of files that reside online. Web servers are the front line in any website. They handle requests either by fulfilling them or by passing them off to a web application server to dish up dynamic content (we’ll cover this in greater depth later in this chapter).
As with all the technologies we’ll discuss in this chapter, you have a host of options available in web servers, and the best part is that most of them are free. Some servers are designed for specific purposes: for example, nginx is a speed demon that is great at serving static content, while Mongrel was developed specifically for serving Ruby on Rails applications. Others, like Apache, are generalists that can be easily extended through a series of modules.
Apache is the reigning champion online and has been since 1996. It is an extremely popular web server that runs on virtually every operating system imaginable. (You can even run Apache on an iPhone!) There are a number of reasons for its success, but probably paramount among them is that it’s reasonably fast, secure, and extensible.
Apache supports a module architecture where functionality can be added by loading new modules when the server starts. Because of this functionality, things like PHP are easy to add; instead of having to run a separate application server, PHP can be parsed directly through Apache, which makes things faster and easier to administer (we’ll cover PHP in greater depth later in the chapter).
Apache has been losing a bit of market share in recent years, though. Because it’s so flexible, it’s neither as lean nor fast as it could be. That’s not a big deal for your Aunt May’s cat blog; but for a website like Amazon that serves up tens of thousands of visitors a second, the added bulk of Apache is a bit much. A relatively new contender is taking center stage here: nginx.
Pronounced engine-x, nginx is an extremely light, extremely fast web server that is gaining in popularity, particularly for serving up dynamic content. One of the most appealing things about nginx is that it requires far less horsepower to serve a single request. That means that more requests can be served using the same hardware (which is less expensive). In the past, folks would have to add servers to feed more power to Apache; but now some people are making the switch to nginx and discovering that their current machine is more than capable of handling their current level of requests. Nginx hasn’t been around as long as Apache, and it doesn’t have the same range of modules (or add-ons) available; nevertheless, it has enough flexibility for most situations.
Microsoft Internet Information Services (IIS)
Microsoft introduced its web server running on the Windows operating system in the mid-1990s. It gained popularity primarily because it was easy to configure and set up in comparison to Apache’s command line and text file configuration mechanism (for some strange reason, people like their graphical user interfaces). IIS got quite a bad reputation in the beginning because early versions of the server were full of security holes, opening up the entire machine to an industrious hacker who could even launch self-propagating worms, which would then attack other IIS servers. One of the most notorious worms, Code Red, infected an estimated 360,000 IIS web servers at its peak and caused a noticeable degradation in network speed worldwide.
IIS was growing in popularity as it matured into a more secure and stable hosting environment; however, it too has recently seen a decline in market share. It would appear that more people are turning to open source technology, which offers a broader range of excellent, mature options. Microsoft has responded by bundling in its dynamic .NET languages into IIS, making it really easy to develop dynamic websites on the Windows platform.
A little later in this chapter, you’ll read about frameworks and why they’re taking off in popularity. Leading the framework pack is Ruby on Rails, and Mongrel is a web server developed specifically for dishing out Rails applications. Mongrel is the uncontested leader in terms of speed, scalability, and stability in serving Rails applications because it supports Ruby natively; other web servers deal with it via a module that executes Ruby code as a common gateway interface (CGI) script.
A wide range of hosting options
We’re at a really great time for web development right now. The cost to host a website is falling, and it’s easier than ever to outsource your hosting needs to a third party. If you’re working for a big organization, chances are that it runs its own servers for web hosting or that it has at least a dedicated machine(s) at a third-party host. Smaller organizations and individuals will often opt for a hosting company and use shared hosting, where multiple websites are all run on the same server. Running a server takes a lot of skill and resources: it has to be connected to the Internet with a fast connection (that DSL line you have at home just won’t cut it), it should be backed up regularly, and it should be kept in a secure place, especially if you’re storing your customers’ personal or financial information in a database. Not to mention, how many people have a backup generator in case of power failure?
You should look at a number of different factors when picking a company to host your website. Obviously, the features/application support will be a big one; if you’ve written a Ruby on Rails application, you’ll need a server that supports Rails. Other considerations to take into account are bandwidth, disk space, machine specs, technical support, and an uptime guarantee.
Most hosting plans will give you a set amount of bandwidth every month. This is usually measured in the gigabytes of data transferred, but larger-capacity hosting plans may offer terabytes of bandwidth (1,000 gigabytes). You’ll see a few different options in terms of types of plans offered, ranging from shared hosting to dedicated hosts. A shared host is exactly that: you’re sharing the machine that hosts your website with other customers. If one of those other customers has a particularly high-traffic website or does something that locks up the server, your website will also be affected. Although that’s not the end of the world for your personal weblog, a company that conducts business online may have a lower tolerance for frequent or extended outages.
The next step up from a shared host is a virtual machine . Virtualization software is special software that will let you run multiple operating systems, or multiple copies of the same operating system, on a single machine. If you’re on a Mac and have ever used VMware Fusion or Parallels to run Windows, you’re using virtualization software. The big advantage to a virtual machine over shared hosting is that each hosting account is housed within its own container. So, although all customers on a single machine are sharing that machine’s resources, each container is isolated from all the others. If customer X does something that locks up his virtual machine, none of the other virtual machines on that computer will be affected. The added benefit of this is that, because customers are isolated from one another, hosting companies are often willing to let customers have more control over their own account. For example, hosting companies will often let their customers install software and reconfigure system and server settings to optimize performance (there’s no way you’ll get that level of control on a shared-hosting account).
Another option is dedicated hosting , where you get your own machine that is hosted by some other company. This has all the advantages of virtual machine hosting, but you don’t have to worry about sharing resources (e.g., RAM, CPU, and bandwidth) with other customers. Shared hosting is by far the cheapest option, whereas dedicated hosting will cost you a few hundred dollars a month (or more).
Finally, there’s cloud hosting . With cloud hosting, you pay for the processing, storage, and bandwidth you use with a hosting company, but there is no one machine that hosts your site. Cloud-hosting companies have a network of machines and are basically selling you the capacity you need to serve up your website on that network. The big advantage here is that you only pay for what you use, and this approach can scale up really quickly if you get a big spike in traffic. It is often argued that cloud hosting is more reliable because your hosting needs are spread among a number of machines; if one goes down, it doesn’t take out your website. However, that isn’t a certainty because there’s a weakness in most hosting setups, and something can just as easily go wrong with a cloud host as with a traditional host.
Picking the level of hosting plan you need isn’t that hard. Start with the least expensive that you think you can get away with and then upgrade as you go. Most hosting companies are more than happy to let you upgrade your plan at any time; it means they get to charge a higher monthly premium! There’s no point buying dedicated hosting for that application you’re developing if you’re not sure whether you’re ever going to have more than a dozen concurrent users.
Picking a host can be really difficult, though. If you just look at ratings and reviews online , you’ll never be able to find one (online ratings are all heavily spammed, making it near impossible to identify what is a legitimate review and what is a review from the marketing department of host xyz). Every host has glowingly positive reviews and absolute horror stories posted about it. Your best bet is to ask around to friends, co-workers, and other professionals to see whether they have any recommendations for you.
Databases 101
We posted a question on a blog asking people how they would describe a database to somebody who has absolutely no knowledge of computers. The common consensus was that people would use the analogy of a file cabinet, with database tables being file folders and the individual papers within those folders being records. It’s not a bad analogy until you try to explain all the other parts associated with a database setup—things such as primary keys, foreign keys, relationships, and, of course, Structured Query Language (SQL). Let’s have a look at all this terminology.
Terminology
The field of database management systems is rife with all kinds of technical terms and acronyms. Here’s a quick guide to some of the most common terms:
- A relational database is a database system in which the information stored in a table can be joined (or related) to information stored in another table. For example, you might use this kind of system if you are storing business contacts. Chances are that you know a few different people at a single company; instead of storing that company name 3, 10, or 50 different times in the record for each person, you could create a table and then just relate each person to the appropriate row in the table using the primary key from companies as a foreign key in people. The big advantage here is that, if the company gets bought out and changes its name from Acme Corp. to Wonderwhizz Inc., you would need to change that name in a single location only.
- A relational database management system (RDBMS) is an application such as MySQL or Oracle, and it is commonly (and incorrectly) referred to as a database. This kind of application is actually an RDBMS, the software that interacts with a database.
- A database) is a collection of data structured into records within tables. It might help to think of the difference between an RDBMS and a database in these terms: the RDBMS is similar to a web server, whereas a database is similar to all the pages available on that server (except in a far more structured way).
- A schema is the structure of the database, including the tables, fields, and any relationships between the tables.
- A table is a collection of records within a database. For example, you might have a table for “contact information” in which you list the addresses and phone numbers of a number of different people.
- A record , sometimes also referred to as a row, is a grouping of similar pieces of data. So for example, a set of contact information for your friend Mary would be a single record. All records within a single table are made up of the same fields.
- A field , sometimes also referred to as a column, is a single piece of information contained within a record. Mary’s phone number would be stored in a field in a database.
- A primary key is a special field within a table that uniquely identifies a record. The reason tables have primary keys is so that each record can be uniquely addressed if changes need to be made to it. For example, I might have a table that contains a log of people buying things on a gift card. This log might list that “Ron” bought “1 cup coffee” every day for a month. If that’s all it lists and (for some reason) you have to go in and say that he didn’t in fact buy every seventh cup of coffee, then you would have no way of addressing those particular records. A primary key is often just a sequentially numbered field.
- A foreign key is the special piece of information that relates a record in one table to a record in another table. The foreign key in one table will refer to the primary key in another table.
- Structured Query Language (SQL) is a standardized language developed specifically for interacting with relational databases. SQL lets you add, remove, update, and query data. There are small variations in SQL syntax from one database system to the next; but for the most part, once you have the basics of SQL mastered, you’ll be able to work with practically any database system out there.
The world outside relational databases
A lot of the terminology covered previously is specific to relational databases. Most DBMSs available today are relational because it’s frequently advantageous to design your database schema in a relational manner to avoid the duplication of information. But RDBMSs aren’t the only game in town, and there are a couple of other types of databases that you may run into online, so it’s worth mentioning them here.
These DBMSs are frequently referred to using the broad grouping of “NoSQL” databases because they do not support and use structured query language for interacting with the information stored in the database. NoSQL databases are frequently used in very specific and unique circumstances (such as the Google BigTable—a compressed, proprietary database that powers the Google search index).
Object databases aren’t too common outside of very specific scientific applications. There is a very common and popular content-management framework called Zope that uses an object database, however. The Zope Object Database (ZODB) is ideal in its application because it supports versioning natively, allowing someone to undo a change made on the website.
XML is widely used online for data exchange between websites/web applications, but it’s also an effective way of storing data. Occasionally, this term will be used for referring to XML data stored within an RDBMS, but native XML databases also exist.
The biggest advantage to storing data in XML format is that XML is widely used for data exchange. Because of this, there is no need to convert data to/from XML, which saves on processing costs (that is, the server doesn’t have a bunch of extra operations to perform). XML files can be copied from one machine to another and used immediately—there’s no need to install additional software.
XML databases store data in nodes, which is the correct term for data arranged within a hierarchical structure of XML tags. Instead of using SQL to query an XML database, two forms of querying syntax are widely in use: XPath and XQuery (which is just an extension of XPath). Each provides a way to extract data from an XML database by providing a syntax for addressing the database’s nodes.
Relational databases
A relational database simply means that data in one table can be joined (or related) to data in another table through the use of keys. Relational databases strive to normalize data; that is, they try to eliminate any duplication of data between records and tables. Normalized data is a good thing: if there is duplication of data within a database, the chance exists for there to be a data anomaly, which occurs when the two pieces of data become out of sync (think about our previous “company name” example).
For example, if you were developing an online store with a series of products, chances are you would have a table listing each of those products, along with their price and description. Occasionally, you might want to be able to offer certain items on sale by marking them down 15 percent. Instead of creating a table of sale items and duplicating the product names, descriptions, and prices there, you would simply relate to the original products table by referencing the primary key in that table and listing the discount. You might also include a field for terms and conditions of that item (e.g., the offer expires on the 15th of the month). That way, if a product’s price changes, it needs to be updated in only one place.
Before we get started on how you interact with tables, do yourself a favor and find a good database client that makes it easy to create, delete, and alter tables. There are SQL statements you can use to do that, but it’s way faster to just be able to create tables and columns with the click of a mouse.
Structured Query Language (SQL)
There are four main types of interactions you’ll have with databases using SQL: SELECTs for getting data out of a database, INSERTs for adding data to a database, UPDATEs for changing data in a database, and DELETEs for removing data.
What good is creating a database of information if you can never get anything out of it? If you return to the original filing cabinet analogy, being able to find specific data within a database is the single biggest advantage over the old paper-based alternative.
How often have you looked at a big stack of papers and thought to yourself, “Gee, I wish I could just run Google on that”? (OK, so it might just be us.) If you boil it down, though, search engines are really just great big databases full of information about the information on the Web. Every time you run a search on Google, you’re running a query on a database.
In SQL terms, that query looks something like this:
SELECT url
FROM websites
WHERE content="that thing I'm looking for"
If you dissect this statement, it’s actually pretty easy to read. You’re asking for the url field from the websites table. Instead of just returning all the URLs stored in the table, you’re narrowing the search down and getting only the URLs where the content field has “that thing I'm looking for” as a value.
There are a bunch of other options we could throw in here, such as an ORDER BY to sort the results or an INNER JOIN to relate the data from this table to the data stored in another table.
Your database would get stale pretty quickly if you couldn’t add new information as it became available. SQL uses an INSERT to do this:
INSERT INTO websites (url, content) VALUES ("http://www.amazon.com/",
"A really big store that sells a bunch of stuff")
Again, breaking this down, you’re adding a record to the websites table. We’ve specified two fields in this table, url and content, and given them both values. Depending on how the table is set up, there may be other fields in the table that you haven’t specified. However, when you’re creating a table, you have to go out of your way to specify that a field can have a NULL value; otherwise, running this SQL will give you an error.
Shoot, that last addition we made makes it sound like Amazon is actually a store, located somewhere. We had better change the content field to clear that up:
SET content="An e-commerce website that sells a wide range of products"
WHERE url="http://www.amazon.com/"
The first part of this SQL statement should speak for itself at this point. You’re updating the websites table and setting the content field to have a better description. The last part (after WHERE) is the interesting part. You need to have some way to tell the RDBMS which record you want to update. In this case, you’ve done that with the url field, but this could backfire on you. If there were more than one record with http://www.amazon.com/ listed as the URL, all those records would be updated, as well. On the other hand, you may have specified that the URL is in fact the primary key in your table, in which case there could not be multiple Amazon.com records listed (recall that a primary key enforces unique values between records). You would get an error if you tried to insert another one.
Websites come and go. Although it’s not likely that you’ll be removing Amazon from your database for that reason, you may at some point notice that your favorite store for buying lawn gnomes is now offline. You will need to keep things up-to-date:
WHERE url="http://www.ultimatelawngnomes.com/"
This snippet is a nice, simple statement to remove the ultimatelawngnomes.com site from the database. The same caution that applies to updating records also applies to deleting records; namely, you should try, whenever possible, to specify the primary key in the WHERE statement, so as to limit your deletes to the actual record you intend to delete. In this example, it would be OK because, even if you had multiple records for ultimatelawngnomes.com and the site really had gone offline, you would probably want to eliminate all such records. On the other hand, going into the HR database of a large company and running a DELETE on all records where the last name of the person is Smith may not be the best idea (that’s why a lot of companies have employee ID numbers as the primary key; duplicates are not allowed).
Your best bet for learning more about SQL is to check out www.w3schools.com/sql/. The site has a pretty good set of introductory lessons to SQL. If you get further into databases, be sure to check out the documentation specific to your RDBMS because it might have some specific functions that can save you time and significantly speed up your queries.
There are literally hundreds of different database systems, all great at different things. The ones listed in the following sections are the most common, so you’re likely to run into them at some point when developing a website. We have limited the field here to database servers, so applications such as Microsoft Access didn’t make the cut. Although you could use Microsoft Access as the back-end for a website (we have before), it doesn’t scale really well because it doesn’t handle concurrent users all that efficiently. If you’re comfortable with Microsoft products, you’re better off upgrading to Microsoft Access’s big brother—Microsoft SQL Server.
The longtime heavyweight in the database world and reigning RDBMS champ is definitely Oracle. Chances are really good that, if you have a large organization running a database, that database is Oracle. Having been around since the late 1970s, Oracle is a tested and proven solution for storing and retrieving large quantities of data (it’s also the most expensive option available). Oracle is well known for its ability to handle extremely large data sets and to work with them in a fairly efficient manner (i.e., running a query on a million records isn’t a daylong activity). However, it’s definitely overkill for running that blog that your client has asked for.
Microsoft introduced its own commercial RDBMS to try to compete with Oracle: Microsoft SQL Server (MSSQL). Early on, this database just wasn’t up to snuff at handling large amounts of data, and it experienced a few security vulnerabilities. It’s fair to say that, because of the database’s rocky start, Microsoft hasn’t really made a dent in the market that Oracle addresses (really big databases/applications); however, MSSQL is still a pretty big player in medium-sized applications. Those customers who need an Oracle-sized system will still buy Oracle. Those who think that Oracle would be overkill will generally either go with Microsoft or go with one of the open source alternatives.
Microsoft does offer an Express edition of its SQL server product, which is free, but it’s generally not recommended for use in a live environment, and it certainly doesn’t have the same performance as the full SQL Server product. Express is a great offering for building and testing against though!
MySQL is the most popular open source database system available. It gained a great deal of popularity early on because it was really fast compared to PostgreSQL (see the next section), and it worked amazingly well for web applications. A number of large Internet companies have skipped the Oracle bandwagon altogether and have invested heavily in MySQL as their primary RDBMS.
Even though the software is open source, there is still a commercial company behind MySQL. This means that companies that want to use MySQL have someone to lean on for support. MySQL AB (the company behind MySQL) was purchased by Sun Microsystems, a hardware and software company that had been around for quite some time. In an interesting turn of events, in 2009 Sun was purchased by Oracle, so now MySQL is officially owned by the database giant. The world is getting smaller!
One of the big reasons for MySQL’s popularity among open source RDBMSs is that a number of excellent front-ends are available. For example, phpMyAdmin is an interface written entirely in PHP, and it’s hosted online, which allows developers to create, delete, and modify databases and tables within MySQL. It also allows developers to add, update, delete, and query data easily. MySQL AB has also released a number of GUI tools for Windows, Linux, and Mac OS X that ease development and server administration.
PostgreSQL is another excellent open source RDBMS that is completely driven and maintained by the user community. A couple of companies provide commercial support for PostgreSQL, but they are only peripherally involved in the continued development and evolution of the software (they’re members of the user community, just like everybody else).
PostgreSQL’s biggest selling point is that it’s quite Oracle-like in the way it works and in its syntax subtleties. Therefore, companies looking for an open source alternative to Oracle’s high licensing fees often turn to PostgreSQL because it provides the path of least resistance.
We talked a lot in the previous chapter about interoperability and the sharing data between different websites and web applications. This is generally accomplished using XML or JSON (JavaScript Object Notation); however, there are a handful of other terms and acronyms that you should probably be aware of when discussing data exchange:
- Web services are software systems that allow for computer-to-computer interaction over the Web (not necessarily involving the interaction of a person). It’s a general term that can be used to refer to something as complex as an API or something as simple as an RSS feed from a weblog.
- SOAP is a protocol for exchanging XML messages over the Web (using HTTP or HTTPS).
- A remote procedure call (RPC) is a way of having one computer initiate a procedure on another computer without having the details of this interaction explicitly programmed. In other words, RPC is a way of getting another computer on the network to do something and return a result to your computer. On the World Wide Web, RPC will most commonly be used in conjunction with XML for data exchange between machines (XML-RPC).
- An application programming interface (API) is a series of hooks built into an application that allows external access to the application’s data and functionality. An API is usually very similar to the four main database operations we discussed:GET (SELECT), DELETE (DELETE), POST (UPDATE) and PUT (INSERT).
One of the best things about developing applications for the Web is that there already exists a wide array of data repositories available to tie into your application. It’s easy to integrate input from your users with map data available from Google and housing information stored in a database, as some realtors are now doing.
As with our look at databases, you’ll find many applications available for programming on the Web. These are commonly called scripting languages , or server-side scripting languages , to be more precise. Each of these options uses a different syntax; but at the end of the day, they all pretty much do the same thing. While some may have certain strengths over others, when it comes to small- to medium-sized web applications, you really won’t notice a huge difference in performance between any of the players.
If you’re just starting out and you’re not sure what language is best to pick up, we recommend sticking to PHP. It’s free and is widely used, and PHP hosting plans are offered for next-to-nothing from a wide range of companies. Whatever you pick, don’t sweat your decision too much. We have one friend who’s a brilliant Python programmer and complains a great deal about the lack of job postings for Python developers. The fact of the matter is that, because he knows Python, he can easily pick up any number of other languages and be proficient in a matter of weeks (and he has for various projects).
By far the most popular scripting language on the Web among developers is PHP, which is free and is often installed with the Apache web server (the most common web server on the Web). PHP was designed to be a scripting language for the Web, so it focuses a great deal on the needs of web developers.
Chances are, if you’ve downloaded an open source web application (such as WordPress, Drupal, or PHPBB), that tool is written in PHP. PHP is widely used among open source web application developers because it is often self-contained; end users don’t have to install a bunch of other software to get things working. To install a PHP application, it’s usually as easy as uploading the files to your web host, creating a database, and editing a configuration file (of course, depending on the application, your mileage may vary). Organizations of all sizes have rolled out PHP-based applications in some capacity.
PHP is a great starting point for people wanting to learn web application development. Because it’s free, you can download a copy and install it on your own web server (if you don’t feel like spending a few bucks for a hosting plan). PHP got a bit of a reputation for having security problems early on, which has prevented its adoption in a lot of large organizations; however, that’s definitely changed. Organizations we know that had previously never touched PHP are rolling out redesigns of their corporate websites using PHP-based content-management systems.
Ruby is a computer language that has been around since 1993, but it previously was not considered a strong contender for developing web applications. It’s only with the introduction of the Ruby on Rails framework (which we’ll discuss in a moment) that Ruby has joined the mainstream for web application development. Since the introduction of Rails, many other Ruby-based frameworks have been introduced, as well (e.g., Sinatra is a great place to start if you want to learn Ruby).
Developers are tired of having to repeatedly develop the same “type” of application, and they have turned to Ruby on Rails to streamline the process. Rails is an “opinionated” framework; that is, if you surrender to a few conventions offered in the framework, it can significantly speed up your development projects. Rails has seen a huge uptake among technology startup companies, and it is now (and has been for some time) accepted as a stable, well supported framework. Today, it powers some extremely popular web applications.
Python, similar to Ruby, has been in existence since the early 1990s. However, it was not until recently that it has been adopted as a mainstream web application language. Python has gained a lot of steam because it has been used extensively by Google. It scales extremely well, is a high-performance language, and has a reasonably strong community. It’s not as widely used as some other options.
ASP.NET (once upon a time ASP stood for Active Server Pages) is the Microsoft-centric solution to web application development. The biggest advantage of ASP.NET is that it integrates well with other Microsoft offerings; users can be authenticated off Active Directory servers easily, for example. ASP.NET has been around for quite some time, but it is available only on Microsoft IIS servers. You’ll find ASP.NET used primarily at large Microsoft-centric organizations, but there are a few stand-alone applications written in ASP.NET, as well. .NET developers are an interesting breed. A solid .NET developer can do anything—the sky’s the limit. However, there is a barrier to entry because .NET hosting can be more expensive than choosing an open source route.
Java/JavaServer Pages (JSP) were quite popular during the first web boom in the 1990s, but they have somewhat died off since. Java was a quite common skill for developers during the dot-com boom, but today it is pretty onerous to use for developing web applications. JSP didn’t die out because it lacked functionality or because it was an inferior technology, but because development cycles took too long. We don’t mean for it to sound like we’re ringing the death bell for JSP—it’s still used in a number of enterprises—but you don’t see many startups choosing JSP for their applications these days.
In all honesty, the previous paragraph is as true today as it was five years ago, and Java is still hanging in there. It hasn’t gained tremendously in market share, but it hasn’t lost much, either. So we’re going to go out on a limb and say that Java is just going to hang in there for the foreseeable future.
A framework is one step above a web application language in terms of functionality. Frameworks are a collection of functions and libraries that make web development easier by automating some of the common (and tedious) tasks in developing a website. Things such as user login/logout and access control are used in a lot of different web applications, so why would you want to write code to manage that function over and over again? Similarly, a lot of web applications use a database on the back-end to do adds, updates, deletes, and listings; but wouldn’t it be nice if there were a simple way to build a basic page to add a record to the database, without having to rewrite that code in SQL repeatedly?
Why bother with frameworks?
Frameworks aren’t a new idea, but they really seem to have taken off in popularity recently. Everyone seems to have an idea about how best to implement a framework: some people prefer flexibility to efficiency; others just want to keep things simple. Most of the major frameworks support similar features; they just take a different approach to how they do it. Most frameworks are language-specific; however, there are a few that have been ported between languages.
For the most part, you need to learn the language before you become proficient with a framework. Once you do reach that point, however, frameworks can save you a great deal of time and really allow you to focus on the big picture instead of worrying about writing code to interact with your database (to list one example). There is no right or wrong time to use a framework; if you are comfortable working in a particular language, it might be a good time to branch out and explore the frameworks available to you. Whether you’re creating a big project or a small one, frameworks will save you time.
A few popular candidates
Frameworks are available for every language and every purpose. We’ve limited the discussion to three here, all based on popular open source languages. If you’re not into Ruby, PHP, or Python, however, just run a search for <language> framework, and we guarantee you’ll get at least two or three solid results.
Ruby on Rails (RoR) is a great example of a web-development framework. An enterprising developer, David Heinemeier Hansson, created Ruby on Rails when he was working on a project-management web application. He grew bored of always having to rewrite the same code over and over again and realized that some of the process could be automated.
Frameworks can be great boosts to productivity, but they can also impose constraints on your development process. For example, Ruby on Rails applies a convention over configuration philosophy to development: if you follow certain conventions, the code will almost write itself; otherwise, you’ll end up rewriting a bunch of stuff by hand. One example of this occurs if you create a class called product (i.e., it is meant to add/delete/edit products in your database). Ruby on Rails will assume that the table in your database storing product information will be called products. It’s not a big deal, but some organizations may have a strict naming scheme in place for database tables—for example, they may require that you put the name of the department before your table name. In cases like that, you’re going to have to do a little extra legwork (you can still use Rails, but you’ll need to spend a little extra time configuring things instead of using some of the framework’s built-in convention over configuration functionality).
Another feature of Rails (and several other frameworks for that matter) that’s worth mentioning is its extensive implementation of the Model-View-Controller (MVC) architecture . We’ve talked about separating content from function when using HTML5, CSS, and JavaScript. MVC is sort of like an implementation of this in server-side development:
- The model handles all the data and logic in an application. It isn’t directly responsible for data storage. Although we’ve focused on databases in this chapter, there are certainly other ways of storing data, such as a flat-text file or as an XML file. The model is more interested in “working data”—such as the total for a person’s cart is $99.95 or that Friday is three days from today.
- The view is the presentation layer. Any sort of user interface rendering is handled through the view, from the colors used on a page to the placement of check boxes and input fields in a form. The view will often generate the UI on the fly based on information from the model.
- The controller is responsible for handling input, interacting with the model, and returning output back to the view. All of the application legwork is done in the controller.
If Ruby on Rails isn’t your thing—or if you’re already a whiz at PHP, but you love the idea of what a framework has to offer—then you’re in luck. There is a long list of frameworks available for PHP, and most of them implement MVC architecture. CakePHP is one such framework for PHP that has grown in popularity since its creation in 2005. Although it shares a number of features with Ruby on Rails, it’s been written from the ground up as its own distinct and powerful framework.
One of the big advantages of CakePHP is its ease of use and excellent documentation. If you’re new to PHP, you may just want to skip all the groundwork and dive right into CakePHP—chances are you’ll be able to accomplish 95 percent of what you set out to do with it right out of the box.
Python developers out there need not feel left out (nor should ASP.NET developers nor pretty much anyone else—there is a framework for just about any popular web application language). For example, Django offers Python developers features similar to the other frameworks we’ve covered, and it has been used on a few high-profile web applications (such as Revver and Pownce).
Of special note, Python developers might want to consider Google’s Google App Engine application platform, which essentially lets you host your web application with Google. The Google App Engine has built-in Python support, and developers were using Django quite extensively in the early applications that were built to run on this platform. It’s definitely a great boost for the Python programming language and the Django framework.
Summary
As we mentioned in throughout this chapter, it doesn’t really matter what application server, language, or framework you choose (assuming you even have a choice). They’re all mature enough products that they are equally capable in their feature sets. If you’re new to the area, pick something open source because those products are the easiest and least expensive to learn on.
It’s easy to get bogged down in language/database/framework discussions on projects. If you’re going to be doing the technical development, you should ultimately be the one making the decision on what to use. Developers have to be confident in the tools they use; if the back-end architecture is being dictated to you, but it’s something you’ve never worked with, then be sure to either get some help or to allow extra time for learning the technology. End users can tell whether there are problems in a site’s construction.