CSC 107

Frequently encountered problems

As this course winds down (or is it up?), these are some problems that may need to be fixed on your website.
  1. Bad contrast: text is hard to read, on screen, or when printed.
    This could happen with yellow color and predominately blue-black backgrould, and page is printed, or displayed without the backgrould for some reason. It can also happen if the background is too varied, in which case it should be lightened (or darkened, for light text.
  2. bland: no style at all. Looks like something a professor wrote in a hurry -- like this page.
  3. Lack of focus: A visitor can't tell what the site is ABOUT. If there are products, no idea if it is sports equipment, video games, or sci-fi tee-shirts.
  4. Search is "NP-Complete." This means that to find a product, service, or event, client must guess the exact name, or the search result will be empty. It would take an exponential amount of time to discover "Bulwer Purple Prose Award" for example.
  5. Poor navigation. Pages exist, but are hard to find. Variant: have to leave a comment before getting links to other options.
  6. Spam magnet: Comments are invited, and then shown to the world without any restrictions or moderation. Wordpress sites are gnereally prone to this, for Osiris I recommended not allowing comments with one (default 2) or more links, and holding comments for moderation until user has an aproved comment. For your own site, use my "abuse" function, or require a login, or monitor your comments regularly. (Do you really want to commit to this long term?)
  7. Login ineffective: Someone can "log in" with a wrong password, and still be able to perform restricted operations. Once the password is verified, either set a cookie, or start a session.
  8. Login useless: Nothing extra the logged in user can do, or else must repeatedly suply credentials.
  9. Open to SQL injection: With all user data, use pg_query_params, pg_escape_string, or mysql_real_escape_string.
  10. PHP injection. Never write user data to a file, and then "include()" that file, as that causes php code to be executed. (You can open and read the file instead.)