Posted on by & filed under Content - Highlights and Reviews, Mobile Development, Programming & Development.

A guest post by Salman Ul Haq, a techpreneur, co-founder and CEO of TunaCode, Inc.

codeWeb application programming ranges from writing light-weight mobile applications to full scale enterprise applications. If you have working knowledge of any single programming language, getting started writing your first web application using PHP, for example, should take only a couple of hours. You should, however, take the time to follow best coding practices while writing your web application, since this differentiates a bad but working application, from a good application. Good applications scale well, make optimal use of precious server resources and deliver an awesome experience to the user. In this post, we will explore some techniques for creating good web applications, starting with responsiveness.

1) Responsiveness and Adaptability

Smart phones have more penetration (if not in numbers) than desktop machines now, and there is an acute need to build a smart, responsive dynamic website. If a user opens a website that does not support a responsive layout, the website will appear broken, or the user will have to scroll a lot to adjust the views. To create a responsive design, you can use tools like Adaptive Images, fit-text, respons.js, Bootstrap, FlevNav, Wirefy or Regardless of your programming language, you can use the adaptive or fully responsive layout to make your website integrate with mobile and variable screen layouts. You can even deploy a third party plug-in like FlexSlider to make your separate web pages responsive. Here is an example that comes from

Percentages are always used to make the grids responsive. In the above example, the code divides the section and aside elements under the parent container. No matter what the size of the container, the grid will be flexible and a clear segregation will be made between the section and the aside layouts. Here is a general formula that you must remember for injecting the button or component level responsiveness:

You can also use useful options like media queries, aspect ratios, mobile first architecture and view points to make your website response to multiple layouts. Read more about Building Mobile Websites in Architecting Mobile Solutions for the Enterprise.

2) Secure coding

Given the current wave of data breaches along with higher consumer data privacy awareness, security is a top priority for any web application developer. The credibility of a website is probably the most important element in determining whether your users will ever trust you with their information. You must deal with threats like SQL injection, port scans and Trojan viruses that can shatter your database security. For more on how to deal with these threats, read Structured Query Language (SQL) Injection in Web Application Security. Always make sure to:

  • Use the SFTP access for your website to upload the files in the encrypted format
  • Always Restrict root access
  • Never use null scripts
  • Always delete installation folders
  • Always use open source scripts like WordPress, Drupal, Joomla, Magento for using online support and continued access
  • Password protect your database
  • Never use default database prefixes

Here are some code snippets to avoid the most commonly used SQL injection attacks. The best coding practice is to program the queries in such a way that they will be parsed separately from the parameters. In this way, the attackers will not be able to control the database through queries. Here are two code snippets that ensure SQL injection avoidance, the first with PHP Data Objects (PDO):

This next snippet uses SQL to avoid SQL injection:

3) Follow the Web Standards

Standardized coding has always been the promising factor for increasing efficiency in web development. Web standards should be used to save time, augment the extensibility of the code, increase web traffic and improve the accessibly and load time of your application and website. Web standards like W3C and ECMA – European Computer Manufacturers Association – are regulating the standardized use of Flash, HTML5, CSS3, XML, XHTML and DOM. The following example shows a standardized code for XHTML and JavaScript as defined by the W3C, courtesy of

Here is another example used for legacy browser support:

You must always insert a DTD in your web pages and application to validate your code with the standards. You can go to once your website is live and uploaded on a server. Click the validate button and the status of your website will be shown on the screen.

4) Segregate Design and Implementation

Due to the complexity of most websites, the recommended practice in web programming is always to deploy the new, trending and efficient MVC (Model-View-Controller) architecture. MVC architecture will allow you to code your website in a modular fashion that makes it more extensible and easy to handle change requests. In the Model portion, you develop the database hierarchies and design, whereas the View portion is responsible for all of the front end complexities and design issues. The Controller portion is where the hard core logic will be implanted. In this way you can extend the web application in any direction according to the requirements. Read more about The MVC Pattern in Pro Spring MVC: With Web Flow.


This post has covered some of the best coding practices for creating web applications. Here are some resources from Safari Books Online that will help you dive into this topic in more detail.

Safari Books Online has the content you need

Responsive Web Design teaches you how to think beyond the desktop and craft beautiful designs that anticipate and respond to your users’ needs. Ethan Marcotte will explore CSS techniques and design principles, including fluid grids, flexible images, and media queries, demonstrating how you can deliver a quality experience to your users no matter how large (or small) their display.
Writing Secure Code will teach you how to padlock your applications throughout the entire development process—from designing secure applications to writing robust code that can withstand repeated attacks to testing applications for security flaws. Easily digested chapters reveal proven principles, strategies, and coding techniques. The authors—two battle-scarred veterans who have solved some of the industry’s toughest security problems—provide sample code in several languages.
Pro PHP MVC looks at the building blocks that make any good MVC framework, and how they apply to PHP. It exposes all considerations that many developers take for granted when using a popular framework, and teaches you how to make the framework your own.

About the author

Salman Ul Haq is a techpreneur, co-founder and CEO of TunaCode, Inc., a startup that delivers GPU-accelerated computing solutions to time-critical application domains. He holds a degree is Computer Systems Engineering. His current focus is on delivering the right solution for cloud security. He can be reached at

Tags: best coding practices, MVC, responsive design, secure coding, Web Applications, web standards,

Comments are closed.