Menu
Documentation.
Imagine any open source project you can find with and without up-to-date documentation and feel the impact this has on how professional you think it is.
Care for security, especially of the user's private data.
Store passwords using a strong hash like bcrypt (see crypt documentation):
// generating hash
// read up how $costParameter and $salt look like in the crypt() docs
$hash = crypt($password, '$2a$' . $costParameter . '$' . $salt . '$');
// checking if password is correct
if (crypt($whatTheUserEntered, $hash) == $hash) {
// correct password
}
$salt should not be a static value. It should be different for every user.
for professional appearance, very important is clean and aesthetic graphic design as well. because the cover is what sells, these days. sad, but true. web application with a beautiful code and ugly appearance won't attract much attention.
A health check
A series of pre-configured tests that determine the basic "health" of a web application or web site that can be viewed (by the administrator / site owner) at any time, showing things like:
a simple status page shows the current "health" of the system with a green, orange or red background.
This is different from Unit Testing in that it deals with the health of a "real world" environment, and not abstract code integrity.
A health check also makes migrating an application to another server easy.
I have implemented this in several projects that need constant monitoring; I'm planning to make it into a small, extendable "drop in" open source app some time this year that can be used in all sorts of web applications and even web sites. Participation and input very welcome - see the related SO question for more details.
Source Control. Specifically Git (Though not specifically GitHub)
OK, It's not uncommon.
But when I outsource code and get back a neat repo, with all the history and twists and turns, I am far more impressed than with a folder full of php files.
And it demonstrates how much extra work was put into the project that isn't seen.
I use GitFlow, which takes a bit longer during use, but makes up for itself in being that much more impressive in the finished project. Make sure the client sees the github graph (or equiv.) All of those branches look neat and impressive. (Besides actually being useful!)
Related:
An Issue Tracking System.
Both for before the code is completed (while client is reviewing), and afterwords, to allow them to add new tasks.
It is not only a way of demarcating tasks and getting more work, it makes the client feel that the project is still on my mind. Even though Ive moved on.
I use Collabtive, which is absolutely horrendous as these systems go, but is more impressive looking then anything else I've tried, Things that look impressive are assumed to be professional.
Password Strength/Match
Notify user interactively of the strength weakness of their password, when signing up or changing it. Also notify them when their confirmation matches when they are typing.
Realtime Form Validation
As with passwords, realtime validation of form entries is much less irritating than allowing the user to complete the entire form before they know they made a mistake, or omitted a mandatory field they skipped over.
Defensive programming with Friendly Exception / Error Handling
Never use cryptic error messages, and generally refer to the best case examples you can find for good friendly error messages. In best cases, this generally requires a talented copy-writer to be tasked with maintaining good tone of voice etc.
This goes hand in hand with solid exception handling and good defensive programming.
Defensive Design is a pretty decent book on this topic.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With