Are you planning to design a PHP web application? If yes, you’re on the right page. You will be amazed that the first step of the PHP web development process is not really about coding. But the most important step in the design process is “brainstorming on the all possible functionality to be included” as well as conducting a “failure mode analysis”.
Brainstorming all the possible functionality is not really your job as a PHP developer but this is done by your customer. Your job is to add some functionality that will further strengthen the web application.
No matter how guru you are at coding PHP applications, if your process flow and design sucks, you will still appear like an idiot in front of the web application users. Ok to speed up the learning process, for example you are designing a web application that has the following basic features requested by your customer:
1.) After they click the “buy button”, they will be presented into a customer registration form.
2.) The customer application form consists of the following fields: name, address, company name and email address.
3.) After the customer fills up the form, they will press submit and the information should be saved in a database at the same time, the customer will verify the order in the email.
4.) The customer will click on the link provided by the email, and then the customer will download the free digital products.
OK those are the basic processes requested by your customer. The first step of the analysis process is to do a failure mode analysis. The objective of the failure mode analysis is to analyze how the web application will fail and what are your corrective actions. Failure mode should be asked in the form of a question, starting with “what if”…
Below is the failure mode analysis of the above web application example:
1.) What if, there are automatic spam bots that will auto register the form?
Design corrective action: Add captcha protection.
2.) What if there are abusive users that will use email address which really does not exist?
Design corrective action: Aside from validating the email address in PHP, let them verify the mail. So if it did really exist; they will be able to sign in and read your mail as well as clicking on the link to verify its existence.
3.) What if someone will know the download link and share it with everyone?
Design corrective action: You can either provide a customer code which is unique for every customer and then once the user click the link from the email. A form will ask for a customer code. Then the user will enter the code. After the code has been entered, the download link will be presented, and the user will click on it. You can use htaccess to prevent illegal access such as a direct link (paste the download URL in the browser) or coming from another domain Also the code will be used only once, so if user enter again the code, it will be denied.
4.) What if someone enters falsified information such as name and address?
Design Corrective action: Of course no one can verify the true identity of the person in the internet, this can only be done if you asked the user to submit government issued identification cards, legal documents notarized as well as birth certificate and have it scanned, then asked them to send it to you. Then you will verify those papers against government records. But if this looks like an overkill,the best course of action is either includes this limitation in the website terms and condition.
The above 4 is just a start, you can further do more failure mode analysis of your web application. The more failure mode analysis, the more successful is your website in satisfying customer needs. A good example is facebook.com. The website runs in PHP and the developers looks good in doing a failure mode analysis of every website features they developed. The more “what if’s” asked and answered, the more successful will be your web application.The less likely your application will fail.
