Section Six: Design, Testing and IDEs Flashcards
How do programmers try to protect their programs?
- Anticipating how users might misuse the program, then attempt to prevent it from happening
- Ensure their code is well-maintained
- Reduce the number of errors in the code through testing
Two ways to prevent users from entering something you don’t want them to
Input Validation
Input Sanitisation
Input Sanitisation
Removing any unwanted characters before passing data through the program
Input Validation
Checking if data meets certain criteria before passing it onto the program. E.g. checking that an email address contains a @ symbol and has a suitable ending
Types of input validation checks
Range Check Presence Check Check Digit Format Check Look-up table Length check
Range Check
Checks the data is within a specified range
Presence Check
Checks the data has actually been entered
Check Digit
Checks numerical data has been entered accurately
Look-up Table
Checks the data against a table of acceptable values
Length Check
Checks the data is the correct length
Format Check
Checks the data has the correct format (e.g. a date)
Authentication
Confirms the identity of a user before they’re allowed to access certain pieces of data or features of the program. A common way that program do this is using passwords
Ways to increase the security of a password-based authentication system
- Force users to use strong passwords and get them to change their passwords regularly
- Limit the number of failed authentication attempts before access to an account is lost
3 Ask for a random selection of characters from the passwords on each authentication
What is meant by a “well-maintained” program?
A program that is easy for other programmers to understand what the code does.
They should also be able to make changes to parts of the source code without the risk of causing problems elsewhere in the code.
Features to improve the maintainability of source code
- Comments (after // or #) are useful for explaining what the key features of a program do
- Indentation can be used to separate different statements in a program. This allows other programmers to see the flow of the program more clearly and pick out the different features
- Variables and sub-programs should be named so that they refer to what they actually are
- Only use global variables when necessary as they could affect the rest of your code. Variables with a local scope will only affect the sub programs they are declared in.