Brilliant Thinking

A client approaches you for a nice new website design to make the business look good and present a professional image. They may ask for a new brand, but the old site - an inconsistent soup of text and images pulled together over time - definitely needs to go.

You sit down and discuss what needs to be done and how much control they would like over the website once it’s finished - is there going to be a maintenance contract or do they want to maintain it themselves. Many clients opt for the latter, and is generally preferable in most cases as the client can do what they need to when they need to without waiting for an external resource to be available.

However, we’ve allocated budget for the website itself, but we need to introduce content management and there’s not much left over to do anything sophisticated. This leaves us in an interesting position - we are faced with a spectrum of flexibility.

At one end we have exceptionally capable tools such as Macromedia Contribute which, for a few tens of pounds provide easy access and editing facilities for websites, whether they are produced in Macromedia Dreamweaver or not. Clients like this because it is inexpensive and pretty powerful. However, it does give you complete freedom to edit content. And that means styling too. Fortunately, if you have used Dreamweaver templates to build the site you can protect structural elements such as navigation so clients can’t break the site and call you at 6pm asking you to fix it, but they can use any fonts, any layout and add any pictures they like to the content. It doesn’t take long for a professional site to start to look jagged round the edges.

At the other end of the spectrum you have bespoke content management systems (CMS) which are very prescriptive and allow people to only enter plain text. All styling, fonts and layout is managed in a template hidden behind the system. Clients can upload images and the CMS can automatically scale and thumbnail these items for optimum web performance. However, although this type of system enforces adherence to brand, look and feel, it is more complex to build and therefore costs more.

And in between there are many commercial and open source content management systems that promise varying degrees of flexibility and control.

However, the success of any solution does not lie in the technology itself - that is just an enabler. The solution lies in the people and their attitudes towards the task of managing content. A short piece of training in the content management system with reinforcing messages about brand, look and feel can do wonders to ensure that the client remains happy with their website months, or even years, after you have launched the site. It’s more about change management - changing web users/clients behaviour and understanding - that generates consistent results.

Further to our earlier piece on the perils of spam and how to avoid them, it appears that Bad Behavior is exceptional when it’s hooked into a database (as is the default modus operandi with Wordpress), but when you run it as a plain plug-in in PHP forms to protect them against auto-submit spammers it is not very effective (the documentation says it runs “degraded”) but our clients report that it doesn’t actually seem to make a difference.

Barriers at the source:
Another, more effective, way to block spammers auto-submitting forms at source is the “secure image verification” technique where an obscured or distorted random image of letters and numbers is shown on the screen and the website visitor asked to type it in. (The letters and numbers are distorted and obscured because there are “optical character recognition” programs that read electronic image text and work out what it is.) There are numerous methods used to implement this; one of the most advanced is the CAPTCHA project which provides very strong security though some of the implementations require good technical know-how (good article here on Wikipedia about Captcha with links to different distributions); there are also methods that use GD library including this one from devshed, or this one from Site Point. The coding is a little more elegant in the second example, though the use of a database for additional security in the first example is good too.

I’d recommend using some form of image security on input forms as a standard approach to combatting spam robots these days, and always ask your developer to consider this as an option. Unless you want all those junk mails?