Software Engineering for Internet Applications - Student Community

long as it is much easier to remove spam than to post it thecommunity is relatively spam-proof. Note that Sarah would not havebeen able to deface the community if a policy of pre-approval forcontent contributed by newly registered users was established.Scenario 2: Ira Angrywicz, User #3571, has developed a grudgeagainst Herschel Mellowman, User #4189. In every discussion forumthread where Herschel has posted Ira has posted a personal attackon Herschel right underneath. The procedure followed to deal withSarah Moneylover is not appropriate here because Ira, prior togetting angry with Herschel, posted 600 useful discussion forumreplies that we would be loathe to delete. The right tool to deal withthis problem is an administration page showing all contentcontributed by User #3571 sorted by date. Underneath each contentitem's headline are the first 200 words of the body so that theadministrator can evaluate without clicking down whether or not themessage is anti-Herschel spam. Adjacent to each content item is acheckbox and at the bottom of all the content is a button marked"Disapprove all checked items." For every angry reply that Ira had totype the administrator had only to click the mouse once on acheckbox, perhaps a 100:1 ratio between spammer effort and admineffort.Scenario 3: A professional programmer hired to boost a company'ssearch engine rank writes scripts to insert content all around theInternet with hyperlinks to his client's Web site. The programs aresophisticated enough to work through the new user registrationpages in your community, registering 100 new accounts each with aunique name and email address. The programmer has also set uprobots to respond to email address verification messages sent byyour software. Now you've got 100 new (fake) users each of whomhas posted two messages. If the programmer has been a bit sloppy itis conceivable that all of the user registrations and content wereposted from the same IP address in which case you could defendagainst this kind of attack by adding an originating_ip_addresscolumn to your content management tables and building an adminpage letting you view and potentially delete all content from aparticular IP address. Discovering this problem after the fact youmight deal with it by writing an admin page that would summarize thenew user registrations and contributions with a checkbox bulk-nukecapability to remove those users and all of their content. Aftercleaning out the spam you'd probably add a "verify that you're ahuman" step in the user registration process in which, for example, ahard-to-read word was obscured inside a patterned bitmap imageand the would-be registrant had to recognize the word amidst the224between lazy or energetic. A lazy system will respond "syntax error"to any user input that won't work. An energetic system will try toautocorrect the user's input or at least figure out what is likely to bewrong.Studies have shown that it is worthwhile to develop sophisticatederror handling pages, e.g., ones that correct the user's input andserve a confirmation page. At the very least it is worth running someregular expressions against the user's offending input to see if itsdefects fall into a common pattern that can be explained on an errorpage. It is best to avoid anthropomorphism--the computer shouldn'tsay "I didn't understand what you typed".ColorText is most readable when it is black against awhite or off-white background. It is best to avoidusing color as part of your interface with theexception of sticking with conventions such as"blue text = hyperlink; purple text = visitedhyperlink". If you limit your creativity to the browser will"The naturalworld is toogreen and badlylit."-- FrancoisBoucher, 18thcentury paintertreat your users kindly with familiar link colors. By this sparing use ofcolor in your interface you'll have most of the color spectrumavailable for presenting information: charts, graphs, photos. Comparewww.britneyspears.com and http://britneyspears.ac/basics.htm, forexample, to see these principles at work.Be a bit careful with medium gray tones at the very top of Webpages. Many Web browsers use various shades of gray for thebackgrounds of menu and button bars at the top of windows. If aWeb page has a solid gray area at the top, a user may have troubledistinguishing where the browser software ends and the page contentbegins. Notice that pages on Yahoo! and Amazon include a bit ofextra white space at the top to separate their page content from thebrowser location and menu bars.Whatever scheme you choose, keep it consistent site-wide. In 1876MIT agreed on cardinal and gray for school colors. See how theagreement is holding up by visiting www.mit.edu, click on"Administration" and then look at the subsites for four departments:IS, Medical, Arts, Disabilities Service.For an excellent discussion of the use of color, see MacintoshHuman Interface Guidelines, available online at125