

Ask HN: Getting started in server programming - CJefferson

Some background: I have written a reasonbly successful iPhone puzzle game, which I have converted into HTML 5. I would like to put it up on the net. This would require a simple server where users can log in, and their progress is saved. (note - the game does not communicate in 'real time')<p>While I consider myself a competent Java, C++, Python... algorithms programmer, server/web programming has always scared me. I hear about SQL injections, XSS attacks, password leaks, servers crashing when websites get popular, noSQL, etc.<p>Given I am starting from scratch, what's the best thing to learn to make simple, efficient and safe servers, to serve webpages and JSON?
======
getsat
Learn the differences between select/poll/epoll/kqueue. You don't want to
waste time using select() when you're intending to handle lots of concurrent
clients or use epoll/kqueue when you have a limited number of connections and
care about throughput.

For simple servers, I use Ruby + EventMachine[0], but there's also C++
bindings for it.

Since I use Ruby, I'd simply use Mongrel[1] within my server to serve HTTP
docs and all my Ruby data structures can be serialized into JSON by just
including a json lib and calling #to_json. I'm sure there's similar embeddable
HTTP servers and JSON libs for C++.

    
    
      require 'json'
      {:numbers => (1..10).to_a, :foo => 'bar'}.to_json
      => "{\"numbers\":[1,2,3,4,5,6,7,8,9,10],\"foo\":\"bar\"}"
    

[0] <https://github.com/eventmachine/eventmachine/wiki>

[1] <http://en.wikipedia.org/wiki/Mongrel_(web_server)>

------
stonemetal
Since you are familiar with python why not pick up one of the python web
frameworks(i.e. Django, flask, pyramid). As far as being afraid of the
security aspects, don't be it is just a game. No one will die if your web game
is hacked. On the other hand read up on web app security. Since it is
something every web app will have to deal with, frameworks try to make
securing your app easy.

~~~
BillAtHRST
Well, it may be just a game, but apparently people often use the same
usernames and passwords for "game" sites as well as banking, etc. It would be
good to at least encrypt those so any intruder would have a hard time using
that information...

See <http://codahale.com/how-to-safely-store-a-password/>

