Ask HN: Getting started in server programming

5 points by CJefferson ↗ HN
Some background: I have written a reasonbly successful iPhone puzzle game, which I have converted into HTML 5. I would like to put it up on the net. This would require a simple server where users can log in, and their progress is saved. (note - the game does not communicate in 'real time')

While I consider myself a competent Java, C++, Python... algorithms programmer, server/web programming has always scared me. I hear about SQL injections, XSS attacks, password leaks, servers crashing when websites get popular, noSQL, etc.

Given I am starting from scratch, what's the best thing to learn to make simple, efficient and safe servers, to serve webpages and JSON?

4 comments

[ 3.1 ms ] story [ 15.6 ms ] thread
Learn the differences between select/poll/epoll/kqueue. You don't want to waste time using select() when you're intending to handle lots of concurrent clients or use epoll/kqueue when you have a limited number of connections and care about throughput.

For simple servers, I use Ruby + EventMachine[0], but there's also C++ bindings for it.

Since I use Ruby, I'd simply use Mongrel[1] within my server to serve HTTP docs and all my Ruby data structures can be serialized into JSON by just including a json lib and calling #to_json. I'm sure there's similar embeddable HTTP servers and JSON libs for C++.

  require 'json'
  {:numbers => (1..10).to_a, :foo => 'bar'}.to_json
  => "{\"numbers\":[1,2,3,4,5,6,7,8,9,10],\"foo\":\"bar\"}"
[0] https://github.com/eventmachine/eventmachine/wiki

[1] http://en.wikipedia.org/wiki/Mongrel_(web_server)

(comment deleted)
Since you are familiar with python why not pick up one of the python web frameworks(i.e. Django, flask, pyramid). As far as being afraid of the security aspects, don't be it is just a game. No one will die if your web game is hacked. On the other hand read up on web app security. Since it is something every web app will have to deal with, frameworks try to make securing your app easy.
Well, it may be just a game, but apparently people often use the same usernames and passwords for "game" sites as well as banking, etc. It would be good to at least encrypt those so any intruder would have a hard time using that information...

See http://codahale.com/how-to-safely-store-a-password/