Analyse the Risks of Ad Hoc Programming in Web Development and Develop a Metrics of Appropriate Tool...

Manish Gubhaju, Ali Al-Sherbaz

  Open Access OPEN ACCESS  Peer Reviewed PEER-REVIEWED

Analyse the Risks of Ad Hoc Programming in Web Development and Develop a Metrics of Appropriate Tools

Manish Gubhaju1,, Ali Al-Sherbaz1

1The University of Northampton, Northampton, United Kingdom

Abstract

Today the World Wide Web has become one of the most powerful tools for business promotion and social networking. As the use of websites and web applications to promote the businesses has increased drastically over the past few years, the complexity of managing them and protecting them from security threats has become a complicated task for the organizations. On the other hand, most of the web projects are at risk and less secure due to lack of quality programming. Although there are plenty of frameworks available for free in the market to improve the quality of programming, most of the programmers use ad hoc programming rather than using frameworks which could save their time and repeated work. The research identifies the different frameworks in PHP and .NET programming, and evaluates their benefits and drawbacks in the web application development. The research aims to help web development companies to minimize the risks involved in developing large web projects and develop a metrics of appropriate frameworks to be used for the specific projects. The study examined the way web applications were developed in different software companies and the advantages of using frameworks while developing them. The findings of the results show that it was not only the experience of developers that motivated them to use frameworks. The major conclusions and recommendations drawn from this research were that the main reasons behind web developers avoiding frameworks are that they are difficult to learn and implement. Also, the motivations factors for programmers towards using frameworks were self-efficiency, habit of learning new things and awareness about the benefits of frameworks. The research recommended companies to use appropriate frameworks to protect their projects against security threats like SQL injection and RSS injection.

At a glance: Figures

Cite this article:

  • Gubhaju, Manish, and Ali Al-Sherbaz. "Analyse the Risks of Ad Hoc Programming in Web Development and Develop a Metrics of Appropriate Tools." American Journal of Information Systems 1.1 (2013): 9-20.
  • Gubhaju, M. , & Al-Sherbaz, A. (2013). Analyse the Risks of Ad Hoc Programming in Web Development and Develop a Metrics of Appropriate Tools. American Journal of Information Systems, 1(1), 9-20.
  • Gubhaju, Manish, and Ali Al-Sherbaz. "Analyse the Risks of Ad Hoc Programming in Web Development and Develop a Metrics of Appropriate Tools." American Journal of Information Systems 1, no. 1 (2013): 9-20.

Import into BibTeX Import into EndNote Import into RefMan Import into RefWorks

1. Introduction

The study focuses on the application developers who are mainly stuck within the ad hoc programming rather than framework programming and the role of frameworks in risk management process of large web based projects. It also highlights what actually the frameworks in application development means and the advantages and weaknesses of using them.

1.1. Research Background

Today, the easiest and fastest way to fetch information is getting ‘on line’. The Internet Technology has become one of the most powerful advancements in the history of Technology [1]. The web is today known as World Wide Web (WWW) that has a huge influence in every sector of our lives and society [2]. In the past, the World Wide Web was only limited to email, transfer of files and data storage but now it has become a driving force for the success of any organization [3]. It has become the most powerful tool for business promotion and communication. There is rarely anything left that can’t be found on the web. All these information are found in the websites and these websites are developed by the web developers. There are different types of programming languages available for the web application development. Just like we use different types of languages in our daily life to communicate with other people, developers use different type of programming languages to communicate with the web server through the web [1]. So, to make programming more structured frameworks were developed. Frameworks are a set of structured software that developers can use, extend and customize to suit their application. It is a reusable mechanism that allows the developers to break down an application into a set of connecting objects [4]. Frameworks are usually not very different from OOP (Object Oriented Programming). It’s just a reuse of a code that is already made for you in advance. In other words the web application framework can be defined as “A reusable software system with general functionality already implemented”.[5], p.68

There is always a risk for failure of project if ad hoc programming is used. The ad hoc programming is just fine if you are a beginner but we have found that even most of the professional developers try to adopt this type of programming.

A survey done by Cutter Consortium (2000) cited in [5] showed that the top problems for the large scale web projects failure were as follows:

- Failing to meet up the needs of businesses (84%)

- Delay in the project plan (79%)

- Lack of budget (63%)

- Poor and inadequate functionality (53%)

- Poor quality of deliverables (52%)

The above results of the survey clearly show that two out of five problems for project failure were quality of programming and functions. When you are doing a large project with a number of developers working on it, it is not possible to meet the targets unless you follow a proper framework. Ad hoc programming for large projects can lead to a situation from where one can never come out and later have to restart the project. Frameworks have predefined functions and have specific locations for saving the different types of files.

1.2. Research Question

The research aims to investigate the following question:

Why do programmers avoid frameworks in favour of ad hoc program development and how can they be motivated towards using frameworks to minimize the risks of web projects?

1.3. Aims and Objectives

The major purpose of this research is to analyse the risk involved in large web development projects and find out the reasons behind programmers choosing ad hoc programming rather than the framework programming. The major aims and objectives of this paper are as follows:

Aims:

•  Help organizations to minimize the risks involved in developing large web projects.

•  Motivate Web Developers towards using the proper frameworks while programming.

Objectives:

•  Identify the different frameworks of web applications.

•  Evaluate the impacts of frameworks on web programming and evaluate their benefits and drawbacks in the web application development.

•  Identify and analyse the risks of web projects due to ad hoc programming.

•  Identify the methods through which risks can be managed for large web development projects by the use of proper frameworks.

•  Investigate the motivation of programmers to engage with frameworks.

•  Define methods to encourage programmers towards using the frameworks.

2. Literature Review

Before identifying the impacts of programming frameworks on web development, it is very important to review the theories on World Wide Web (WWW), web application development and web programming.

2.1. Internet and the World Wide Web (www)

Internet is nothing but a set of interconnected networks through which high speed data are being exchanged between servers and other connecting computers [6]. An author describes the need for internet in the following way: “Why do people want to be ‘on the Internet?’ One of the main reasons is simple freedom. The Internet is a rare example of a true, modern, functional anarchy.”(Sterling, 1993 cited in [7], p.579).

Today, the world is at our finger tips for the first time ever. We can find the information about anything using the internet and computer. From setting up a video conference to online shopping, listening to music, watching videos all can be done by entering into world’s largest computer network - the Internet [8]. Internet is one the most important need for human beings today but a very few people know about the history of internet. The internet was first developed in 1969 by Advanced Research Projects Agency (ARPANET) for the US Defence Department to exchange scientific information. Later in 1970s and 1980s protocols like file transfer protocol (FTP) were developed to transfer files over the internet. After the wars, more features like electronic mail (e-mail), UseNet groups were added to the internet and were made publically accessible. Finally in 1991, the World Wide Web (WWW) was developed that allowed web contents to be accessed using the hyperlinks. Delphi was the first Internet Service Provider (ISP) in 1993 and there were only 133 sites at that time. The number increased to 3000 in 1994 and more than 2.2 billion in 1998 [6].

2.2. Web Application Development Static and Dynamic Websites

Web applications or websites can be developed depending upon the type of website either static or dynamic. Static websites are those in which a new page has to be uploaded in the server to change the content of the website. They are developed using HTML code. So if something needs to change in the webpage then the HTML code has to be changed itself. Static websites are usually built for small websites with fewer pages and were mostly used in the past [9]. The figure below gives a brief overview of how data are fetched from the web server and displayed in the clients’ browsers.

In Dynamic websites, contents are generated dynamically. The contents like text and images are stored in a database rather than static HTML pages and formatting instructions are placed in the webpage [11]. When a user requests a page, the pages are constructed on demand i.e. the code or instruction pulls the data from the database which combines with the layout to produce the output page and display in the client’s screen [10].

The figure below shows the functionality of dynamic websites.

2.3. Introduction to Frameworks

Programming frameworks are set of structured code, classes, libraries, and run-time environments that allow developers to efficiently and quickly develop applications with a good standard [12]. Frameworks help developers to build more cleaner, secure and maintainable applications which are the key reasons behind more developers switching from old ad-hoc style of programming to framework-based programming [13]. Frameworks are the tools for developing any applications and tools play a vital role in building any application in any language. They provide an ease of maintaining the software on a long term basis making the lives of developers and mangers better [14]. There are many web programming frameworks available in the market and some of them are very popular among the developers.


2.3.1. Popular Web Development Frameworks

There are altogether more than 100 web programming frameworks available in PHP, ASP.NET, JSP, Perl, Python, Ruby, and ColdFusion and below are some of the most popular ones in terms of usability and flexibility.

Zend Framework

Zend framework is an integrated software platform that provides scalability and reliability to the applications built in PHP. It was jointly announced by Zend Technologies, Inc and IBM. Zend helps to deliver PHP intelligence by fixing some of the major problems in PHP applications such as run-time and database errors [15].

CodeIgniter

CodeIgniter (CI) is a powerful PHP framework that is based on Model-View-Controller (MVC) web development [16]. The author believes CodeIgniter has changed his relationship between his clients and the web development. As the codes are organized, it makes the documentation easy and shortens the project completion time [16]. As of [17], they believed that CodeIgniter is a tool for making PHP easy to use and implement. CI is very easy to install and free which makes it more desirable to use. But its not recommended for those who are weak in OOP (Object Oriented Programming) in PHP or who like to write all of their code rather than using pre built solutions [17].

CakePHP

CakePHP is a well-documented PHP framework that provides a broad architecture for developing and maintaining web applications. CakePHP has a wide range of features that are suitable for beginners as well as experienced developers [18].

The figure below shows how the three components of MVC in CakePHP work together.

The objective of MVC in CakePHP is to separate the operations into models for interacting with the database using queries, views for taking inputs from the user and giving output and controller for controlling the whole program flow and generating the output by the help of models. Using MVC errors can be debugged easily. Suppose, if you are getting errors related to your query or database, the problem is usually in the model section as all the database related files are kept in there. The CakePHP is also very handy framework if you are doing a big project in a group because the developers already know where the files are stored and is everyone has to follow the same pattern [19].

ASP.NET MVC framework

According to [20], ASP.NET MVC is a framework by Microsoft that was developed to overcome the weaknesses of traditional ASP.NET programming and built clean and effective web applications using the model-view-controller (MVC) architecture. This view has also been supported by the work of [21]. The framework mainly emphasizes on the clean architecture, testability, and design patterns. The ASP.NET MVC 3 was released recently in 2011 which is the latest version of the framework.

2.4. Advantages and Disadvantages of Using Frameworks in Web Application Development

Framework programming is now known as the most modern technique for developing web applications. But like any other technology it has few disadvantages that can’t be denied. The negative impacts that the frameworks have in web development are far less compared to its positive impacts. Frameworks will be the next big thing in the world of web development in the near future. Frameworks help to build dynamic websites much quicker than normal programming and minimize repetitive tasks. The following sections further enlighten the positive and negative impacts of frameworks on web programming [22].


2.4.1. An Approach to Improve Reuse in Web Applications

The need for code reusability has been aroused due to complexity of application and time taken to build web applications like ecommerce sites and other web applications. Building a web application quicker and free of bugs is the most important thing to keep in mind while developing websites. This is only possible if a proper architecture is followed and navigations like landmarks and indexes are used [23]. Frameworks contain scripts that have already been developed, used, tested by other developers that can be effectively used to save time and money. Hence, the web application frameworks contain most of the above mentioned attribute to help web developers build bug free and quality applications quickly and effectively.


2.4.2. Code Acceleration and Optimization

Web code optimization is a very essential part of web development in today’s faster growing web industry. As the authors believe “A crucial part of developing successful web applications is optimizing the files that comprise them. Speed optimization affect show users perceive the efficiency and fluidity of an application.” [24], p.420.


2.4.3. Improve Web Security and Lower the Risks of Hacking

Website security has always been a hot topic for last few years. There are literally so many examples of websites hacked because of weak scripting. On October 13, 2005 a security flaw in myspace.com resulted in over one million friend request to its creator’s profile. Similarly, a security flaw in PayPal website allowed hackers to steal credit card numbers of thousands of users [25]. As in [26], SQL injection has been one of the most common attacks in the world of internet for last 10 years but yet it has not been clearly understood by web developers and security professionals


2.4.4. Disadvantage: Framework Code Overhead, Application Performance and Loss of Understanding

Although frameworks have lots of advantages, it also has some weaknesses. Frameworks consists of large number of classes, libraries and other reusable codes for the functions like connecting to the database, caching, authentication and security features which can create a large code overhead. This will be applied for each and every application built in that framework. For large projects it will not matter a lot but it is a big disadvantage for small projects where millions of unnecessary lines of code will have to be written instead of few codes [27].

The heavy lines of codes for interacting with the database can affect the performance of the application and force it to slow down. There are different other aspects in which the frameworks can harm the performance of the application. For example caching function is a good one for running complex codes but it can slower down the server’s performance because of its complex caching system [28].

2.5. Ad-hoc programming: Leading a Project Towards Risks

As in [21], the author categorizes software into two types: good software and bad software. A good software is the one that has no flaws, well optimized, without any repetition of code and most importantly works as you want it to be worked and can be maintained easily. As in [29], the author sees software change as an essential part of software development life cycle and an important task for the developers. There are basically four reasons for the change of software. Firstly because we need to add new features to the software, secondly if we need to fix any bug in the software. Thirdly, to make improvements on the design and lastly for the optimization of code or database querys.

On the other hand, a bad software is one which is very difficult to maintain and doesn’t work as you projected. A badly written software has properties like inflexibility, dullness, fragility, recurrence and needless complexity. An inflexible software is one which needs a lot of changes if one change has to be made in it. Dullness means a software that is difficult to understand. If a software breaks into lots of places for a small change its called a fragile software. Recurrence means repetation of same code which results in increased code execution time and occupies extra space. Lastly, a complex software is the one which is needlessy written in too many lines which could be done within few lines of code [21].

2.6. Future of Web Application Frameworks

The world is moving more towards frameworks not only in the field of web development but in other fields of technology. The framework based software engineering is growing rapidly because of its concept on re-use. It is always good to follow an architectural approach to start any task. Developing software has always been a complex activity and the more complex thing for developers has been ensuring that the software built works correctly without any flaws. Therefore, the concept of frameworks is one of the best solutions to get rid of all these problems [30].

Reviewing the benefits of web application frameworks, the future of frameworks seems to be more bright in the field of web application development. The awareness about the benefits of using the frameworks is the important factor for motivating the web developers towards using the frameworks. Apart from these self-efficiency and self belief are the other factors that can motivate the web developers. One can never experience the benefits of a service unless and until he or she uses it.

3. Research Methodology

This section provides the literature on research techniques and describes the methods that were used by the author to collect the primary data to answer the research question.

3.1. Introduction

A research process is not something which is performed when you feel like doing it; it should follow a certain process which must be sequential and generalized [31]. There are different methods for collecting primary data for a research and the researcher has to decide which methods to use to collect information through primary sources. Some of the popular methods of data collection are observation, questionnaire, experiment and survey. But still the methods used depend upon the type of data required to answer the research problem [32].

3.2. Research Approach

Depending upon the design of the research, the research approach mainly uses either inductive approach or deductive approach. Inductive approach is the one in which data is collected first and then theory is developed as a result of the data analysis. Conversely, in deductive approach theory or hypothesis is first developed and then a research strategy is designed to test the hypothesis [33]

In deductive research, data is collected to see whether the hypothesis is true or false. It uses ‘top-down’ approach in which prediction is made at first and then evidence is asked for to either support or disconfirm the statement. For example a researcher might predict that class with smaller number of students would result in greater number of students in learning compared to large number of students. If after comparing the results between the smaller and larger number of students, the class with smaller number of students show a greater learning then the hypothesis would be supported else would be rejected. However in inductive research, the researcher first collects the data, observes the phenomenon, systematically analyses the data and finally builds an abstraction of the phenomenon that was being studied [34].

As the author had not predicted any statement or hypothesis upfront but wanted to find the answers for why programmers avoided frameworks in favour of ad-hoc program development and how they can be motivated towards using the frameworks, an inductive approach was selected. Primary data was collected using different methods like survey and interview which are described later in this section and was analysed to build a theory.

3.3. Qualitative versus Quantitative Research Methods

The selection of qualitative and quantitative methods for research depends upon the objective of the research and previous experience of the researcher [32]. Qualitative research is mainly used to gain the in-depth knowledge about any topic or understand the phenomenon about which very less is known (Marshan-Piekkari and Welch, 2004 cited in [32]). Qualitative research is very suitable for studying organizations, groups and individuals. Qualitative methods are mainly recommended for inductive and exploratory research as they lead to building hypothesis and statements.

On the other hand in quantitative research method, findings are arrived at by statistical methods. The major difference between qualitative and quantitative research methods is that quantitative research is based on measurement and qualitative is not (Layder,1993; Bryman and Bell, 2003 cited in [32]). Quantitative research uses numbers and statistics, and seeks measurements that can be easily replicated by other researchers. In this type of method the role of the researcher is to mainly observe and measure [35].

The research has been chosen to get the in-depth knowledge about the risks of using ad-hoc program development and find the answers to why programmers avoid frameworks and their motivation towards using the frameworks. Also, the research does not really use any statistics or measurements. Hence, the research is based on both qualitative and quantitative methods of data collection. A survey was conducted to collect the quantitative data from the programmers to analyse their behaviour and approach towards frameworks, and the qualitative data was collected by interviewing managers from different companies to analyse the risks of ad-hoc programming to their firm.

3.4. Research Strategy

Research strategy is nothing but a general plan for answering the research question. It specifies the sources from where data are collected and the constraints that the author will have inevitably. The research strategy justifies why a particular organization, group or staff was chosen to talk or interview. Furthermore, the justification should depend upon the research question and objectives. The research strategies used in research are usually experiment, survey, case study, grounded theory, ethnography and so on [33].

The research strategy that was chosen by the author was basically the survey and interviews. Survey method was chosen to examine the nature of the programmers. It was chosen to investigate the web developers’ relation with web application frameworks and find out the possible reasons for them being or not being engaged with different web development frameworks. Since, the author himself had worked as a web application developer in Peoples Information Technology located in Kathmandu, Nepal and had lots of friends in Nepal working in the same field; most of the developers that were surveyed belonged to Nepal. Time was the major constraint for using this method because developers were very busy with their jobs. So, it took about a month to collect data using the different data collection methods which are mentioned in section 3.6.

Interview was another research strategy chosen by the author to collect qualitative data. The reason for choosing this strategy was to get in-depth knowledge about how the IT project managers viewed the benefits and risks of using frameworks in projects. Some of the major constraints of using this strategy were time and money. The IT project managers had very limited time to talk about different subjects in details. On the other hand, the rate of telephone calls from UK to Nepal was quite expensive.

3.5. Sampling

Collecting data is an essential part of any research which is independent of the research question(s) or objectives. However, it is not possible to collect data from all user groups due to some constraints like time, money and accessibility. For this purpose sampling is used in which a particular sample group is focused from the whole population of users. Probability and non-probability sampling are the most common types of sampling methods. In probability sampling data are collected from random samples and in non-probability, samples are collected from targeted samples [33].

As the research for mainly based on web application development and web application frameworks, basically web programmers were targeted for the research purpose. Therefore non-probability sampling method was used in which web programmers from different parts of the world were surveyed. Most of the developers were from Nepal. Also, in the research, managers and Chief Technical Officers were involved who had previous experiences with web application development. Proshore Nepal, Smart Tech Ideas, National Technology Centre and Peoples Information Technology were the major companies in Nepal from which most of the developers were surveyed for the research.

3.6. Data Collection

Data for the research was collected in two phases. The first phase was conducting a semi-structured interview for collecting qualitative data. Telephone interview method was used for the interview process in which 8 people were interview out of which 2 were Chief Technical Officer, 4 were IT Project Managers, 1 was senior web developers, 1 was junior web developers. Hand notes were used to record important answers of the interview. The interview was feasible because the author had friends in the companies mentioned in 1.5. Therefore, the date and time for the interview was set through the author’s friends. Also, some of the developers and managers were very close friends of the author. The interview with Chief Technical Officers and Managers had 5 questions and was about 15 minutes long. The interview with web developers had 4 questions and was about 10 minutes long.

The second phase was collecting the quantitative data using survey strategy. Questionnaire method was used for data collection. The questionnaires were designed using the tool Google Forms included in the Google Docs. It was a structured questionnaire which was designed based on the literature in section 2. Also, for the users’ convenience the questionnaire was uploaded in a live webpage. The author used an online questionnaire method in which 70 developers were invited to fill the questionnaire out of which 50 developers responded. Most of the respondents were from Nepal and others were from United Kingdom, United States, Japan, and Australia. The data obtained were analysed using the Microsoft excel software.

3.7. Reliability and Validity

Reliability and Validity are the two important fundamentals of any measurement procedure and are common in quantitative research but it has now been reviewed in qualitative research as well [36]. A research is considered reliable only if the results of the research are consistent over time and can be reproduced to be used under similar methodology (Joppe, 2000 cited in [36]). According to Kirk and Miller (1986 cited in [36]), there are three types of reliability in quantitative research. The first one is that the measurement should be stable over time. Secondly, the measurement should be similar within a period of time and third is the degree in which the measurement is repeated should be same.

Validity determines whether the findings are really about what they appear to be about. It is concerned with the truthfulness of the results of the research. In simple words validity is nothing but the accuracy of measurement of the data [33].

To maintain reliability and validity in the measurement of data, the survey was conducted only within the programmers and managers who had experience in web application development. The questions and options in the questionnaire were designed with the aim of collecting accurate data to answer the research question and the questions clearly showed that the survey was only for people with explicit knowledge in web programming. Furthermore, the interviewees were managers and developers who were reliable and from whom proper information could be obtained to generate valid measurements.

4. Data Analysis and Findings

4.1. Evaluation of Interviews

The responses of the interviews from different levels of professionals from the companies namely Proshore Nepal, Smart Tech Ideas, National Technology Centre and Peoples Information Technology are analysed and categorised according to the designation of the interviewees. Responses of the interviews from individuals belonging to the same designation are discussed under same heading and are compared to draw necessary conclusions.


4.1.1. Interviews with the Chief Technical Officers of Proshore Nepal and Peoples Information Technology

Planned interviews were conducted over telephone with two Chief Technical Officers, one from Proshore Nepal and the other from Peoples Information Technology. Both the companies are reputed companies of Nepal in the field of Web Application Development. Five questions were asked with each interviewee and the duration of each interview was approximately 15 minutes. Quite interesting and remarkable data were produced from the interview in understanding the characteristics of developers and impacts of using frameworks.


4.1.2. Interview with Chief Technical Officer of Proshore Nepal

The first question that was asked was about the company background, number of employees and their expertise. The Chief Technical Officer said that the company was established in Netherlands, Nepal and United Kingdom in 2009 and since then have been serving clients from all parts of the world. Their development team is mainly located in Nepal and the marketing team is located in Netherlands and United Kingdom. He further added that the company mainly specializes in developing websites, web shops, online applications in PHP and ASP.net, and also mobile applications. There are around 40 employees currently working in Proshore Nepal among which most of them are PHP developers and others are ASP.net programmers, web designers and data entry staffs.

The second question asked was whether they use frameworks for web application development. In reply to this question, he said that they use frameworks but not for all the projects. He basically asks developers to use frameworks for less skilled projects and medium size projects. He further added that he does not encourage developers to use frameworks for skilled and very large projects because they don’t have all the functions required for skilled projects and sometimes internal bugs in the libraries of the frameworks are hard to find and fix. He was again asked about the frameworks that they mainly use and why. In reply he said they mainly use cakePHP and CodeIgniter for building web applications in PHP and ASP.NET MVC framework for building web applications in ASP.NET. He added they use cakePHP and CodeIgniter because they are easy to learn and implement than other frameworks like Zend framework. Also, these frameworks help them to develop applications faster because of the features like automatic database and module generator and MVC architecture.

The third question was asked about the benefits and vulnerabilities of using frameworks. In response to this question he said that the benefits of using frameworks were that it helped them to develop web applications faster due to their pre-built and pre-tested functions. Frameworks have good documentation which helps developers to understand the project done by other developers quickly and help them to work as a team. Furthermore, he said that the major vulnerabilities of using frameworks were that it was not suitable for very small projects because of its code overhead and also not suitable for skilled projects as bugs were difficult to track and fix if occurred within the library functions.

The fourth question asked to the interviewee was how comfortable were the developers with using frameworks and why they avoided frameworks. He replied that the developers who have not used frameworks even once try to avoid frameworks but those who have already used frameworks before are comfortable with it. He further added using frameworks requires deep knowledge of OOP (Object Oriented Programming) and not all the developers are good at it so I would say the comfort zone depends upon the nature and self-efficiency of the developers. So, lack of knowledge and experience are the reasons they avoid frameworks.

The last question asked was how successfully the projects were delivered to the clients on time and the risks to the web projects. He said that not all projects are delivered successfully but most of them are delivered. He further added hacking is one of the major risks to the web projects. Last year three out of ten auction sites developed by our programmers were hacked by some Italian hackers group and this year two auction websites were hacked. We use our in-house framework for developing auction websites.


4.1.3. Interviews with the IT Project Managers of Proshore Nepal, Peoples Information Technology, Smart Tech Ideas and National Technology Center

Altogether four IT Project Managers were interviewed. The responses of the interviews with IT project managers of different companies are discussed and compared in the section below. Most of the responses of project managers matched with each other while few were contradictory.

The first question was about their role in their company. The replies were common stating their roles included assigning projects to the web programmers, assisting them understand the requirements and debugging the code. Further roles included documentation of project requirements and completion schedule, and also interacting with the clients to fulfill their needs.

The second question was whether they used frameworks for web application development or not and which frameworks they used the most and why. The project managers from Proshore Nepal and Smart Tech Ideas said that they mainly used cake PHP and Code Igniter for PHP, and ASP.NET MVC for ASP.NET. They said they liked these frameworks because they were based on MVC architecture which made the code look clean, managed and easy to debug. The manager from National Technology Centre said they used Yii Framework because it was easy to learn and implement for developers and had easy GUI interface for creating automatic models, controllers and forms. On the other hand, Project Manager from Peoples Information technology said they don’t use frameworks so frequently because they are difficult to learn and implement.

The third question was about benefits and vulnerabilities of using frameworks. The managers said clean coding, code reusability, error handling and logging, good documentation as some of the major benefits. The manager from Smart Tech Ideas said that he finds the in-built cache functions of frameworks as the major benefits to programming as it make the website run fast in the browser. The vulnerabilities were that frameworks were not suitable for all projects due to code overhead and limited library functions.

The fourth question that was asked was whether developers were comfortable with frameworks and why they avoided them. From the responses of the managers it can be evaluated that it’s not only the experience that motivates developers to use frameworks but self-belief and awareness about the benefits of programming are the major factors.

The final question was how successfully the projects were delivered to the client and identifying the risks to web projects. The analysis of the responses showed that companies like Proshore Nepal and Smart Tech Ideas who used frameworks seemed to have better customer satisfaction in delivering project than the other two who relied more on ad-hoc programming. Hacking due to security holes and flaws in programming seemed to be the common answer from all the managers as the major risks to web projects.


4.1.4. Interviews with the Junior Web Developer of Proshore Nepal

Short telephone interviews of 10 minutes each were conducted with the Junior Web Developer of Proshore Nepal. The interview analysed the things like the prospective of developers towards frameworks, encouraging and discouraging factors for using frameworks and so on.

When first question was asked about the years of experience he had, he replied that he has about 6 months of web development experience.

The second question asked to the Junior Web Developer was whether he used frameworks for web application development. He replied that he started using them two months after he started his job in Proshore Nepal. When asked why he uses them, he further answered it saves his time as applications are developed quickly using frameworks and he doesn’t need to worry about things like security, code optimization and cache.

The third question was the factors that motivated him towards using frameworks in his working environment. He replied that he didn’t know about frameworks at all when he joined the company. After doing ad-hoc programming for 2 months, his project manager held a workshop for them. The workshop was about the use and benefits of using frameworks. They were then trained for using the CodeIgniter framework. So according to him, motivation from the project manager was one of the crucial factors for using frameworks. Lastly he added: “Once I was aware of the benefits of using the CodeIgniter framework, I learned the CakePHP and Yii framework then started implementing in the projects”.

The last question was choosing the best framework in PHP or JSP. He replied he has just used three PHP frameworks till now: CodeIgniter, CakePHP and Yii, and thinks CakePHP is the best framework because it is simple, has wide range of features and easily understood by beginners.

4.2. Evaluation of Questionnaires

The data was collected from 50 developers and were analysed. The result of the survey showed that out of 50 developers 34 developers were from Nepal, 2 were from Australia, 3 were from Japan, 6 were from United Kingdom and 5 were from United States (Appendix II). The majority of the respondents are between age 26 to 40 years and the rest are aged between 18 to 25 years.

The results of the questionnaires are divided into the following categories:

•  Understanding the trends of Web application development.

•  Ad-hoc programming Versus Framework programming.

•  Motivation for programmers towards using frameworks.

•  Project risks and solutions.


4.2.1. Understanding the Trends of Web Application Development

From the researcher’s point of view it is very important to look at the issues like how a project is carried out in an organisation and issues in doing it.

Figure 4. Pie chart showing how big web projects are developed

When asked how they usually developed big web projects in their company, as shown in Figure 4, out of 50 respondents 46% said that they develop big web projects in a group of 3 or 4 and 36% developed working in a pair. Only 8% developed individually and 10% developed in a group more than 4. The result shows that web application development is about team work and developers usually work as a team to accomplish large web applications.

The table below shows the results of the survey in which respondents who answered the question “To what level do you agree or disagree on the most common problems that you face while developing a web project in a group using ad-hoc programming?”

Table 1. Results showing the common problems while developing a web project

The above table result shows that 46% of respondents strongly agree with the fact that problems caused by ad-hoc programming while working in a group are problem understanding the classes and functions created by others and 48% agree they have problem executing the files due to bugs in libraries created by others. The results also show that Developers face some problems in locating files created by others and communication problems. The result

These problems can hugely affect the performance of the developers on completing the web projects in any organisation because a lot of developers’ time is wasted in the above mentioned tasks.


4.2.2. Ad-hoc Programming Versus Framework Programming

When asked how long have they been in the web development profession, mmong the 50 respondents, 38% respondents were developers with three to four years of experience. The second highest percentage was 26% having experience more than four years. Only 14% of the developers surveyed where one to two years of experience. This result shows that the survey has covered developers with all ranges of experiences.

Developers were asked whether they used any frameworks for web application development. It was not surprising to see 66% respondents says “Yes” when asked if they used frameworks or not. But was quite unusual to see 26% not using frameworks at all and 8% not being unable to comment which means they have not heard about the web development frameworks.

Figure 5. Bar diagram showing the percentage of respondents who used or did not use frameworks.

When the results of question no. 5 and question no. 6 were analysed, it showed that the number of developers using frameworks were not only experienced developers and those not using frameworks were not only of 1-2 years’ experience. The result shows experience is not so

important factor for the motivation of developers towards using frameworks.

The following table shows the ratings in percentage for PHP frameworks in terms of functionality and relevance.

Table 2. Ratings in percentage for different PHP frameworks

Similarly, the following table shows the ratings in percentage for ASP.NET frameworks in terms of functionality and relevance.

Table 3. Ratings in percentage for different ASP.NET frameworks


4.2.3. Motivation for Programmers Towards Using Frameworks

To find out the main motivation factors for programmers towards using frameworks, they were asked to select the reasons for developers being stuck in ad-hoc programming.

Figure 6. Pie Chart showing results of the reasons for developers being stuck in ad-hoc programming.

The chart above shows that 34% respondents said the reason behind web developers being stuck in ad-hoc programming is unaware of the benefits of frameworks over ad-hoc programming. About 32% thought because developers had not much experience and 22% said they had not opportunity for learning new things in the working environment.

When asked to select the motivation factors for web developers towards using frameworks, a majority of 50% respondents said web developers can be motivated towards using frameworks by making them aware about the benefits of frameworks. About 36% said self-efficiency and habit of learning new things are the motivation factors towards using them. About 8% and 6% said motivation from project managers and work experience as the motivation factors respectively.

Figure 7. Pie Chart showing the results of the motivation factors for programmers towards using frameworks.

4.2.4. Project risks and Solutions

Projects can be in risk due to various factors. To know more about risks in real development respondents were asked rate the most common problems due to which web projects fail. The table below shows the results.

Table 4. Results of the most common problems due to which web projects fail

When respondents from different parts of the world were asked if the use of frameworks made their project secure, fast and clean without putting in much effort, 74% respondents said ‘yes’ (as shown in Figure 8). Only 12% said ‘No’ and 14% respondents were unable to comment on it.

Figure 8. Results showing the responses of developers towards using frameworks.

Figure 9 shows that the number of respondents that said ‘yes’ has outnumbered those who disagreed in all the countries. Also, all the respondents surveyed from Australia and Japan said they agree with the question 16. This shows that developers from all parts of the world are aware of the benefits of using frameworks.

Figure 9. Results showing the responses of developers from different countries towards the benefits of using frameworks.

5. Discussion

From the interview with the Chief Technical Officer of Proshore Nepal it was found that frameworks are best if used with large projects and at the same time should not be used for developing very high skilled projects because if bugs are present in any library functions then they are very hard to debug and fix. Code reusability was discussed as one of the major advantages of using frameworks in the literature review (2.4.1). Frameworks contains scripts and libraries that has already been developed, used and tested by other developers and makes the process of application development faster according to Schwabe et al. (2001). Similar results were found from the interview with the Chief Technical Officer of Proshore Nepal i.e. frameworks help to develop web applications faster because of its pre-built and pre-tested libraries. Other advantages like error logging, better documentation and in-built cache functions were found out from the interview with the managers of Smart Tech Ideas and Proshore Nepal (4.1.2).

From the results of the survey done on the trends of web application development (4.2.1), it was found that big web projects are mostly developed by working in a group of three or four. Furthermore, Table 1 shows that the common problems that developers face while working in a group using ad-hoc programming are mainly problem executing the files due to bugs in libraries created by others, problem understanding the classes and functions created by others, problem locating files created by others, problem integrating the modules that are completed and communication problem. The one and only solution for solving all these problems are using frameworks. Frameworks like CodeIgniter, CakePHP, Yii, ASP.NET MVC are based on MVC architecture. Developers do not have to worry about locating files created by others because all the files must be saved in the particular MVC folders as discussed in the literature review (2.3.1.3). Also, while using frameworks users do not have to create any functions or libraries as they are already present in the frameworks so there are fewer chances of bugs and the documentation can be used to understand the in-built libraries. Therefore it was found out that frameworks are best for solving problems that are created while developing applications in a group.

The vulnerabilities of ad-hoc programming were found out from the evaluation of interviews with managers and the result of the surveys. From the interview with the project manager of Peoples Information Technology who relied on ad-hoc programming rather than framework programming, it was found out that they received frequent complaints from clients about the bugs and security holes in their applications. Also, another complaint was that the websites were very slow. On the other hand, very few complaints about these issues were received according to the manager of Proshore Nepal who used frameworks for developing websites. This shows ad-hoc programming is a process of building very poor software. Walther as in [21] has described the differences between a good and a bad software which is explained in more detail in the literature review (2.5). Ad-hoc programming is surely a major factor for project failure as 38% respondents strongly believe that poor scripting and documentation is one of the common problems due to which web projects fail (Table 4).

From the survey results and the evaluation of interviews, it was found out that use of frameworks are the best solutions for minimizing the risks of web projects and making it secure, fast and clean without putting in much effort. About 74% agreed with this statement as shown in Figure 8. Also, the respondents who agreed were not only from Nepal but from other parts of the world like Australia, Japan, United Kingdom and United States (Figure 9).

6. Conclusions and Recommendations

6.1. Research Conclusion

From the results and findings of the research it can be concluded that the main reasons behind web developers avoiding frameworks are that they are difficult to learn and implement. Also, due to code overhead problem most developers do not use it for small web projects. From the interview with some of the developers, it was found out that some developers are stuck with ad-hoc programming because they do not have opportunity to learn new things in their workplace. The results showed that frameworks should not be used to develop very high skilled web applications because they do not contain very high skilled libraries and bugs are difficult to fix if present. On the basis of the results of the interviews and survey, it can be concluded that the major motivation factors for web developers towards using frameworks are awareness about the benefits of frameworks, self-efficiency and habit of learning new things and last but not the least motivation from project managers. Even junior web developers were found using frameworks because they were motivated by their senior managers. Experience does play a vital role in learning and implementing the frameworks quickly but it is not an essential factor. Furthermore, the major risks of using ad-hoc programming were risks of project failure due to bugs, security holes and client dissatisfaction. Frameworks help to lower the risks of web project failures and increase the efficiency of web applications. Pre-built and pre-tested functions protect the web applications against threats like SQL injection and RSS injection. The in-built cache functions help to execute the codes faster so that websites load faster in the user browsers. In simple words, frameworks make your web project secure, fast and clean without putting in much effort. On the basis of the outcomes of the interviews and survey the best PHP frameworks are CodeIgniter, CakePHP and Yii; and the best ASP.NET framework is ASP.NET MVC framework.

6.2. Recommendations

The overall results of the survey and interviews with managers and developers of different web development companies of Nepal, lead us to the following recommendations that may help web development companies and senior managers to improve the quality of the web applications that they develop and increase client satisfaction.

The results of the research found out that some developers were stuck in ad-hoc program development because they were not given opportunity to learn new things and were not supported by senior managers. The author’s recommendations to the senior managers of the web development companies is that developers should be given chance and time to explore their knowledge and should be motivated towards learning new technologies.

Most companies have problem assigning task to the developers and even big projects are given to develop single handed. The results of the survey showed that usually big projects are done in a group of three or four. This helps to concentrate developers in particular modules which speed ups the development time. So, it can be recommended to the managers of software companies to use groups of 3 or 4 to develop big projects.

The results highlighted hacking due to poor scripting as the major threat to web applications till date and also use of frameworks make projects secure, fast and clean without putting in much effort. Therefore author’s recommendation is highlighting the use of frameworks to minimize the security risks like SQL injection and RSS injection; and increase performance of web applications.

6.3. Research Limitations

Although the research was successful in achieving its goals, there were some respondents who were subjective with their answers. Also, the interviewees were not so open and hesitated to give the interview. Another limitation of the research was that the interview was conducted over telephone due to which very long conversation could not be done with the interviewees. Furthermore, managers and Chief Technical Officers were so busy with their schedule that it was very difficult to manage time for them on the phone and were unable to hang up on the phone for very long period of time. The author tried to make full use of the data collected and analysed most of the data but it’s human nature that sometimes all things cannot be observed by a single person so some information can be inadvertently ignored.

6.4. Future Research

Similar research can be carried out by using the qualitative and quantitative data from the software companies of different counties other than Nepal. As we know that the interviewees belonged to Nepal and most of the developers surveyed were from Nepal. The motivation factors for developers in other countries might be totally different and the way web applications are build may vary from that of Nepal. Therefore it would be very interesting to know the trends of building web applications in the other countries and analyse the motivation factors of developers towards using frameworks.

References

[1]  Shah, D. N. (2009) A Complete Guide to Internet and Web Programming. New Delhi: Dreamtech Press.
In article      
 
[2]  Kappel, G., Prill, B., Reich, S. and Retschitzegger, W. (2006) Web engineering: the discipline of systematic development of web applications. Chichester: John Wiley and Sons, Ltd.
In article      
 
[3]  Lu, M.T. and Yeung, W.l. (1998) A framework for effective commercial Web application development. Internet Research: Electronic Networking Applications and Policy. 8 (2), 166-73.
In article      CrossRef
 
[4]  Henney, K. (2010) 97 Things Every Programmer Should Know [e-book] Sebastopol: O'Reilly Media. Available from: University of Northampton website <http://www.northampton.ac.uk> [Accessed 5th August 2011].
In article      
 
[5]  Kappel, G., Prill, B., Reich, S. and Retschitzegger, W. (2006) Web engineering: the discipline of systematic development of web applications. Chichester: John Wiley and Sons, Ltd.
In article      
 
[6]  Todd, S. (1999) A guide to the Internet and World Wide Web. Structural Survey. 17 (1), 36-41.
In article      CrossRef
 
[7]  Ingram, P. (1996) Web developments and the Internet. Computers and Geosciences. 22 (5), 579-84.
In article      CrossRef
 
[8]  Gralla, P. (1998) How the Internet works. 4th ed. Indianapolis: Que Corporation.
In article      
 
[9]  Banks, M. (2005) OCR AS GCE Applied ICT Double Award. Oxford: Heinemann Educational Publishers.
In article      
 
[10]  Camilleri, M. and Sollars, V. (2003) Information and communication technologies and young language learners. Kapfenberg: Council of Europe Publishing.
In article      
 
[11]  Severdia, R. and Crowder, K. (2009) Using Joomla: Building Powerful and Efficient Web Sites. Sebastopol: O'Reilly Media.
In article      
 
[12]  Bari, A. and Syam, A. (2008) CakePHP Application Development. Birmingham: Packt Publishing.
In article      
 
[13]  Vaswani, V. (2010) Zend Framework, A Beginner's Guide. New York: McGraw-Hill Companies.
In article      
 
[14]  Coggeshall, J. and Tocker, M. (2009) Zend Enterprise PHP Patterns. New York: Springer-Verlag.
In article      CrossRef
 
[15]  Taft, D.K. (2005) Zend delivers PHP Intelligence. eWeek. 22 (3), 30.
In article      
 
[16]  Thomas, M. (2008) Professional CodeIgniter. Indianapolis: Wiley Publishing, Inc.
In article      
 
[17]  Argudo, J. and Upton, D. (2009) CodeIgniter 1.7. Birmingham: Packt Publishing.
In article      PubMed
 
[18]  Iglesias, M. (2011) CakePHP 1.3 Application Development Cookbook. Birmingham: Packt Publishing.
In article      
 
[19]  Golding, D. (2008) Beginning CakePHP: From Novice to Professional. New York: Springer-Verlag.
In article      
 
[20]  Freeman, A. and Sanderson, S. (2009) Pro ASP.NET MVC 3 Framework. New York: Springer Science Business Media.
In article      
 
[21]  Walther, S. (2010) ASP.NET MVC Framework Unleashed. New York: Pearson Education, Inc.
In article      
 
[22]  Bella, L.L. (2011) Careers in Web Development. New York: The Rosen Publishing Group.
In article      
 
[23]  Schwabe, D., Rossi, G., Esmeraldo, L. and Lyardet, F. (2001) Web Design Frameworks: An Approach to Improve Reuse in Web Applications. Web Engineering 2000. 2016 (10), 335-52.
In article      
 
[24]  Hasan, S.S. and Issac, R.K. (2011) An integrated approach of MAS-CommonKADS, Model–View–Controller and web application optimization strategies for web-based expert system development. Expert Systems with Applications. 38 (1), 417-28.
In article      CrossRef
 
[25]  Khare, R. (2006) Network Security and Ethical Hacking. Beckington: Luniver Press.
In article      
 
[26]  Clarke, J. (2010) Web Application Security. New York: Springer-Verlag.
In article      
 
[27]  Softcov (2008) Softcov [online] Available from: http://www.softcov.com/programming-and-testing/advantages-and-disadvantages-of-several-major.html [Accessed 29th October 2011].
In article      
 
[28]  Trejder (2010) Advantages and Disadvantages of Framework Programming - Yii Framework Forum [online] Available from: http://www.yiiframework.com/forum/index.php?/topic/14300-advantages-and-disadvantages-of-framework-programming/ [Accessed 29th October 2011].
In article      
 
[29]  Feathers, M.C. (2005) Working Effectively with Legacy Code. New Jersey: Pearson Education.
In article      PubMed
 
[30]  Sinnott, R.O. (1998) Frameworks: the future of formal software development?. Computer Standards and Interfaces. 19 (7), 375-385.
In article      CrossRef
 
[31]  Dawson, C.W. (2005) Projects in Computing and Information Systems. Harlow: Pearson Education Limited.
In article      
 
[32]  Ghauri, P. and Gronhaug, K. (2010) Research Methods in Business Studies. Harlow: Pearson Education Limited.
In article      PubMed
 
[33]  Saunders, M., Lewis, P. and Thornhill, A. (2003) Research Methods for Business Students. Harlow: Pearson Education Limited.
In article      
 
[34]  Lodico, M.G., Spaulding, D.T. and Voegtle, K.H. (2010) Methods in Educational Research: From Theory to Practice. 2nd ed. San Francisco: Jossey-Bass.
In article      
 
[35]  Thomas, R.M. (2003) Blending qualitative and quantitative research methods in theses and dissertations. California: Corwin Press.
In article      
 
[36]  Golafshani, N. (2003) Understanding Reliability and Validity in Qualitative Research. The Qualitative Report. 8 (4), 597-607.
In article      
 
  • CiteULikeCiteULike
  • Digg ThisDigg
  • MendeleyMendeley
  • RedditReddit
  • Google+Google+
  • StumbleUponStumbleUpon
  • Add to DeliciousDelicious
  • FacebookFacebook
  • TwitterTwitter
  • LinkedInLinkedIn