[PLUG] Website Programming Philosphy (was: External CSS vs in a <style> tag in the <head> section)

[Tim]

Hi Carlos,

> Creating multiple copies of the same code is not good programming
> practice.  It is better to create a single template, and use
> programming logic to fill in the dynamic bits.  The moment you have
> multiple copies of the same code, you have multiple points of
> maintenance.  The moment you find yourself writing the same thing
> twoce, you should stop and ask yourself, "How can I make it so I only
> have to write this once?"  Avoiding duplication is one of the
> fundamental rules of good programming.

Well, yes, I agree, but there are limits to this.  You have 43 copies of
the letter 'a' in your last email.  Should you write a method for that?
This philosphy only goes so far.  I've seen many programs taken too far
in this direction with dozens of layers of abstraction which accomplish
nothing except make the code hard to read.  Note that I do security code
review for a living, so I see *lots* of other peoples' code.  You can't
account for every possible feature request that comes down the road, and
Murphy's law indicates the customer will pick the one you didn't think
of.  There needs to be a balance.

As far as style sheets go, they are already a major step toward
abstraction of page look & feel.  I haven't seen many sites that have
more than a couple of dozen styles, if that.  I'm no designer, but if
you get many more, I'd guess the site might start looking hideous.
Making them dynamic saves you what?  A few paragraphs of static data
that you can't as easily ask the browser to cache?

On the flip side, most programmers still haven't figured out how to
prevent cross-site scripting bugs when they include user-supplied data
in their pages.  There are indeed ways to inject script into style
sheets.  Are you allowing user-influenced data to get in there?  Why
take the risk?

tim