When tasked with implementing a blog for TaosNet, two options came to mind; use a third party, or code my own. WordPress is what I have the most experience with, so it was either WordPress or create one from scratch. I decided to roll my own for the following reasons:
- Blogs, as opposed to full blown CMS, are relatively simple applications.
- WordPress is more than just a blogging tool, it is a full blown CMS, and as such is a little overkill.
- A fan of simplicity, TaosNet's website does not currently use MySQL, and I like it that way.
Let's examine these reasons one at a time. Why does TaosNet's website currently not use MySQL despite being database driven? MySQL is overkill for this site and introduces both further security vulnerabilities, as well as the potential for bugs. TaosNet's website currently uses SQLite instead. SQLite is a much simpler piece of software that does not have a server component. This means that access to the database must come through the webserver. MySQL adds another attack vector of the server component itself. While code quality varies, and MySQL is well written code, experience tells me that the more code involved, the more bugs there are in the code. SQLite is significantly less code than MySQL.
This leads into the main reason for not choosing WordPress. WordPress is significantly more code and more code complexity than is needed for a simple blog. The current implementation of my custom blog software weighs in at less than 400 lines of core code (including comments and HTML templates). It relies on two external frameworks in addition to that, TinyButStrong and Securimage both of which are simple and easy to use.
Blogs themselves are simple applications (as opposed to game programming), so I figured it would not take me much time to roll my own. It would probably take almost as much time to install WordPress and then build a theme to match the current website. Installing WordPress does not take much time at all (about 5 minutes), but I have not really customized a theme, so I figured learning how and doing would take a fair amount of time.
Blogs are in essence just a collection of posts and their attached comments. The tasks to building this blog were as follows:
- Build database tables for posts and comments.
- Build a page that displays a single post with its attached comments.
- Build a page that lists and links each comment.
- Build a page that allows editing of posts without direct database manipulation (a backend).
- Build the ability to add comments, and reply to comments.
- Build optional features as desired.
In my next post I will continue with details about how the architecture is designed.