[skodateam]

Hello Guys,

just doing the final touches on my latest project, Westerlake Architects.

Before I hand it in to my client, I`d like to know if there is anything I can do to improve the site - perhaps make it faster, more appealing, safer etc..

Some known issues: the login panel does not work yet because my server does not support the json_encode function ( yet)

What do you think of the home page ? is there any point in having a resource-hungry gallery ?

any constructive feedback will be appreciated

Cheers
Maros


Link: http://marostakac.co.uk/

P.S.: all the images are fake( from google), they are there only as placeholders...

This post has been edited by skodateam: 22 June 2011 - 10:45 AM

[modi123_1]

Wow.. those are some big images in the slider folder. I assume the regular photos for it will be cut down with something like 'adobe image ready'? For your demo I would make the site snappier and saving more compact sizes of the images.. 150kb?!

I don't like how the slider shows me all the collapsed panels when I am to the far left, but not so much when I am far right.

The rollover for the green and yellow menus.. that transition to a darker color is barely noticeable... unlike say the pink one.

Also the company's name/logo is missing. I kept looking to the top of the page and was annoyed it wasn't there.

The info email should be a "a href" with a mailto. Same with the 'contact us' info

I don't like how your light box effects don't let me go back to the main page by clicking in a non important area.

You should try and incorporate a logo more often.. say in the 'about'... instead of just text swap out with the company logo or make the company name stand out.

Honestly it's pretty picture wise but lacking upfront company information.

[supercorey]

Like modi123_1 said, I was slightly bothered by the absence of company information up-front. Overall, the design is pleasing to the eye. The color scheme looks great. The issues I see are mainly technical. For example, if you put text into the password boxes for the client area and backspace it all, the box disappears and the cursor appears next to the label. Other than that, just look at your security. I managed to absolutely freak out the log-in screen by providing a valid, yet fake, e-mail address, example@example.com, and a password such as might be used in a SQL injection attack: x' or 'x' = 'x'; --. So just look at the technical and security sides. Layout looks great to me.

This post has been edited by supercorey: 22 June 2011 - 07:24 PM

[skodateam]

supercorey, on 22 June 2011 - 08:23 PM, said:

Like modi123_1 said, I was slightly bothered by the absence of company information up-front. Overall, the design is pleasing to the eye. The color scheme looks great. The issues I see are mainly technical. For example, if you put text into the password boxes for the client area and backspace it all, the box disappears and the cursor appears next to the label. Other than that, just look at your security. I managed to absolutely freak out the log-in screen by providing a valid, yet fake, e-mail address, example@example.com, and a password such as might be used in a SQL injection attack: x' or 'x' = 'x'; --. So just look at the technical and security sides. Layout looks great to me.

The logo is actually included at the bottom ( Westerlake ). I had it at the top at some point but that posed a serious design issue. It did not go well with this kind of layout.. so will see what the client says and how much importance he attaches to it.

Technical issues - that is something I am more concerned about... Could you please elaborate on the "login screen issue" ? I am just playing with it- inserting/deleting/backspacing input text but everything stays the same.. which browser do you experience this issue in ? + how did you freak out the log-in screen? Can I have more details on that ? Did you actually manage to log in ????

would be great if you could get back to me on that since that worries me a lot..

Thanks a lot

I have remedied some of the problems highlighted above:

- images are much small than before
- fancybox goes away when you click on the "overlay div"

[calvinthedestroyer]

wow, cool

Do you have a language setting?
On the images I saw one language (Dutch?) but on the About, contact, and investment pages I saw English.

One thing that I look for when I see a foreign language is a flag that I can click on and change the language.

[skodateam]

calvinthedestroyer, on 23 June 2011 - 01:38 AM, said:

wow, cool

Do you have a language setting?
On the images I saw one language (Dutch?) but on the About, contact, and investment pages I saw English.

One thing that I look for when I see a foreign language is a flag that I can click on and change the language.

I took it off but the system can deal with multiple languages... All the content you see on there is fake and subject to change.. I grabbed it from all over the net just to fill up the space

[supercorey]

On the topic of the technical issues I noted on my previous post, I'll explain some more, as per your request. Google Chrome 11.0 is the only browser I am having had issues in. I managed to replicate this yesterday, but this morning as I try to test it again, I cannot replicate any of the errors (minus one) in either Google Chrome or the Firefox Nightly build.

I can't seem to replicate the password field moving, either. Just for the reference, that happened when I typed a password less than the minimum of 5 characters and tried to just keep typing. The password field was pushed a line lower by the error message. Now it seems to be that you moved the error message, fixing that.

As for the semi-attempted hacking, I am by no means a hacker/cracker, so I couldn't get in. I just tried a simple string I got off of a Google search for SQL injection. You probably saved yourself alot of trouble by just limiting which characters that can be used in the password field (I can't enter quotes or hyphens or semicolons any longer. I'm assuming that is a change you made?). At any rate, if you are using parameterized queries to the database, you will be realistically safe. If you aren't or don't know what that means, there is a great resource here: http://bobby-tables.com/. If you really want someone to test the security, find a company that does this for a living, not a forum user up late at night.

The one error that still comes up is whenever I enter any username and password into the log-in field, and they are both invalid (at least I assume so. I don't know any valid ones, of course), the little progress bar/throbber appears at the bottom of the login pane and just continues indefinitely. I managed to write my entire first post and it was still continuing by the time I was done.

[skodateam]

supercorey, on 23 June 2011 - 07:55 AM, said:

On the topic of the technical issues I noted on my previous post, I'll explain some more, as per your request. Google Chrome 11.0 is the only browser I am having had issues in. I managed to replicate this yesterday, but this morning as I try to test it again, I cannot replicate any of the errors (minus one) in either Google Chrome or the Firefox Nightly build.

I can't seem to replicate the password field moving, either. Just for the reference, that happened when I typed a password less than the minimum of 5 characters and tried to just keep typing. The password field was pushed a line lower by the error message. Now it seems to be that you moved the error message, fixing that.

As for the semi-attempted hacking, I am by no means a hacker/cracker, so I couldn't get in. I just tried a simple string I got off of a Google search for SQL injection. You probably saved yourself alot of trouble by just limiting which characters that can be used in the password field (I can't enter quotes or hyphens or semicolons any longer. I'm assuming that is a change you made?). At any rate, if you are using parameterized queries to the database, you will be realistically safe. If you aren't or don't know what that means, there is a great resource here: http://bobby-tables.com/. If you really want someone to test the security, find a company that does this for a living, not a forum user up late at night.

The one error that still comes up is whenever I enter any username and password into the log-in field, and they are both invalid (at least I assume so. I don't know any valid ones, of course), the little progress bar/throbber appears at the bottom of the login pane and just continues indefinitely. I managed to write my entire first post and it was still continuing by the time I was done.

Thanks a lot for your comments ! As you might have noticed, most of the problems you identified earlier have been resolved - > form validation errors, exclusion of special characters, lightbox issue etc. I have also implemented a number of security mechanisms on both the client and server side. so, even if you get through JS by turning it off, PHP should do a good job to stop you or at least give you a bit of headache...

furthermore, I have reduced the size of all the images on the portfolio page...

I really have to say thanks a lot for your input.. It made me wake up to the reality of having to provide much more secure websites to my clients...

re: the little progress bar/throbber - my server does not support the JSON_ENCODE PHP function - that is why it gets stuck. it works perfectly fine on my pc, though. the issue will be resolved as soon as I move the site to a new server...

Cheers !!