basic developer rules

git-svn-id: https://semanticscuttle.svn.sourceforge.net/svnroot/semanticscuttle/trunk@504 b3834d28-1941-0410-a4f8-b48e95affb8f
This commit is contained in:
cweiske 2009-11-02 09:41:32 +00:00
parent 064c45d77e
commit fee364b94e

30
doc/developers/rules Normal file
View file

@ -0,0 +1,30 @@
Rules for developers
====================
1. Coding style
---------------
SemanticScuttle uses the PEAR Coding Standards.
While quite some parts still do not follow them, all of the
code will be coverted to them. When developing new code,
adhere to it.
A helpful tool to check your coding style is PHP CodeSniffer,
http://pear.php.net/package/PHP_CodeSniffer
2. Unit tests
-------------
At least the service and model classes have unit tests.
If you fix things in there, make sure you
a) do not break the tests or
b) fix the tests if the old behavior was broken
3. Keep security in mind
------------------------
As a web application, there are several attack vectors to SemanticScuttle.
When processing user input (form variables, URL parameters)
be sure to convert and validate them. If you expect a bookmark id,
there is no reason not to cast the variable to (int).
Filter input, escape output.