basic developer rules
git-svn-id: https://semanticscuttle.svn.sourceforge.net/svnroot/semanticscuttle/trunk@504 b3834d28-1941-0410-a4f8-b48e95affb8f
This commit is contained in:
parent
064c45d77e
commit
fee364b94e
1 changed files with 30 additions and 0 deletions
30
doc/developers/rules
Normal file
30
doc/developers/rules
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
Rules for developers
|
||||||
|
====================
|
||||||
|
|
||||||
|
1. Coding style
|
||||||
|
---------------
|
||||||
|
SemanticScuttle uses the PEAR Coding Standards.
|
||||||
|
While quite some parts still do not follow them, all of the
|
||||||
|
code will be coverted to them. When developing new code,
|
||||||
|
adhere to it.
|
||||||
|
|
||||||
|
A helpful tool to check your coding style is PHP CodeSniffer,
|
||||||
|
http://pear.php.net/package/PHP_CodeSniffer
|
||||||
|
|
||||||
|
|
||||||
|
2. Unit tests
|
||||||
|
-------------
|
||||||
|
At least the service and model classes have unit tests.
|
||||||
|
If you fix things in there, make sure you
|
||||||
|
a) do not break the tests or
|
||||||
|
b) fix the tests if the old behavior was broken
|
||||||
|
|
||||||
|
|
||||||
|
3. Keep security in mind
|
||||||
|
------------------------
|
||||||
|
As a web application, there are several attack vectors to SemanticScuttle.
|
||||||
|
When processing user input (form variables, URL parameters)
|
||||||
|
be sure to convert and validate them. If you expect a bookmark id,
|
||||||
|
there is no reason not to cast the variable to (int).
|
||||||
|
|
||||||
|
Filter input, escape output.
|
Loading…
Reference in a new issue