CodingGuidelines
From Wikipedia
Language
use english everywhere:
- comments,
- variable, array, function etc. names.
Debugging
preferred: error_log(var_export($var,true))
Misc
- use blanks, e.g. $a = $b;
- use identation: pear style with 4 spaces (new)
- example for the use of spaces in the code:
if (!defined('CONSTANT'))
if($a < $b)
$c = $a.$b;
- set error level to E_ALL while coding
- use $_REQUEST and $_SESSION (new)
- dont mix html and php code, use echo "" (old) or $output['string'] (new) in case of form mode
- use functions
- use (sparely) classes
- use and/or instead of &&/|| (to be discussed)
- if statements
- spaces: if($a < $b) { function(); }
- brackets for if statements in one line are optional:
- ternary ifs are allowed
- brackets in if-elseif-else statements are used like this:
if () {
}
else {
}
- function definitions:
function foo_bar($arg1, $arg2 = ) {
}
Cvs handling
- check out frequently
- check out before you check in and solve conflicts locally
- prefer commiting single files instead of the whole project
- write english comments for cvs spam
Database (remove spaces in 'select' and 'insert')
- use built-in abstraction layer -> db_query etc. instead of mysql_query
- addslashes are not used in PHProjekt but you can use them
- don't use special database field types like bigint or date, use one of the field types mentioned in /setup/db_var.inc.php avoid all mysql specific commands
- use DB_PREFIX for all db_tables
- omit the ID field for I NSERT INTO queries
- omit quotes around variables for integer fields (concerns I NSERT and U PDATE statemets), cast them to integer
- read the security guidelines in the next chapter to avoid ssql injection
- don't use "s elect * from" or "i nsert into table values ()"
- write sql statements in several lines:
$query = ("s elect von, acc_write
FROM ".DB_PREFIX."notes
WHERE ID = ".(int)$ID;
$result = db_query($query) or db_die();
