Ezra Nugroho escribió:
Well,
Since my original post failed to generate reasonable feedback, not even
a successful kick at people's funny bone or a flame, let me restate my
question with a story.
Php reduces the barrier to web development quite a bit, such that less
technical people can jump in really easily. In one side, this is great
because it helps the adoption of the language, and more people get to
create their dynamic websites.
The flip to it is that many non-technical people write low quality php
code, which in turn make their code vulnerable and not scalable.
I envision a tool that would audit your php code, and tell you if your
code is good or not, if it has scaling issues, etc, etc. Basically it
tells if your php code is "sane" or not.
I have a few ideas of how a sane php code should look like, but I
certainly don't know everything. That's the reasons behind my earlier
questions. Basically I am looking for things to check in codes that pose
high running time risks. Or even simpler, I am looking for best
practices, advices, guidelines that you would give to new php
developers.
So here are the questions again:
Does anyone know of any tools to test the sanity of your php code?
If you were to check the sanity of your code, what would you look for?
Any pointers for other resources?
Thank you
Ezra
That's something PCs are still not able to do. We still have a long way
to go before algorithms can simulate consciousness to the level they can
judge the sanity of a code. For the time being, auditors will have to be
humans, although they use some tools to make that task easier, mostly
predefined searches with regular expressions to find common mistakes and
possible security holes and malicious code. Where I worked some years
ago they run your code through some awk scripts and shell scripts
automatically on everything send to production, and after that, they
auditioned the code in the old fashion.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php