On Wed, May 3, 2006 12:51 pm, Ezra Nugroho wrote: > I envision a tool that would audit your php code, and tell you if your > code is good or not, if it has scaling issues, etc, etc. Basically it > tells if your php code is "sane" or not. Oooh. I know what you mean. I call that tool a "Consultant" :-) Seriously: What you are attempting to do is pretty much about on par with making the computer "intelligent" as far as I can tell. > I have a few ideas of how a sane php code should look like, but I > certainly don't know everything. That's the reasons behind my earlier > questions. Basically I am looking for things to check in codes that > pose > high running time risks. Or even simpler, I am looking for best > practices, advices, guidelines that you would give to new php > developers. The best advice I can give is: Read the beginning section of http://php.net/manual/ all the way up to the first extension functions. Then read the front-page of each extension you plan to use. You MUST READ: http://phpsec.org Every damn page on that site. You may not completely understand it all. So you keep re-reading it as you code until you DO understand it all. > Does anyone know of any tools to test the sanity of your php code? I am confident that there are no existing tools such as you describe, other than syntax checkers. > If you were to check the sanity of your code, what would you look for? Everything in http://php.net/faq.php would be a good start. Make sure all data is validated and scrubbed. Make sure there is error-checking code for all function return values. *HOW* you would detect this programmatically is way beyond my comprehension -- mainly because I don't think it is POSSIBLE. But I'll tell you one thing: If you can write the tool you describe, I'd sure be happy to give it a serious trial run. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
