26
edits
Update:Archive/2.0/Developers/Best Practices: Difference between revisions
Jump to navigation
Jump to search
Update:Archive/2.0/Developers/Best Practices (view source)
Revision as of 21:45, 21 January 2005
, 21 January 2005→Don't
Maotzetung (talk | contribs) (→Do) |
Maotzetung (talk | contribs) (→Don't) |
||
| Line 39: | Line 39: | ||
* Use $array[foo] or $array["foo"] unless it is appropriate (constant or a variable catted with a string). | * Use $array[foo] or $array["foo"] unless it is appropriate (constant or a variable catted with a string). | ||
* Loop MySQL queries. | * Loop MySQL queries. | ||
* Use GET | * Use "variable from outside PHP" (GET, POST, COOKIE...) MySQL queries without cleaning them. | ||
* "Clean" above variables in place: '''$_GET['foo']=db_escape($_GET['foo'])''' is ''bad''. '''$foo_dbescaped=db_escape($_GET['foo'])''' is OK. | |||
* Pass SID via GET. | * Pass SID via GET. | ||
* Use inline styles. Ever. | * Use inline styles. Ever. | ||
* Duplicate DOM IDs. | * Duplicate DOM IDs. | ||