Upload
damien-seguy-
View
314
Download
36
Embed Size (px)
Citation preview
Speaker
Damien Seguy
CTO at exakat
"Ik ben een boterham" : I'm a recent resident
Automated code audit services
Something wrong?<?php
function f($a, $a, $a) { echo $a;}
f('b', 'c', 'd');
?>
Won’t work in
PHP 7
Will work in
Python
clearPHP : all-unique-arguments
Wordpress StandardsSingle and Double Quotes
Indentation
Brace Style
Regular Expressions
No Shorthand PHP Tags
Remove Trailing Spaces
Space Usage
Formatting SQL statements
Database Queries
Naming Conventions
Self-Explanatory Flag Values for Function Arguments
Ternary Operator
Yoda Conditions
Clever Code
Error Control Operator @
Don’t extract()
Something wrong?<?php
class w extends v { function f($a, $b = 2, $c) { echo $a; }}
?>
Still works
in PHP 7
clearPHP : argument-with-default-at-the-end
Something to avoid ?<?php
if (($h = file_get_contents($uri)) == '') { print "Error : couldn't access site\n";} else { process_html($h);} ?>
clearPHP : strict-comparisons
Something to avoid ?• array_search• collator_compare• collator_get_sort_key• current• fgetc• file_get_contents• file_put_contents• iconv_strpos• iconv_strrpos• imagecolorallocate• imagecolorallocatealpha
• mb_strlen• next• pcntl_getpriority• preg_match• preg_match_all• prev• readdir• stripos• strpos• strripos• strrpos• strtok
clearPHP : strict-comparisons
Something to trip on ?<?php
$array = array('a', 'b');$array2 = array('c', 'd');
foreach ($array as &$f) { }
foreach ($array2 as $f) { }
print_r($array);print_r($array2);
clearPHP : no-dangling-reference
Something to avoid ?Array( [0] => a [1] => d)Array( [0] => c [1] => d)
clearPHP : no-dangling-reference
Something to trip on ?<?php
$array = array('a', 'b');$array2 = array('c', 'd');
foreach ($array as &$f) { }unset($f);foreach ($array2 as $f) { }
print_r($array);print_r($array2);
clearPHP : no-dangling-reference
Something to trap you ?<?php
$x = true;$y = false;
$z = $x and $y;$z = $x && $y;
?>
clearPHP : no-letter-logical
Something wrong ?<?php
try {
} catch (\Unresolved\Class $e) {
} catch (\Not\An\Exception $e) {
}
this is dead code too
clearPHP : no-unresolved-catch
this is dead code too
Something wrong ?<?php
namespace X;try {
} catch (Exception $e) {
}
?> this is still dead code
clearPHP : no-unresolved-catch
Something wrong ?
<?php
if ($x instanceof \Some\Klasse) { $y = $x->convert();}
?>Unresolved classes are not notified :
this is dead code
clearPHP : no-unresolved-instanceof
Something slow ?<?php
define('DAY_IN_SECONDS', 24 * 60 * 60);
define('DAY_IN_SECONDS', 86400);
const DAY_IN_SECONDS = 86400;
?>
clearPHP : always-preprocess
Something slow ?<?php
$x = [];$x['id'] = 0;$x['username'] = 'bibi';$x['creation'] = time();
?>
clearPHP : always-preprocess
<?php $x = [ 'id' => 0, 'username' => 'bibi', 'creation' => time(), ];
?>
Something slow ?<?php
$array = $source->fetchData();$array = array_unique($array);
?>
clearPHP : avoid-those-slow-functions
<?php $array = $database->fetchData();$array = array_keys( array_count_values($array));
?>
Something slow ?
clearPHP : no-array_merge-in-loop
<?php
$merged = []; foreach($array as $id => $row) { $array[$id][4] = VAT * $row[2]; $merged = array_merge($merged, $row);}
?>
<?php
foreach($array as &$row) { $row[4] = VAT * $row[2];}unset($row);$merged = array_merge($merged, $array);
?> clearPHP : use-reference-to-alter-in-foreach
Something wrong ?<?php
switch ($x) { default : // something useful break; default : // something else and useful break; }
this is still dead code
clearPHP : no-switch-with-multiple-defaultWon’t work in
PHP 7
Something wrong ?<?php
switch ($x) { case 1 : // something useful break; case 1 : // something useful break; }
this is still dead code
clearPHP : no-duplicate-case
Something wrong ?<?php
$array = ['png' => 'image/png', 'jpg' => 'image/jpg', 'jpeg' => 'image/jpeg', 'gif' => 'image/gif', 'webp' => 'image/webp', 'wbmp' => 'image/wbmp', 'png' => 'image/png', ];
?>clearPHP : no-duplicate-key
Something wrong ?<?php
$array = [ 1 => 2, '1' => 4, 5 => 6, 7 => 8, 9 => 10, 11 => 12, 1.3 => 14 ];
two of them
is dead code
clearPHP : no-duplicate-key
Something insane<?php
class user { public static getName() {
return $this->name; }}
?>
clearPHP : no-static-this Still works
in PHP 7
Something insane ?
<?php$credit = ( !is_array($_credit)) ? PtoBR(propre($_credit)) : ( $_credit['url'] ? '<a href="' . $_credit['url'] . '">' : '') . $_credit['nom'] . ( $_credit['url'] ? '</a>' : '');?>
clearPHP : no-nested-ternary
Something hardcoded<?php
$ftp_user = 'foo';$ftp_pass = 'bar';
// set up a connection$conn_id = ftp_connect('ftp.example.nl');// authenticationftp_login($conn_id, $ftp_user, $ftp_pass); ?>
clearPHP : no-hardcoded-credential
Something weird<?php
class user { public static countReal($array) {
return count(array_filter($array,
function ($x) { return !empty($x);});
}}?>
clearPHP : not-a-method
Something useless<?php
interface i { function getI(); }
class x implements i {function getI() { return rand(0, 10); }}
?>
clearPHP : no-useless-interfaces
Something useless<?php
function negateI(i $x) { return - $x->getI();}
function sumI(array $a) {$r = 0;foreach($a as $b) {if ($x instanceof i) {$r += $x->getI();
}} return $r;}
clearPHP : no-useless-interfaces
Single and Double Quotes
Indentation
Brace Style
[Regular Expressions]
no-short-tags
Remove Trailing Spaces
Space Usage
Formatting SQL statements
Database Queries - (always-prepare-statement)
Naming Conventions
Self-Explanatory Flag Values for Function Arguments
[Ternary Operator]
yoda-condition
No-implied-if
No-scream
Know-your-variables
Wordpress Standards
Something greedy ?
<?php
echo "<p>" . $paragraph . "</p>";
?>
clearPHP : no-parenthesis-for-language-construct
Something greedy ?
<?php
echo "<p>", $paragraph, "</p>";
?>
clearPHP : no-unnecessary-string-concatenation
Build your own referenceRead the reference
Cherry pick the rules you like
Ignore the rules you don't like
Herald this as your own reference
More rules to come
Do not use the 'else' keyword
Do not use 'else if' but make it one else if
Do wash your hands before hitting the keyboard
Texte
Thanks!@faguo, [email protected], https://github.com/dseguy/clearPHP
clearPHP
Rules to write good PHP code
Rules to write PHP code
Largest list of recommendations
Cherry pick your selection