summaryrefslogtreecommitdiff
path: root/doc/developers/rules.rst
diff options
context:
space:
mode:
authorMark Pemberton <mpemberton5@gmail.com>2011-06-04 00:38:07 -0400
committerMark Pemberton <mpemberton5@gmail.com>2011-06-04 00:38:07 -0400
commitb628e63e015bc3b2eadc712feaa6c4d05cf75bbd (patch)
treeebdcec5c8133a3b6f86d06dc3f6fb3de46609f04 /doc/developers/rules.rst
parent84e603aa91a303a1419962ff3ff6086710a7b1a9 (diff)
parent4c8a53c5bc632302aaf8978e711eb53a03166db5 (diff)
downloadsemanticscuttle-b628e63e015bc3b2eadc712feaa6c4d05cf75bbd.tar.gz
semanticscuttle-b628e63e015bc3b2eadc712feaa6c4d05cf75bbd.tar.bz2
Merge branch 'master' into privatekey2
Conflicts: data/templates/default/bookmarks.tpl.php
Diffstat (limited to 'doc/developers/rules.rst')
-rw-r--r--doc/developers/rules.rst30
1 files changed, 30 insertions, 0 deletions
diff --git a/doc/developers/rules.rst b/doc/developers/rules.rst
new file mode 100644
index 0000000..701a215
--- /dev/null
+++ b/doc/developers/rules.rst
@@ -0,0 +1,30 @@
+Rules for developers
+====================
+
+1. Coding style
+---------------
+SemanticScuttle uses the PEAR Coding Standards.
+While quite some parts still do not follow them, all of the
+code will be coverted to them. When developing new code,
+adhere to it.
+
+A helpful tool to check your coding style is PHP CodeSniffer,
+http://pear.php.net/package/PHP_CodeSniffer
+
+
+2. Unit tests
+-------------
+At least the service and model classes have unit tests.
+If you fix things in there, make sure you
+a) do not break the tests or
+b) fix the tests if the old behavior was broken
+
+
+3. Keep security in mind
+------------------------
+As a web application, there are several attack vectors to SemanticScuttle.
+When processing user input (form variables, URL parameters)
+be sure to convert and validate them. If you expect a bookmark id,
+there is no reason not to cast the variable to (int).
+
+Filter input, escape output.