summaryrefslogtreecommitdiff
path: root/doc/developers/rules.rst
diff options
context:
space:
mode:
authorChristian Weiske <cweiske@cweiske.de>2011-05-26 08:20:04 +0200
committerChristian Weiske <cweiske@cweiske.de>2011-05-26 08:20:04 +0200
commit18989f97f1c4299f447b011c28961ca5c8310c13 (patch)
tree3ecf5ac1572f064d461209514d1568f216536839 /doc/developers/rules.rst
parentb279ded75769818ae78ca11654ecef935d6cb956 (diff)
downloadsemanticscuttle-18989f97f1c4299f447b011c28961ca5c8310c13.tar.gz
semanticscuttle-18989f97f1c4299f447b011c28961ca5c8310c13.tar.bz2
documentation index
Diffstat (limited to 'doc/developers/rules.rst')
-rw-r--r--doc/developers/rules.rst30
1 files changed, 30 insertions, 0 deletions
diff --git a/doc/developers/rules.rst b/doc/developers/rules.rst
new file mode 100644
index 0000000..701a215
--- /dev/null
+++ b/doc/developers/rules.rst
@@ -0,0 +1,30 @@
+Rules for developers
+====================
+
+1. Coding style
+---------------
+SemanticScuttle uses the PEAR Coding Standards.
+While quite some parts still do not follow them, all of the
+code will be coverted to them. When developing new code,
+adhere to it.
+
+A helpful tool to check your coding style is PHP CodeSniffer,
+http://pear.php.net/package/PHP_CodeSniffer
+
+
+2. Unit tests
+-------------
+At least the service and model classes have unit tests.
+If you fix things in there, make sure you
+a) do not break the tests or
+b) fix the tests if the old behavior was broken
+
+
+3. Keep security in mind
+------------------------
+As a web application, there are several attack vectors to SemanticScuttle.
+When processing user input (form variables, URL parameters)
+be sure to convert and validate them. If you expect a bookmark id,
+there is no reason not to cast the variable to (int).
+
+Filter input, escape output.