I’m a strong believer in code being written in such a way that it is self documenting, but would not use this as an excuse for not adding in English language comments to go alongside the code. After all, comments add a tiny amount to the size of a PHP file and don’t slow down the application at all. Also, the English language comments alongside the code can be used to justify decisions or assumptions you have made, which might make the next programmer’s visit to the file a lot quicker and more productive.
Archive for the ‘PHP’ Category
Commenting code – a minor but invaluable investment of time
Wednesday, November 3rd, 2010Coding things the quick way – often a false economy
Wednesday, August 4th, 2010I have recently been tasked with making some changes to the central ‘library’ of code that an E-Commerce platform is based on. Essentially, the ‘models’ for this application are all in a central, shared location, and all of the ‘installations’ of the e-commerce platform have their own set of controllers and views that interact with these models. The changes I am making involve making the deletion of products reversible; so instead of actually deleting products and associated assets, a flag is merely set in the database; is_deleted = 1. This, at first glance, seems to be quite a simple task; alter the database tables to add the extra column in, and make a change to the central models in Model_Product::deleteProduct and any product ‘getter’ functions, eg Model_Product::getProductsByCategoryId. However, due to the way that the platform has been developed and individual customisations to the installations of that platform have been made, things aren’t quite so simple.
Should you sanitise your HTML before or after you save to your database?
Monday, April 19th, 2010In starting a new project completely from scratch we need to decide whether to sanitise html (that is, convert & to &, < to <, and strip out blacklisted html) before or after we saved to database. In projects I’d worked on in the past this had been done inconsistently in different areas of the application – ie, pre save in some areas and on select in others. After having thought through the problem I think I’ve decided on which option I prefer: Sanitise after selecting from the database, rather than before saving to the database.
