Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Increasing Quality and Security with PHPCS
1. Increasing Code Quality
and Security With PHPCS
Increasing Code Quality and Security With PHPCS
Topher DeRosia
@topher1kenobe
2. Developer and Documenter from
Increasing Code Quality and Security With PHPCS
Topher DeRosia
@topher1kenobe
3. Why Coding Standards?
● They make it so that a very large codebase can appear
to be built by a single person
● They make it easy to return to a project and pick up
where you left off
● They can enforce pre-determined security standards
4. WordPress Coding Standards
WordPress has coding standards for
PHP: https://make.wordpress.org/core/handbook/best-practices/coding-standards/php/
HTML: https://make.wordpress.org/core/handbook/best-practices/coding-standards/html/
CSS: https://make.wordpress.org/core/handbook/best-practices/coding-standards/css/
Javascript: https://make.wordpress.org/core/handbook/best-practices/coding-
standards/javascript/
5. What is PHPCS?
● PHP Code Sniffer examines PHP code and compares it
to a standards file
● Each project (WordPress, Drupal, Joomla, etc.) has its
own standards file
● PHPCS is a Pear package found at
http://pear.php.net/package/PHP_CodeSniffer/
6. Installing PHPCS
The docs for installing the WordPress standards file
include instructions on installing PHPCS
https://github.com/WordPress-Coding-Standards/WordPress-Coding-Standards
PHPCS can then be run from the command line or
installed to an IDE like PHPStorm, Sublime Text, or Atom
7. What does it do for us?
Warnings:
$customer_id = (int)$args['customer_id'];
$customer_id = ( int )$args['customer_id'];
if ( isset( $_GET['edd_notice'] ) && 'customer-contacted' == $_GET['edd_notice'] ) {
if ( isset( $_GET['edd_notice'] ) && 'customer-contacted' == $_GET['edd_notice'] ) { // WPCS: XSS ok.
8. What does it do for us?
Errors:
if ( is_admin() )
require_once WPCF7_PLUGIN_DIR . '/admin/admin.php';
else
require_once WPCF7_PLUGIN_DIR . '/includes/controller.php';
Reflections on Curly Braces – Apple’s SSL Bug and What We Should
Learn From It
9. What does it do for us?
Security:
<section id="footer-1" class="widget-area <?php echo $sidebar_id; ?>
Should be
<section id="footer-1" class="widget-area <?php echo esc_attr( $sidebar_id ); ?>”>
10. Make it a habit
Test every file
Test every time
Don’t release code that has errors and warnings
It’s good for your resume
11. THANKS FOR
LISTENING
Increasing Code Quality and Security With PHPCS
Topher DeRosia
http://topher1kenobe.com
http://heropress.com
Follow me @topher1kenobe
@topher1kenobe