[nycphp-talk] Quality Code [was "Injection..."]
Gary Mort
bz-gmort at beezifies.com
Tue Nov 13 10:44:29 EST 2007
Brian D. wrote:
>> Programmers who write quality code do not write code slower than
>> programmers who don't. If anything they produce more lines of code per
>> day, and their code does more.
>>
>
> You can certainly write an application, placing your SQL calls, HTML
> layout, and everything else all in the same files, ignoring security
> problems, and skipping documentation, much, *much* faster than you can
> create an application that considers security issues, best practices,
> well-documented code, etc.
>
>
Well, except for the documentation, I'd disagree with this.
Maybe a little faster, but not a lot. If you always do XYZ to sanitize
your data and make your SQL calls, than it really won't be any different
than always doing something else.
The biggest problem with that approach is the many cooks syndrome. One
guy always uses one library to sanitize data, another guy uses a second
library, than a third dev comes along and uses a third library.
The code keeps bloating because each person has their preferred
method(and this assumes they have sane libraries that don't conflict!)
More information about the talk
mailing list