ColdFusion Coding Rules

Posted At : August 11, 2006 4:24 PM | Posted By : Steve
Related Categories: ColdFusion

Now that the first code checking application has been reviewed, I though it would be a good time to discuss the rules themselves.
For my entry, I just put together a few example rules. I looked to rules I would want to check for and turned to the list of rules for ActiveSoftware's CF Code Review Tool for inspiration. Mostly, however, I just tried to put together a few rules to demonstrate some of the capabilities of the tool.
Now that Ray has had a chance to review it, I would like to put together the first public beta as soon as I get the chance. In order for the tool to be realy useful, I need to have it start with a good list of coding rules.
To that end, I would love to get suggestions on what rules people think that a tool such as this should use (keeping in mind that the tool will allow you to add others as you see fit or have it not check for rules that are included).
To get the ball rolling, here are the rules that I included in my entry:

  • Don't use a relative URL in cfschedule
  • Use the accept attribute when uploading a file
  • Avoid Evaluate()
  • Don't start includes with /
  • Avoid shared scopes in CFCs
  • Prefer StructKeyExists() over isDefined()
  • Prefer Len Over Empty String Tests
OK. That is the list as it stands now. I think it needs to be expanded and improved.
Who's first?

Comments (9) | Print | del.icio.us | Digg It! | Linking Blogs | 2565 Views

Ray Reviews My Contest Entry

Posted At : August 11, 2006 2:14 PM | Posted By : Steve
Related Categories: CodeCop

I normally try to avoid posting just to talk about other people's posts, but this one is an important topic... me!
Advanced ColdFusion Contest Entry 1: CodeCop
Overall I feel that Ray's review was pretty positive, which is a relief. The big fear is, you put your best foot forward and find out the the good minds in the business think you are a hack (and not in the good way).
He did have some criticisms, which is to be expected. Most of them in terms of my failure to fully explain things in my documentation. Figuring out what I need to explain in documentation is still a challenge for me. Fortunately, he pointed to specifics so I will try to get those fixed.
Feel free to install it and try it out. It will install itself on any database supported by DataMgr.cfc (currently Access, MS SQL, MySQL, PostGreSQL). All of the tables use a prefix of "chk", so it shouldn't conflict with any tables in an existing database.
I will be releasing it as a beta on my own site soon (hopefully with improved documentation). It is free and open source and will remain so.
UPDATE
Since I am talking about myself anyway, I may as well point out some of the things that I am proud of in the application.
It will run in or out of the administrator on CFMX 6.1 or CFMX 7. The skin of the application will match the environment. So, it will match the look of the administrator that it is in or it will have its own looking if running outside of the administrator. It will also have capabilities to match its environment. For example, in CFMX 6.1 or in the administrator of CFMX 7, it will provide a drop-down of available datasources (using supported databases). In ColdFusion 7 outside the administrator it will provide a text box to enter a datasource with a drop-down to select one of the supported database types.
In fact, the whole application supports the idea of graceful degradation / progressive enhancement. It will work if JavaScript is not available, but it will be work easier if it is. If you run it from within the administrator in CFMX 7, it will provide use the file-picker box used to find a local database in the satasource section of the admin.
You can view the issues found in your code in several different ways with several different routes to more information. It uses Ray's code coloring code to help make the code easy to read and understand (and all issues found are highlighted with a link to a description of the issue). For simple issues found on local files, you can even edit the file directly from the program.
You can edit or edit any rule used by the program. You can have a rule that looks for a given tag (and run custom code against the rule that will make available such data as the attributes and the code between the tags in a way that is easy to use. You can also have a rule that looks for a regular expression (again with the ability to run custom code against the results). You can place rules into packages and share those packages with other developers via an XML file.
The reports provide a nice summary of the issues and are stored for your perusal later (also allowing you to compare the number of issues found different times that code is tested).
I am sure that it has plenty of room for improvement, but I think it is a pretty good start.

Comments (0) | Print | del.icio.us | Digg It! | Linking Blogs | 4207 Views
BlogCFC was created by Raymond Camden. This blog is running version 5.8.001.