- Follow the PSR2 Coding Standard
- Using FQDN & import the :
functionclass/trait/interfaceconstant
- Reduce unused variable name
- Php Code Sniffer Config phpcs.xml
- Always use validation about:
variablesarray[index]- and code existences
- Do not use private injection to core files (
src/) outsidesrc// core files - Do not use global variables using register globals
$GLOBALS/global $var, the global object must be used static object variables. - See the Code Of Conduct
- Focus to performance & security of the codes. Avoid to use dangerous functions & direct activity eg:
eval/passthru/exec ...etc. - Does not perform direct file uploads without mime-type validation.
- Renaming extension for dangerous extension for uploaded files, eg:
.php,.jsetc. to safe extension liketxteg :file.js.txt
Core translation always use default / TranslatorInterface:DEFAULT_DOMAIN or leave empty on text domain. And always use context as determine core translation
$translator->translateContext('singular', 'context_name'); $translator->translatePluralContext('singular', 'plural', 'integer<number>' , 'context_name');use ArrayAccess\TrayDigita\Container\Interfaces\ContainerIndicateInterface;
use ArrayAccess\TrayDigita\Traits\Service\TranslatorTrait;use Psr\Container\ContainerInterface;
class someClass implements ContainerIndicateInterface
{
use TranslatorTrait;
protected ?ContainerInterface $container;
public function __construct(?ContainerInterface $container)
{
$this->container = $container;
}
protected function getContainer() : ?ContainerInterface
{
return $this->container;
}
public function doingJobTranslate()
{
$this->translateContext('original', 'core_context');
$this->translatePluralContext('original', 'plural', 2, 'core_context');
}
....
}