Most Common Programming Mistakes in Java, PHP, .NET Any OOP

Doing mistakes is everyone’s right. We learn only when we do some mistake. But the point is, we have to identify our mistake, learn from it  and not repeat the same mistake again. Here I have listed some of the most commonly done mistakes in programming regardless which programming language you use or which design you use.

Here are the top most common coding mistakes. Sorted descending on level of vulnerability.

Many languages uses single equals symbol for assigning values to a variable and double equals for testing equality. But most people including experienced programmers use single equals in place of double equals. This may be a minor mistake if you observe properly.

Java, PHP and many Object Oriented Programming languages support Exception handling. But if you handle all exceptions with a single exception handler, you may not know what exception has been raised exactly.

As an efficient-programmer, you should be very careful while you deal with inputs to an application. Validate at both client side as well as server side. Most people program only for client side validations. What if an attacker disables his browser javascript?! Your application breaks. Validating all possible inputs is the solution. A programmer should assume the end user as a mad and program accordingly. Also escape and un-escape data in a proper way.

Imagine an Online Complaints Registration page and that data should be sent to the customer support team. Giving  the customer care email id directly in a function like ” sendMail() feels great. But what if there is more than one place, where you are required to send an email to the same customer email id? Also, what if the customer email id changes?

When you desperately want to hardcode something, put it in a common place so that you can come back later, make changes in a file and that will reflect everywhere. If you minimize hard coding, both development and maintenance becomes easy.

Consider a situation where you may need to establish a database connection, in that case, Do Not Hardcode Username and Password directly while connecting. Also make sure that, you don’t declare it in the same file as a global or local constant. The reason behind this is, you may need to get your code reviewed by another person or someone may be seeing your file knowingly or unknowingly. He could do anything with your or your team’s login details. So keep it in an external file and include that wherever you need the login credentials.

If you find this article useful, share it on social sites. It may help your pals too..

Read More Post