Developer's blog

Although we’ve already talked about code injection, we’re carrying on this topic from a slightly different angle today. More recently, cross-site-scripting(XSS) has become part of the code injection category, but this particular vulnerability has its peculiarity, so let’s not waste time and get started. Cross-site scripting Cross-site scripting (XSS) is a type of security vulnerability that can be found in some web applications. XSS attacks enable attackers to inject client-side…

Security is an essential part of any software. That’s why I decided to prepare a series of articles that will analyze the most widespread vulnerabilities and programming techniques to help you make your code safer. Let’s get started with the most popular in the web devs environment vulnerability is code injection. Code injection Code injection is the exploitation of a computer bug that is caused by processing invalid data. The…

Every developer can’t even imagine life without a version control system. I’m sure that you know a bunch of them, however, at the moment, the monopolist here is git. Git Hooks is one of the grateful things which provide git. As a WordPress developer, you already know that hooks are the greatest bestowed upon us by the supermind. Most importantly, Git Hooks allow the firing of custom scripts when certain…

The day is here! I’m writing about tests again. Those who missed the first part about acceptance tests feel free to start with it. There was described environment setup and wrote your first acceptance test. The current article is for teams that already tried and wrote a couple of dozen tests and focused on long-term investing in the test base. I’m going to describe the common things that allow you…

Acceptance (UI, E2E, GUI) tests are the highest testing layer and describe a customer’s behavior in browsers. Think of them as good old “user stories”. They are all about what a user can do and see. I’m sure that even one such kind of test can multiply improve your code quality. If you don’t have a strong opinion about test needs, I recommend starting with general testing information that I’ve…

Every WordPress developer knows that hooks the main communication mechanism between the core, plugins, and themes. If not, this is a critically important topic that you should dive into to work with WordPress and its ecosystem. I have participated in a few dozen technical interviews for software engineers with WordPress knowledge and was really amazed that a huge part of them intuitively use hooks but don’t know how it works….

The code review is the act of systematically and consciously convening with teammates to check each other’s code. It helps to detect problems at an early stage. Generally, the code reviews apply for pull requests. Cross-review is one of the best practices. Cross-review is a code review when the PR’s author and reviewer are different people. The reasons why cross-review is really effective are the fresh look and different targets…

You can ask me why we should use coding standards? Shortly, to make more strict rules for your code and control the code quality in your team. A lot of similar things you can do differently, using various syntax. I described the basic knowledge about PHP coding standards, WPCS, with simple examples of my own coding standard earlier. This article will describe how to create coding standards as a separate…

All developers hear about mystic unit tests that must-have, but no one has. As a developer, who has written unit tests for a few years yet, I can say that it’s impossible to write great code without unit tests. Unit testing is the quality tool that helps developers be sure that new code doesn’t break old business logic. Also, the unit tests are the best documentation for developers, and when…

Objects are divided into mutable and immutable depending on the possibility to change. Objects that don’t change their internal state after creating are immutable. Otherwise, they are mutable. Why should we think about it? This is an incomplete list of advantages for immutability: easier support in the future immutable objects are simpler to use immutable objects are simpler to test truly immutable objects side-effects free they are much easier to…

If you work with open source, in the environment world, these are public plugins, and you have a lot of users, but backward compatibility is tedious. But today, there was a hilarious case when it was not an obvious situation. Let’s deep into it. The problem I have a class that I’ve decided to mark as deprecated and write a new code that more readable (I think in such a…

ACID (atomicity, consistency, isolation, durability) is a set of properties of database transactions intended to guarantee data validity despite errors, power failures, and other mishaps. Wikipedia The transaction is a sequence of database operations such as select, insert, delete, or update as one single work unit. Atomicity Atomicity guarantees that each transaction is treated as a single “unit”, which either succeeds completely or fails completely: if any of the statements constituting…