Blame Extras/phpBB/3.0.4/docs/coding-guidelines.html

4c79b5
4c79b5
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en" xml:lang="en">
4c79b5
<head>
4c79b5
4c79b5
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
4c79b5
<meta http-equiv="content-style-type" content="text/css" />
4c79b5
<meta http-equiv="content-language" content="en" />
4c79b5
<meta http-equiv="imagetoolbar" content="no" />
4c79b5
<meta name="resource-type" content="document" />
4c79b5
<meta name="distribution" content="global" />
4c79b5
<meta name="copyright" content="2007 phpBB Group" />
4c79b5
<meta name="keywords" content="" />
4c79b5
<meta name="description" content="Olympus coding guidelines document" />
4c79b5
<title>phpBB3 • Coding Guidelines</title>
4c79b5
4c79b5
<link href="stylesheet.css" rel="stylesheet" type="text/css" media="screen, projection" />
4c79b5
4c79b5
</head>
4c79b5
4c79b5
<body id="phpbb" class="section-docs">
4c79b5
4c79b5
4c79b5
	
4c79b5
	
4c79b5
		
4c79b5
			
4c79b5
4c79b5
			
4c79b5
				
4c79b5
				

Coding Guidelines

4c79b5
				

Olympus coding guidelines document

4c79b5
				

Skip

4c79b5
			
4c79b5
4c79b5
			
4c79b5
		
4c79b5
	
4c79b5
4c79b5
	
4c79b5
4c79b5
	
4c79b5
4c79b5
4c79b5
4c79b5

These are the phpBB Coding Guidelines for Olympus, all attempts should be made to follow them as closely as possible.

4c79b5
4c79b5

Coding Guidelines

4c79b5
4c79b5
	
4c79b5
		
4c79b5
4c79b5
		
4c79b5
4c79b5
    4c79b5
    	
  1. Defaults
  2. 4c79b5
    	
      4c79b5
      		
    1. Editor Settings
    2. 4c79b5
      		
    3. File Header
    4. 4c79b5
      		
    5. File Locations
    6. 4c79b5
      	
      4c79b5
      	
      4c79b5
      	
    7. Code Layout/Guidelines
    8. 4c79b5
      	
        4c79b5
        		
      1. Variable/Function Naming
      2. 4c79b5
        		
      3. Code Layout
      4. 4c79b5
        		
      5. SQL/SQL Layout
      6. 4c79b5
        		
      7. Optimizations
      8. 4c79b5
        		
      9. General Guidelines
      10. 4c79b5
        	
        4c79b5
        	
        4c79b5
        	
      11. Styling
      12. 4c79b5
        	
          4c79b5
          		
        1. Style Config Files
        2. 4c79b5
          		
        3. General Styling Rules
        4. 4c79b5
          	
          4c79b5
          	
        5. Templating
        6. 4c79b5
          	
            4c79b5
            		
          1. General Templating
          2. 4c79b5
            		
          3. Template Inheritance
          4. 4c79b5
            	
            4c79b5
            	
          5. Character Sets and Encodings
          6. 4c79b5
            	
          7. Translation (i18n/L10n) Guidelines
          8. 4c79b5
            	
              4c79b5
              		
            1. Standardisation
            2. 4c79b5
              		
            3. Other considerations
            4. 4c79b5
              		
            5. Writing Style
            6. 4c79b5
              	
              4c79b5
              	
              4c79b5
              	
            7. Guidelines Changelog
            8. 4c79b5
              	
            9. Copyright and disclaimer
            10. 4c79b5
              4c79b5
              4c79b5
              		
              4c79b5
              4c79b5
              		
              4c79b5
              	
              4c79b5
              4c79b5
              	
              4c79b5
              4c79b5

              1. Defaults

              4c79b5
              4c79b5
              	
              4c79b5
              		
              4c79b5
              4c79b5
              		
              4c79b5
              4c79b5

              1.i. Editor Settings

              4c79b5
              4c79b5
              	

              Tabs vs Spaces:

              4c79b5
              	

              In order to make this as simple as possible, we will be using tabs, not spaces. We enforce 4 (four) spaces for one tab - therefore you need to set your tab width within your editor to 4 spaces. Make sure that when you save the file, it's saving tabs and not spaces. This way, we can each have the code be displayed the way we like it, without breaking the layout of the actual files.

              4c79b5
              	

              Tabs in front of lines are no problem, but having them within the text can be a problem if you do not set it to the amount of spaces every one of us uses. Here is a short example of how it should look like:

              4c79b5
              4c79b5
              	
              4c79b5
              {TAB}$mode{TAB}{TAB}= request_var('mode', '');
              4c79b5
              {TAB}$search_id{TAB}= request_var('search_id', '');
              4c79b5
              	
              4c79b5
              4c79b5
              	

              If entered with tabs (replace the {TAB}) both equal signs need to be on the same column.

              4c79b5
              4c79b5
              	

              Linefeeds:

              4c79b5
              	

              Ensure that your editor is saving files in the UNIX (LF) line ending format. This means that lines are terminated with a newline, not with Windows Line endings (CR/LF combo) as they are on Win32 or Classic Mac (CR) Line endings. Any decent editor should be able to do this, but it might not always be the default setting. Know your editor. If you want advice for an editor for your Operating System, just ask one of the developers. Some of them do their editing on Win32.

              4c79b5
              4c79b5
              	

              1.ii. File Header

              4c79b5
              4c79b5
              	

              Standard header for new files:

              4c79b5
              	

              This template of the header must be included at the start of all phpBB files:

              4c79b5
              4c79b5
              	
              4c79b5
              /**
              4c79b5
              *
              4c79b5
              * @package {PACKAGENAME}
              4c79b5
              * @version $Id: $
              4c79b5
              * @copyright (c) 2007 phpBB Group
              4c79b5
              * @license http://opensource.org/licenses/gpl-license.php GNU Public License
              4c79b5
              *
              4c79b5
              */
              4c79b5
              	
              4c79b5
              4c79b5
              	

              Please see the File Locations section for the correct package name.

              4c79b5
              4c79b5
              	

              Files containing inline code:

              4c79b5
              4c79b5
              	

              For those files you have to put an empty comment directly after the header to prevent the documentor assigning the header to the first code element found.

              4c79b5
              4c79b5
              	
              4c79b5
              /**
              4c79b5
              * {HEADER}
              4c79b5
              */
              4c79b5
              4c79b5
              /**
              4c79b5
              */
              4c79b5
              {CODE}
              4c79b5
              	
              4c79b5
              4c79b5
              	

              Files containing only functions:

              4c79b5
              4c79b5
              	

              Do not forget to comment the functions (especially the first function following the header). Each function should have at least a comment of what this function does. For more complex functions it is recommended to document the parameters too.

              4c79b5
              4c79b5
              	

              Files containing only classes:

              4c79b5
              4c79b5
              	

              Do not forget to comment the class. Classes need a separate @package definition, it is the same as the header package name. Apart from this special case the above statement for files containing only functions needs to be applied to classes and it's methods too.

              4c79b5
              4c79b5
              	

              Code following the header but only functions/classes file:

              4c79b5
              4c79b5
              	

              If this case is true, the best method to avoid documentation confusions is adding an ignore command, for example:

              4c79b5
              4c79b5
              	
              4c79b5
              /**
              4c79b5
              * {HEADER}
              4c79b5
              */
              4c79b5
              4c79b5
              /**
              4c79b5
              * @ignore
              4c79b5
              */
              4c79b5
              Small code snipped, mostly one or two defines or an if statement
              4c79b5
              4c79b5
              /**
              4c79b5
              * {DOCUMENTATION}
              4c79b5
              */
              4c79b5
              class ...
              4c79b5
              	
              4c79b5
              4c79b5
              	

              1.iii. File Locations

              4c79b5
              4c79b5
              	

              Functions used by more than one page should be placed in functions.php, functions specific to one page should be placed on that page (at the bottom) or within the relevant sections functions file. Some files in /includes are holding functions responsible for special sections, for example uploading files, displaying "things", user related functions and so forth.

              4c79b5
              4c79b5
              	

              The following packages are defined, and related new features/functions should be placed within the mentioned files/locations, as well as specifying the correct package name. The package names are bold within this list:

              4c79b5
              4c79b5
              	
                4c79b5
                		
              • phpBB3
                Core files and all files not assigned to a separate package
              • 4c79b5
                		
              • acm
                /includes/acm, /includes/cache.php
                Cache System
              • 4c79b5
                		
              • acp
                /adm, /includes/acp, /includes/functions_admin.php
                Administration Control Panel
              • 4c79b5
                		
              • dbal
                /includes/db
                Database Abstraction Layer.
                Base class is dbal
              • 4c79b5
                			
                  4c79b5
                  				
                • /includes/db/dbal.php
                  Base DBAL class, defining the overall framework
                • 4c79b5
                  				
                • /includes/db/firebird.php
                  Firebird/Interbase Database Abstraction Layer
                • 4c79b5
                  				
                • /includes/db/msssql.php
                  MSSQL Database Abstraction Layer
                • 4c79b5
                  				
                • /includes/db/mssql_odbc.php
                  MSSQL ODBC Database Abstraction Layer for MSSQL
                • 4c79b5
                  				
                • /includes/db/mysql.php
                  MySQL Database Abstraction Layer for MySQL 3.x/4.0.x/4.1.x/5.x
                • 4c79b5
                  				
                • /includes/db/mysqli.php
                  MySQLi Database Abstraction Layer
                • 4c79b5
                  				
                • /includes/db/oracle.php
                  Oracle Database Abstraction Layer
                • 4c79b5
                  				
                • /includes/db/postgres.php
                  PostgreSQL Database Abstraction Layer
                • 4c79b5
                  				
                • /includes/db/sqlite.php
                  Sqlite Database Abstraction Layer
                • 4c79b5
                  			
                  4c79b5
                  		
                  4c79b5
                  		
                • diff
                  /includes/diff
                  Diff Engine
                • 4c79b5
                  		
                • docs
                  /docs
                  phpBB Documentation
                • 4c79b5
                  		
                • images
                  /images
                  All global images not connected to styles
                • 4c79b5
                  		
                • install
                  /install
                  Installation System
                • 4c79b5
                  		
                • language
                  /language
                  All language files
                • 4c79b5
                  		
                • login
                  /includes/auth
                  Login Authentication Plugins
                • 4c79b5
                  		
                • VC
                  /includes/captcha
                  CAPTCHA
                • 4c79b5
                  		
                • mcp
                  mcp.php, /includes/mcp, report.php
                  Moderator Control Panel
                • 4c79b5
                  		
                • ucp
                  ucp.php, /includes/ucp
                  User Control Panel
                • 4c79b5
                  		
                • utf
                  /includes/utf
                  UTF8-related functions/classes
                • 4c79b5
                  		
                • search
                  /includes/search, search.php
                  Search System
                • 4c79b5
                  		
                • styles
                  /styles, style.php
                  phpBB Styles/Templates/Themes/Imagesets
                • 4c79b5
                  	
                  4c79b5
                  4c79b5
                  		
                  4c79b5
                  4c79b5
                  		
                  4c79b5
                  4c79b5
                  		
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	
                  4c79b5
                  4c79b5

                  2. Code Layout/Guidelines

                  4c79b5
                  4c79b5
                  	
                  4c79b5
                  		
                  4c79b5
                  4c79b5
                  		
                  4c79b5
                  4c79b5
                  	

                  Please note that these Guidelines applies to all php, html, javascript and css files.

                  4c79b5
                  4c79b5
                  	

                  2.i. Variable/Function Naming

                  4c79b5
                  4c79b5
                  	

                  We will not be using any form of hungarian notation in our naming conventions. Many of us believe that hungarian naming is one of the primary code obfuscation techniques currently in use.

                  4c79b5
                  4c79b5
                  	

                  Variable Names:

                  4c79b5
                  	

                  Variable names should be in all lowercase, with words separated by an underscore, example:

                  4c79b5
                  4c79b5
                  	
                  4c79b5
                  		

                  $current_user is right, but $currentuser and $currentUser are not.

                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  Names should be descriptive, but concise. We don't want huge sentences as our variable names, but typing an extra couple of characters is always better than wondering what exactly a certain variable is for.

                  4c79b5
                  4c79b5
                  	

                  Loop Indices:

                  4c79b5
                  	

                  The only situation where a one-character variable name is allowed is when it's the index for some looping construct. In this case, the index of the outer loop should always be $i. If there's a loop inside that loop, its index should be $j, followed by $k, and so on. If the loop is being indexed by some already-existing variable with a meaningful name, this guideline does not apply, example:

                  4c79b5
                  4c79b5
                  	
                  4c79b5
                  for ($i = 0; $i < $outer_size; $i++)
                  4c79b5
                  {
                  4c79b5
                     for ($j = 0; $j < $inner_size; $j++)
                  4c79b5
                     {
                  4c79b5
                        foo($i, $j);
                  4c79b5
                     }
                  4c79b5
                  }
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  Function Names:

                  4c79b5
                  	

                  Functions should also be named descriptively. We're not programming in C here, we don't want to write functions called things like "stristr()". Again, all lower-case names with words separated by a single underscore character. Function names should preferably have a verb in them somewhere. Good function names are print_login_status(), get_user_data(), etc.

                  4c79b5
                  4c79b5
                  	

                  Function Arguments:

                  4c79b5
                  	

                  Arguments are subject to the same guidelines as variable names. We don't want a bunch of functions like: do_stuff($a, $b, $c). In most cases, we'd like to be able to tell how to use a function by just looking at its declaration.

                  4c79b5
                  4c79b5
                  	

                  Summary:

                  4c79b5
                  	

                  The basic philosophy here is to not hurt code clarity for the sake of laziness. This has to be balanced by a little bit of common sense, though; print_login_status_for_a_given_user() goes too far, for example -- that function would be better named print_user_login_status(), or just print_login_status().

                  4c79b5
                  4c79b5
                  	

                  Special Namings:

                  4c79b5
                  	

                  For all emoticons use the term smiley in singular and smilies in plural.

                  4c79b5
                  4c79b5
                  	

                  2.ii. Code Layout

                  4c79b5
                  4c79b5
                  	

                  Always include the braces:

                  4c79b5
                  	

                  This is another case of being too lazy to type 2 extra characters causing problems with code clarity. Even if the body of some construct is only one line long, do not drop the braces. Just don't, examples:

                  4c79b5
                  4c79b5
                  	

                  // These are all wrong.

                  4c79b5
                  4c79b5
                  	
                  4c79b5
                  if (condition) do_stuff();
                  4c79b5
                  4c79b5
                  if (condition)
                  4c79b5
                  	do_stuff();
                  4c79b5
                  4c79b5
                  while (condition)
                  4c79b5
                  	do_stuff();
                  4c79b5
                  4c79b5
                  for ($i = 0; $i < size; $i++)
                  4c79b5
                  	do_stuff($i);
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  // These are all right.

                  4c79b5
                  	
                  4c79b5
                  if (condition)
                  4c79b5
                  {
                  4c79b5
                  	do_stuff();
                  4c79b5
                  }
                  4c79b5
                  4c79b5
                  while (condition)
                  4c79b5
                  {
                  4c79b5
                  	do_stuff();
                  4c79b5
                  }
                  4c79b5
                  4c79b5
                  for ($i = 0; $i < size; $i++)
                  4c79b5
                  {
                  4c79b5
                  	do_stuff();
                  4c79b5
                  }
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  Where to put the braces:

                  4c79b5
                  	

                  This one is a bit of a holy war, but we're going to use a style that can be summed up in one sentence: Braces always go on their own line. The closing brace should also always be at the same column as the corresponding opening brace, examples:

                  4c79b5
                  4c79b5
                  	
                  4c79b5
                  if (condition)
                  4c79b5
                  {
                  4c79b5
                  	while (condition2)
                  4c79b5
                  	{
                  4c79b5
                  		...
                  4c79b5
                  	}
                  4c79b5
                  }
                  4c79b5
                  else
                  4c79b5
                  {
                  4c79b5
                  	...
                  4c79b5
                  }
                  4c79b5
                  4c79b5
                  for ($i = 0; $i < $size; $i++)
                  4c79b5
                  {
                  4c79b5
                  	...
                  4c79b5
                  }
                  4c79b5
                  4c79b5
                  while (condition)
                  4c79b5
                  {
                  4c79b5
                  	...
                  4c79b5
                  }
                  4c79b5
                  4c79b5
                  function do_stuff()
                  4c79b5
                  {
                  4c79b5
                  	...
                  4c79b5
                  }
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  Use spaces between tokens:

                  4c79b5
                  	

                  This is another simple, easy step that helps keep code readable without much effort. Whenever you write an assignment, expression, etc.. Always leave one space between the tokens. Basically, write code as if it was English. Put spaces between variable names and operators. Don't put spaces just after an opening bracket or before a closing bracket. Don't put spaces just before a comma or a semicolon. This is best shown with a few examples, examples:

                  4c79b5
                  4c79b5
                  	

                  // Each pair shows the wrong way followed by the right way.

                  4c79b5
                  4c79b5
                  	
                  4c79b5
                  $i=0;
                  4c79b5
                  $i = 0;
                  4c79b5
                  4c79b5
                  if($i<7) ...
                  4c79b5
                  if ($i < 7) ...
                  4c79b5
                  4c79b5
                  if ( ($i < 7)&&($j > 8) ) ...
                  4c79b5
                  if ($i < 7 && $j > 8) ...
                  4c79b5
                  4c79b5
                  do_stuff( $i, 'foo', $b );
                  4c79b5
                  do_stuff($i, 'foo', $b);
                  4c79b5
                  4c79b5
                  for($i=0; $i<$size; $i++) ...
                  4c79b5
                  for ($i = 0; $i < $size; $i++) ...
                  4c79b5
                  4c79b5
                  $i=($j < $size)?0:1;
                  4c79b5
                  $i = ($j < $size) ? 0 : 1;
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  Operator precedence:

                  4c79b5
                  	

                  Do you know the exact precedence of all the operators in PHP? Neither do I. Don't guess. Always make it obvious by using brackets to force the precedence of an equation so you know what it does. Remember to not over-use this, as it may harden the readability. Basically, do not enclose single expressions. Examples:

                  4c79b5
                  4c79b5
                  	

                  // what's the result? who knows.

                  4c79b5
                  	
                  4c79b5
                  $bool = ($i < 7 && $j > 8 || $k == 4);
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  // now you can be certain what I'm doing here.

                  4c79b5
                  	
                  4c79b5
                  $bool = (($i < 7) && (($j < 8) || ($k == 4)));
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  // But this one is even better, because it is easier on the eye but the intention is preserved

                  4c79b5
                  	
                  4c79b5
                  $bool = ($i < 7 && ($j < 8 || $k == 4));
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  Quoting strings:

                  4c79b5
                  	

                  There are two different ways to quote strings in PHP - either with single quotes or with double quotes. The main difference is that the parser does variable interpolation in double-quoted strings, but not in single quoted strings. Because of this, you should always use single quotes unless you specifically need variable interpolation to be done on that string. This way, we can save the parser the trouble of parsing a bunch of strings where no interpolation needs to be done.

                  4c79b5
                  	

                  Also, if you are using a string variable as part of a function call, you do not need to enclose that variable in quotes. Again, this will just make unnecessary work for the parser. Note, however, that nearly all of the escape sequences that exist for double-quoted strings will not work with single-quoted strings. Be careful, and feel free to break this guideline if it's making your code easier to read, examples:

                  4c79b5
                  4c79b5
                  	

                  // wrong

                  4c79b5
                  	
                  4c79b5
                  $str = "This is a really long string with no variables for the parser to find.";
                  4c79b5
                  4c79b5
                  do_stuff("$str");
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  // right

                  4c79b5
                  	
                  4c79b5
                  $str = 'This is a really long string with no variables for the parser to find.';
                  4c79b5
                  4c79b5
                  do_stuff($str);
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  // Sometimes single quotes are just not right

                  4c79b5
                  	
                  4c79b5
                  $post_url = $phpbb_root_path . 'posting.' . $phpEx . '?mode=' . $mode . '&amp;start=' . $start;
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  // Double quotes are sometimes needed to not overcroud the line with concentinations

                  4c79b5
                  	
                  4c79b5
                  $post_url = "{$phpbb_root_path}posting.$phpEx?mode=$mode&amp;start=$start";
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  In SQL Statements mixing single and double quotes is partly allowed (following the guidelines listed here about SQL Formatting), else it should be tryed to only use one method - mostly single quotes.

                  4c79b5
                  4c79b5
                  	

                  Associative array keys:

                  4c79b5
                  	

                  In PHP, it's legal to use a literal string as a key to an associative array without quoting that string. We don't want to do this -- the string should always be quoted to avoid confusion. Note that this is only when we're using a literal, not when we're using a variable, examples:

                  4c79b5
                  4c79b5
                  	

                  // wrong

                  4c79b5
                  	
                  4c79b5
                  $foo = $assoc_array[blah];
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  // right

                  4c79b5
                  	
                  4c79b5
                  $foo = $assoc_array['blah'];
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  // wrong

                  4c79b5
                  	
                  4c79b5
                  $foo = $assoc_array["$var"];
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  // right

                  4c79b5
                  	
                  4c79b5
                  $foo = $assoc_array[$var];
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  Comments:

                  4c79b5
                  	

                  Each complex function should be preceded by a comment that tells a programmer everything they need to know to use that function. The meaning of every parameter, the expected input, and the output are required as a minimal comment. The function's behaviour in error conditions (and what those error conditions are) should also be present - but mostly included within the comment about the output.

                  Especially important to document are any assumptions the code makes, or preconditions for its proper operation. Any one of the developers should be able to look at any part of the application and figure out what's going on in a reasonable amount of time.

                  Avoid using /* */ comment blocks for one-line comments, // should be used for one/two-liners.

                  4c79b5
                  4c79b5
                  	

                  Magic numbers:

                  4c79b5
                  	

                  Don't use them. Use named constants for any literal value other than obvious special cases. Basically, it's ok to check if an array has 0 elements by using the literal 0. It's not ok to assign some special meaning to a number and then use it everywhere as a literal. This hurts readability AND maintainability. The constants true and false should be used in place of the literals 1 and 0 -- even though they have the same values (but not type!), it's more obvious what the actual logic is when you use the named constants. Typecast variables where it is needed, do not rely on the correct variable type (PHP is currently very loose on typecasting which can lead to security problems if a developer does not have a very close eye to it).

                  4c79b5
                  4c79b5
                  	

                  Shortcut operators:

                  4c79b5
                  	

                  The only shortcut operators that cause readability problems are the shortcut increment $i++ and decrement $j-- operators. These operators should not be used as part of an expression. They can, however, be used on their own line. Using them in expressions is just not worth the headaches when debugging, examples:

                  4c79b5
                  4c79b5
                  	

                  // wrong

                  4c79b5
                  	
                  4c79b5
                  $array[++$i] = $j;
                  4c79b5
                  $array[$i++] = $k;
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  // right

                  4c79b5
                  	
                  4c79b5
                  $i++;
                  4c79b5
                  $array[$i] = $j;
                  4c79b5
                  4c79b5
                  $array[$i] = $k;
                  4c79b5
                  $i++;
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  Inline conditionals:

                  4c79b5
                  	

                  Inline conditionals should only be used to do very simple things. Preferably, they will only be used to do assignments, and not for function calls or anything complex at all. They can be harmful to readability if used incorrectly, so don't fall in love with saving typing by using them, examples:

                  4c79b5
                  4c79b5
                  	

                  // Bad place to use them

                  4c79b5
                  	
                  4c79b5
                  ($i < $size && $j > $size) ? do_stuff($foo) : do_stuff($bar);
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  // OK place to use them

                  4c79b5
                  	
                  4c79b5
                  $min = ($i < $j) ? $i : $j;
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  Don't use uninitialized variables.

                  4c79b5
                  	

                  For phpBB3, we intend to use a higher level of run-time error reporting. This will mean that the use of an uninitialized variable will be reported as a warning. These warnings can be avoided by using the built-in isset() function to check whether a variable has been set - but preferably the variable is always existing. For checking if an array has a key set this can come in handy though, examples:

                  4c79b5
                  4c79b5
                  	

                  // Wrong

                  4c79b5
                  	
                  4c79b5
                  if ($forum) ...
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  // Right

                  4c79b5
                  	
                  4c79b5
                  if (isset($forum)) ...
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  // Also possible

                  4c79b5
                  	
                  4c79b5
                  if (isset($forum) && $forum == 5)
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  The empty() function is useful if you want to check if a variable is not set or being empty (an empty string, 0 as an integer or string, NULL, false, an empty array or a variable declared, but without a value in a class). Therefore empty should be used in favor of isset($array) && sizeof($array) > 0 - this can be written in a shorter way as !empty($array).

                  4c79b5
                  4c79b5
                  	

                  Switch statements:

                  4c79b5
                  	

                  Switch/case code blocks can get a bit long sometimes. To have some level of notice and being in-line with the opening/closing brace requirement (where they are on the same line for better readability), this also applies to switch/case code blocks and the breaks. An example:

                  4c79b5
                  4c79b5
                  	

                  // Wrong

                  4c79b5
                  	
                  4c79b5
                  switch ($mode)
                  4c79b5
                  {
                  4c79b5
                  	case 'mode1':
                  4c79b5
                  		// I am doing something here
                  4c79b5
                  		break;
                  4c79b5
                  	case 'mode2':
                  4c79b5
                  		// I am doing something completely different here
                  4c79b5
                  		break;
                  4c79b5
                  }
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  // Good

                  4c79b5
                  	
                  4c79b5
                  switch ($mode)
                  4c79b5
                  {
                  4c79b5
                  	case 'mode1':
                  4c79b5
                  		// I am doing something here
                  4c79b5
                  	break;
                  4c79b5
                  4c79b5
                  	case 'mode2':
                  4c79b5
                  		// I am doing something completely different here
                  4c79b5
                  	break;
                  4c79b5
                  4c79b5
                  	default:
                  4c79b5
                  		// Always assume that a case was not caught
                  4c79b5
                  	break;
                  4c79b5
                  }
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  // Also good, if you have more code between the case and the break

                  4c79b5
                  	
                  4c79b5
                  switch ($mode)
                  4c79b5
                  {
                  4c79b5
                  	case 'mode1':
                  4c79b5
                  4c79b5
                  		// I am doing something here
                  4c79b5
                  4c79b5
                  	break;
                  4c79b5
                  4c79b5
                  	case 'mode2':
                  4c79b5
                  4c79b5
                  		// I am doing something completely different here
                  4c79b5
                  4c79b5
                  	break;
                  4c79b5
                  4c79b5
                  	default:
                  4c79b5
                  4c79b5
                  		// Always assume that a case was not caught
                  4c79b5
                  4c79b5
                  	break;
                  4c79b5
                  }
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  Even if the break for the default case is not needed, it is sometimes better to include it just for readability and completeness.

                  4c79b5
                  4c79b5
                  	

                  If no break is intended, please add a comment instead. An example:

                  4c79b5
                  4c79b5
                  	

                  // Example with no break

                  4c79b5
                  	
                  4c79b5
                  switch ($mode)
                  4c79b5
                  {
                  4c79b5
                  	case 'mode1':
                  4c79b5
                  4c79b5
                  		// I am doing something here
                  4c79b5
                  4c79b5
                  	// no break here
                  4c79b5
                  4c79b5
                  	case 'mode2':
                  4c79b5
                  4c79b5
                  		// I am doing something completely different here
                  4c79b5
                  4c79b5
                  	break;
                  4c79b5
                  4c79b5
                  	default:
                  4c79b5
                  4c79b5
                  		// Always assume that a case was not caught
                  4c79b5
                  4c79b5
                  	break;
                  4c79b5
                  }
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  2.iii. SQL/SQL Layout

                  4c79b5
                  4c79b5
                  	

                  Common SQL Guidelines:

                  4c79b5
                  	

                  All SQL should be cross-DB compatible, if DB specific SQL is used alternatives must be provided which work on all supported DB's (MySQL3/4/5, MSSQL (7.0 and 2000), PostgreSQL (7.0+), Firebird, SQLite, Oracle8, ODBC (generalised if possible)).

                  4c79b5
                  	

                  All SQL commands should utilise the DataBase Abstraction Layer (DBAL)

                  4c79b5
                  4c79b5
                  	

                  SQL code layout:

                  4c79b5
                  	

                  SQL Statements are often unreadable without some formatting, since they tend to be big at times. Though the formatting of sql statements adds a lot to the readability of code. SQL statements should be formatted in the following way, basically writing keywords:

                  4c79b5
                  4c79b5
                  	
                  4c79b5
                  $sql = 'SELECT *
                  4c79b5
                  <-one tab->FROM ' . SOME_TABLE . '
                  4c79b5
                  <-one tab->WHERE a = 1
                  4c79b5
                  <-two tabs->AND (b = 2
                  4c79b5
                  <-three tabs->OR b = 3)
                  4c79b5
                  <-one tab->ORDER BY b';
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  Here the example with the tabs applied:

                  4c79b5
                  4c79b5
                  	
                  4c79b5
                  $sql = 'SELECT *
                  4c79b5
                  	FROM ' . SOME_TABLE . '
                  4c79b5
                  	WHERE a = 1
                  4c79b5
                  		AND (b = 2
                  4c79b5
                  			OR b = 3)
                  4c79b5
                  	ORDER BY b';
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  SQL Quotes:

                  4c79b5
                  	

                  Double quotes where applicable (The variables in these examples are typecasted to integers before) ... examples:

                  4c79b5
                  4c79b5
                  	

                  // These are wrong.

                  4c79b5
                  	
                  4c79b5
                  "UPDATE " . SOME_TABLE . " SET something = something_else WHERE a = $b";
                  4c79b5
                  4c79b5
                  'UPDATE ' . SOME_TABLE . ' SET something = ' . $user_id . ' WHERE a = ' . $something;
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  // These are right.

                  4c79b5
                  4c79b5
                  	
                  4c79b5
                  'UPDATE ' . SOME_TABLE . " SET something = something_else WHERE a = $b";
                  4c79b5
                  4c79b5
                  'UPDATE ' . SOME_TABLE . " SET something = $user_id WHERE a = $something";
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  In other words use single quotes where no variable substitution is required or where the variable involved shouldn't appear within double quotes. Otherwise use double quotes.

                  4c79b5
                  4c79b5
                  	

                  Avoid DB specific SQL:

                  4c79b5
                  	

                  The "not equals operator", as defined by the SQL:2003 standard, is "<>"

                  4c79b5
                  4c79b5
                  	

                  // This is wrong.

                  4c79b5
                  	
                  4c79b5
                  $sql = 'SELECT *
                  4c79b5
                  	FROM ' . SOME_TABLE . '
                  4c79b5
                  	WHERE a != 2';
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  // This is right.

                  4c79b5
                  	
                  4c79b5
                  $sql = 'SELECT *
                  4c79b5
                  	FROM ' . SOME_TABLE . '
                  4c79b5
                  	WHERE a <> 2';
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  Common DBAL methods:

                  4c79b5
                  4c79b5
                  	

                  sql_escape():

                  4c79b5
                  4c79b5
                  	

                  Always use $db->sql_escape() if you need to check for a string within an SQL statement (even if you are sure the variable cannot contain single quotes - never trust your input), for example:

                  4c79b5
                  4c79b5
                  	
                  4c79b5
                  $sql = 'SELECT *
                  4c79b5
                  	FROM ' . SOME_TABLE . "
                  4c79b5
                  	WHERE username = '" . $db->sql_escape($username) . "'";
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  sql_query_limit():

                  4c79b5
                  4c79b5
                  	

                  We do not add limit statements to the sql query, but instead use $db->sql_query_limit(). You basically pass the query, the total number of lines to retrieve and the offset.

                  4c79b5
                  4c79b5
                  	

                  Note: Since Oracle handles limits differently and because of how we implemented this handling you need to take special care if you use sql_query_limit with an sql query retrieving data from more than one table.

                  4c79b5
                  4c79b5
                  	

                  Make sure when using something like "SELECT x.*, y.jars" that there is not a column named jars in x; make sure that there is no overlap between an implicit column and the explicit columns.

                  4c79b5
                  4c79b5
                  	

                  sql_build_array():

                  4c79b5
                  4c79b5
                  	

                  If you need to UPDATE or INSERT data, make use of the $db->sql_build_array() function. This function already escapes strings and checks other types, so there is no need to do this here. The data to be inserted should go into an array - $sql_ary - or directly within the statement if one or two variables needs to be inserted/updated. An example of an insert statement would be:

                  4c79b5
                  4c79b5
                  	
                  4c79b5
                  $sql_ary = array(
                  4c79b5
                  	'somedata'		=> $my_string,
                  4c79b5
                  	'otherdata'		=> $an_int,
                  4c79b5
                  	'moredata'		=> $another_int
                  4c79b5
                  );
                  4c79b5
                  4c79b5
                  $db->sql_query('INSERT INTO ' . SOME_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  To complete the example, this is how an update statement would look like:

                  4c79b5
                  4c79b5
                  	
                  4c79b5
                  $sql_ary = array(
                  4c79b5
                  	'somedata'		=> $my_string,
                  4c79b5
                  	'otherdata'		=> $an_int,
                  4c79b5
                  	'moredata'		=> $another_int
                  4c79b5
                  );
                  4c79b5
                  4c79b5
                  $sql = 'UPDATE ' . SOME_TABLE . '
                  4c79b5
                  	SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
                  4c79b5
                  	WHERE user_id = ' . (int) $user_id;
                  4c79b5
                  $db->sql_query($sql);
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  The $db->sql_build_array() function supports the following modes: INSERT (example above), INSERT_SELECT (building query for INSERT INTO table (...) SELECT value, column ... statements), UPDATE (example above) and SELECT (for building WHERE statement [AND logic]).

                  4c79b5
                  4c79b5
                  	

                  sql_multi_insert():

                  4c79b5
                  4c79b5
                  	

                  If you want to insert multiple statements at once, please use the separate sql_multi_insert() method. An example:

                  4c79b5
                  4c79b5
                  	
                  4c79b5
                  $sql_ary = array();
                  4c79b5
                  4c79b5
                  $sql_ary[] = array(
                  4c79b5
                  	'somedata'		=> $my_string_1,
                  4c79b5
                  	'otherdata'		=> $an_int_1,
                  4c79b5
                  	'moredata'		=> $another_int_1,
                  4c79b5
                  );
                  4c79b5
                  4c79b5
                  $sql_ary[] = array(
                  4c79b5
                  	'somedata'		=> $my_string_2,
                  4c79b5
                  	'otherdata'		=> $an_int_2,
                  4c79b5
                  	'moredata'		=> $another_int_2,
                  4c79b5
                  );
                  4c79b5
                  4c79b5
                  $db->sql_multi_insert(SOME_TABLE, $sql_ary);
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  sql_in_set():

                  4c79b5
                  4c79b5
                  	

                  The $db->sql_in_set() function should be used for building IN () and NOT IN () constructs. Since (specifically) MySQL tend to be faster if for one value to be compared the = and <> operator is used, we let the DBAL decide what to do. A typical example of doing a positive match against a number of values would be:

                  4c79b5
                  4c79b5
                  	
                  4c79b5
                  $sql = 'SELECT *
                  4c79b5
                  	FROM ' . FORUMS_TABLE . '
                  4c79b5
                  	WHERE ' . $db->sql_in_set('forum_id', $forum_ids);
                  4c79b5
                  $db->sql_query($sql);
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  Based on the number of values in $forum_ids, the query can look differently.

                  4c79b5
                  4c79b5
                  	

                  // SQL Statement if $forum_ids = array(1, 2, 3);

                  4c79b5
                  4c79b5
                  	
                  4c79b5
                  SELECT FROM phpbb_forums WHERE forum_id IN (1, 2, 3)
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  // SQL Statement if $forum_ids = array(1) or $forum_ids = 1

                  4c79b5
                  4c79b5
                  	
                  4c79b5
                  SELECT FROM phpbb_forums WHERE forum_id = 1
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  Of course the same is possible for doing a negative match against a number of values:

                  4c79b5
                  4c79b5
                  	
                  4c79b5
                  $sql = 'SELECT *
                  4c79b5
                  	FROM ' . FORUMS_TABLE . '
                  4c79b5
                  	WHERE ' . $db->sql_in_set('forum_id', $forum_ids, true);
                  4c79b5
                  $db->sql_query($sql);
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  Based on the number of values in $forum_ids, the query can look differently here too.

                  4c79b5
                  4c79b5
                  	

                  // SQL Statement if $forum_ids = array(1, 2, 3);

                  4c79b5
                  4c79b5
                  	
                  4c79b5
                  SELECT FROM phpbb_forums WHERE forum_id NOT IN (1, 2, 3)
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  // SQL Statement if $forum_ids = array(1) or $forum_ids = 1

                  4c79b5
                  4c79b5
                  	
                  4c79b5
                  SELECT FROM phpbb_forums WHERE forum_id <> 1
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  If the given array is empty, an error will be produced.

                  4c79b5
                  4c79b5
                  	

                  sql_build_query():

                  4c79b5
                  4c79b5
                  	

                  The $db->sql_build_query() function is responsible for building sql statements for select and select distinct queries if you need to JOIN on more than one table or retrieving data from more than one table while doing a JOIN. This needs to be used to make sure the resulting statement is working on all supported db's. Instead of explaining every possible combination, i will give a short example:

                  4c79b5
                  4c79b5
                  	
                  4c79b5
                  $sql_array = array(
                  4c79b5
                  	'SELECT'	=> 'f.*, ft.mark_time',
                  4c79b5
                  4c79b5
                  	'FROM'		=> array(
                  4c79b5
                  		FORUMS_WATCH_TABLE	=> 'fw',
                  4c79b5
                  		FORUMS_TABLE		=> 'f'
                  4c79b5
                  	),
                  4c79b5
                  4c79b5
                  	'LEFT_JOIN'	=> array(
                  4c79b5
                  		array(
                  4c79b5
                  			'FROM'	=> array(FORUMS_TRACK_TABLE => 'ft'),
                  4c79b5
                  			'ON'	=> 'ft.user_id = ' . $user->data['user_id'] . ' AND ft.forum_id = f.forum_id'
                  4c79b5
                  		)
                  4c79b5
                  	),
                  4c79b5
                  4c79b5
                  	'WHERE'		=> 'fw.user_id = ' . $user->data['user_id'] . '
                  4c79b5
                  		AND f.forum_id = fw.forum_id',
                  4c79b5
                  4c79b5
                  	'ORDER_BY'	=> 'left_id'
                  4c79b5
                  );
                  4c79b5
                  4c79b5
                  $sql = $db->sql_build_query('SELECT', $sql_array);
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  The possible first parameter for sql_build_query() is SELECT or SELECT_DISTINCT. As you can see, the logic is pretty self-explaining. For the LEFT_JOIN key, just add another array if you want to join on to tables for example. The added benefit of using this construct is that you are able to easily build the query statement based on conditions - for example the above LEFT_JOIN is only necessary if server side topic tracking is enabled; a slight adjustement would be:

                  4c79b5
                  4c79b5
                  	
                  4c79b5
                  $sql_array = array(
                  4c79b5
                  	'SELECT'	=> 'f.*',
                  4c79b5
                  4c79b5
                  	'FROM'		=> array(
                  4c79b5
                  		FORUMS_WATCH_TABLE	=> 'fw',
                  4c79b5
                  		FORUMS_TABLE		=> 'f'
                  4c79b5
                  	),
                  4c79b5
                  4c79b5
                  	'WHERE'		=> 'fw.user_id = ' . $user->data['user_id'] . '
                  4c79b5
                  		AND f.forum_id = fw.forum_id',
                  4c79b5
                  4c79b5
                  	'ORDER_BY'	=> 'left_id'
                  4c79b5
                  );
                  4c79b5
                  4c79b5
                  if ($config['load_db_lastread'])
                  4c79b5
                  {
                  4c79b5
                  	$sql_array['LEFT_JOIN'] = array(
                  4c79b5
                  		array(
                  4c79b5
                  			'FROM'	=> array(FORUMS_TRACK_TABLE => 'ft'),
                  4c79b5
                  			'ON'	=> 'ft.user_id = ' . $user->data['user_id'] . ' AND ft.forum_id = f.forum_id'
                  4c79b5
                  		)
                  4c79b5
                  	);
                  4c79b5
                  4c79b5
                  	$sql_array['SELECT'] .= ', ft.mark_time ';
                  4c79b5
                  }
                  4c79b5
                  else
                  4c79b5
                  {
                  4c79b5
                  	// Here we read the cookie data
                  4c79b5
                  }
                  4c79b5
                  4c79b5
                  $sql = $db->sql_build_query('SELECT', $sql_array);
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  2.iv. Optimizations

                  4c79b5
                  4c79b5
                  	

                  Operations in loop definition:

                  4c79b5
                  	

                  Always try to optimize your loops if operations are going on at the comparing part, since this part is executed every time the loop is parsed through. For assignments a descriptive name should be chosen. Example:

                  4c79b5
                  4c79b5
                  	

                  // On every iteration the sizeof function is called

                  4c79b5
                  	
                  4c79b5
                  for ($i = 0; $i < sizeof($post_data); $i++)
                  4c79b5
                  {
                  4c79b5
                  	do_something();
                  4c79b5
                  }
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  // You are able to assign the (not changing) result within the loop itself

                  4c79b5
                  	
                  4c79b5
                  for ($i = 0, $size = sizeof($post_data); $i < $size; $i++)
                  4c79b5
                  {
                  4c79b5
                  	do_something();
                  4c79b5
                  }
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  Use of in_array():

                  4c79b5
                  	

                  Try to avoid using in_array() on huge arrays, and try to not place them into loops if the array to check consist of more than 20 entries. in_array() can be very time consuming and uses a lot of cpu processing time. For little checks it is not noticable, but if checked against a huge array within a loop those checks alone can be a bunch of seconds. If you need this functionality, try using isset() on the arrays keys instead, actually shifting the values into keys and vice versa. A call to isset($array[$var]) is a lot faster than in_array($var, array_keys($array)) for example.

                  4c79b5
                  4c79b5
                  4c79b5
                  	

                  2.v. General Guidelines

                  4c79b5
                  4c79b5
                  	

                  General things:

                  4c79b5
                  	

                  Never trust user input (this also applies to server variables as well as cookies).

                  4c79b5
                  	

                  Try to sanitize values returned from a function.

                  4c79b5
                  	

                  Try to sanitize given function variables within your function.

                  4c79b5
                  	

                  The auth class should be used for all authorisation checking.

                  4c79b5
                  	

                  No attempt should be made to remove any copyright information (either contained within the source or displayed interactively when the source is run/compiled), neither should the copyright information be altered in any way (it may be added to).

                  4c79b5
                  4c79b5
                  	

                  Variables:

                  4c79b5
                  	

                  Make use of the request_var() function for anything except for submit or single checking params.

                  4c79b5
                  	

                  The request_var function determines the type to set from the second parameter (which determines the default value too). If you need to get a scalar variable type, you need to tell this the request_var function explicitly. Examples:

                  4c79b5
                  4c79b5
                  	

                  // Old method, do not use it

                  4c79b5
                  	
                  4c79b5
                  $start = (isset($HTTP_GET_VARS['start'])) ? intval($HTTP_GET_VARS['start']) : intval($HTTP_POST_VARS['start']);
                  4c79b5
                  $submit = (isset($HTTP_POST_VARS['submit'])) ? true : false;
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  // Use request var and define a default variable (use the correct type)

                  4c79b5
                  	
                  4c79b5
                  $start = request_var('start', 0);
                  4c79b5
                  $submit = (isset($_POST['submit'])) ? true : false;
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  // $start is an int, the following use of request_var therefore is not allowed

                  4c79b5
                  	
                  4c79b5
                  $start = request_var('start', '0');
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  // Getting an array, keys are integers, value defaults to 0

                  4c79b5
                  	
                  4c79b5
                  $mark_array = request_var('mark', array(0));
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  // Getting an array, keys are strings, value defaults to 0

                  4c79b5
                  	
                  4c79b5
                  $action_ary = request_var('action', array('' => 0));
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  Login checks/redirection:

                  4c79b5
                  	

                  To show a forum login box use login_forum_box($forum_data), else use the login_box() function.

                  4c79b5
                  4c79b5
                  	

                  The login_box() function can have a redirect as the first parameter. As a thumb of rule, specify an empty string if you want to redirect to the users current location, else do not add the $SID to the redirect string (for example within the ucp/login we redirect to the board index because else the user would be redirected to the login screen).

                  4c79b5
                  4c79b5
                  	

                  Sensitive Operations:

                  4c79b5
                  	

                  For sensitive operations always let the user confirm the action. For the confirmation screens, make use of the confirm_box() function.

                  4c79b5
                  4c79b5
                  	

                  Altering Operations:

                  4c79b5
                  	

                  For operations altering the state of the database, for instance posting, always verify the form token, unless you are already using confirm_box(). To do so, make use of the add_form_key() and check_form_key() functions.

                  4c79b5
                  	
                  4c79b5
                  	add_form_key('my_form');
                  4c79b5
                  4c79b5
                  	if ($submit)
                  4c79b5
                  	{
                  4c79b5
                  		if (!check_form_key('my_form'))
                  4c79b5
                  		{
                  4c79b5
                  			trigger_error('FORM_INVALID');
                  4c79b5
                  		}
                  4c79b5
                  	}
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  The string passed to add_form_key() needs to match the string passed to check_form_key(). Another requirement for this to work correctly is that all forms include the {S_FORM_TOKEN} template variable.

                  4c79b5
                  4c79b5
                  4c79b5
                  	

                  Sessions:

                  4c79b5
                  	

                  Sessions should be initiated on each page, as near the top as possible using the following code:

                  4c79b5
                  4c79b5
                  	
                  4c79b5
                  $user->session_begin();
                  4c79b5
                  $auth->acl($user->data);
                  4c79b5
                  $user->setup();
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  The $user->setup() call can be used to pass on additional language definition and a custom style (used in viewforum).

                  4c79b5
                  4c79b5
                  	

                  Errors and messages:

                  4c79b5
                  	

                  All messages/errors should be outputed by calling trigger_error() using the appropriate message type and language string. Example:

                  4c79b5
                  4c79b5
                  	
                  4c79b5
                  trigger_error('NO_FORUM');
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	
                  4c79b5
                  trigger_error($user->lang['NO_FORUM']);
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	
                  4c79b5
                  trigger_error('NO_MODE', E_USER_ERROR);
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  Url formatting

                  4c79b5
                  4c79b5
                  	

                  All urls pointing to internal files need to be prepended by the $phpbb_root_path variable. Within the administration control panel all urls pointing to internal files need to be prepended by the $phpbb_admin_path variable. This makes sure the path is always correct and users being able to just rename the admin folder and the acp still working as intended (though some links will fail and the code need to be slightly adjusted).

                  4c79b5
                  4c79b5
                  	

                  The append_sid() function from 2.0.x is available too, though does not handle url alterations automatically. Please have a look at the code documentation if you want to get more details on how to use append_sid(). A sample call to append_sid() can look like this:

                  4c79b5
                  4c79b5
                  	
                  4c79b5
                  append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=group&amp;g=' . $row['group_id'])
                  4c79b5
                  	
                  4c79b5
                  4c79b5
                  	

                  General function usage:

                  4c79b5
                  4c79b5
                  	

                  Some of these functions are only chosen over others because of personal preference and having no other benefit than to be consistant over the code.

                  4c79b5
                  4c79b5
                  	
                    4c79b5
                    		
                  • 4c79b5
                    			

                    Use sizeof instead of count

                    4c79b5
                    		
                    4c79b5
                    		
                  • 4c79b5
                    			

                    Use strpos instead of strstr

                    4c79b5
                    		
                    4c79b5
                    		
                  • 4c79b5
                    			

                    Use else if instead of elseif

                    4c79b5
                    		
                    4c79b5
                    		
                  • 4c79b5
                    			

                    Use false (lowercase) instead of FALSE

                    4c79b5
                    		
                    4c79b5
                    		
                  • 4c79b5
                    			

                    Use true (lowercase) instead of TRUE

                    4c79b5
                    		
                    4c79b5
                    	
                    4c79b5
                    4c79b5
                    	

                    Exiting

                    4c79b5
                    4c79b5
                    	

                    Your page should either call page_footer() in the end to trigger output through the template engine and terminate the script, or alternatively at least call the exit_handler(). That call is necessary because it provides a method for external applications embedding phpBB to be called at the end of the script.

                    4c79b5
                    4c79b5
                    		
                    4c79b5
                    4c79b5
                    		
                    4c79b5
                    4c79b5
                    		
                    4c79b5
                    	
                    4c79b5
                    4c79b5
                    	
                    4c79b5
                    4c79b5

                    3. Styling

                    4c79b5
                    	
                    4c79b5
                    		
                    4c79b5
                    4c79b5
                    		
                    4c79b5
                    	

                    3.i. Style Config Files

                    4c79b5
                    	

                    Style cfg files are simple name-value lists with the information necessary for installing a style. Similar cfg files exist for templates, themes and imagesets. These follow the same principle and will not be introduced individually. Styles can use installed components by using the required_theme/required_template/required_imageset entries. The important part of the style configuration file is assigning an unique name.

                    4c79b5
                    	
                    4c79b5
                            # General Information about this style
                    4c79b5
                            name = prosilver_duplicate
                    4c79b5
                            copyright = © phpBB Group, 2007
                    4c79b5
                            version = 3.0.3
                    4c79b5
                            required_template = prosilver
                    4c79b5
                            required_theme = prosilver
                    4c79b5
                            required_imageset = prosilver
                    4c79b5
                    	
                    4c79b5
                    	

                    3.2. General Styling Rules

                    4c79b5

                    Templates should be produced in a consistent manner. Where appropriate they should be based off an existing copy, e.g. index, viewforum or viewtopic (the combination of which implement a range of conditional and variable forms). Please also note that the intendation and coding guidelines also apply to templates where possible.

                    4c79b5
                    4c79b5

                    The outer table class forumline has gone and is replaced with tablebg.

                    4c79b5

                    When writing <table> the order <table class="" cellspacing="" cellpadding="" border="" align=""> creates consistency and allows everyone to easily see which table produces which "look". The same applies to most other tags for which additional parameters can be set, consistency is the major aim here.

                    4c79b5

                    Each block level element should be indented by one tab, same for tabular elements, e.g. <tr> <td> etc., whereby the intendiation of <table> and the following/ending <tr> should be on the same line. This applies not to div elements of course.

                    4c79b5

                    Don't use <span> more than is essential ... the CSS is such that text sizes are dependent on the parent class. So writing <span class="gensmall"><span class="gensmall">TEST</span></span> will result in very very small text. Similarly don't use span at all if another element can contain the class definition, e.g.

                    4c79b5
                    4c79b5
                    4c79b5
                    <td><span class="gensmall">TEST</span></td>