You are on page 1of 31

Common Coding Defects

FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3

Agenda

Baby defects
Web Applications Common Defects

FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3

Baby Defects (1)


Do not string concatenated in loop, use
StringBuffer instead
//Wrong example:
String stNumber = "";
for(i=0; i<100; i++) {
stNumber = stNumber + i;
}
// Correct one
StringBuffer stBuf = new StringBuffer();
for(i=0; i<100; i++) {
stNumber.append(i);
}
String stNumber = stBuf.toString();
FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3

Baby Defects (2)


Do not get size of array in for statements condition
// Wrong example:
for(i=0; i<arrTemp.size(); i++) {
// do smt here

// Correct answer:
int intSize = arrTemp.size();
f or(i=0; i<intSize; i++) {
// do smt here
}
FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3

Baby Defects (3)


Compare a string with a constant, always call equals function from
constant to avoid null pointer exception error.

// Wrong example: :
if(stVariable.equals()){
// do smt here

// Correct answer:
int intSize = arrTemp.size();
if(.equals(stVariable){
// do smt here
}
FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3

Baby Defects (4)


Avoid select from database to check for existing of values in a loop,
this will increase system performance.

// Wrong :
for(i=0; i<intSize; i++){
// select database to check here

// Select database, put to a HastTable object or List object.


Remember Hastable object do not allow duplicate value :

for(i=0; i<intSize; i++){


// select the HastTable to check here
}
FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3

Baby Defects (5)


Do not create object in loop.

// Wrong :
for(i=0; i<intSize; i++){
TableRow objTable = (TableRow) vtResult.getElementAt(i);
// do smt here

// Correct:
TableRow objTable = null;

for(i=0; i<intSize; i++){


objTable = (TableRow) vtResult.getElementAt(i);
// do smt here
}
FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3

Baby Defects (6)


Use toString() function instead of typecast.

// Wrong:
String stTemp = x==y ? : objABC.toString();

// Correct:
String stTemp = x==y ? : (String)objABC;

FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3

Baby Defects (7)


Redundant typecast

// Wrong:
String stTemp = Integer.toString(i);

// Correct:
String stTemp = + i;

FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3

Baby Defects (7)


Check for null before use objects to avoid null pointer exception

// Wrong:
String stAction = request.getAttribute("stAction").toString();

// Correct:
String stAction = request.getAttribute("stAction")==null ? ""
:request.getAttribute("stAction");

FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3

Baby defects (8)


public bool IsValidLogin(string userName, string password)
{
SqlConnection con = null;
SQL Injection (1)
SqlCommand cmd = null;
bool result = false;
Lack of checking for null value(1)
try {
con = new SqlConnection(DB_CONNECTION);
con.Open();
string cmdtext = string.Format("SELECT * FROM [Users] WHERE [Account]='{0}'
AND [Password]='{1}' , userName, password);
cmd = new SqlCommand(cmdtext);
SQL Performance Issue !!(2)
cmd.Connection = con;
cmd.CommandType = CommandType.Text;
result= cmd.ExecuteReader().HasRows;
cmd.Dispose();
con.Dispose();
return result;
}
Memory leak !! (2)
catch (SqlException)
{return false;}
}
}

FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3

Baby Defects(9)
Combine function calling and passing
parameters as the same time
Assign value of the called function to a temp variable
instead of pass it directly to the calling function, for
example, instead of:
a = func1(func2(func3, func4));
you can use three temp variables:
b=func(3);
c=func(4);
d=fun2(b,c);
a=fun1(d);
When you use the temp variable, the code are clearly, and
you can avoid the long line same as:
strReturn =
objDoc.SelectNodes(objNode.Attributes(objAttr.ChildNodes.Ite
m(0).ToString()));
FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3

Baby defects (10)


Hardcode constant

-Give a fixed value when you format data, for example:


dgrView.PageSize = 10;
-Fixed error message in code
strErr = "Error message here";
-The problem occurs when you should change these values. If
you put them in the constant file, you need change only one
time, if you fixed them, you'll be find and change anywhere
you have the fix value

FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3

Baby defects (11)

Method can not be tested


public void aMethod( object arg)
try {
\\ CODE BLOCK HERE
}

catch (Exception)
{
\\ DO NOTHING
}

FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3

Web Applications Common Defects


Common Defect 1
Alignment of fields, texts
Description
- The texts are not vertically left or right aligned.
- The fields are not vertically left and right aligned.
- All text should be left-justified
- All numeric fields are right-justified
Cause
There is no GUI template
Preventive action
Use CSS Style Sheet and GUI template

FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3

Web Applications Common Defects


Common Defect 2
Layouts in all pages
Description
All windows and dialog boxes don't have a consistent look and feel.
Following items are not the same:
- Font of text
- Color and Background
- Header and footer
- Size of Logo
- Date format
Cause
There is no GUI template
Preventive action
Use CSS Style Sheet and GUI template

FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3

Web Applications Common Defects


Common Defect 3
Symbol for mandatory fields
Description
There is no symbol for mandatory fields to remind users.
Cause
Coding careless
Preventive action
Use template

FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3

Web Applications Common Defects


Common Defect 4
The buttons don't have the same height and distances
Description
The height of buttons and the distances between them in a page and in
all pages are not the same
Cause
Graphic design
No GUI template
Preventive action
Use CSS Style Sheet and GUI template

FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3

Web Applications Common Defects


Common Defect 5
Data in combo box, list box
Description
Data in combo box/ list box is not sorted
Cause
Coding careless
Preventive action
Use checklist

FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3

Web Applications Common Defects


Common Defect 6
Different browses
Description
The layout in all required browses is not correctly (e.g. in Netscape, the
alignment, the distances, positions of images are not correct as in IE)
Cause
Non compatibility between IE , FireFox and Netscape
Preventive action
- Use CSS Style Sheet
- Should clarify earlier when we get the requirement from the customer
- Simple pages should be used more frequently

FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3

Web Applications Common Defects


Common Defect 7
Cannot move between fields by using Tab key and Shift +Tab keys
Description
Users cannot use Tab key to move to next enterable fields and Shift +
Tab keys to previous enterable fields.
Cause
Not set Tab index
Preventive action
Set Tab index

FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3

Web Applications Common Defects


Common Defect 8
Cursor location
Description
- The cursor is not located in the first enterable field when the screen is
opened.
- After an error message occurs, the focus does not return to the error
field.
Cause
Not focus on load
Preventive action
Set focus

FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3

Web Applications Common Defects


Common Defect 9
Images with links have blue borders
Description
Should hide the color of border of the image.
Cause
Coding
Preventive action
Set border properties = 0

FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3

Web Applications Common Defects


Common Defect 10
Incorrect links or the link does not work
Description
The links are not correctly. After clicking the links, error page or wrong
page is displayed.
Cause
Coding
Preventive action
- Use tool to test broken links
- Use global variables to control
- Directly links need to be coded by experienced developers

FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3

Web Applications Common Defects


Common Defect 11
Using mouse and keyboard
Description
In general, everything can be done using both the mouse and the
keyboard.
Cause
Not set focus
Preventive action
Set focus

FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3

Web Applications Common Defects


Common Defect 12
Error by input HTML tags, character '
Description
Should prevent errors when user inputs HTML tags or character ' in text
fields. HTML tags can destroy the layout.
Cause
Careless, un-experienced coding
Preventive action
Use HTML Encode, URL Encode and SQL Encode

FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3

Web Applications Common Defects


Common Defect 13
Start date is greater than End date
Description
The logic of date is not checked, user can type Start date greater than
End date, or From date is greater than To date
Cause
Careless, un-experienced coding
Preventive action
Use checklist

FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3

Web Applications Common Defects


Common Defect 14
Users can return to Web application after logout
Description
- Users can back to previous page after logout by clicking "Back" button
in Toolbars.
- When users logout, they cannot back to web application, and must
input username and password again to login
Cause
Un-experienced coding
Preventive action
- Set cache of page = 0
- Re-set session variables
- Check session to assure that it is still active at the beginning of the
page.
FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3

Web Applications Common Defects


Common Defect 15
Multiple users
Description
The application does not support many concurrent users as required.
Cause
Design/Coding
Preventive action
- Close connection immediately
- Optimize design, code
- Use tool to test

FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3

References
Refer Commons defects in attach folder

FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3

Q&A

FPT SOFTWARE TRAINING MATERIAL Internal use

04e-BM/NS/HDCV/FSOFT v2/3