Bad Coding Practices in Software Development

Monday, November 14, 2016

In any coding task, the best software development practices are a set of informal rules that the software development community has learned in time which could help boost the quality of the program. A lot of the computer program remains useful for far longer than the original authors imagined, some even up to forty years or more. That is why; any rules must facilitate initial development and subsequent enhancement and maintenance by people aside from the original authors.

Most of the time, software developers do the appropriate thing. On rare instances that they don’t, bad things could occur. We also know that this leads to several harmful changes such as changing project requirements, lack of programming style rules or standards, or lack of experience. Avoiding these bad coding practices could make the work easier and  the software more scalable and secure to boot. In the software programming and development field, the principle could be summarized by saying that most issues are caused by a few bad coding practices. Eliminating these poor coding practices can make the task more productive and much easier.  A properly structured code will be more productive to those who are trying to figure it out, understand it, identify where a block of code starts from and ends. As a result, following logic gets easier.

1. Poor Coding Practices

The following are the ten bad coding practices that could destroy any development project and must be avoided in order to create effective solutions.

1.1 Typos in the Code

Surprisingly, these are common and quite maddening since they have nothing to do with the software developers’ programming skill. Even so, a misspelled variable function or name could wreak havoc on cryptogram. Furthermore, it may not be easy to review the code. The solution would be to work in a good integrated development environment or IDE or a programmer-centric text editor that could significantly reduce errors. Another thing that could be done is to intentionally choose function and variable names which could be spelled easily, and thus easy to spot when misspelled. Refrain from using words like receive, which could be misspelled recieve without being obvious.

1.2 Failure to Modularize Cryptogram

It is a good practice to write functions that perform one thing and that thing alone. This helps them keep short and easy to comprehend and maintain. Long functions have a lot of possible paths through them, which make them harder to test. A good rule of thumb would be that one function must occupy no more space than one screen. Another if it contains ten or more ‘if’ loops or statements, then it is too complex and tangled control structure that is difficult, and unreadable, so that it  must be rewritten.

1.3 Hard-Coding Passwords

It is tempting to hardcode a secret password and account so one could get into the system later. But, this should not be done.  It is convenient,  for anyone to access the source code. The true issue is that a hard code string password eventually would be more widely known than intended. This makes it a big security risk, not to mention a very inconvenient fix. We need to take a step back from embedding data directly into the source code, making it harder to interpret.

1.4 Failure of Using Good Encryption for Data Protection

Sensitive data must be encrypted as it travels over the network. This is because it is vulnerable to interception when it does so. It is not only a wonderful idea but a regulatory requirement, if not the law. This means sending data in the clear is a ‘no, no.’ Writing one’s own encryption system is difficult, thus it is necessary to use a proven industry standard encryption library and correctly use it.

1.5 Not Being Able to Format or Indent

The indenting and otherwise formatting code makes it easier to comprehend at a glance and to see the errors. Moreover, it also makes it much easier for others to maintain it since it is presented in a consistent manner. When using an IDE that does not format the code automatically, consider running it via a code beautifier like Uncrustify. It would format it consistently based on the configured rules. We should stay up to date with upcoming software projects every now and then.

1.6 Unable to Think Ahead

A programmer should think things ahead, such as what the project is for, how much it is expected to scale, the number of users it would have and how fast it should run. The answers to these may not be available, but if one fails to make estimates, then it is impossible to select a suitable framework to develop the app that would be able to meet the requirements.

1.7 Letting the Ide Lure One Into a False Sense of Security

The IDEs and other tools which provide completion are great for productivity. They suggest variables as well as other things which are based on what is in scope, given what is being typed already. However, there is a danger with this kind of tool since a developer could choose something because it looks the same as one is expected without taking necessary effort to make sure that it is exactly what is needed. In essence, the device does the thinking, when a programmer, in fact, is making certain the thinking is correct. Nevertheless, there is a fine line to be drawn. The completion tools could help eliminate errors like typos and boot productivity.

1.8 Adding People for Making up for Time Lost

Almost each software project falls behind the given schedule. Adding people to the task to get it back on track will sound such a good idea in theory. Nevertheless, it is a common mistake. The fact is, adding new people to a task almost always results in a plunge in the overall productivity.

1.9 Prematurely Optimizing a Code Properly

Donald Knuth, a popular and legendary programmer said that programmers waste a great amount of time worrying, or thinking about the speed of now- vital parts of the programs. Moreover, these attempts at efficiency actually have a robust negative effect when maintenance and debugging are taken into consideration. Being clever with the process could make it run infinitesimally faster. However, it makes it much harder to maintain and to debug. A better strategy would be to write clearly and then get to work in any parts which truly need optimization in order to enhance performance.

1.10 Utilizing Known Bad Time Estimates

It is also important to avoid the temptation to imagine that one could catch up with the schedule later without adding people to a project. If one falls behind the schedule, it is because the estimates were wrong. This means one should make a new estimate of the project length, not stick to an estimate blindly, one that has been proven wrong already.

2. Summary

A professional software development company having certifications like CMMI Level 3 and Microsoft Gold Competency, follows standard processes for coding/development and quality assurance that ensures that any bad practices are avoided and best results are achieved.

 

Comments


Your comment is awaiting moderation.