Programmers have to protect their program through defensive designing.
Their code has to be well maintained
Have to reduce number of bugs/errors
Think of all possible ways the user could misuse their program
Input Sanitisation is removing any unwanted characters before passing data through the program.
Input Validation is checking that the data entered meets a certain criteria before passing data through the program.
| Range Check | Checking that the data is within a certain range |
| Presence Check | Checking that the data has actually been entered |
| Check digit | Checking that the numerical values have been added correctly. |
| Look-Up-Table | Checking the data across a list of suitable values. |
| Format Check | Checking that the data is within the correct format |
| Length Check | Checking that the data is in the correct length |
Authentication is used in order to verify the user’s identity before they are allowed access. This can be verified through various ways such as: Passwords
You can:
- Force the User to only have strong passwords.
- Force the User to type in certain characters of their password
- Limit the number of failed authentication attempts before account is locked.
Code should be EASY TO MAINTIAN
COMMENTS – There should be comments all over your code in order to explain your code’s purpose to another developer/programmer. They should be well-written and clear.
INDENTATION – Your code should be indented to clearly sperate statements, makes the code easier to read and understand for developers/programmers.
VARIABLES – Your code cannot have a random name assigned to a variable or a subprogram such as ‘xyz’ or ‘newVariable’. Something such as ‘userName’ or ‘timeDelay’ would be much more easier to keep track of and understandable for developers/programmers.
Anshjeet Singh 