Skip to content

Instantly share code, notes, and snippets.

@sostenesapollo

sostenesapollo/refactor-ideas.md

Last active February 1, 2023 21:36
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save sostenesapollo/f515d8fce18414fd98ca449136694b45 to your computer and use it in GitHub Desktop.
Save sostenesapollo/f515d8fce18414fd98ca449136694b45 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
refactor-ideas.md

ref. https://gist.github.com/silverark/2fd88d03fddbe373fce87da80afdc3ce

Bad code

Line 22: This connection string should be global, and reusable for all the operations, and not recreated for every method

Line 22: It’s a really bad code practice to put the connection string inside the code, the common usage is to declare the variables inside a .env file for different environments, but never inside the code itself, The variables, user, password and dbname should not be public.

Line 23, 43: Should be avoided use select *, as unwanted fields would be returned, so a good practice would be to return just the needed fields

Line 26: Here we have vulnerability to sql injection as we are just passing a string to it directly, so would be great also to validate the possible values for the orderby and throw if it’s passeed an incorrect

Line 38: Comments for unused code should be removed, and we may have just code that is effectively being used.

Other ideas

  • Normally I prefer to use some ORM to avoid manipulation of the sql queries directly, and makes the code more readable, and often there’re some ORM’s that allow the easy switch between other databases
  • It seems the naming for the method OrderBYAndGetAll is not following the pattern, it would be great to use the By instead of BY
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment