Programming Pitfalls

Top Ten Mistakes a Programmer Can Make

Jessica Thornsby

Julian Bucknall has written down the big ten mistakes he expects every programmer to make.

Having a tough week at work? Chance are you’re not alone, as
Julian Bucknall has posted the top ten mistakes every programmer makes. Take a
look, and see if any of these pain-points sound familiar:

Code written for a compiler, not for a person.
It doesn’t make any difference to the compiler if you use more
human-readable identifiers, and chances are the extra time required
for the compiler to translate longer identifiers, is insignificant.
So, why not write code that a human being can read and understand?
It’s also worth remembering that not every programmer who comes
into contact with your code will know the precedence of operators,
so retaining needless – but useful – parentheses could save them a
lot of head-scratching.

Big routines. Long methods are typically
difficult to understand, maintain and test, as testing is a
function of the number of possible paths through a method.

Destructive optimism. This is the root of all
evil, according to scientist Donald Knuth. Write your code, profile
it and pinpoint the real bottlenecks, rather than overcomplicating
things by trying to solve problems that haven’t even occurred

Global variables. These are visible everywhere,
which means the developer has no control over how they’re changed
and accessed, and for Bucknall, therein lies the problem. A global
value may have a certain value before a call to a routine, and a
different one after you get control back. He reports the same
problem with singletons: their persistence makes them difficult to

Not making estimates. Taking into consideration
factors such as the number of simultaneous users, records and
response times, can make or break an application.

Off by one. Writing a loop with an index so
that the index is incremented either once too often or once too
little, resulting in a loop being traversed an incorrect number of
times. This can also cause a non-existent element of the array to
be accessed or written to, or an element to be missed

Suppressed exceptions. Bucknall believes that
exceptions can make for robust software, but programmers sometimes
make the mistake of being vague about the type of exception they
wish to catch, or catch all the exceptions and then ignore

Storing passwords in plain text.

Un-validated user input. Apps can now be used
by countless users simultaneously, thanks to the World Wide Web,
and there are no shortage of attacks that take advantage of this,
meaning it’s crucial to check user input. If an app does not
validate user input, SQL or HTML fragments could result in some
hacked SQ1 executing, or hacked HTML/JavaScript being produced.
“Always assume the user is a hacker trying to crash or take over
your application and validate or sanitise user input,” he

But, what’s the biggest mistake a programmer can make?
Not being up to date. Bucknall advises keeping on
top of all the latest techniques, technologies and trends, to make
your day-to-day development as pain free as possible.

comments powered by Disqus