Code Review
-
All unused "usings" are removed
-
Code is separated into correct layers (Presentation, Business, Data Layer)
-
Usage of \'out\' and \'ref\' keywords is avoided as recommended by Microsoft
-
Proper implementation of Exception Handling (try/catch and finally blocks) and logging of exceptions.
-
Comments are on top of all methods to describe their usage and expected input types and return type information.
-
Make sure there aren\'t any "Magic Numbers" in the code. Make Constants for these.
-
Sensitive information and passwords are encrypted
-
All input data is sanitized (especially user input, or exposed web service methods)
-
Confirm all database queries are using our most current accepted way of querying the database
-
Confirm resources are disposed of when not needed (file handles released when not needed, etc.)
-
The code checks for "null" whenever applicable
-
Code fragments are not duplicated when they could be pulled out into a common method/procedure (Dont Repeat Yourself) - Look for copy/pasted code as a red flag
-
Make sure reused values have one place they can be changed (Single Point Of Control)
-
Code is understandable and easily readable (are comments needed? are method names confusing? are variable names misleading?)
-
Similar values are put into Enums. (Status flags, Activity Types, Actions, etc.)
-
Check database isn\'t queried more than necessary. (Be suspicious of For Loops)