Code Review

  • All unused "usings" are removed

  • Code is separated into correct layers (Presentation, Business, Data Layer)

  • Usage of \'out\' and \'ref\' keywords is avoided as recommended by Microsoft

  • Proper implementation of Exception Handling (try/catch and finally blocks) and logging of exceptions.

  • Comments are on top of all methods to describe their usage and expected input types and return type information.

  • Make sure there aren\'t any "Magic Numbers" in the code. Make Constants for these.

  • Sensitive information and passwords are encrypted

  • All input data is sanitized (especially user input, or exposed web service methods)

  • Confirm all database queries are using our most current accepted way of querying the database

  • Confirm resources are disposed of when not needed (file handles released when not needed, etc.)

  • The code checks for "null" whenever applicable

  • Code fragments are not duplicated when they could be pulled out into a common method/procedure (Dont Repeat Yourself) - Look for copy/pasted code as a red flag

  • Make sure reused values have one place they can be changed (Single Point Of Control)

  • Code is understandable and easily readable (are comments needed? are method names confusing? are variable names misleading?)

  • Similar values are put into Enums. (Status flags, Activity Types, Actions, etc.)

  • Check database isn\'t queried more than necessary. (Be suspicious of For Loops)

This checklist was created by gccook1

copy saved

copies saved