Chapter 12: Additional Considerations

This chapter is part of the Drupal Module Developer Guide.

This chapter introduces additional best practices that module developers should be aware of, including the Drupal coding standards, tips for writing secure code, and tools the community uses to help ensure consistent code quality and standards.

Tutorials in this course
Categories
Drupal 8, 9, 10, and 11
More information

In the world of Drupal development, ensuring the security of custom code is paramount. Drupal's security standards and features offer a robust foundation, but developers must also adhere to security best practices to safeguard against vulnerabilities. From sanitizing output to prevent cross-site scripting (XSS) attacks to using Drupal's database abstraction layer to avert SQL injection, Drupal empowers developers to write secure code. But it's still up to you, the developer, to do so.

In this tutorial, we'll:

  • Provide an overview of these practices.
  • Introduces additional resources to increase your security expertise.

By the end of this tutorial, you should be able to articulate some of the common security risks and mitigation strategies for Drupal modules.

Categories
Drupal 8, 9, 10, and 11
More information

Coding standards are vital in collaborative environments like Drupal. These guidelines ensure consistency, readability, and maintainability of the codebase. Drupal has its own coding standards that outline best practices and formatting guidelines, promote code quality, simplify code reviews, and enhance the project's overall health.

In this tutorial, we'll:

  • Explore the use of coding standards in Drupal.
  • Highlight basic practices and sources for detailed information.

By the end of this tutorial you should be able to explain why coding standards are important and where to find more info about Drupal's coding standards.

Categories
Drupal 8, 9, 10, and 11
More information

Tools like PHP_Codesniffer (phpcs) can be used to help ensure your code adheres to Drupal's coding standards. As a module developer, you should use phpcs and its Drupal-specific rule sets on all custom module code.

In this tutorial, we'll:

  • Learn about PHP_Codesniffer (phpcs).
  • Install PHP_Codesniffer and the Drupal-specific rules.
  • Use phpcs to lint our custom code.

By the end of this tutorial, you should be able to use PHP_Codesniffer to help automate the process of adhering to Drupal's coding standards.

Categories
Drupal 8, 9, 10, and 11
More information

Update hooks in Drupal are used for executing database updates or applying configuration changes during module updates. They ensure these changes occur once and in the correct order.

In this tutorial, we'll:

  • Explore the purpose of update hooks.
  • Learn how to implement update hooks for database updates or configuration changes.

By the end of this tutorial, you should be able to understand the use case for update hooks and know how to get started implementing one.

This course appears in the following guides:
Module Development
Learn Drupal module development in this hands-on guide.

Drupal Module Developer Guide