Code audit for a web service
Our customer, a first-string taxi company in France, had a platform developed for taxi parks and consisting of 4 different sites: for clients, for managing clients’ profiles, for taxi drivers and for dispatchers.
When the development was finished, the customer wished to ensure that the code quality was good and the platform would serve at least two years after its release, so for that reason they entrusted us with the full code audit.
Having installed the platform, we conducted the audit of PHP code, database and HTML / JS / CSS layout using not only our senior developer’s own experience, but also a set of special code analysis tools.
During the audit we discovered that, despite a good choice of the framework, most of its strong points – like performance and security – were not taken into account and benefited from in the course of development. As a result, the system could pass functional tests, however, if many people were to use it simultaneously, it would soon demonstrate low operation speed and a lack of security, with potential data leaks. The overall code quality was not sufficient and existing issues could not be fixed easily, so the further platform evolution would also be problematic.
Upon the completion of all our tests, Noveo provided the customer with a full report containing the description of the existing issues and comments on how they could be avoided, plus an automatic code analyzer report with thousands of error examples, which only confirmed our conclusions.
All things considered, we advised the customer to rewrite the platform from scratch using a new framework for better performance and security, while paying special attention to the quality of the code.
- Kohana PHP framework v. 3.2.2
- nWire Code Analyzer
- PHP Mess Detector
- PHP Copypast Detector
- dbForge DB Diagrams