A short article that might help your next code review..
Hi there (to be) programmer!
I guess you have already done some programming. Wrote a few pieces of code and marveled at its magic when done. Then you might just be ready for the next step. This step is to understand that programming is a language just like any other. Using it and mastering it takes time and effort.
While reading these sentences you might have noticed I am not a native English speaker and writer. Even though all the words are spelled correctly a native speaker will notice. Its the same with programming. In this article I want to address one of these 'give-a-ways.'
The quote usage...
Modern languages most of the time "don't care" which quotes you use. So using either the ' or the " quote is mostly up to taste and practicality. For instance to work around escapes in strings for instance. i.e. "Don't care" versus 'Don\'t care.'
In some languages on the other hand the quotes have a distinct meaning. In PHP for instance " will interpret $vars before returning the value. while ' are interpreted as a literal string, not interpreting $vars.
The quotes are always something nice to watch in a review. In some cases copy pasting code replaced the single quotes with ` (backticks). Not only will this not work, it might leave your code vulnerable. As the backtick in most languages will try to execute something in a shell. Consider $result = `$user_input`;.
In all cases its good to be aware on how to use the quotes and develop a consistent 'best practice' to follow; or in other words to develop a coding standard. This will not only help you to improve the quality of your code but will in some cases also make it saver, easier to read and thus easier to maintain.
I wish you happy reviewing and hope you now have something else to spot...
p.s. not verifying user input in the example above is obviously always a bad idea; and a great addition to your coding standards. And while your at it, do have a look at OWASP for more inspiration...