Static code analysis is the process of detecting errors and defects in software's source code.
Static analysis can be viewed as an automated code review process. Let's speak on the code review now.
Code review is one of the oldest and safest methods of defect detection. It deals with joint attentive reading of the source code and giving recommendations on how to improve it. This process reveals errors or code fragments that can become errors in future. It is also considered that the code's author should not give explanations on how a certain program part works. The program's execution algorithm should be clear directly from the program text and comments. If it is not so, the code needs improving.
I have recently gotten a web application from a nasty contractor who claimed to be a good expert in programming. Unfortunately, we believed him. Functional of the web application seemed to work okay at first glance. However, once the client started using application in the real conditions the things went bad. The contractor has gone after a payment, and I have gotten his errors to fix for a client.
I decided to document a few errors that I found along the way. These are errors that every good programmer should already know to avoid… but obviously some people need to be reminded about them.