CAcert coding practices:
Code must be in the following style:
{{{<?
- if($var['subvar'] == 'fred') {
DoSomething();
?>}}}
Where possible use single quotes, followed by double quotes, single quotes don't need to be parsed by php so it speeds things up. Also, if you need to utilise arrays inside a string, do the following:
$query = "SELECT id from users where email='${user['email']}'";
If you need to send user input to the database, always use mysql_real_escape_string() function.
Always use back ticks inside mysql queries, if new functions are added to mysql, or stored procedures are added this should prevent any scripts from breaking.
Always use mysql_fetch_assoc() where possible, as it's more efficient.