1. HTTP/HTTPS, be carefully when you are developing an extension related to secured section. Always check secure mode and generate correct URL
2. Don’t copy/paste standard XML file from Internet, you will meet a number of random issues. For example, if your module don’t need admin router then don’t leave an admin router there, it will lead to some random issue for example auto redirect HTTP to HTTPS on your module.
3. Never get data from _GET or _POST, always get data from magento input data. If you don’t follow this rule, you will make ricks for the client site who using your extensions.
4. Always check module status and related component status before execute module block code (so when module is not activated – all module code are skipped completely)
5. New database table need to avoid name conflict with other extension by using prefix ob_
6. New XML layout need to avoid name conflict with other extension by using prefix ob_
7. Don’t use same router for front-end and admin (added Nov 2011)
8. Non-object issue : When you make a call to get an object – ALWAYS THINK if the result is doesn’t return an object in all case, then you need to check the result before making second call. Although this is a basic programming practice but in fact, Core Magento Code still have same mistake sometime. (added Dec 2012)
9. Use common CSS class/id name which may lead to layout compatible issues (added Dec 2012)
10. Lowercase and uppercase : For newbies and Window users, this become very popular. Window accept lowercase and uppercase function name as same but Linux understand them as different function
11. Templates folder should be named using prefix ob_
1. Folder, files permission – some Server are built with high security protection and default permission is very low (no read permission even) so it would be a good practice to make sure that you set correct permission for files (normally set 755)
2. Disable Magento complier. In the case, you can’t access backend then check includes/config.php and comment all lines manually
3. Make sure you enable magento cache. To do this, go to Admin -> System -> Cache Management
This is also an importance step that some customers missed. If the cache is disabled then magento can start setting up during uploading the extension files. Some importance files might have not uploaded yet and causes the system do setting up in wrong way.
4. Logout and login the backend again. Some customers leave this step so they get access denied or 404 error page when accessing the extension configuration panel.
5. Make sure that you are using administration account with full permission.
6. Should check if there is any extension overwrote some related core block/model (added Nov 2011)
7. If the extension work on Window box but on Linux Server then the problem might be lowercase/uppercase.
Good practice to follow
2. Use local.xml to control layout for whole templates
3. CSS Layout/box – use Margin instead of Padding because IE have a bug in W3C Model box (padding will be laid inside element in IE!!!)
Use prefix for all custom tables, custom layout, custom CSS id/class Use namespace company for all layout, templates and skin folder for your modules
5. Try-catch in important code : Sometime, you can’t predict all possible case/error so it is best to put a try/catch in important function/handler in production. Important features can be Observer functions, Front-end Block Class method, Model class methods
6. Create compilation.xml file with below code
for all backend modules