We did 15 Drupal cases -may be much more- perfectly, but without following Drupal standards, I know it was secure, but not matching the security standards that Drupal are targeting, so it may be late but not so far to follow the Global Standards…
Generating a theme : There is a desktop application called “Artisteer” that enables you to generate Wordpress, Drupal, DotNetNuke and Joomla themes but it is not free softwar.
After reading this document including the links you will be able to write your own drupal modules.
Drupal coding standards: (http://drupal.org/coding-standards)
Indent, variables and methods names, methods calling, coding comments should be also standard,
Any updates in drupal code should have a comment about the change with Arkdev keyword, and comment the old code, For example.
The old code
print $var;
The new code after the edits should be..
//Arkdev, Print the new variable instead of $var
//print $var;
print $new_var;
 
 
Draupal training (With the assistance of Nabil and Heidi, And will held a session for this)
1- Introduction to Drupal as a CMS.
2- Drupal Installation:
a)      Installing Wampserver.
b)      Create New Drupal Website.
c)       Creating Roles.
d)      List of commonly used Modules.
a.       CCK
b.      Pathauto
c.       Image field
d.      Filefield
e.      Tokens
f.        backup_migrate
g.       contemplate
h.      nodewords
 
e)      Adding permissions to the Roles.
f)       Configure the modules.
Clean URL, .htaccess edits, Server configurations and backup_migrate to backup the DB every day, keep recent 10.
g)      Applying an html Theme to a Drupal site.
h)      Configuration Class
EX:
Class Config {
  $ADMINISTRATION_NODE_ID = 12;
                                  $NEWS_NODE_ID = 12;
}
And use this class instead of writing the node id directly inside the files.
i)        Creating Content Types, Templates, Fields, Pathauto (content_type_name/row_title_of_the_content_type Vs. only title_row)
j)        Queries Class.
 
EX:
Class QueryLoader{
  public function load_news_query(){
   return “select * from {node}”;
  }
}
And use this class to write all your project queries instead of writing any query inside any file else.
k)      Functions Class.
 
EX:
Class ServiceBean{
   Public function load_news (){
      //put your function code here
                                    }
}
And use this class to write all your project business or html print.
 
l)        General project structure:
 

 
Writing secure code (http://drupal.org/writing-secure-code)
The last thing we need is to write a non-secured code, all forms shouldn’t be formed as normal HTML code included to the system, rather we should use the Drupal Form API
                http://api.drupal.org/api/drupal/developer--topics--forms_api_reference.html/6
                http://drupal.org/node/751826
 
We shouldn’t print any input from users in a trusted way, instead send it to the t() or check_plain() methods.
Also the submitted values we MUST not use it as is,
E.g. don’t make query like this
db_query(”SELECT nid FROM {node} where type = ‘”.$_POST[“type”].”’ ”);
Use instead
db_query(”SELECT nid FROM {node} where type = ‘%s’ ”, $_POST[“type”]);
 
Read http://drupal.org/node/101495 for more information about the severity of the SQL injection.
 
We are investigating now the recommended IDE to be used in Drupal and PHP cases, till now we have 3 options we still weighed them up before taking the action (CodeLobster, NetBeans with Drupal Plugin, and Eclipse)
 
Next Step is “How to create your own module…”