Code quality
Standards
Code - PHP, CSS and Javascript - should comply with the Drupal coding standards. Those can be easily checked with Coder.
Don't manually adjust automatically generated code, like some Features exports, that doesn't comply with the coding standards. Use a phpcs-ruleset.xml file to exclude them from coding standard checks.
Write comments
API documentation and comment standards help with documenting your code. It should be self-explanatory. Rather explain why things are done instead of what's done.
Secure your code
Read this nice page about writing secure Drupal code. You need to:
- Use check functions on output to prevent cross site scripting attacks
- Use the database abstraction layer to avoid SQL injection attacks
- Use db_rewrite_sql to respect node access restrictions
Make the interface translatable
All interface text should be translatable with default Drupal methodologies.
Make the interface accessible
Strive for WCAG 2.0 A compliance. Accessibility best practices can help with that.