Bad Practices in JavaScript: Common Pitfalls and How to Avoid Them đźš«

Created by eneaslari 28/12/2024

javascript webdev

JavaScript is like the Swiss Army knife of web development—it’s everywhere, from tiny website features to massive, complex web apps. But with great power comes... well, the chance to make a mess! Its flexibility and loose rules make it super easy to use, but also super easy to misuse.

In this post, we’ll look at some common JavaScript mistakes, why they cause trouble, and, most importantly, how you can avoid them. Let’s dive in! 🚀

🚨 1. Global Variables Overuse

The Problem:
Global variables are accessible from anywhere in your code, which can lead to naming conflicts and unpredictable behavior.

Example: 

var globalVar = "I'm global!";

function example() {
    globalVar = "I was modified!";
}

Better Practice:
Use block-scoped variables (let, const) and limit the use of global variables. 

function example() {
    let localVar = "I'm local!";
}

Why?
Block-scoping ensures variables are only accessible where they are intended to be used.

🚨 2. Ignoring let and const (Using var)

The Problem:
var has function-scoping, which can cause unexpected behavior in loops and asynchronous code.

Example: 

for (var i = 0; i < 3; i++) {
    setTimeout(() => console.log(i), 1000);
}
// Output: 3, 3, 3

Better Practice:
Always prefer let or const. 

for (let i = 0; i < 3; i++) {
    setTimeout(() => console.log(i), 1000);
}
// Output: 0, 1, 2

Why?
let and const provide block-scoping and reduce unintended side effects.

🚨 3. Not Handling Errors Properly

The Problem:
JavaScript errors often get ignored, or exceptions are caught without meaningful action.

Example: 

try {
    riskyFunction();
} catch (e) {
    // Do nothing
}

Better Practice:
Handle errors gracefully and log them properly. 

try {
    riskyFunction();
} catch (e) {
    console.error("An error occurred:", e.message);
}

Why?
Proper error handling helps in debugging and makes your code more reliable.

🚨 4. Using == Instead of ===

The Problem:
The loose equality operator (==) can lead to unexpected type coercion.

Example: 

console.log(0 == "0"); // true
console.log(false == ""); // true

Better Practice:
Always use strict equality (===). 

console.log(0 === "0"); // false
console.log(false === ""); // false

Why?
Strict equality avoids implicit type conversions.

🚨 5. Writing Unreadable Code

The Problem:
Code that lacks proper formatting, comments, or meaningful variable names is hard to maintain.

Example: 

let x = 5, y = 10; if(x > y){x = y;}

Better Practice:
Use proper indentation, naming conventions, and comments. 

let maxScore = 5;
let currentScore = 10;

if (maxScore > currentScore) {
    maxScore = currentScore;
}

Why?
Readable code is easier to debug and collaborate on.

🚨 6. Not Using async/await Properly

The Problem:
Mixing async/await with .then() can lead to confusion.

Example: 

async function fetchData() {
    return fetch('https://api.example.com').then(res => res.json());
}

Better Practice:
Use async/await consistently. 

async function fetchData() {
    const res = await fetch('https://api.example.com');
    return await res.json();
}

Why?
Cleaner syntax and easier error handling.

🚨 7. Hardcoding Values

The Problem:
Using hardcoded values can make your code brittle and hard to update.

Example: 

if (userRole === "admin") {
    // Do something
}

Better Practice:
Use constants or configuration files. 

const ROLES = {
    ADMIN: "admin",
    USER: "user"
};

if (userRole === ROLES.ADMIN) {
    // Do something
}

Why?
Easier to update and maintain.

🚨 8. Ignoring Security Best Practices

The Problem:
Not validating user input, exposing sensitive data, or allowing cross-site scripting (XSS) vulnerabilities.

Example: 

const userInput = "<script>alert('Hacked!')</script>";
document.body.innerHTML = userInput;

Better Practice:
Sanitize user inputs and avoid directly injecting them into the DOM. 

const safeInput = userInput.replace(/</g, "&lt;").replace(/>/g, "&gt;");
document.body.innerText = safeInput;

Why?
Protects your application from malicious attacks.

🚨 Conclusion

Bad practices in JavaScript are common, but they can be avoided with proper knowledge and discipline. By following these best practices, you’ll write cleaner, more efficient, and more secure code.

🛠️ Remember: The key to becoming a better developer is constant learning and self-review.

What other JavaScript bad practices have you encountered? Share your thoughts in the comments! 🚀

Happy coding! 💻✨

More to read


Designing Fun and Engaging Levels for My Space-Themed Match-3 Game
8/2/2025

Designing levels for my space-themed match-3 game has been a journey of balancing **fun, challenge, and variety**. In this article, I share my experience with **creating engaging puzzles, managing difficulty, and keeping gameplay fresh**. From playtesting to strategic layouts, these insights shape my approach to making levels that players will love. 🚀

From Burnout to Balance: Rediscovering Energy in Game Dev, Fitness, and Life
7/2/2025

A reflection on how burnout, illness, and lost momentum forced me to rethink my approach to productivity, motivation, and balance. Now, I’m refactoring my life—one habit at a time—to rebuild my energy without falling into the same cycle again.

New Year, New Code: My Developer Resolutions for the Year
29/12/2024

In this blog post, I share my New Year's resolutions as a developer: posting more about my work on social media, writing more articles, and finally finishing and publishing a game. Plus, I offer practical tips on setting realistic and achievable goals to help fellow developers kick off the year with purpose!

Bad Practices in JavaScript: Common Pitfalls and How to Avoid Them đźš«
28/12/2024

JavaScript is like the Swiss Army knife of web development—it’s everywhere, from tiny website features to massive, complex web apps. But with great power comes... well, the chance to make a mess! Its flexibility and loose rules make it super easy to use, but also super easy to misuse.