We generally focus on two major concepts:
- Has it been built using general software/web development best practices?
- How advanced was the developer’s Drupal-specific expertise?
Now, without further ado, here is a “Top 10” list of things we look for:
1.) The document root of the site contains files that did not come pre-installed with Drupal.
2.) Core Drupal modules have been modified (the hacked! module can be used to identify if your modules have been modified).
3.) General sloppiness in custom code (stuff commented out rather than deleted, messy formatting, lack of coherent comments). Basically, the developer(s) did not adhere to Drupal’s coding standards.
4.) Excessive use of ‘!important’ or negative margins in the CSS.
6.) Lots of unused modules, remnants of testing, etc.
7.) Excessive use of any one feature of Drupal (e.g. if there are thousands of blocks, or dozens of content types, or lots of one kind of template file with only slight differences).
8.) Use of obscure contributed modules, often for things they weren’t really intended for.
9.) Unorthodox or sloppy use of Views (such as embedding lots of PHP code), or even worse, avoiding views altogether and using static content or custom queries instead.
10.) Anything that looks like a workaround (e.g. something that could have been done much more simply if the developer was more familiar with Drupal).
Obviously, this is just a smattering of issues that you could look at. Feel free to join the fun and add your comments/suggestions.