Views Table Manager

I'm not really clear on what this module does or what it's for. Any chance you could post a screenshot?

Looks pretty nifty and definitely a useful feature.

I would like this module to get a review from someone on the usability team, as the clicky icons seem very small and unclear to me. I think we need then to be more self-explanatory and more in the Drupal visual idiom.

I'm also not sure the name is right... but I have no better suggestions, so that one I'll just ponder some more.

Quick code review:

- run your project through Coder. It will pick up things like...
- missing docblock on functions
- incorrect formatting of docblocks
- spacing on if () {} statements
- missing newline at end of files

also:
- $Id$ is surplus, *especially* if it claims you are merlinofchaos!
- don't put author credit in code

There's a lot of fine toothcomb stuff to clean up here. :/

function views_table_manager_user($op, &$edit, &$account, $category = NULL) {
	if($op == "delete") {
	  global $user;

I see a bug here. What will happen when an admin deletes a user account?

More architectural stuff...

- why all the include files? The standard pattern is MODULE.pages.inc and MODULE.admin.inc.

- JS files. You should look at the Drupal JS API. And again, I'm not sure why you need so many JS files.

- beautytips -- is this an external library? Have you read the policy on these?

First, sorry it's taken so long to get to this review.

It appears you are working in the "master" branch in git. You should really be working in a version specific branch. Please see the documentation about release naming conventions and creating a branch in git.

The .buildpath, .project, .settings, and .views_table_manager.info.swp should all be removed from git.

The $_POST interactions are all vulnerable to CSRF - see http://drupalscout.com/knowledge-base/protecting-your-drupal-module-agai... for details on how to avoid that. That's a pretty big change. I didn't review beyond that because your code will likely change a lot as you address it.

To be more specific, an example of a function that is vulnerable to CSRF is views_table_manager_save_cols_layout

Pre greggles recent comments, this needs work.

The applicant has been contacted to ask if the application is abandoned.

After ten weeks with a status of needs work: the applicant may be contacted by a reviewer to determine whether the application was indeed abandoned. The action taken by the reviewer should be documented in the project application issue.

http://drupal.org/node/894256

@drob1nson answered that this application should still be active.

The applicant has again been contacted to ask if the application is abandoned.

This is abandoned.