Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
The module integrates Yandex Share API with Drupal, which allows site visitors to share the material on social networks, blogs, etc.
Yadnex Share - development of popular Russian search engine Yandex. It adds a block to the page with links to social networks sites, blogs etc.
The module allow to full configurate the view of Yandex Share.
Features of the module:
- Two types of initsializaatsii (automatic and standard);
- Display button Yandex Share for certain materials;
- Display button Yandex Share in the teasers or full-nodes;
- Language settings, type settings, service list settings;
- Full control of settings of the standard initialization;
Link to project page: http://drupal.org/sandbox/Plazik/1222210
For Drupal 6.x at the moment.
Comment | File | Size | Author |
---|---|---|---|
Yandex Share settings.png | 166.88 KB | Plazik | |
yandexshare.png | 20.43 KB | Plazik |
Comments
Comment #1
ccardea CreditAttribution: ccardea commentedI just took a quick look at your project.
Licensing: no problems noted.
Module duplication: No duplication found.
Your .info file is missing a few items. Please check the module developers guide http://drupal.org/node/231036 and update the file. Make sure to change your project status to 'needs review' after you have made the changes.
This project still needs technical and security review.
The waiting time for a full review can be as long as 4-6 weeks. You can help to reduce the wait by contributing to the code review process. Please see http://groups.drupal.org/code-review for details on how to participate.
Comment #2
Plazik CreditAttribution: Plazik commentedThanks.
Added missing info in yandex_share.info
Comment #3
Plazik CreditAttribution: Plazik commented4 weeks have passed.
Comment #4
klausi* Remove all old CVS $Id tags from your files, not needed anymore
* Don't mix "Implements hook_xxx()" and "Implementation of hook_xxx()" in your doc blocks. Choose one.
* Are you sure you want to implement hook_init()? It is invoked on literally every page even if your module has nothing to do there.
* yandex_share_theme(): indentation errors, use 2 spaces everywhere.
* yandex_share_admin_settings(): doc block formatting is not correct, see http://drupal.org/node/1354#functions
* Remove the translations folder, translation is done on http://localize.drupal.org
Comment #5
Plazik CreditAttribution: Plazik commentedThanks for review. I rewrite my module.
Comment #6
klausiComment #7
Plazik CreditAttribution: Plazik commentedDone. Move to 6.x-1.x
Done in CHANGELOG.txt and yandex_share.admin.inc. Coder module didn't found any problems.
Done in all comments.
Done.
Done.
Done.
Done. Users can't be add new items into
$type, $services, $language
. I didn't sanitize it.$title, $url
sanitize bycheck_plain
andcheck_url
.Comment #8
sreynen CreditAttribution: sreynen commentedHi Plazik,
Please address these issues and set the status back to "needs review":
drupal_add_js("new Ya.share({\n element: 'ya_share" . $id . "',\n l10n: '" . $language . "',\n elementStyle: {" . $text . $type_style . $border_style . $link_underline . $link_icon . "\n 'quickServices': ['" . $services_standart . "']\n },\n link: '" . $url . "',\n title: '" . $title . '\',' . $image . $description . "\n popupStyle: {\n blocks: {\n '" . $popup_text . "': ['" . $services_standart_popup . "'],\n }" . $copy_paste_field . $vdirection . "," . $code_for_blog . "\n },\n});", 'inline', 'footer');
This appears to include a JSON-formatted object. Rather than writing JSON out manually, which risks doing something wrong and also makes the code very difficult to read, you should put it in an object and use drupal_json() to format it as JSON. This will also allow you to take out a lot of the code before this, which is also formatting variables as JSON.
$output = '<div class="yashare-auto-init" data-yashareL10n="' . $language . '" data-yashareType="' . $type . '" data-yashareQuickServices="' . $services . '" data-yashareTitle="' . $title . '" data-yashareLink="' . $url .'"></div>';
You should be wrapping all these variables in check_plain().
$output = '<a href="' . $url . '" title="' . check_plain($title) . '" target="_blank">' . check_plain($title) . '</a>\'';
You should create this link HTML with the l() function.
Comment #9
Plazik CreditAttribution: Plazik commentedHi sreynen, thanks for review!
I used drupal_to_js() function because I need to inline code into HTML. drupal_json() doesn't work in this situations.
I already wrapping all variables which can be added by users early in the code. I think I don't need wrapping constant variables. Or not?
Done.
Comment #10
klausiComment #11
Plazik CreditAttribution: Plazik commentedOk, I used check_plain and check_url only in my theme functions for variables which can be added/change by users. I didn't use check_plain and check_url for variables which can't be added by users (i.e. node id, lang code, boolean variables etc.)
Done.
Comment #12
klausiReview of the 6.x-1.x branch:
This automated report was generated with PAReview.sh, your friendly project application review script. Please report any bugs to klausi.
manual review:
"'#options' => $node_types,": you must sanitize the node type labels here. a node type with the label
<script>alert('XSS');</script>
would result in a nasty javascript popup on your form. See also http://drupal.org/node/28984 the section about checkboxes. Sorry that I did not spot that earlier.Comment #13
Plazik CreditAttribution: Plazik commentedCoder 6.x-2.x-dev says:
Coder 7.x-1.0 says what I have to use "Implements hook_foo()."
I change "Implementation" to "Implements" and fixed dot.
Thanks. Done.
Comment #14
Plazik CreditAttribution: Plazik commentedComment #15
doitDave CreditAttribution: doitDave commentedChecked the code and tested functionality; found nothing to mention.
Just a general point: Your module name refers to yandex, but actually your plugin really enables sharing with a lot of SN. IMO, you should rethink naming of your module and change the project description as well. With very few changes you would provide a useful and universal social share module.
May I also suggest that you implement hook_block, now or later?
Then, last point: I did not check that myself now and I read comment #1, but are you really sure there is no duplication issue (since some other "social share" projects already exist)?
Just to clarify, I find your code tiny and easy to set up.
Comment #16
Plazik CreditAttribution: Plazik commentedThanks for review!
The module named Yandex Share because it does not provide manual sharing. It's just integrate Yandex Share API http://api.yandex.ru/share/doc/dg/concepts/share-button-ov.xml with Drupal. Exactly Yandex Share API enables sharing with a lof of sites. Like AddThis module integrate AddThis.com widget.
Which changes do you want?
I don't think about it but if you need it I may implement it.
But no one doesn't integrate Yandex Share API with Drupal. Yandex Share button also provide to automatic send statistic to Yandex Metrics (Drupal module) about user clicks in button (see http://clubs.ya.ru/metrika/replies.xml?item_no=3279)
I am planning to develop new features.
Comment #17
doitDave CreditAttribution: doitDave commentedAh, okay, so all the SN buttons are generated by this yandex api then? That confused me since I could simply click "tweet" without ever having registered with yandex. Ok.
I just mentioned the "block" feature because I have built a SN sharing module myself (unreleased), and it provides a simple "social share" block to put wherever it fits into a theme. Advantage is that you could add it anywhere and not just for nodes, e.g. on a views result page or so. I thought I'd mention it because you might receive such a feature request sooner or later anyway ;)
Comment #18
Plazik CreditAttribution: Plazik commentedYes, buttons are generated by Yandex.
Ok, I will implement hook_block soon.
Comment #19
beanluc CreditAttribution: beanluc commentedRegression reveals a little bit more new coding-style flaws:
This automated report was generated with PAReview.sh, your friendly project application review script. Go and review some other project applications, so we can get back to yours sooner.
Comment #20
Plazik CreditAttribution: Plazik commentedI implement hook_block.
Done.
Done.
I also change "Implements" to "Implementation" like Coder 6.x-2.x-dev says.
Comment #21
doitDave CreditAttribution: doitDave commentedAutomated review (Please keep in mind that this is primarily a high level check that does not replace but, after all, eases the review process. There is no guarantee that no other issues could show up in a more in-depth manual follow-up review.)
Review of the 6.x-1.x branch:
This automated report was generated with PAReview.sh, your friendly project application review script. Go and review some other project applications, so we can get back to yours sooner.
Manual additions:
HTH, dave
Comment #22
Plazik CreditAttribution: Plazik commentedThanks for review!
Done.
Yes, I'm sure. What's the problem?
Sorry, it's means "types of initialization".
Done.
Comment #23
patrickd CreditAttribution: patrickd commentedcoding style looks quite good so far
Review of the 6.x-1.x branch:
This automated report was generated with PAReview.sh, your friendly project application review script. Go and review some other project applications, so we can get back to yours sooner.
Source: http://ventral.org/pareview - PAReview.sh online service
Comment #24
Plazik CreditAttribution: Plazik commentedThanks patrickd for review!
Done.
Comment #25
patrickd CreditAttribution: patrickd commentedHi wanted to have a deeper look at your .module, but this is really hard because there are only a few comments and it's all very compressed.
It would be much easer if you split big code blocks into smaller ones (depending on the functionality of the segment) and describing a little more in detail what you do and especially why your doing it.
Rather too much comments then too few ;-)
the variable_del function does the following:
db_query("DELETE FROM {variable} WHERE name = '%s'", $name);
So you have to specifiy the deletion of each variable used in your code!
This
variable_del('yandex_share');
is not enough.Comment #26
MiSc CreditAttribution: MiSc commented@Plazik has been contacted to ask if the application is abandoned.
http://drupal.org/node/894256
Comment #27
Plazik CreditAttribution: Plazik commentedI will upload a new version of the module soon.
Comment #28
klausiClosing due to lack of activity. Feel free to reopen if you are still working on this application.