Pinterest API [#1392060]

The Pinterest API module provides a way for a Drupal site to incorporate
Pinterest images, descriptions, and links. Currently it provides a single
Pinterest Block that can be configured to show the latest images a Pinterest
user has pinned.

See an example of its use here: http://www.onecraftyhome.com/

Project Page:
http://drupal.org/sandbox/mjwest10/1391340

Git Link:
git clone --branch master mjwest10@git.drupal.org:sandbox/mjwest10/1391340.git

This Module is currently only for Drupal 6

Comment	File	Size	Author
#6	pinterest_pareview.sh_results-2-22-2012.txt	2.56 KB	Anonymous (not verified)

Comments

Comment #1

patrickd commented 4 January 2012 at 09:36

welcome

It appears you are working in the "master" branch in git. You should really be working in a version specific branch. The most direct documentation on this is Moving from a master branch to a version branch. For additional resources please see the documentation about release naming conventions and creating a branch in git.
Review of the master branch:

./pinterest.module: all functions should be prefixed with your module/theme name to avoid name clashes. See http://drupal.org/node/318#naming
```
function fetch_pins_uninstall() {
```
Run coder to check your style, some issues were found (please check the Drupal coding standards). See link.
Drupal Code Sniffer has found some code style issues (please check the Drupal coding standards). See http://ventral.org/pareview/httpgitdrupalorgsandboxmjwest101391340git.

This automated report was generated with PAReview.sh, your friendly project application review script. You can also use the online version to check your project. Go and review some other project applications, so we can get back to yours sooner.

Comment #2

patrickd commented 4 January 2012 at 09:38

Status:

Needs review

» Needs work

fix at least

Switching to a version spec. branch
Use module name as function prefix

before switching back to needs review

Comment #3

mjwest10 commented 7 January 2012 at 16:05

Status:

Needs work

» Needs review

I made the changes suggested in the comments before. I also re-ran my module through the http://ventral.org/pareview/ site. Thanks for this great resource! I made all the changes it suggested as well - so I think we should be in good shape for another review. Thanks for taking the time to do this.

Comment #4

mjwest10 commented 23 January 2012 at 22:03

Priority:

Normal

» Major

Changing the Priority to major since this has been in "needs review" for over 2 weeks.

Comment #5

mjwest10 commented 6 February 2012 at 16:25

Priority:

Major

» Critical

Changing the priority to critical as its been 4 weeks of needs review at this point.

Comment #6

rlangille commented 22 February 2012 at 20:04

Status:

Needs review

» Needs work

Status	File	Size
new	pinterest_pareview.sh_results-2-22-2012.txt	2.56 KB

Overall, not bad, however there are a few security issues, and a few smaller issues that still need to be addressed.

First off, you need to sanitize all of the data you are retrieving and displaying.

Use check_url() on all of the links.
Use filter_xss() or check_markup() on the RSS content if markup is desired, or check_plain() if it is not.

Next up, you need to be sure that all strings presented to users are run through the t() function, including titles and descriptions provided by your module. (example at line 105 and 106 of pinterest.module).

I have also attached the results I received from pareview.sh, noting a few white-space and formatting issues, for your convenience.