Are You A Human

welcome

It appears you are working in the "master" branch in git. You should really be working in a version specific branch. The most direct documentation on this is Moving from a master branch to a version branch. For additional resources please see the documentation about release naming conventions and creating a branch in git.
Review of the master branch:

• Remove LICENSE.txt, it will be added by drupal.org packaging automatically.
• Remove "version" from the info file, it will be added by drupal.org packaging automatically.
• Drupal Code Sniffer has found some code style issues (please check the Drupal coding standards). See http://ventral.org/pareview/httpgitdrupalorgsandboxvaleriod1402602git.

This automated report was generated with PAReview.sh, your friendly project application review script. You can also use the online version to check your project. Go and review some other project applications, so we can get back to yours sooner.

Manual review of 7.x-1.x branch

1. In your .inc files use check_plain function whenever you are accessing variable_get functions to prevent cross site scripting attacks.

2. use translate t functions for menu descriptions in your module file to support localization

3. in your .module file use check_url function to avoid xss attacks.

Coder Review

Attached is the coder review.

I think the "variable" it's referring to is url('admin/user/ayah') which gets substituted in for !performance_admin. It just says, "potential problem" not that it's broken. According to http://api.drupal.org/api/drupal/includes!install.inc/function/st/7 the st function sanitizes so I don't see where there's an issue...

Michelle

You need to set the status to "needs review" if you want to get a review. The response time for a review is now approaching 4 weeks. Get a review bonus and we will come back to your application sooner.

Review of the 7.x-1.x branch:

• Run coder to check your style, some issues were found (please check the Drupal coding standards). See attachment.
• Drupal Code Sniffer has found some code style issues (please check the Drupal coding standards). See attachment.

This automated report was generated with PAReview.sh, your friendly project application review script. You can also use the online version to check your project. Get a review bonus and we will come back to your application sooner.

Severity minor, Drupal Commenting Standards, Internationalization, Drupal Security Checks, Drupal SQL Standards, Drupal Coding Standards

sites/all/modules/pareview_temp/./test_candidate/ayah.install:
 +60: [critical] Potential problem: drupal_set_message() only accepts filtered text, be sure all !placeholders for $variables in t() are fully sanitized using check_plain(), filter_xss() or similar.

Status Messages:
 Coder found 3 projects, 3 files, 1 critical warnings, 0 warnings were flagged to be ignored

FILE: ...upal-7-pareview/sites/all/modules/pareview_temp/test_candidate/ayah.inc
--------------------------------------------------------------------------------
FOUND 14 ERROR(S) AFFECTING 13 LINE(S)
--------------------------------------------------------------------------------
  11 | ERROR | Missing parameter type at position 1
  13 | ERROR | Missing parameter type at position 2
  15 | ERROR | Missing parameter type at position 3
  26 | ERROR | Expected "}\nelse {\n"; found "}\n\nelse{\n"
  36 | ERROR | Missing parameter type at position 1
  56 | ERROR | Missing parameter type at position 1
  58 | ERROR | Missing parameter type at position 2
 121 | ERROR | Missing parameter type at position 1
 158 | ERROR | Missing parameter type at position 1
 160 | ERROR | Missing parameter type at position 2
 171 | ERROR | Last parameter comment requires a blank newline after it
 171 | ERROR | Missing parameter type at position 3
 242 | ERROR | Expected "}\nelse {\n"; found "}\n\nelse{\n"
 267 | ERROR | Expected "}\nelse {\n"; found "}\n\nelse{\n"
--------------------------------------------------------------------------------

Source: http://ventral.org/pareview - PAReview.sh online service

No manual review given, so the status is "needs review ".

manual review of the 7.x-1.x branch:

• project page is a bit short, see http://drupal.org/node/997024
• ayah_admin_settings(): you could use system_settings_form() here.
• "confirm_form($form, check_plain($message), 'admin/user/ayah', '', check_plain($yes));": no need to use check_plain() here, as both variables are sanitized already.
• ayah_admin_settings_validate(): the TODO should not be done here, checking for cURL should go to hook_requirements().
• Are you sure that you need cURL? Why can't you use drupal_http_request()?
• _ayah_doCall(): you should use watchdog() instead of error_log().
• _ayah_doCall(): gloabl function names should not use camel case naming.
• _ayah_doCall(): use drupal_json_decode() instead of json_decode().
• "array_key_exists($form_id, $placement_map)": isset() is shorter and easier to read. Also elsewhere.

Removing review bonus tag, you can add it again if you have done another 3 reviews of other projects.

Hi,
In your module file in the theme_ayah() function you have :
return "<div id='AYAH'></div><script src='" . $url . "'></script>";

Why you don't use drupal_add_js() ? :

drupal_add_js($url, 'external');
return "<div id='AYAH'></div>";

Your script will be in the header section.

Cool. I would like to see this for D6. Any update?

drupal_goto($_GET['q']);

This is an open redirect when the login block is shown on 404 pages. You need to check whether $_GET['q'] is an absolute URL via the (misnamed) function url_is_external. If so, redirect to the frontpage.

Very interest in this module, hope it will get release some day =)

Closing due to lack of activity. Feel free to reopen if you are still working on this application.