Weight Seer is a small module that renders a functional fitness/weight goal
calculator and estimator on your site. The module allows visitors to
figure out how to reach a given weight target depending on a given timeframe
or projected calories intake.

Project page: http://drupal.org/sandbox/pimteam/1730636
Git repository: http://drupalcode.org/sandbox/pimteam/1730636.git/commit/149d3d7

Drupal 7 Module

Comments

parwan005’s picture

parwan005 commented
Status: Needs review » Needs work

Hi,
Nice idea first of all. I was looking at your module code and found few issues here. Haven't used the module yet though.
Here are my observations after manual review :-
1) Please do not leave unused code or test code in your module or tpl file. I see at your module file at line 195 echo "HERE". Why is that ? please remove it.
2) In hook_block_view you have used $form above if condition and only using it inside if condition. So why not put that inside if condition only ?
3) In your form you havent used form api properly. You could have used it properly as for submit in case of textfield, select field, radios. I would like to know why if its intentional.
4) Please use proper indentation/spacing while working in drupal. Refer this for the same.
5) Make sure all of your files end with a new line.
6) Somewhere you have used echo and at some places print. I would say please use print as drupal always uses print.

Important thing : Make sure to remove use your master branch and create a new branch 7.x-1.x. Read here for more : - http://drupal.org/node/1015226

Also please fix your ventral issues : - http://ventral.org/pareview/httpgitdrupalorgsandboxpimteam1730636git

prasunsen’s picture

prasunsen commented

Thank you for the quick feedback! Will update when issues are fixed.

Milena’s picture

Milena commented

It works fine.

Some functional advices:
1) I believe it will be good to provide new permission as such module might be used only by permium users on the websites.

Some coding standards not mentioned earlier or really serious:

  $form['age'] = array(
    "#markup" => '<input type="text" name="age" id="yourAge" size="6"' . $value . '>'
  );

You should use FAPI instead of such syntax!
Do not ever relay on javascript validation! I was able to send a form without proper values with javascript disabled.

echo "HERE";
I believe it is some kind of debugging. Please, remove it.

Sometimes in your submit function you use FAPI, sometimes POST. Always use FAPI with $form_state.

t('(which means to get') . ' <b>' . number_format($calories_daily) . ' ' . t('calories daily')
Use placeholders instead of concatenation.

You do not sanitized user input.
Try to type <a href="onclick="alert('securityissue');">test</a> in your How much weight you wish to lose? field.
You have a link on results page. Then go back to the form and click that field.
Please, look into Writing secure code section.

You should also use jQuery with Drupal.behaviors in your .js file.

prasunsen’s picture

prasunsen commented

Thank you!

klausi’s picture

klausi
he/him||they/them
Primary language German
Location 🇦🇹 Vienna
commented
Status: Needs work » Closed (won't fix)

Closing due to lack of activity. Feel free to reopen if you are still working on this application.