Drag and Drop Block

Your module name is drag_drop_block, but your folder name is drag_and_drop_block (at least when I cloned it from your sandbox's git clone link).

Throughout drag_drop_block.module there are several places where you've broken a string up into multiple lines for readability, such as your SQL queries. In many of these case there is hanging whitespace, or inconsistent indentation on the multiple lines. It's generally best to only indent any line with 2 spaces unless there is a specific reason for doing otherwise.

Maybe I'm missing something, but the entire function drag_drop_block_loadconfig() seems wasteful. The inline javascript definitely needs to be moved to a .JS file for maintainability. It seems to me that it isn't necessary to query the database for region names on the server-side at all since you know that each region has a class of ".region", and that each region name begins with ".region-". By removing drag_drop_block_loadconfig() and moving the javascript to its own file, you can:

• Remove an unnecessary database query that is being performed on every page load
• Give Drupal the ability to cache your javascript with other modules' code.
• Only output your javascript code once, instead of once for every region on the page.
• Give automated code reviewers access to your JS code styling, which also has some whitespace/indentation irregularities that are not being detected because they are hidden in a string.
• Make it MUCH easier to change/maintain your javascript in the future.

drag_drop_block_save_order() could be commented/documented so it is more apparent what you are doing.

You should also use a more descriptive URL for your AJAX callback in hook_menu(). Maybe something like "/drag-drop-blocks/ajax/save" instead of just "/save-order-block", which could cause conflicts.

Just a suggestion -- make it so some kind of "save" button needs to be hit before block regions/ordering is saved (like on the block page). Either that, or have the ability to toggle drag-and-drop mode (then you could highlight moveable blocks as your hovered over them). Right now it is very easy for someone to accidentally drag a block to a different region, and as soon as they let go of the mouse, the change they made is permanent!

Great module! Works as expected.

Forgot to change status.

Hi,sdramos

I have checked your module and integrate in my system and drag and drop blocks to move between regions but it not save for me.

Mayank kamothi

Hi,sdramos

Manual Review:

I have checked you code and find some space issue in your module file like there are so many place in your module file which have trailing spaces, so remove space from those lines.

Mayank Kamothi

This needs some CSRF protection: http://drupalscout.com/tags/csrf

Progress here seems stalled, this looks like a very useful module, what needs to be done to move this forward? I notice that sdramos has implemented many of the changes ColonelForbinX suggested. I do not know enough about CSRF to know if he has addressed greggles suggestion. Happy to test if it has been taken care of.

If sdramos has done work to protect against csrf he should mark the issue as "needs review" and ideally point to commit messages to say where that change was.

Closing due to lack of activity. Feel free to reopen if you are still working on this application.

If you reopen this please keep in mind that we are currently quite busy with all the project applications and I can only review projects with a review bonus. Please help me reviewing and I'll take a look at your project right away :-)