[D7] Page Feedback

Hi ,

I am not able to clone your code its asking for password
"git clone --branch 7.x-1.0 sheikh303@git.drupal.org:sandbox/sheikh303/2277585.git"
Actually you have add wrong git url

git clone url should like this
git clone --branch 7.x-1.x http://git.drupal.org/sandbox/harshil.maradiya/2209623.git

so your actual url is
git clone --branch 7.x-1.0 http://git.drupal.org/sandbox/sheikh303/2277585.git

Please update your page

Cheers

Please fix all par review comment

You can check ur code for par review on following url
http://pareview.sh/
Add your git url in text field

I did quick review and found following comments

1. No need to add module file in file array drupal automatic load all .module files in .info fire.
2. Commenting on methods are not match with drupal standards(Please go through with par review report)
3. All variables should delete on un install of this module on all db drivers.
4. Remove commented code and test function from .admin.inc.
5. Please put your database interaction(insert,update,delete) code in try catch block .
6. Use drupal_exit rather than use exit.

Hi

You need fix all errors http://pareview.sh/pareview/httpgitdrupalorgsandboxsheikh3032277585git

Hi sheikh303,

After installation I get a PHP warning on the configuration page.
Warning: Invalid argument supplied for foreach() in page_feedback_admin_settings() (line 122 of /home/www/open-source/drupal/httpdocs/sites/all/modules/review/page_feedback/page_feedback.admin.inc).
You should check the type of the variable first.

The Coder module found some issues. (See attachment page-feedback-coder.png)

MENU_NORMAL_ITEM is the default value. So defining a type in hook_menu is not necessary. (backlinkseller.module:47)
'type'=> MENU_NORMAL_ITEM,

Never reformat data when storing it. This should happen at page render time. You also have 2 semicolons in this line. (backlinkseller.module:95)
$data['feedback_remarks'] = check_markup( filter_xss( $feedback_data['remark'])); ;

Do not use nativ MySQL. Use always the database abstraction layer. Use hook_schema()

db_query("CREATE TABLE IF NOT EXISTS `page_feedback` (
                `page_feedback_id` int(11) NOT NULL AUTO_INCREMENT,
                `page_uri` varchar(200) DEFAULT NULL,
                `feedback_val` tinyint(1) DEFAULT NULL,
                `feedback_remarks` varchar(1000) DEFAULT NULL,
                `submitted` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
                PRIMARY KEY (`page_feedback_id`)
            ) ENGINE=InnoDB  DEFAULT CHARSET=utf8;");

Make all messages translateable. See page_feedback.admin.inc:92
drupal_set_message("Cleared page feedack data.");

Use the Devel module for debugging. (See page_feedback.admin.inc:170)

function pp($array = array()){
    echo "<pre>";
    print_r($array);
    echo "</pre>";
    
}

You should also use the FormAPI for the block content. (See page-feedback-block.tpl.php)

Romove console.log from JS. And use Drupal behaviors. Managing JavaScript in Drupal 7

Would you please elaborate those three issues.
No need to create new issue, if we are working on regular basis then it fine.

Hello Sheikh,

You can use check_plain or filter_access methods to sensitize the in put data .
On both the line you can use these function let me know if you need more help

http://api.drupalhelp.net/api/drupal/includes--bootstrap.inc/function/ch...

https://api.drupal.org/api/drupal/modules%21filter%21filter.module/funct...

Cheers,
Harshil Maradiya

Hi,

In trying to check out your code I ran into a bit of confusion - you have 2 branches, but your git clone link doesn't point to the branch that pareview wants to check.

I ran pareview on both branches, and both have issues (though, the dev branch has a TON, and the 7.x-1.x branch only has 2: the check_plain/unserialized unsanitized input errors).

which branch is correct? please update your git clone link by appending --branch before the uri to your repository.

I'm not sure if this will work, but try assigning the value of variable_get('blahblah') to a variable, then passing the variable to check_plain() and see if that gets rid of those errors.

Closing due to lack of activity. If you are still working on this application, you should fix all known problems and then set the status to "Needs review". (See also the project application workflow).

I'm a robot and this is an automated message from Project Applications Scraper.