Module development and code questions

Hi,

I recently switched from developing outside of the drupal core to using the builtin node structure. My question is whether I am better off developing multiple node modules to handle the functionality that I'm looking for, or include it all in one module. I believe that I am better off having a different node module to handle the collection of nodes.

Hi everybody,

Here is my current setup:
1. flexinode.module is used so I can display the attachments in the teaser (rather than viewing the full node for the link)
2. simple_access.module to make some nodes private, but files uploaded are only "hidden" in the files directory, if someone guessed the name, they could download it.

filemanager.module + attachment.module appears to support private files, but does not display the attachment in the teaser.

I am trying to figure out how to attack this problem. Patch flexinode or attachment? Any suggestions on where to start?

Hello,
I try to write module which could related parent and child in taxonomy. Child is node(type flexinode-1) but parent is term.
My hierarchy:
-location
--voivodeship1
---county1
----town1
-----child1
-----child2
----town2
----etc
---county2
---county3
--voivodeship2
--county4
---town3
----child3
--county5
--etc

I've written the following code for a module to detect whether the installed version of Drupal uses the new form API. It works, and I just want to see if there's an already existing or better way to do this.

/*
**	Are we using Drupal 4.7 or 4.6.3? Returns true if we have access to the new Forms API
*/
function image_tab_new_forms_API() {
  static $new_API;
  if (!isset($new_API)) {
    $new_API = function_exists('drupal_get_form');
  }
  return $new_API;
}

Thanks,
Aaron

Okay as some of you might know, I'm currently developing the tablemanager.module and have NO previous php or mysql programming experience ;o) And I think I'm doing alright at the moment!

The module completely works (although maybe the code is ugly!) and in its current attic state (version 1.1.2.10), is actually finished... But... At the moment the module passes all the table data to a validation function... which is completely empty and does nothing but pass the remark // to do... then return right back again. Not really a problem particularly as anonymous users do not have access to it unless you give them permission to, but in the future I'd planned to have a function which allows an admin to set tables to be 'accessible to all roles' so that maybe people could add their contact details to it, or their CD collections, or any type of collections... Anyways, the point of this is that if anonymous users *will* be allowed access (even if it isn't yet) then the data needs to be stripped of anything malicious because the tables are stored in the database. I'm completely worried that my module is going to be a security hole... So I need to get this right for my own peace of mind!!!

Is it enough to just pass the data through $check_ouput()? I'm guessing it is, as anonymous users can post into the forums using the default filtered html option (which check_output uses by default) - and this will strip any nastiness out??? Right??? Or... Should I completely restrict whats entered by doing something like this:

<?php
$test = "blah blah test"; // string to be tested
$name="name"; // form_textfield name
if (eregi('[^a-z 0-9_-]', $test)) {
form_set_error($name, t('The specified string contains one or more illegal characters.