OS Delta is Drupal business theme designed by Ordasoft.
This Drupal theme is fully responsive and fits to all screen sizes.
OS Delta has modern and clean design and it will fit for any kind of portfolio and personal website, corporate and company site or other small business website.
It is possible to add background video through theme settings.
Also Delta theme is integrated with Font Awesome and Google fonts.
It's easy to connect your website with your social profile simply inserting link in special field.
Demo: http://ordasvit.com/drupal-delta/
Automatic review
http://pareview.sh/pareview/httpgitdrupalorgsandboxordasoft2276961git
Link to project page
https://www.drupal.org/sandbox/ordasoft/2276961
Link to git
git clone --branch 7.x-1.x http://git.drupal.org/sandbox/Ordasoft/2276961.git os_delta___drupal_7_business_theme
Links to reviews
https://www.drupal.org/node/2279781#comment-8972923
https://www.drupal.org/node/2278513#comment-8933673
https://www.drupal.org/node/2220943#comment-8937157
https://www.drupal.org/node/2470681#comment-10002305
https://www.drupal.org/node/2428625#comment-9995601
https://www.drupal.org/node/2479197#comment-10002769
https://www.drupal.org/node/2470681#comment-10006309
https://www.drupal.org/node/2479197#comment-10009497
Comment | File | Size | Author |
---|---|---|---|
#33 | coder-results.txt | 7.45 KB | klausi |
#26 | appearance-copyright.png | 15.33 KB | Manjit.Singh |
#19 | coder-results.txt | 20.31 KB | klausi |
#14 | delta.png | 123.59 KB | Sumit kumar |
Comments
Comment #1
PA robot CreditAttribution: PA robot commentedWe are currently quite busy with all the project applications and we prefer projects with a review bonus. Please help reviewing and put yourself on the high priority list, then we will take a look at your project right away :-)
Also, you should get your friends, colleagues or other community members involved to review this application. Let them go through the review checklist and post a comment that sets this issue to "needs work" (they found some problems with the project) or "reviewed & tested by the community" (they found no major flaws).
I'm a robot and this is an automated message from Project Applications Scraper.
Comment #2
Ordasoft CreditAttribution: Ordasoft commentedComment #3
Ordasoft CreditAttribution: Ordasoft commentedComment #4
Ordasoft CreditAttribution: Ordasoft commentedComment #5
codesidekick CreditAttribution: codesidekick commentedAutomated Review
http://pareview.sh/pareview/httpgitdrupalorgsandboxordasoft2276961git Unable to complete because of the branch issue mentioned below.
Manual Review
All of these libraries need to use sites/all/libraries and be maintained outside of the theme.
The starred items (*) are fairly big issues and warrant going back to Needs Work. Items marked with a plus sign (+) are important and should be addressed before a stable project release. The rest of the comments in the code walkthrough are recommendations.
This review uses the Project Application Review Template.
Comment #6
Ordasoft CreditAttribution: Ordasoft commentedComment #7
Ordasoft CreditAttribution: Ordasoft commentedHi! Thanks for the review, we fixed the issues you mentioned.
Comment #8
Manjit.SinghHi Ordasoft, Thanks for Contribution !!
Please find some issues in coding :
core = 7.x
mentioned two times in Info file.It would be good if you can import css file in info rather than in Head.
Comment #9
ashopin CreditAttribution: ashopin commentedHello,
I cannot git clone what you have posted. You need to post this:
git clone --branch 7.x-1.x http://git.drupal.org/sandbox/Ordasoft/2276961.git os_delta___drupal_7_business_theme
I found few areas of concern.
README
HTML.tpl.php
style_setting.css
Libraries
Comment #10
Manjit.Singh@Ordasoft Updating git link :)
Comment #11
Manjit.SinghComment #12
Ordasoft CreditAttribution: Ordasoft commentedHi!
Thank you for your corrections, we've fixed the issues and updated theme on git.
If you have other remarks, write them please, we are interested in making the quality theme =)
Comment #13
Ordasoft CreditAttribution: Ordasoft commentedComment #14
Sumit kumar CreditAttribution: Sumit kumar commentedHi @Ordasoft,
In tab the hamburger not is not open, its show the undefined error in template.
Comment #15
Sumit kumar CreditAttribution: Sumit kumar commentedComment #16
Sumit kumar CreditAttribution: Sumit kumar commentedSorry, its by mistake
Comment #17
Ordasoft CreditAttribution: Ordasoft commentedHi Sumit!
To get the same view as on image you have to connect libraries, that described in Read me file.
Comment #18
Ordasoft CreditAttribution: Ordasoft commentedComment #19
klausiHa, your JS files are quite malformed and caused an endless loop in Coder/pareview.sh. This is now fixed, attached is the automated report.
The theme has a security issue and am I assigning this to Manjit.Singh as part of our git admin training so that he can take a look. If he does not find the security issue I'm going to post details about the vulnerability in one week. And please don't remove the security tag, we keep that for statistics and to show examples of security problems.
Comment #20
Ordasoft CreditAttribution: Ordasoft commentedHi!
Thank you for your notification.
But when we made review in pareview.sh (just after adding on drupal.org), there was no malformed files. Moreover we've fixed all errors that pareview.sh was found, but now there is a lot of errors there. It looks like problem not in our theme, but in pareview.sh. Or maybe we don't understand all nuances =(
Could you please explain us what may caused the issues?
And what should we do next?
Comment #21
ashopin CreditAttribution: ashopin commentedI see one error in the pareview:
http://pareview.sh/pareview/httpgitdrupalorgsandboxordasoft2276961git
Comment #22
Ordasoft CreditAttribution: Ordasoft commentedHi!
We can't find such an error in our file. Is it possible that pareview gives wrong findings?
Comment #23
ashopin CreditAttribution: ashopin commentedSo is there a '?>' at the end of your style_setting.php file?
Are you sure you've pushed your latest code to your git?
Comment #24
PA robot CreditAttribution: PA robot commentedProject 1: https://www.drupal.org/node/2480797
Project 2: https://www.drupal.org/node/2395279
As successful completion of the project application process results in the applicant being granted the 'Create Full Projects' permission, there is no need to take multiple applications through the process. Once the first application has been successfully approved, then the applicant can promote other projects without review. Because of this, posting multiple applications is not necessary, and results in additional workload for reviewers ... which in turn results in longer wait times for everyone in the queue. With this in mind, your secondary applications have been marked as 'closed(duplicate)', with only one application left open (chosen at random).
If you prefer that we proceed through this review process with a different application than the one which was left open, then feel free to close the 'open' application as a duplicate, and re-open one of the project applications which had been closed.
I'm a robot and this is an automated message from Project Applications Scraper.
Comment #25
klausiLet's keep this one open which already has a security issue reported.
Comment #26
Manjit.Singh@Ordasoft
os_delta_form_system_theme_settings_alter
this is vulnerable to XSS exploits. If I enter<script>alert('XSS');</script>
in the copyright section of admin settings, I will get a nasty javascript popup. You need to sanitize user provided text before printing, Please check https://www.drupal.org/node/28984 and https://api.drupal.org/api/drupal/includes%21common.inc/group/sanitization/7Also Please check screenshot for the same.
Comment #27
klausiYep, good catch @Manjit.Singh!
There are some more XSS issues, for example in node--home_page_gallery.tpl.php the node title is printed unsanitized. Make sure to read https://www.drupal.org/node/28984 again.
Comment #28
Ordasoft CreditAttribution: Ordasoft commentedHello,
We updated theme, and added to all setting, check and clean all "sanitize user provided text".
But as me seem, you not right. Because all texts what you show - provide site admin. So that trusted user !!!
Admin if wish can remove drupal site call some like "format c:". How we can "sanitize user" here ?
Thanks
Comment #29
klausiSorry for the delay. Make sure to review more project applications and get a new review bonus and this will get finished faster.
The problem is with node titles for examplke that you simply don't know if it was provided by the site admin or some other less-trusted editor. The point is: all user provided text must be sanitized before printing into HTML to make sure that XSS issues from untrusted sources don't sneak in.
manual review:
f"><script>alert('XSS');</script>
as Twitter URL for example in the theme settings I will get a nasty javascript popup. Since the user permission required to change these settings is "administer themes", which is not marked for trusted users only, this is a security blocker. Please check all your functions where you prepare variables for the templates and whether they need to get sanitized.Comment #30
Ordasoft CreditAttribution: Ordasoft commentedHello,
We corrected all variables show and all points what you wrote.
With point 4. We change output, but in t() - we leave only ('Copyright'), all other that variables and no need for translate.
Thanks
Comment #31
Ordasoft CreditAttribution: Ordasoft commentedComment #32
klausiplease don't remove the security tag, we keep that for statistics and to show examples of security problems.
Comment #33
klausiReview of the 7.x-1.x branch (commit 1d02efb):
This automated report was generated with PAReview.sh, your friendly project application review script. You can also use the online version to check your project. You have to get a review bonus to get a review from me.
manual review:
But otherwise looks RTBC to me.
Assigning to er.pushpinderrana as he might have time to take a final look at this.
Comment #34
er.pushpinderrana CreditAttribution: er.pushpinderrana as a volunteer and at Publicis Sapient for Publicis Sapient commentedAutomated Review
There is no commit after `1d02efb` so its same as above (1 warning).
Manual Review
os_delta_modules_check(): IMHO you should be consistently use curly braces with if-else operator in template.php file, usage of colon
if ($no_modules) :
looks odd here.After gone through the code, found one more recommendation(above) for you otherwise looks RTBC to me as well, so...
Thanks for your contribution, Ordasoft!
I updated your account so you can promote this to a full project and also create new projects as either a sandbox or a "full" project.
Here are some recommended readings to help with excellent maintainership:
You can find lots more contributors chatting on IRC in #drupal-contribute. So, come hang out and stay involved!
Thanks, also, for your patience with the review process. Anyone is welcome to participate in the review process. Please consider reviewing other projects that are pending review. I encourage you to learn more about that process and join the group of reviewers.
Thanks to the dedicated reviewer(s) as well.
Comment #35
Ordasoft CreditAttribution: Ordasoft commentedHello klausi, er.pushpinderrana,
Thanks you !
We fixed all errors what you mentions.
But error :
Look like that "Automatic reviewer" error, in our file 'style_setting.php' not exist that error
Thanks,