Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
This project is an integration of Chartist library for creating responsive charts. It's an API module providing themes to create charts from data arrays.
A working demo can be found here: http://development.ogtrading.eu/chartist/example (example is included in the module itself as well).
Project page:
https://www.drupal.org/sandbox/graber/2593245 (full description included)
Clone link:
git clone --branch 7.x-1.x https://git.drupal.org/sandbox/Graber/2593245.git chartist
cd chartist
Comments
Comment #2
PA robot CreditAttribution: PA robot commentedProject 1: https://www.drupal.org/node/2795077
Project 2: https://www.drupal.org/node/2796389
As successful completion of the project application process results in the applicant being granted the 'Create Full Projects' permission, there is no need to take multiple applications through the process. Once the first application has been successfully approved, then the applicant can promote other projects without review. Because of this, posting multiple applications is not necessary, and results in additional workload for reviewers ... which in turn results in longer wait times for everyone in the queue. With this in mind, your secondary applications have been marked as 'closed(duplicate)', with only one application left open (chosen at random).
If you prefer that we proceed through this review process with a different application than the one which was left open, then feel free to close the 'open' application as a duplicate, and re-open one of the project applications which had been closed.
I'm a robot and this is an automated message from Project Applications Scraper.
Comment #3
PA robot CreditAttribution: PA robot commentedWe are currently quite busy with all the project applications and we prefer projects with a review bonus. Please help reviewing and put yourself on the high priority list, then we will take a look at your project right away :-)
Also, you should get your friends, colleagues or other community members involved to review this application. Let them go through the review checklist and post a comment that sets this issue to "needs work" (they found some problems with the project) or "reviewed & tested by the community" (they found no major flaws).
I'm a robot and this is an automated message from Project Applications Scraper.
Comment #4
Graber CreditAttribution: Graber as a volunteer commentedComment #5
Graber CreditAttribution: Graber as a volunteer commentedComment #6
Graber CreditAttribution: Graber as a volunteer commentedComment #7
Inzor CreditAttribution: Inzor commentedHi,
Automated Review
There are some issues that automated test detected:
http://pareview.sh/pareview/httpsgitdrupalorgsandboxgraber2593245git
Look, if it need to be fixed.
Note that perfect adherence to Drupal Coding Standard is NOT a reason to block an application, except for total disregard of them. However, modules should follow them as closely as possible.
Manual Review
The starred items (*) are fairly big issues and warrant going back to Needs Work. Items marked with a plus sign (+) are important and should be addressed before a stable project release. The rest of the comments in the code walkthrough are recommendations.
If added, please don't remove the security tag, we keep that for statistics and to show examples of security problems.
This review uses the Project Application Review Template.
Comment #8
Inzor CreditAttribution: Inzor commentedComment #9
Inzor CreditAttribution: Inzor commentedComment #10
Graber CreditAttribution: Graber as a volunteer commentedThanks for the review inzor, All auto-review issues fixed but one: I'll not name _gauss_distribution function _chartist_gauss_distribution. Mr Gauss wouldn't like that ;)
http://pareview.sh/pareview/httpsgitdrupalorgsandboxgraber2593245git
Comment #11
ARUN AK CreditAttribution: ARUN AK commentedThis is vulnerable to XSS exploits. When it creates a dynamic chart with user entered data, then an attacker can execute arbitrary JS code. You need sanitize user provided text before directly printing to HTML. Make sure to read https://www.drupal.org/node/28984 again. If I'm right please don't remove the security tag, we keep that for statistics and to show examples of security problems.
Removing 'PAReview: review bonus' tag. You can add it again with your three manual review links.
Thanks,
ARUN AK
Comment #12
Graber CreditAttribution: Graber as a volunteer commentedHi Arun,
Thanks for your review,
Graber
Comment #13
Graber CreditAttribution: Graber as a volunteer commentedComment #14
Graber CreditAttribution: Graber as a volunteer commentedComment #15
Graber CreditAttribution: Graber as a volunteer commentedI thought of a way to make the module secure and not lose functionality at the same time. Theme now has a 'html' variable that can be set to TRUE to bypass check_plain. The default value is FALSE and then all the displayed data is sanitized.
Also implemented the Drupal README template.
Comment #16
Graber CreditAttribution: Graber as a volunteer commentedComment #17
Graber CreditAttribution: Graber as a volunteer commentedComment #18
ganesan g CreditAttribution: ganesan g commentedHi Graber,
Please find my comments below.
Comment #19
Graber CreditAttribution: Graber as a volunteer commentedThanks for checking my module ganesan gopal, now I wish I chosen a simple module for a full project application as the ones I reviewed myself that are already set as "fixed" and didn't even have a review bonus :|
Anyway, all issues fixed, hope it will not take long now as I really have a lot more to contribute than this one module, I'm glad that thanks to all reviewers here the quality will be assured :)
Comment #20
ARUN AK CreditAttribution: ARUN AK commentedHave fixed all the issues mentioned above. As this module is only providing an api to the chartist library, in future you can consider the implementation of work with Views api. It makes the chart integration easy and will reduce the coding effort for normal users.
Removing review bonus tag, you can add it again if you have done another 3 reviews of other projects.
Comment #21
ARUN AK CreditAttribution: ARUN AK commentedno objections for more than a month, so ...
Thanks for your contribution, Graber!
I updated your account so you can promote this to a full project and also create new projects as either a sandbox or a "full" project.
Here are some recommended readings to help with excellent maintainership:
You can find lots more contributors chatting on IRC in #drupal-contribute. So, come hang out and stay involved!
Thanks, also, for your patience with the review process. Anyone is welcome to participate in the review process. Please consider reviewing other projects that are pending review. I encourage you to learn more about that process and join the group of reviewers.
Thanks to the dedicated reviewer(s) as well.
Comment #22
Graber CreditAttribution: Graber as a volunteer commentedGreat, I'd like to thank everyone here for providing me with all the hints and guidelines that helped me produce high quality code. Time to move forward again :)