This is a webform based module which provides 2checkout Standard Checkout facility that can handle every part of the buyer’s checkout process on a single page.

We have added "2checkout pay" webform button component which will help to select your amount using amount mapping component for submitting your payment amount on the 2checkout portal.

Also, we have added custom payment success page which helps to verify the payment detail that was a success or not.

We have given facility to add your payment cancel custom message and thank you the custom message.

I have attached 2 snapshot which helps to config you webfrom 2checkout payment.

Module URL

https://www.drupal.org/project/wf_2checkout/

Git Clone URL

git clone --branch 7.x-1.x https://git.drupal.org/project/wf_2checkout.git

Comments

girishpanchal created an issue. See original summary.

jeetendrakumar’s picture

Status: Needs review » Needs work

@girishpanchal

Git clone command gives following fatal error.

Cloning into 'wf_2checkout'...
fatal: repository 'https://git.drupal.org/sandbox/krishaweb/2854155.git/' not found
girishpanchal07’s picture

Issue summary: View changes
girishpanchal07’s picture

@jeetendrakumar,

Thank you for informing.

Sorry for the inconvenience. I have updated both URL. sandbox and git clone.

girishpanchal07’s picture

Status: Needs work » Needs review
PA robot’s picture

We are currently quite busy with all the project applications and we prefer projects with a review bonus. Please help reviewing and put yourself on the high priority list, then we will take a look at your project right away :-)

Also, you should get your friends, colleagues or other community members involved to review this application. Let them go through the review checklist and post a comment that sets this issue to "needs work" (they found some problems with the project) or "reviewed & tested by the community" (they found no major flaws).

I'm a robot and this is an automated message from Project Applications Scraper.

ishwar’s picture

Hi @girishpanchal

1. Implement hook_help in your module file.
2. Add proper comments with param and return type used in function

klausi’s picture

@ishwar: those are nice tips for improvements, but probably not application blockers. I think you forgot to change the status - anything else that you found or should this be set to RTBC?

girishpanchal07’s picture

Issue summary: View changes
parthpandya24’s picture

Status: Needs review » Reviewed & tested by the community

This module is working fine for me. Great work!

parthpandya24’s picture

Issue summary: View changes
StatusFileSize
new105.55 KB
new138.26 KB
girishpanchal07’s picture

girishpanchal07’s picture

StatusFileSize
new105.55 KB
new138.26 KB
girishpanchal07’s picture

kumar_kundan’s picture

I have went through the Redme.txt file. I have followed mentioned steps. how to sent price using webform is not mentioned. Redme.txt file need to be more description.

girishpanchal07’s picture

@kumar_kundan,

Thank you for reviewing module.

I have updated README.txt according to your suggestion.

Thank you.

visabhishek’s picture

Status: Reviewed & tested by the community » Needs work

Please fix the issue reported on https://pareview.sh/node/1180

Manual Review :
1: Please delete all created variables under hook_uninstall()
Example

variable_get('wf_2checkout_success_msg');
variable_get('wf_2checkout_sid');
variable_get('wf_2checkout_li_0_name')
variable_get('wf_2checkout_currency_code')
variable_get('wf_2checkout_lang')

2: All user facing text should be passed through t().
Example: title

  if (isset($value[0])) {
    return array(
      '#type' => 'markup',
      '#title' => $component['name'] . ' Invoice ID',
      '#markup' => $value[0],
      '#weight' => $component['weight'],
      '#theme_wrappers' => $format == 'html' ? array('webform_element') : array('webform_element_text'),
      '#translatable' => array('title'),
    );
  }

3: Read me should be formated like https://www.drupal.org/node/2181737
4: Remove "package = KrishaWeb Technologies" from info file.

girishpanchal07’s picture

@visabhishek,

Thank you for reviewing module.

I have updated the things which you have mentioned above.

For automated review https://pareview.sh/node/1180 -> Webform Default provided _webform_action_component() where action like (info, render, display etc..). I didn't find Mymodule_webform_action_component(). If you have a suggestion for that please let me know so, I will update in module

Thank you.

girishpanchal07’s picture

Status: Needs work » Needs review
PA robot’s picture

Status: Needs review » Needs work

Git clone failed for https://git.drupal.org/sandbox/girishpanchal0007/2854419.git while invoking http://pareview.sh/pareview/httpsgitdrupalorgsandboxgirishpanchal0007285...

Git clone failed. Aborting.

I'm a robot and this is an automated message from Project Applications Scraper.

girishpanchal07’s picture

Status: Needs work » Closed (won't fix)
girishpanchal07’s picture

I have promoted this project with https://www.drupal.org/project/wf_2checkout/ URL.
Now security advisory will check this module according to their policy.

Thank you @all for reviews on this module.

girishpanchal07’s picture

Issue summary: View changes
avpaderno’s picture

Priority: Major » Normal
Status: Closed (won't fix) » Needs review

Actually, no, that project is is not covered by Drupal’s security advisory policy, since you don't have the vetted role.

You have been able to convert a sandbox project into a full project, but it isn't covered by security advisory, yet. That is the reason for these applications.

girishpanchal07’s picture

Issue summary: View changes
sleitner’s picture

Status: Needs review » Needs work

Automated Review

Review of the 7.x-1.x branch (commit 40a069f):

  • ./wf_2checkout.webform.inc: All functions should be prefixed with your module/theme name (wf_2checkout) to avoid name clashes. See https://www.drupal.org/node/318#naming
    function _webform_defaults_wf_2checkout() {
    function _webform_edit_wf_2checkout($component) {
    function _webform_render_wf_2checkout($component, $value = NULL, $filter = TRUE, $submission = NULL) {
    function _webform_display_wf_2checkout($component, $value, $format = 'html', $submission = array()) {
    function _webform_table_wf_2checkout($component, $value) {
    function _webform_csv_headers_wf_2checkout($component, $export_options) {
    function _webform_csv_data_wf_2checkout($component, $export_options, $value) {
    
  • No automated test cases were found, did you consider writing Simpletests or PHPUnit tests? This is not a requirement but encouraged for professional software development.

This automated report was generated with PAReview.sh, your friendly project application review script.

Manual Review

Individual user account
Yes: Follows the guidelines for individual user accounts.
No duplication
Yes: Does not cause module duplication and/or fragmentation.
Master Branch
Yes: Follows the guidelines for master branch.
Licensing
Yes: Follows the licensing requirements.
3rd party assets/code
Yes: Follows the guidelines for 3rd party assets/code.
README.txt/README.md
Yes: Follows the guidelines for in-project documentation and/or the README Template.
Code long/complex enough for review
Yes: Follows the guidelines for project length and complexity.
Secure code
No: List of security issues identified. Sanitze your $_REQUEST/$_POST in puts
Coding style & Drupal API usage
  1. (*) All functions should be prefixed with your module/theme name (wf_2checkout) to avoid name clashes.
  2. (*) Sanitze your $_REQUEST/$_POST in puts in wf_2checkout.module to prevent XSS attacks

The starred items (*) are fairly big issues and warrant going back to Needs Work. Items marked with a plus sign (+) are important and should be addressed before a stable project release. The rest of the comments in the code walkthrough are recommendations.

If added, please don't remove the security tag, we keep that for statistics and to show examples of security problems.

This review uses the Project Application Review Template.

girishpanchal07’s picture

Hi, @sleitner,

Thank you for reviewing the module.

I have updated security aspects/parameter as you added in your last comment.

Webform module is required to create a component with an underscore prefix so that why I can't update/solve PAreview (Automatic review tools) warnings/errors/notices. If I will add module name as function prefix before the functions then webform will not support the created component.

If you have an idea please suggest me so I will update it.

Thanks.

girishpanchal07’s picture

Status: Needs work » Needs review

Sorry, I missed the status update.

sleitner’s picture

Status: Needs review » Needs work

Hi @girishpanchal,

you should sanitize $post_value

  foreach ($_POST['submitted'] as $keys => $post_value) {
    if (empty($post_value)) {
      unset($_POST['submitted'][$keys]);
    }
    else {
      $send_data[$keys] = $post_value;
    }
  }

in line 176 of wf_2checkout.module as well.

avpaderno’s picture

Status: Needs work » Needs review

It should be sanitized when output.

When handling data, the golden rule is to store exactly what the user typed. When a user edits a post they created earlier, the form should contain the same things as it did when they first submitted it. This means that conversions are performed when content is output, not when saved to the database (be sure to read the db_query() documentation on how to use the database API securely).

sleitner’s picture

Status: Needs review » Reviewed & tested by the community

ok in wf_2checkout_process_payment() it is just an redirect to 2checkout.com, 2checkout.com have to handle it.

avpaderno’s picture

Assigned: Unassigned » avpaderno
Status: Reviewed & tested by the community » Fixed

Thank you for your contribution!

I am going to update your account so you can opt into security advisory coverage now.
These are some recommended readings to help with excellent maintainership:

You can find more contributors chatting on the IRC #drupal-contribute channel. So, come hang out and stay involved.
Thank you, also, for your patience with the review process.
Anyone is welcome to participate in the review process. Please consider reviewing other projects that are pending review. I encourage you to learn more about that process and join the group of reviewers.

I thank all the dedicated reviewers as well.

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.