Denied...again

jettyrat · Moderator Joined: Nov 28, 2005 Posts: 1139

Well, 1.0.1 was denied because I have included g2image and it does not follow phpbb coding standards. Shocked

Either I have to rewrite it to phpbb standards or I guess have an add-on mod file for how to make it work in phpbb if one wants to download it themselves and use it.

They sure make it hard for a mod of any complexity to exist in the mods db... Laughing

AdBot

IngerK · Posted: Mon Mar 03, 2008 1:13 am Post subject: Re: Denied...again

Yes, it looks like they make it very hard... Shocked

G2image as add-on is a possible solution, of course, but I think this will make the mod more time consuming to install and less user friendly. Confused

darkxst · Beginner Joined: Mar 25, 2006 Posts: 10

you cant remove g2image! that really is one of the big improvements since the phpbb2 integration and should imo be a core feature of the integration!

dari · Posted: Tue Mar 04, 2008 7:38 am Post subject: Re: Denied...again

i agree, it's such a high-value add-on that it doesn't make sense to pull it out.
besides, for statistical reasons, I prefer to have the MOD hosted here (and dl'ed from sf.net)
_________________

jettyrat · Moderator Joined: Nov 28, 2005 Posts: 1139

Yeah well, I thought originally having the mod in the phpbb moddb would get more users interested in it and having it there would mean it has passed the phpbb coding/security standards.

I pleaded my case to them about having 3rd party software in a mod that has no reason to follow the phpbb coding standards, but they are firm on their position that any code included in a mod must meet these requirements. They basically told me I would have to bring g2image to phpbb standards myself, which means I would have to practically rewrite the whole thing and that defeats the whole point of using it. The beauty of it is that it is a drop-in feature that only requires the modification of 2 files to make it work.

I have all but given up on the whole idea for now. The exercise was worth it though as they did point out some issues with the integration. I think the code is about as close to their standards as I can get it for now.

Quote: ›

mod robot wrote: ›
[ WARNING ] g2image/init.php does not exist in phpBB standard installation package

[ WARNING ] gallery2.php: IN_PHPBB not checked.

[ WARNING ] g2image/g2image.php:

1. [ WARNING ] IN_PHPBB not checked.
2. [ WARNING ] $phpbb_root_path not set
3. [ WARNING ] require_once('init.php'); you must use $phpbb_root_path and $phpEx for all includes/requires
4. [ POSSIBLE ]

Code: Select all
if (!in_array($g2ic_options['images_per_page'],$images_per_page_options)){

the third variable for in_array should probably be used here otherwise in_array is just a generalization and can, in some cases, give unexpected results. See code below, I added a true, which makes in_array strict… in_array should very rarely be used without the third variable.

Also, please use proper formatting as seen in the phpBB3 coding guidelines.

This should be

Code: Select all
if (!in_array($g2ic_options['images_per_page'], $images_per_page_options, true))
{

5. [ WARNING ]

Code: Select all
. '

jettyrat wrote: › Hi Handyman`,

Sorry to bother you directly, but your name is at the end of that msg as the contact.

So basically you guys are telling me that a bridge/integration type mod will never be allowed in the moddb and I'm just wasting my time, right? I sent a msg to the mod team along with the submission stating that g2image is a 3rd party add-in. It simply opens a popup window that allows one to select an image from Gallery and inserts bbcode into the posting form. It is not written by me and therefore I cannot change it to conform to phpbb coding guidelines. It is included in the mod because it is slightly modified so it will work with phpbb3.

I've tried to follow every phpbb mod rule possible but, because not everyone else out there who writes php software follows phpbb coding guidelines you guys are saying that mods that include or integrate other apps are not allowed in the moddb? If that's the case, you are eliminating some great possibilities with bridge type mods and that's really sad! Should I just give up and forget about it?

Thank you for your time,
Scott

ps. The file gallery2.php has as it's first line of code:

Code: Select all
define ('IN_PHPBB', true);

so I don't understand the complaint above unless the comment is messing something up. And, g2image.php immediately calls init.php which also contains a define IN_PHPBB line...

handyman` wrote: › Bridges are allowed, but the code must conform to the phpBB3 guidelines.
That helps prevent security breaches, which is the reason we have to validate all 3rd party software, even bridges, that are included with MODs.
It's not hard to clean up code to get it to conform to the guidelines, which is what's expected when a MOD is submitted to the MOD DB.

Be sure that there is no space between define and (
it should be: define('IN_PHPBB', true); otherwise it will show up as failing, thus the message that it's not checked.

jettyrat wrote: › But it will never conform to the moddb guidelines unless I rewrite the entire thing. It has it's own style, it's own language handling mechanism and is written to the Gallery guidelines for which it is made to interact with. It does not need to make use of the phpbb template system, language system or styles and to make those requirements means it can't exist in the phpbb moddb.

I'm not trying to argue with you in any way, I just don't understand how it can be expected that a mod that uses 3rd party software have such software be compliant with the phpbb guidelines. The chances of 3rd party software that isn't originally written for phpbb follow the phpbb guidelines are practically zero.

Would it be better to not include it and have instructions on where to get it and how to modify it to work in phpbb3? Since the mod allows Gallery to run inside of phpbb are there going to be issues with it next?

handyman` wrote: › Hi jettyrat,

There are some very basic things that we look for when validating a MOD.
When we see that $phpbb_root_path and $phpEx are not used, those can cause security issues, which is why it doesn't matter what it is, those standards must be met so as to not cause security problems with users forums.

Think of it this way, if you downloaded a MOD from the database and installed it on your forum and somebody defaced your forum through that MOD, wouldn't you be upset with the MOD author AND phpBB?

That is the very thing that we have to avoid, which is why we validate these MODs… so whether you can get it to that point or not is up to you, I haven't seen the code, we just run it through an automated system to check for initial security issues, which is why the MOD was denied very shortly after it was submitted.