*bump* Looks like I have a bit of work to do to comply with their rather rigorous guidelines:
-------------------------------------------------------------------------------------
This PM is automatically generated. Please do not reply.
If you wish to discuss anything in this PM please contact:
ycl6
-------------------------------------------------------------------------------------
Hello,
As you may know, all MODs submitted to the phpBB MOD Database must be validated and approved by members of the phpBB Team.
Upon validating your MOD, the phpBB MOD Team regrets to inform you that we have had to deny your MOD.
To correct the problem(s) with your MOD, please following the below instructions:
- Make the necessary changes to correct any problems (listed below) that resulted in your MOD being denied.
- Increase your version number. (See Knowledge Base Article 43 for help.)
- Change the filename. (For example, my_mod_1.0.0.zip would become my_mod_1.0.1.zip.)
- Re-upload your MOD into our MOD Database.
Please ensure you tested your MOD on the latest version of phpBB (see the
Downloads page) before you reupload your MOD.
Before you resubmit your MOD, please check your MOD Syntax via our
MOD Syntax Validator to ensure your MOD is using the correct MOD Template Syntax.
Here is a report on why your MOD was denied:
-------------------------------------------------------------------------------------
TerraFrost wrote:
(from sax.mod)
Code: loadXMLDoc('{U_SAXSAYPATH}/saxsay.php?sid={U_SID}&what='+saywhat,null);
Hard-coded PHP extension.
Code: <input type="button" class="saxsubmit" name="submit" value="Say" onClick="saxAdd();"/> <a href="http://www.cemetech.net" target="_blank"><img src="images/saxtiny.png" border="0" /></a>
"Say" constitutes hard-coded language.
Code: $ajaxurl = preg_replace('/(^.*)(posting\.php.*$)/',"$1viewtopic.php",$_SERVER['PHP_SELF']);
ajaxSaxAddItem(0,$userdata['username'],$topicname,$ajaxurl .'?p='.$post_id.'#'.$post_id);
More hard-coded php extensions. Also, should use $HTTP_SERVER_VARS instead of $_SERVER and... $_SERVER['PHP_SELF'] needs to be passed through htmlspecialchars to prevent XSS.
(from sax.php)
Code: $out=SAXformatstring('<span class="saxgray">***'.$who.' added a post in <a href="'.$where.'">'.stripslashes($what).'</a></span>');
Hard-coded language.
Code: $outstring = $row['username'] . ' was last online at ' . date('H:i:s',$row['user_lastvisit']);
More hard-coded language.
Code: $out .= SAXformatstring('<span class="saxmaroon">SAX:</span> <span class="saxblack">I don\'t know who you mean, '.$who.'.</span>');
} else {
//too many users found
$out .= SAXformatstring('<span class="saxmaroon">SAX:</span> <span class="saxblack">I found more than one user. Could you be more specific, '.$who.'?</span>');
Hard-coded language, again.
(I'm not going to point out anymore instances of hard-coded language; sufficide to say, there are more)
(from saxsay.php)
Should use the $HTTP_X_VARS varient
Code: $tempsay = stripslashes(strip_tags(urldecode($_GET['what'])));
~Mac
-------------------------------------------------------------------------------------
Please refer to the following links before you reupload your MOD:
For further reading, you may want to review the following:
For help with writing phpBB MODs, the following resources exists:
If you feel this denial was not warranted, you can contact the MOD Team Leader, wGEric.
Thank You,
phpBB MOD Team