MOD Validation Checklist
This Validation checklist is provided as a reference for MOD Authors to improve the Validation Process for their MODs.
Insta Deny Checklist
MOD description is complete and informative. #
License.txt file is present.#
The install MODX file should have the word "install" in the filename (e.g.: install_some_mod.xml). #
The newest MODX XSL file (modx.prosilver.en.xsl) must be included. #
Both the main install MODX file and the license.txt file should be placed in the root of your zip package, not within a sub-directory. #
Edits to the main install XML file should be in English, and include instructions for the prosilver style. #
IN_PHPBB check must be used in all included files, that includes class files, function files, and language files.#
The MOD needs to pass MPV. #
Packaging
Valid (descriptive but concise) package file name (e.g.: my_mod_name_v104.zip). #
Language files are within the language directory and correct lang_name (ISO) translations are used. #
Alternate (non-English) language MODX files used correctly. #
Template and theme files contained in their respective directories. #
Alternate style (template) MODX files are used correctly. #
Miscellaneous and alternate scripts including Text Template and auto-install files are placed in /contrib/ directory. #
MODX
If PHP 5.x specific code is used within the MOD, this must be noted in the MOD Author notes in the install MODX file. #
Installation performs correctly using Blinky . #
MOD is tested and works as intended. #
Templates
No hard-coded PHP in template files. #
prosilver HTML is valid XHTML 1.0 strict (contains no XHTML errors). #
subsilver2 HTML is valid XHTML 1.0 Transitional (contains no XHTML errors). #
No broken or missing images. #
English language images are supplied as necessary. #
CSS and Javascript are contained within <![CDATA[ ]]> blocks, and contain no validation errors. #
Language Files
File is saved as UTF-8 Encoded. #
File does not contain a BOM . #
PHP Files
request_var()[?] $_POST, $_GET, or $_REQUEST to get user input.#
integer variables from request_var() are request_var('var', 0); and not request_var('var', '0');. #
phpBB3 DBAL is used instead of database specific SQL functions.#
User-input string variables are properly sanitised using $db->sql_escape();[?] #
int and float variables are enforced type-casting as (int) and (float) when inserting into SQL queries. #
$db->sql_build_query();[?] #
$db->sql_build_array();[?] #
$db->sql_multi_insert();[?] #
$db->sql_in_set();[?] #
trigger_error();[?] die(); or message_die(); or similar.#
$_SERVER variables are properly sanitised, (many $_SERVER indexes can be user manipulated). See Sanitisation for information on how to properly sanitise variables.#
Contains no magic numbers . #
No un-initialised variables or indices. See {Initialised variables} #
$db->sql_query_limit();[?] LIMIT in SQL queries.#
Static SQL queries are cached. See {Caching queries}. #
login_forum_box(); or login_box();[?] #
SQL Queries within loops should be avoided. #
confirm_box();[?] #
URLs pointing to phpBB files call append_sid();[?] #
Miscellaneous
Tabs are used instead of spaces for indenting. #
Using Unix (LF) line endings. See: Line Ending Format #
Proper file headers and php DocBlocks are used. #
Braces { and } should be on newlines. See {Coding guidelines} #