Coding Standards: Final cleanup for tripal_feature; added @coder-ignore for errors to be ignored

tripal_feature/fasta_loader.php

@@ -651,9 +651,11 @@ function tripal_feature_fasta_loader_handle_feature($name, $uname, $db_id, $acce
 
   // add in the analysis link
   if ($analysis_id) {
+    // @coder-ignore: non-drupal table thus table prefixing doesn't apply
     $analysis_link_sql = 'SELECT * FROM analysisfeature WHERE analysis_id=%d AND feature_id=%d';
     $analysis_link = db_fetch_object(db_query($analysis_link_sql, $analysis_id, $feature->feature_id));
     if (!$analysis_link) {
+      // @coder-ignore: non-drupal table thus table prefixing doesn't apply
       $sql = "INSERT INTO analysisfeature (analysis_id, feature_id) VALUES (%d, %d)";
       $result = db_query($sql, $analysis_id, $feature->feature_id);
       if (!$result) {
@@ -666,9 +668,11 @@ function tripal_feature_fasta_loader_handle_feature($name, $uname, $db_id, $acce
    // now add the database cross reference
   if ($db_id) {
     // check to see if this accession reference exists, if not add it
+    // @coder-ignore: non-drupal table thus table prefixing doesn't apply
     $dbxrefsql = "SELECT * FROM dbxref WHERE db_id = %d and accession = '%s'";
     $dbxref = db_fetch_object(db_query($dbxrefsql, $db_id, $accession));
     if (!$dbxref) {
+      // @coder-ignore: non-drupal table thus table prefixing doesn't apply
       $sql = "INSERT INTO dbxref (db_id,accession) VALUES (%d, '%s')";
       $result = db_query($sql, $db_id, $accession);
       if (!$result) {

tripal_feature/gff_loader.php

@@ -158,6 +158,8 @@ function tripal_feature_gff3_load_form_validate($form, &$form_state) {
     form_set_error('gff_file', t("Cannot find the file on the system. Check that the file exists or that the web server has permissions to read the file."));
   }
 
+  // @coder-ignore: there are no functions being called here
+  // @todo: break each line of this conditional into separate variables to make more readable
   if (($add_only AND ($update OR $refresh OR $remove)) OR
     ($update AND ($add_only OR $refresh OR $remove)) OR
     ($refresh AND ($update OR $add_only OR $remove)) OR
@@ -237,6 +239,7 @@ function tripal_feature_load_gff3($gff_file, $organism_id, $analysis_id, $add_on
 
   // get the controlled vocaubulary that we'll be using.  The
   // default is the 'sequence' ontology
+  // @coder-ignore: non-drupal schema thus table prefixing does not apply
   $sql = "SELECT * FROM cv WHERE name = '%s'";
   $cv = db_fetch_object(db_query($sql, 'sequence'));
   if (!$cv) {
@@ -245,6 +248,7 @@ function tripal_feature_load_gff3($gff_file, $organism_id, $analysis_id, $add_on
   }
 
   // get the organism for which this GFF3 file belongs
+  // @coder-ignore: non-drupal schema thus table prefixing does not apply
   $sql = "SELECT * FROM organism WHERE organism_id = %d";
   $organism = db_fetch_object(db_query($sql, $organism_id));
 
@@ -908,6 +912,7 @@ function tripal_feature_load_gff3_alias($feature, $aliases) {
 
     // check to see if we have a NULL publication in the pub table.  If not,
     // then add one.
+    // @coder-ignore: non-drupal schema thus table prefixing does not apply
     $pubsql = "SELECT * FROM {pub} WHERE uniquename = 'null'";
     $pub = db_fetch_object(db_query($pubsql));
     if (!$pub) {

tripal_feature/syncFeatures.php

@@ -344,6 +344,7 @@ function tripal_feature_sync_feature($feature_id) {
   // if we have a chado feature, we want to check to see if we have a node
   $cfsql = "SELECT * FROM {chado_feature} ".
           "WHERE feature_id = %d";
+  // @coder-ignore: don't need to use db_rewrite_sql() since need all nodes regardless of access control
   $nsql =  "SELECT * FROM {node} ".
           "WHERE nid = %d";
   $chado_feature = db_fetch_object(db_query($cfsql, $feature->feature_id));

tripal_feature/tripal_feature.admin.inc

@@ -837,7 +837,7 @@ function tripal_feature_aggregator_form_submit($form, &$form_state) {
  */
 function tripal_feature_aggregator_ajax_edit() {
   // get the database id, build the form and then return the JSON object
-  $type_id = $_POST['type_id'];
+  $type_id = filter_xss($_POST['type_id']);
   $form = drupal_get_form('tripal_feature_aggregator_form', $type_id);
   drupal_json(array('status' => TRUE, 'data' => $form));
 }

tripal_feature/tripal_feature.coder_ignores.txt

@@ -0,0 +1,21 @@
+; The file should be formatted this way :
+; file:line:warning-type
+; where warning-type is one of security, style, sql, i18n, comment, etc.
+
+; This query selects from a non-drupal schema where the database prefixes are not
+; applied and thus the curcly brackets ({}) are not needed
+fasta_loader.php:655:sql
+fasta_loader.php:659:sql
+fasta_loader.php:672:sql
+fasta_loader.php:676:sql
+gff_loader.php:243:sql
+gff_loader.php:252:sql
+gff_loader.php:919:sql
+
+; This is a multi-line conditional that needs to be re-written to be more readable
+gff_loader.php:164:style
+gff_loader.php:165:style
+gff_loader.php:166:style
+
+; Don't need to use db_rewrite_sql() since need all nodes regardless of access control
+syncFeatures.php:425:sql

tripal_feature/tripal_feature.module

@@ -2441,3 +2441,13 @@ function tripal_feature_job_describe_args($callback, $args) {
   return $new_args;
 }
 
+/**
+ * Implements hook_coder_ignore().
+ * Defines the path to the file (tripal_core.coder_ignores.txt) where ignore rules for coder are stored
+ */
+function tripal_feature_coder_ignore() {
+  return array(
+    'path' => drupal_get_path('module', 'tripal_feature'),
+    'line prefix' => drupal_get_path('module', 'tripal_feature'),
+  );
+}