Submitted one of scripts for review on CodeCanyon. Just like other authors, got EXACTLY THE SAME email with these reasons of rejection:
- PSR STANDARDS
- ERROR_REPORTING
- DOUBLE CHECK FOR XSS ETC.
- NOT INCLUDE THIRD PARTY OR ENCRYPTED CODE
So question to Envato team - do you really review scripts? Or acceptance/rejection is random? If so, how do you review code? I’m asking because everyone seems to get exactly the same message when item is rejected. I admit error_reporting was NOT used in my script, so this point for rejection is completely reasonable. However, these subjects are very unclear to me.
PSR STANDARTS, Does this rule apply to new developers only? Just checked some of templates/scripts I purchased from Envato, and many of them do NOT comply with PSR standards. For example - https://themeforest.net/item/composer-responsive-multipurpose-highperformance-wordpress-theme/13454476 - does NOT use 4 spaces instead of tabs in PHP code, does not follow rules of naming functions,and so on. According to PSR, these requirements are MUST, so why do existing authors can ignore PSR?
DOUBLE CHECK FOR XSS ETC. Actually, this script is in heavy use for 10+ years (I just decided to start selling it via Envato) and no single hack was reported so far. So how Envato team determined the script has security flaws? Needless to say, it uses prepared statements and other security measures. Does Envato team has a team of experienced hackers who exploit every single script, or what?
NOT INCLUDE THIRD PARTY OR ENCRYPTED CODE. Script never included any. Sure thing, script uses 3rd party libraries such as font awesome, bootstrap, etc., but many scripts do.
Could someone please comment?