Module Guidelines

This section details the specific rules and requirements for creating modules that meet PrestaShop MarketPlace standards.

For more information, refer to the validation checklist.

  • The module structure is correct.
  • PHP files are executed in the PrestaShop context.
  • PrestaShop version compliancy is declared.
  • Core tables are untouched.
  • Other modules are not altered.
  • The module does not rely on external assets.
  • The archive contains only one module.
  • Code is written in English.
  • Code in hooks is run only when needed.
  • Documentation is provided.
  • A functional review is completed.
  • If it’s a payment type module, it follows the Payment Modules Rules.
  • SQL request variables are sanitized and escaped.
  • No unsafe or deprecated methods are used.
  • An .htaccess file exists in the root folder of the module.
  • Smarty variables are escaped.
  • An index.php file exists in each folder to prevent directory listing.
  • Files are deleted when updating a module.
  • The license is supported according to PrestaShop licenses.
  • Files are stored in the proper directory.
  • Usage of iframes is restricted to highly secure websites.
  • Support is provided through the PrestaShop Marketplace.
  • Calls from external services are secured.
  • HTML code is written in template files.
  • The risk of conflicts between modules is low.
  • AJAX/Cron tasks are secured and in a controller.
  • Debug statements have been cleaned.
  • Commented code has been removed.
  • Empty and generated files have been removed.