New modules, file validation, and great websites

Hope that you had a Merry Christmas and a great week. Time to get ready for 2020 — Happy New Year!

With this being a holiday week, family in town and kids home from school, there's not much time for work! Nevertheless we’ve got a lot to cover here, including release of the new LoginRegisterPro module, a new FileValidator module, and also a couple of really cool ProcessWire powered websites I became aware of this week.

Focused on our upcoming new master release, this week there have been just minor changes and additions to the core. I’m basically just keeping my eye out for any showstopper issues on GitHub and trying to avoid making any additions or changes that might require live testing. This is to ensure that we can get our next master version released by or before January 1st. I think we’re ready for that master version now, but am going to wait a few more days, just to be sure. Following that, we’ll get back to more regular additions/changes on the dev branch and working through other GitHub issues.

LoginRegisterPro released

The LoginRegisterPro module was released on the 24th and is now available in the ProcessWire store. This module has been covered in previous posts and now has a dedicated info page and comprehensive documentation page, so see those for more details. If you've ever wanted to maintain a website with secure front-end login, new user registration, profile editing and more, I think you'll really like this one.

As a thanks for getting it during the beta period (which will go till January 1st) use coupon code PWLRBETA1 to subtract $20 from the Personal/single edition, or PWLRBETA2 to subtract $40 from the Dev or Agency edition. These are used at checkout. Thank you for all of the interest in this module and I hope that you like the result as much as I've enjoyed building it. I'm very excited about this addition to the collection Pro modules available here.

New FileValidatorImage module

This week I released a module (available on GitHub or in the modules directory) that performs comprehensive validation of image files: FileValidatorImage. This uses ProcessWire’s FileValidatorModule pre-defined module type, which (as far as I know) is something only Adrian had put to use before, with his FileValidatorSvgSanitizer module.

This module implements ProcessWire’s FileValidator interface, which is used by $sanitizer->validateFile() as part of ProcessWire’s built-in file validations. This is used by existing file uploads in InputfieldFile and InputfieldImage, for example. This module adds support for validation of common image bitmap formats, currently JPG, PNG, GIF.

The new FileValidatorImage module focuses on validating JPG, PNG and GIF files more thoroughly than the core. The nice thing about FileValidator modules is that the core already supports and uses them, and has for a long time. They are used automatically whenever a file is uploaded (without you having to configure anything). In addition, ProcessWire’s $sanitizer->validateFile() uses them automatically as well. Below is a list of validations that the Image FileValidator module performs:

  • Extension must be one of: jpg, jpeg, gif, png.
  • Image type must match PHP’s IMAGETYPE_* constant for GIF, PNG or JPEG.
  • Image type must be consistent with that specified by file extension.
  • MIME type must be consistent with that specified by file extension.
  • MIME type must be any one of the following: image/gif, image/png, image/jpeg, image/pjpeg, image/x-png.
  • EXIF data must not contain specific PHP or Javascript malware.
  • Image must always be greater than 1x1 in size dimension.
  • Image must fit within specified min-width/min-height and max-width/max-height dimensions (if used).

About FileValidator modules

I’m going to be developing more FileValidator modules for other file types like PDF and others shortly. The reason for a renewed focus on FileValidator modules is in part related to an upcoming feature in the LoginRegisterPro module. I’ve been developing a front-end file uploads feature for it (via a module named InputfieldFrontendFile), and in this environment we aren’t dealing with trusted users. So we have to maintain much stronger validation than we would in an admin (trusted user) environment.

The FileValidator modules seem like an ideal way to handle this, and they’ve been (so-far) underutilized, so I’m going to continue building them out for more file types. Having the appropriate FileValidator module(s) will be a necessity with front-end file uploads, like in LoginRegisterPro, but also definitely a useful addition on any ProcessWire-powered site.

New ProcessWire-powered websites

I’m always amazed at the work you all are doing in building websites with ProcessWire. There’s just some really impressive work coming from the community and I wanted to highlight a couple that caught my attention this week.

Aaron Copland

The website for composer Aaron Copland was posted this week by Macrura and he’s done a beautiful job with it. Ever since I was a little kid, I’ve always really enjoyed Aaron Copland’s music, and I was really honored to see this amazing website running ProcessWire. Macrura posted more details about the website and what tools were used in this forum thread. There’s a discussion thread on the website going there as well.

Sono Motors

The website for Sono Motors is a beautiful ProcessWire-powered site that long-time ProcessWire user Jakob Härter emailed me about this week. I had never seen it, and I don't think he's yet posted it to our sites directory. As a fan of electric cars, I was really captivated by the website and the product it represents. Take some time to click around, it’s really quite impressive. Sono Motors is an EV startup with 100 employees working to bring an impressive and innovative solar-electric car to the market. From what I understand, they are fighting hard to keep their project going and could use our support in getting the word out, especially now. So if you have any kind of social reach I know they’d appreciate your support in sharing their impressive project and website with the world.

See more ProcessWire powered websites in our sites directory and Showcase board and please add your sites too.

Thanks for reading, and be sure to read the always awesome ProcessWire Weekly this weekend too. Have a great weekend and a Happy New Year!

 

PrevLogin Register Pro

9

This week we’ll take a look at LoginRegisterPro — a new module that provides an all-in-one, self contained module for providing new user registration, secure logins, profile editing, and more. It does this all in a manner that is reliable, efficient, comprehensive and secure. More 

NextProcessWire 3.0.148 new master

6

Today we have a new master version released, version 3.0.148! The last master version was 3.0.123, so there are 25 new versions worth of upgrades, fixes and optimizations in this new master version, relative to the previous. In this post we’ll take a closer look at what’s new, how to upgrade, and more. More 

Twitter updates

  • Quick weekly update covering this week's commits for the upcoming 3.0.167 ProcessWire core version— More
    18 September 2020
  • This week ProcessWire version 3.0.166 is released on the dev branch. In this post we’ll cover all that’s new relative to the previous version, 3.0.165. Plus we’ll check out the latest new versions of ProCache and FormBuilder— More
    11 September 2020
  • Weekly update – 28 August 2020 – New secure files option defined per-template: More
    28 August 2020

Latest news

  • ProcessWire Weekly #332
    In the 332nd issue of ProcessWire Weekly we'll cover the latest core updates, introduce some new and updated ProcessWire resources, and more. Read on!
    Weekly.pw / 19 September 2020
  • ProcessWire 3.0.166 core updates and more
    This week ProcessWire version 3.0.166 is released on the dev branch. In this post we’ll cover all that’s new relative to the previous version, 3.0.165. Plus we’ll check out the latest new versions of ProCache and FormBuilder.
    Blog / 11 September 2020
  • Subscribe to weekly ProcessWire news

“We chose ProcessWire because of its excellent architecture, modular extensibility and the internal API. The CMS offers the necessary flexibility and performance for such a complex website like superbude.de. ProcessWire offers options that are only available for larger systems, such as Drupal, and allows a much slimmer development process.” —xport communication GmbH