All Activity

To resolve the version discrepancy, it’s best to update to the latest master version, 229. This version includes about 8-10 fixes that are not in version 227. Updating will ensure you have the most recent improvements and bug fixes. Just go to the download page and get the latest version.

@Jonathan Lahijani It's great you still working on this, can't wait to try it. I wish one day you make a tutorial on how to create an admin theme from scratch, as all forum's related content is outdated.

Thought this might be interesting for the UIkit/Tailwind users, maybe best of both worlds?? https://www.franken-ui.dev/docs/introduction

@Mustafa-Online I made nice update today on this module after not having touched it in several weeks. It's now basically complete but before I release it I still need to clean up some old code that's left over, make it work more nicely with SelectizeAll and provide similar overriding capabilities that the UIkit theme has. This module includes Bootstrap Icons and it substitutes Font Awesome icons accordingly (I went through each one and found the equivalents!). It also uses the Bootstrap navbar and dropdowns. A side-effect of this is ajax-loaded dropdown content won't work in the first release. I may backtrack on using Bootstrap dropdowns depending on if that becomes difficult. Anyway, it's looking good overall. If anyone is wondering why use this as opposed to UIkit, it may be beneficial if you are doing a lot of custom admin stuff and want to use pre-made Bootstrap styled components since the Bootstrap ecosystem is much much larger than UIkit. Also, it feels a little more fresh, although my actual reason for creating this was to for a way for me to get a deeper understanding of how admin themes work.

Here's one place this was talked about in the past: https://github.com/processwire/processwire-requests/issues/142

It's been talked about elsewhere here in the forums, but an alternate idea would be utilizing .env files. It would satisfy both the installation process and long-term management of values. Some benefits: Widely used across applications, frameworks, and languages running in a web server environment and strongly recommended as a standard practice Secure by default. Web servers do not serve .env files Provides the ability to manage local and production configurations separately Frameworks like Laravel provide a .env file as well as a .env.example file containing all variables used in the application. This is kept up to date, used to document application requirements, and is committed into the repository Values that are not security-critical can be safely stored in the example file Provides a convenient location for additional non-ProcessWire site/app specific values such as API keys, or those required for modules Solves the issue of excluding site/config.php from a repository given that it's a required file containing specific syntax and $config object property assignments If .env was available in ProcessWire I would have my Fluency module look for translation API keys there rather than store them in the database. A benefit there is that different environments like local/ staging/production can mean an environment that is yours and an environment that is a client's. Pulling the latest copy of a database from production wouldn't require manually re-configuring modules that require API keys, or module registration keys. It would be good to eliminate storing security-critical values in PHP files entirely. The .env file could be generated and populated during the ProcessWire install process pre-excluded in the .gitignore file. Example: ENVIRONMENT="development" # ProcessWire PW_DB_HOST=localhost PW_DB_NAME="your_database PW_DB_USER=your_database_user PW_DB_PASS="LowuHeju7[BoI3" PW_DB_PORT=3306 PW_DB_ENGINE=InnoDB PW_DEBUG=true PW_CHMOD_DIR=0755 PW_CHMOD_FILE=0644 PW_USE_PAGE_CLASSES=true PW_USE_FUNCTIONS_API=true PW_PREPEND_TEMPLATE_FILE="_init.php" PW_USER_AUTH_SALT=d5e3ac4beda1e382255bbd8744d7e815 PW_LOCALE="en_US.UTF-8" PW_TIMEZONE="America/Los_Angeles" PW_DEFAULT_ADMIN_THEME=AdminThemeUikit PW_INSTALLED=1580675413 PW_HTTP_HOSTS = "domain.com,www.domain.com" # Some API that is used EXTERNAL_SERVICE_API_URL="https://api.someservice.loc/v2" # Development EXTERNAL_SERVICE_API_KEY=0d41fe1b68244f4ea51ae5e4abd24fab # Mailgun MG_KEY=key-192cde47ab73095e747ebe7556577b2d MG_DOMAIN="mg.somedomain.com" # Forecast.io FORECAST_IO_KEY=c28096383d66bcb1e2cb9ec37153f85c To take the idea further, it could be integrated with the ProcessWire API in a way that would prevent conflicts, keep .env variable naming organized, and make any value added by the developer available. Something like: <?php // An accessor method, this is probably the cleanest and resembles other frameworks $config->env('SOME_ENV_VARIABLE'); // Nested under a property acting as a namespace $config->env->SOME_ENV_VARIABLE; // On ProcessWire projects I implement some extras to easily interact with .env values without needing to access them directly. $config->envIs('production'); // boolean I haven't built a ProcessWire site without implementing this for many years and there's a great widely-used great package that provides .env values to PHP. There are also hosting providers that make environment variables/secrets manageable through their admin UI that eliminates the need for an actual file in production entirely. If ProcessWire were to implement environment variables it could look to values that may already exist and fall back to using a file. Implementation aside, if someone is able to access phpinfo() in production it's a critical issue beyond exposing config values given the totality of information dumped by that function.

Amazing stuff, Ryan. Thank you.

Also another possibility - are you running Debian? If so, I find I have the same issue unless I add this to config.php /** * Enable Session Garbage Collection * Garbage Collection is disabled in Debian as default (probability set to zero) * Enable session garbage collection with a 1% chance of running on each session_start(); * Chance calculated as gc_probability/gc_divisor * Session path is defined inside wire/core/Session.php and points to site/assets/sessions * Thanks to this modification session now takes into account gc_maxlifetime set in config */ ini_set('session.gc_probability', 1); ini_set('session.gc_divisor', 100);

Are you calling your create() method from the constructor?

Dear all, thank you for all submissions. We will be contacting all of you whitin this week. Please do not send any further applications. All best, Dino

Are you 100% certain it is Cloudflare causing this issue. It took me many years of using ProcessWire to realise that it was me causing logouts by opening the browser dev tools device emulator for testing during site development. This happens because it sends a new user agent header and triggers a new session in the browser, therefore logging you out of the old session. You can see this happening in the PW logs - it records it as 'session invalidated' or similar.

@Jonathan Lahijani Any updates on this? I really like to use a new theme based on Bootstrap.

I don't know anything about the history of `strtr` in PHP, but my guess would be that the reason it has the ability to replace strings in the first place is simply an extension of its original purpose from single-byte characters to multi-byte. It just so happens that in PHP multi-byte characters are represented as strings… I don't know if that's right, but I've seen it in other languages, so it certainly seems plausible. And when you have that in your head using it to just replace arbitrary strings feels, you know, funny. 🙂

Thanks for the explanations. I actually use strtr quite a lot for an array of substring replacements - works great. Sorry for the confusion about how it replaces - I wasn't thinking straight and was thinking about this difference: "strtr will not replace in parts of the string that already have been replaced - str_replace will replace inside replaces", rather than the replacing only the first occurrence - sorry I rushed without thinking it through - my bad :(

Sorry, I should explain a bit more! `strtr` can work in two modes, and in one mode it can replace substrings. But that isn't its purpose, and I think it would be confusing to use it for that. (It would be especially confusing if, like me, you happen to know about `tr`.) Even more, though: like `str_replace`, `strtr` replaces all matching strings, not just the first. So it can't actually solve the original problem anyway.

@adrian Take a look at the description of strtr: So the purpose of `strtr` is to replace individual characters, not substrings. Take a look at Example #3 to see what I mean. (The `tr` in `strtr` comes from the Unix command `tr`, which does the same thing.)

@Michael Lenaghan - I am curious - did you find an issue with strtr or just went with Laravel's approach without looking into it? Not a criticism at all, just want it to be a learning experience for all of us if you did find an issue.

Issue here, pull request here.

Hi @Chris-PW I removed the javascript block for meta-shift-s and ctrl-s. After that, pressing ctrl-s in TinyMCE worked perfectly. Tested in Chrome/Windows11 and Firefox/Windows11, and via BrowserStack, also in Safari 17.3/MacOS Sonoma. Additionally, I removed the timeout in UIkit.notification(...) in QuickSave.js, because my pages have so many fields and languages that saving the page takes several seconds. And because the page is reloaded anyway, in my case it was better to simply leave the notification until the page reloads.

Hello everyone, As a community that frequently installs ProcessWire, we understand the importance of efficiency and security in our workflows. We’ve been contemplating the idea of leveraging auto-deploy scripts to streamline our installations, especially considering the wide array of web hosting panels available to us. Here’s a rough sketch of how we envision this process: Git clone: The first step would involve cloning the repository. Pre-configuration: Next, we’d place an install_preconfig.php file containing an array of variables that install.php could utilize if available. This file would include pre-configured variables such as dbhost, among others. Auto Install Modules Cleanup. Deleting the pre-config file & installation file. Currently, we’re aware that these variables are fetched using ini_get, which unfortunately poses a security risk. If someone were to launch phpinfo(), our credentials could potentially be exposed. To mitigate this, we propose replacing all variables in the install file with $preconfig['mysqli.default_host'] ?? ini_get("mysqli.default_host"). This way, we prioritize the use of our pre-configured variables, resorting to ini_get only when necessary. We believe this initiative could significantly enhance both the security and efficiency of our ProcessWire installations. However, we understand that this is a community effort. What is the best way to get this initiative hit off? @ryan Kind Regards,

Here is Laravel's implementation of `replaceFirst`; it uses `strpos` and `substr_replace`. I think the current behaviour is unintentional; I don't know if Ryan would consider it a bug? I suppose I should report it so that he can decide.

Maybe "strtr" instead of "str_replace" would take care of things as it only replaces the first instance. I am surprised though that it's not mentioned at all here: https://stackoverflow.com/questions/1252693/using-str-replace-so-that-it-only-acts-on-the-first-match so maybe I am missing something? Perhaps this is worth a thorough read: https://stackoverflow.com/questions/8177296/when-to-use-strtr-vs-str-replace

I haven't dug too deeply into this yet, but is I saw there is supported integration with TextformatterVideoEmbed - I'm wondering if this could apply to either TextformatterOembed / FieldtypeOembed postprocessing as well, or if that requires more fine tuning because of how different providers may offer different embedded content. Perhaps all of these fall under external-media?

Just reporting this to save other people some debugging time: Hanna Codes unintentionally "memoize" results. Here's a rough example of what I mean. Imagine a stateful Hanna Code. For example, imagine a Hanna Code that maintains a count, and increases the count each time it's used: [[count]] [[count]] [[count]] You'd expect this: 1 2 3 But you'll get this instead: 1 1 1 Here's where it gets very odd though: your Hanna Code will in fact be called three times, and the counter will in fact end up at "3"! It took me a bit to figure out what was going on. The problem is that all Hanna Codes are extracted up front, here. Then they're processed one by one, here. As each Hanna Code is processed, it gets replaced here. And that's the problem: the replacement is global; all matches get replaced, not just the first. So in this example all three `[[count]]`s will be extracted, and the loop will iterate three times, but the first iteration will replace all occurrences of `[[count]]`, leaving nothing for the next two iterations to replace. (I'm calling this "unintentional memoization" because typically you memoize to avoid work. In this case work isn't avoided, the result of the work simply isn't used.)

Thank you for your feedback and that you like my module. It seems that the meta+s shortcuts are also triggered in Windows or only from Windows 11. Unfortunately I have no way to test the module on Windows. It would be great if you could remove ctrl+s in quicksavetinymce.js and just put meta+s. It's best to clear the cache. I would be very interested to know whether only Meta+s are actually sufficient for Windows in TinyMCE. Thank you in advance for your feedback FYI meta+S is only integrated so that it can be saved even when Caps Lock is active. You could actually leave that in.