Jump to content

Leaderboard

Popular Content

Showing content with the highest reputation on 09/29/2014 in all areas

  1. Still messing with this a little, but... http://theblokewotdoeswebsites.uk/ Made with ProcessWire, of course, (2.5.3) with the Foundation 5 framework and Adobe Edge Animate on the front page. Hanna code used a lot and Pro Cache. Generally speaking it is more fancy to look at than fancy at the back end. That is the nice thing about ProcessWire - I could do most of what I needed without bloating it out with a ton of plugins. All the graphics are mine (couldn't afford a proper graphic person) - except the globe The music is played out with a very neat little library called howler.js http://goldfirestudios.com/blog/104/howler.js-Modern-Web-Audio-Javascript-Library It is not pro-cached yet (since I am still messing) and I haven't squished the scripts or css yet. But, other than that, it is suitably scary.
    6 points
  2. Our client wanted a site that would allow users to join a sport events (either free or for a small fee) and that would be easy and flexible for moderators. The final (well, there are some unpolished little things there - so let's call it a beta) effect is available to see here: http://www.meetspot.pl/ It was the first major project based on ProcessWire for us and it (PW) worked flawlessly. One thing I would like to see is a front-end user module ready from the get-go - while the API is super nice we spent a lot of time on reinventing the wheel: e-mail confirmations, captcha checks, Facebook integration, and so on. Maybe someday we will extract our code into separate module, but it's kind of tightly coupled to templates so it could be problematic. Other than that PW was perfect, and we felt we made the 100% right choice when we had chose it. API is very solid, and - besides aforementioned members managment - we only had to focus on major features (managing events, payments, cancellations). All the rest was already solved. There were a lot of third-party integrations (payment gate, Facebook, MapBox, SMS/text message integration) - and from the PW side everything went really smooth. Furthermore, the client is happy with the administrators' options. Actually, we even didn't had to explain things - the dashboard is so intuitive. Looking forward to Your feedback and opinions.
    6 points
  3. exit print_r var_dump gettype ProcessWire
    6 points
  4. Generally speaking and in addition to pwireds post, three more "philosphical" points to start: Look at the HTML you want to achieve (its semantics, its structure) without having any particular CMS in mind. Keep in mind that you possibly replace everything with field output (as in: for the template file, you could as many fields as you want to make all the desired parts of the site/page "moving parts", editable parts). Check for repetitive things (in your example for example blog posts, books, tv appearances, videos) Seek potential data relationships (in your example not that important) and have to keep in mind, that ProcessWire way of organizing content is basically one big tree, with all advantages of this approach (for example pools of blogposts, of books, of videos...)
    6 points
  5. The Robert Reich site you linked to is a straight-up blog, which is the kind of site perfectly suited to wordpress. You can absolutely build a site like that in ProcessWire too though (as well as sites that are less blog-y ... which is where a system like ProcessWire will really shine because it won't lock you into a blog-like page structure). I would say the big difference between wordpress and processwire is that wordpress has some assumptions baked into it... it assumes that most pages on your site are blog posts, it assumes you have 1 primary area for content per page and then some miscellaneous "widgets" that appear on every page (in the sidebar, for example), and it assumes that your templates have a header, footer, and a few different types of "interiors" (post, page, etc). The thing about processwire is that it imposes very few of these kinds of assumptions on you. Really the only assumptions it makes is that you have pages of various different "types" (different types could be different visual layouts and/or different pieces of content). So you don't just have "posts" and "pages"... you can have whatever you want. Another big difference is wordpress's assumption that there is 1 primary piece of content per page... in processwire there is absolutely NO assumption about what content lives on each page (except for 1: every page must have a "title"). If you have ever used the wordpress plugin "Advanced Custom Fields", then you can kinda-sorta think of processwire as an entire CMS based around the ACF mindset. SO... to recreate that Robert Reich site, you would have a "blog_post" template, a "home" template, and an "archive" template. The "home" template is only used on 1 page (the home page), and the "archive" template is only used on 1 page (the archives page). The "blog_post" template is used by all other pages. In terms of the page structure (like the sitemap tree), you'd probably have the home page at the top, and "posts" page underneath (which could serve as the "archive" page and also a parent page for all blog posts). The home page template would have the following fields: bio (textarea w/ CKEditor) books (Repeater field) TV Appearances (Repeater field) Movie (video) Slideshow (some kind of slideshow field, or an image field with your own front-end slideshow javascript code) videos (repeater) The home page template would output all these fields in the appropriate places, and then in the middle of the layout it would use ProcessWire's "query" to display the 10 most-recent posts. For the "archives" page, you also use PW's query API to retrieve ALL posts, and in your php code you can segment them by month/year. For the blog post pages themselves, you have a "body" field for the primary content (a textarea with CKEditor). Note that the stuff on the left and right sidebars of the home page actually appear across all pages... so these are more like "global content" areas or "snippets" or "widgets"... I'm relatively new to ProcessWire myself so I'm unsure what the best way to achieve re-usability of these is (hopefully someone else can chime in about that... perhaps creating a dummy page in the sitemap that holds these and then the template retrieves the fields of that dummy page and outputs them?). There's also an RSS feed page and a 404 page template you'll want... you can copy these from the default site profiles that PW gives you upon installation. So that's a high-level overview (from someone who is relatively new to ProcessWire, which is probably both good and bad in terms of explaining things Let us know how it goes!
    5 points
  6. I like the idea...meanwhile, use Soma's Admin Hot Keys . Save : ctrl+s https://processwire.com/talk/topic/1524-admin-hot-keys/ http://mods.pw/13
    4 points
  7. I am a newbie to ProcessWire, but a very experienced web developer (using a variety of other CMS's and frameworks). I think the big picture here, as others have stated, is that PW doesn't really dictate any particular style for structuring your templates -- what you're seeing in the intermediate profile is just an example of how some people choose to do it. I personally do not like that method at all, because I build a lot of sites with very custom designs, so the markup I get from designers is very important and usually I like to keep my CMS templates as close to the original markup as possible. I do not like putting html into variables, and I do not like treating my template output as some kind of machine that generates markup. On the contrary, I like to take the markup I'm given and intersperse content variables in the slots they belong. But I understand that a lot of other developers are not as design- or markup-focused, and instead prefer to treat the html as just something outputted from their own system. My least-favorite CMS I've ever used is Drupal, because the whole thing is based on this mindset of contorting your markup to work within its system of outputting stuff. My most-favorite CMS's are ones that just give you the data and let you output it any way you want (CMS Made Simple, Concrete5, ProcessWire, etc.). So I don't really have a point here, other than wanting to pipe in and let you know that you are *not* doing anything wrong or thinking about anything the wrong way! You should just ignore the way things are done in the intermediate profile (what the PW folks are calling the "delayed output method") and instead stick to the way things are done in the basic profile (what the PW folks are calling the "direct output method"). There is no "eureka" moment really, other than understanding that some people see the world in different ways So if there were one thing I'd want to change about how these profiles are done, it's just that I think calling one "basic" and another "intermediate" gives the wrong impression -- I think it would be better to refer to them as "simple" versus "concentrated", or "designer-focused" versus "programmer-focused", or "markup-oriented" versus "architecture-oriented" -- some way to indicate that they are two different ways to do things and one is not more "advanced" or "better" or "farther along the path of learning" than the other. Just my two cents though.
    4 points
  8. I am working on a site where the template has lots of fields, including a couple of large textareas. For reasons of logic, these fields are right in the middle of the form in the admin. I am getting really bored of changing a few words and then scrolling up or down to the save button before checking my little change looks okay on the website. The page, having saved, is now parked back at the top and I have to scroll back down to my field to change a bit more. What would be really nice is a little "Save just this field" icon next to my CKEditor field that saves the field with Ajax so that I don't have to scroll anywhere and I stay exactly where I put myself! I know this is complete laziness, but laziness is good for the soul (and mandatory for the writer....)
    3 points
  9. And this can be easily removed. Any field can be or not required, title just comes as default.
    3 points
  10. In the attributes, just put tag instead of tag=div Forget this Rename to opencol3 OR open_col_3 rather than open-col-3. Then call it as [[opencol3]] OR [[open_col_3 tag=aside]] Works for me, . Seems the hyphens are throwing Hanna off? Strange..see below Edit 1: It seems it is just the name with the hyphens that was throwing Hanna off. So, open-col-3 doesn't work, but opencol3 does. Edit 2: So, the instructions below are not entirely correct? Isn't that a hyphen? That first character?
    3 points
  11. This technique works very well for me. I only ask if the duck hasn't got an answer.
    3 points
  12. Simple but nice for small debuggings https://chrome.google.com/webstore/detail/vardumpling/aikblkmigebodlhkdepmfmgdgmbokkdn?hl=en&gl=US
    2 points
  13. The issue was already reported in February: https://github.com/ryancramerdesign/ProcessHannaCode/issues/3 I now posted it to the Hanna Code thread: https://processwire.com/talk/topic/3745-hanna-code/page-10#entry75194
    2 points
  14. https://processwire.com/talk/topic/4550-debugging-tips/
    2 points
  15. 2 points
  16. Oh my god!! I trusted so much in PW, I never thought this could be a problem!!!! Thank you a lot kongondo! And yes it is a hyphen. And it's also proofed in letters: Problem solved.
    2 points
  17. Ah, OK. Well, that depends on where the $msg1 and $emailTo fields come from and if you trust them to never have anything malicious in them. If they can have something malicious (like a frontend user entering an email address, or anything that gets made part of $msg1) then, no, this is definitely not "code tight". Always sanitize user input. Please look at PWs sanitizer class; it has methods specifically for making email addresses and general text more "code tight." It's also not code tight as it totally ignores the return value of the mail() call - so you'll never know if the send failed. You can also simplify your example by getting rid of the assignment to $header in the call. Here's the last two points put together. I'll leave the sanitization research to you as it's important you find out about it. $result = mail($emailTo, "Bestellung", $msg1, "MIME-Version: 1.0\r\nContent-type: text/plain; charset=UTF-8\r\n"); if (!$result) { // email send failed. } else { // send succeeded }
    2 points
  18. Just one other thing: I don't think one method is any more efficient than another from the point of view of load times and so on - at least, not by very much. So, it really is down to how you like to organise your head!
    2 points
  19. Hey, this is a website I finished some months ago. The website is for a christian "St. Johannis" church close to where I live and is managed by my mother (that's where my "my mother should be able to use this" comparisons are from ). I really clean and minimalistic but a lot better than the old design. Trust me
    2 points
  20. I didn't trust you so I visited the Internet Archive: it wasn't *that* bad! Awe-inspiring shades of liturgical violet and red
    2 points
  21. @toothpaste There are various ways to detect a mobile device. Here is one I've used in the past: http://mobiledetect.net/ With that you can output any template you want. Super easy way to target only smaller devices.
    2 points
  22. This is by design. and everyone can replicate it by simply setting the amount of memory way to small for such large images on his server. So, the error message in the first example isn't that lucky because you see the error from the derivative image (admin thumbnail 0x100) what could not be created from the way to large original image that should be scaled down to a max-size. If you have a look into the original image (open it in a simple plain text editor!) you will see that it contains something like: whereas the 0x100 thumb contains: @Ryan: Maybe we need to display the error from original image too so that it is more clear what was going on? So, but in your second example you can already read it by yourself: not enough memory to load/resize Imagerendering with the GD-lib needs minimum ram memory 2 - 2.5 times of the uncompressed image! If you load to large images into memory GD/PHP crashes with a not catchable fatal error. PW since version 2.5 does look ahead to available memory at runtime before loading images into memory. This way it saves you from crashes! I like how it works. Great job @Ryan! Simple calculation example with your image: width x height x colorchannels = memory bytes 4.608 x 3.456 x 3 = 47.775.744 - just to load one of those images into memory (togehther with rest of PW) you need 60MB ram! - and if you want to manipulate / resize it you need 47.775.774 x 2.3 = 109.884.211. Do you have a minimum of 128MB memory available for PHP? No, you need to bump it up. I recommend setting it higher in available server configuration panels, php.ini file or in the .htaccess: <IfModule mod_php5.c> php_value memory_limit 256M </IfModule> But you should not transmit images 4 times larger than the largest needed display size. (Denk an unsere Umwelt und an unsere Kinder die diese auch noch brauchen!) g-translate: (Remember our environment and our children also need this yet)
    2 points
  23. @KentBrockman, it's all in the family.
    2 points
  24. firstly, note that this my first attempt to make something using php after course in codecadamy.com, also that English is not my first language and I am new to PW i am new to back end web dev and i want to know how to make some basic websites. so i started to play with PW and tried to make some basic things work (btw PW is great). First more problematic thing that i found was how to make forms. like contact forms and so on. here are the problems that i wrote down and tried to find solutions for them: how to make some fields required how to validate some of the inputs if they meet the conditions how to return error message in normal language how to make these errors render like it should in foundation 5 framework ( http://foundation.zurb.com/docs/components/forms.html ) and make it easy how to make some text stay in an input as a value if there was an error somewhere in form. for example if there is a long form and you make mistake in just one field you dont want to make the user type everything again. since i am php newbie it surprised me there actually are php libraries for form validation ... i found valitron http://vancelucas.com/blog/valitron-the-simple-validation-library-that-doesnt-suck/ https://github.com/vlucas/valitron so i thought that it could help. I tried to make it work with PW and here is what i made ... it seems it work it is form.php template... <?php include("./init.inc"); include("./valitron-master/src/Valitron/Validator.php"); // at first i include Valitron. as you can see i copied what i downloaded from github in templates directory... // then i make subclass pwValitron to add some features class PwValitron extends Valitron\Validator { // this function will return 'error' if the field cannot be validated. I use put it in class of particular container. it is bassed on foundation 5 error states public function error_class($field) { if ($this->errors($field)) { return "error"; } return ""; } // this will render error messages. in nice foundation5 style. // $this->errors($field) returns an array of error messages for particular field. public function render_errors($field) { if ($this->errors($field)) { return "<small class='error'>" . implode($this->errors($field), "<br>") . "</small>" ; } return ""; } // this will return a value of particular field only if form caanot be validated because there is some error public function value($field) { if (!empty($this->_errors)) { return $this->_fields[$field]; } return ""; } } // this is how we send data for valitron to validate $v = new PwValitron(array( 'title' => $sanitizer->text($input->post->title), 'email' => $sanitizer->email($input->post->email), 'website' => $sanitizer->url($input->post->website), 'budget' => $sanitizer->text($input->post->budget), ) ); // then we define rules $v->rule('required', ['title', 'email', 'budget']); $v->rule('lengthMin', 'title', 5); $v->rule('email', 'email'); $v->rule('url', 'website'); $v->rule('numeric', 'budget'); $v->rule('min', 'budget', 500); if ($input->post->submit) { if($v->validate()) { // if form is walidated $bodycopy .= "Yay! We're all good!"; //do something with data here } } // now we can write html of whole form // note how I use these ... // {$v->error_class('title')} - will return 'error' and thus add error class only if there is some error // {$v->value('title')} - will return value of field what user wrote if there is an error in form and the form was not submitted // {$v->render_errors('title')} - will render error messages $out = " <form method='post' action='./'> <div class='row'> <div class='medium-8 large-6 medium-centered columns'> <div class='row'> <div class='large-12 columns {$v->error_class('title')}'> <label for='title'>Choose a title</label> <small>it must be 5 or more characters in length</small> <input type='text' placeholder='title' name='title' id='title' value='{$v->value('title')}'/> {$v->render_errors('title')} </div> </div> <div class='row'> <div class='large-12 columns {$v->error_class('email')}'> <label for='email'>What's your email address?</label> <input type='text' placeholder='john@gmail.com' name='email' id='email' value='{$v->value('email')}'/> {$v->render_errors('email')} </div> </div> <div class='row'> <div class='large-12 columns {$v->error_class('website')}'> <label for='website'>Your website</label> <input type='text' placeholder='www.example.com' name='website' id='website' value='{$v->value('website')}'/> {$v->render_errors('website')} </div> </div> <div class='row'> <div class='large-12 columns {$v->error_class('budget')}'> <label for='budget'>What's your budget? (USD)</label> <input type='text' placeholder='750' name='budget' id='budget' value='{$v->value('budget')}'/> {$v->render_errors('budget')} </div> </div> <div class='row'> <div class='large-12 columns'> <div class='text-right'> <input value='submit' type='submit' name='submit' class='button'/> </div> </div> </div> </div> </div> </form>"; $bodycopy .= $out; include("./main.inc"); I would like to know what do you think about it. can it be useful for pw community? is there a better way to do it? can it be made as a module? is there anything wrong? what should be added? Thanks Marek
    1 point
  25. Upgrading processwire... in just 3 minutes
    1 point
  26. This shouldn't be difficult to do. You just need to add the checkbox to your template so that each story has a checkbox or "Complete" button or such. Use some jquery: $('#checked').click(function(){ $.ajax( '/change_complete_status.php?pageid=<?php echo $page->id; ?>'); }); Although maybe you need to inject an article id, rather than the entire page id - not sure how you have things set up. Then in change_complete_status.php <?php include("./index.php"); //bootstrap PW $page_id = (int) wire('input')->get->pageid; $p = wire('pages')->get($page_id); $p->of(false); $p->checked = 1; $p->save("checked"); Or something along those lines.
    1 point
  27. Yes...the correct position is every page must have a "name"
    1 point
  28. I use Xdebug and PHP storm. Debugging is very easy using these tools and of course, you still have the regular PHP output capabilities as well. Despite what has been said in this thread, I find being able to step through code incredibly useful so I would always use a real debugger over and above temporary logging. Using var_dump and so on means adding code and then having to remove it when you're done. Just adding a breakpoint is an easy way to work and nothing to change later, unless of course, you find your bug! Hope this helps.
    1 point
  29. I think having a step debugger is incredibly valuable, especially when trying to understand a system you didn't create yourself (e.g. ProcessWire, or any CMS or framework you're building on top of). I develop on a mac, and my preferred solution is xdebug (which comes preinstalled on MAMP these days) with the very light-weight and simple "MacGDBp" app (which is like the GUI front-end for xdebug): https://www.bluestatic.org/blog/category/macgdbp/
    1 point
  30. The article is a) once again a shameless plug and b) only subtly mentions ProcessWire at all BUT since it is based on an article of (in this forum) known wptavern.com and deals with the perception of CMS with a strong ease of use, I thought I just leave link here: Link
    1 point
  31. The music didn't auto start for me. Didn't even know there was music until I read comments above and later noticed the buttons on the bottom left. Then I couldn't stop listening to the music . Nice tune!
    1 point
  32. Wait until Soma reads this and you'll have one more
    1 point
  33. I use NetBeans in combination with xdebug. Works like a charm! You can dive into object variables and see their internal status or just step through your code just like with any other real world debugger (as I'm used to have in java and/or .net). It's funny: A couple of years ago I asked the same question in the official joomla forum and no one answered for a long time (and after some months there were like 2 replies) and here there are 4 replies in less than 2 hours...
    1 point
  34. He said "I'm just getting started with ProcessWire" usually starters don´t know css plus responsive, that´s why I came up with a css grid (pocketgrid) Besides I don´t think in that website everything is simply stacked on top of each other vertically.
    1 point
  35. Think of that home page as an aggregate of several pages on a "normal" website: In that case you would have something like this on the processwire tree: Home My work Aftershock Beyond Outrage .... Television appearances Colbert report, nov 2013 Daily Show, sep 2013 ... Posts Raising Most People’s Wages Why Ordinary People... ... etc Then, with the API, you can easily target those parent pages and display their children in your HTML structure. You need to know how to structure templates, fields and pages and learn the API You need to understand that in PW everything are pages, and pages are not necessarily representations of "viewable website pages" Consider going through the tutorials here http://processwire.com/docs/ Ahem! You don't need a framework to do something as simple as three columns. You can of course, but you don't have to. And welcome to the forums
    1 point
  36. Start digging the forum categories in community support for an hour, I am sure your questions will be different by then. https://processwire.com/talk/topic/4173-grouped-forum-posts-links-articles-tutorials-code-snippets/ Glad you could make it to processwire the cms/cmf/cme that just works how it should be. You need a css framework to place all the different parts of that website in the positions as you see them there. I recommend pocketgrid, a huge timesaver. http://arnaudleray.github.io/pocketgrid/docs/
    1 point
  37. hi horst, thank you for your detailed answer. hm, i forgot to mention that on an older installation (2.4.x) on the same server with exactly the same php settings it works wonderfully! first i thought it could have something to do with my multisite setup at the non functional 2.5 site, but a single-site setup showed the same result (also on lightning.pw) so the actual question is: why does it work on my some week old installation? (of course i used the same image) yes, that's clear to me - but tell that my clients... ps: memory_limit is set to 128M in all of the mentioned environments (one vserver)
    1 point
  38. The try catch is only a workaround for the Login Throttle... If the login isn't correct, you would do output a message somwhere in the if($u && $u->id){ $session->redirect("/somepage/"); } Like if($u && $u->id){ $session->redirect("/somepage/"); } else { $error = "Login failed"; }
    1 point
  39. I also tend to the "direct output". If I'm writing HTML, I prefer to see the HTML. On the other side, one day I want to build an entire website only by using PHPs DOMDocument http://runnable.com/VCkzbk2_lq8s39vR/domtest-for-php By the way, that runnable.com site is great!
    1 point
  40. We just created a complete coporate design to the german coach Priv.-Doz. Dr. med. Michael Huber. The corresponing website is as always based on the beautifu Processwire. Feel free to check out this tiny responsive website under http://www.huber-idc.ch We are looking forward to your feedback.
    1 point
  41. Hey, I really spend a lot of time to figure out how to add additional options to a config page (which are generated with the function "getConfigInputfields"). I use an autoload module for this, At first we need to create the module: <?php class ExampleModule extends WireData implements Module { public static function getModuleInfo() { return array( 'title' => 'ExampleModule', 'summary' => 'Bla bla', 'version' => 1, 'autoload' => true ); } // the rest of the code should be here } ?> Then we add the init function to it which includes a hook into the config page page we want to extend. In my case it is the option page of the InputfieldDatetime: public function init() { $this->addHook('InputfieldDatetime::getConfigInputfields', $this, 'addConfig'); } The last step is of course the "addConfig" function: public function addConfig(HookEvent $event) { // get the field instance used by the config form $field = $event->object; // TRICKY PART: use it's name to get it's saved values $data = $this->fields->get($field->name)->data; // add a new field with the saved value to the form $fields = $event->return; $field = $this->modules->get("InputfieldCheckbox"); $field->name = "useSimpleDate"; $field->label = "Use \"Simple Date\"?"; $field->checked = ((@$data['useSimpleDate']) ?: 0); $fields->add($field); // return the new config form $event->return = $fields; } The only really tricky part is to get the value. In this case it works like this. In other cases you may have to get the modules config.
    1 point
  42. I guess two kinds of sortings for recipes could be useful: Tags/Keywords (like Bolt snippets: e.g. https://snippets.bolt.cm/s/gsudt) A greater narrative, recipes grouped together into e.g. dealing with core modules, building a multilanguage site, wrangling media and so on. Inspired by the table of contents of http://laravel-recipes.com/contents
    1 point
  43. I found ProcessWire by accident after searching for a lot of days a new way to develop website that worked for me. When I was giving up I read about this amazing cms/cmf in a comment of a thread. I come from Adobe Dreamweaver Developers Toolbox a project that was closed some years ago and I want to advice people to give a try to PW because it is really unique and very simple to use also from designer point of view. For sure you have to learn something but you will understand that everything is well thought and nothing is left to chance. PW is flexible, secure and very easy to learn The forum assistance is wonderful and very kind with novice user. I was never stuck and had to wait very little time before a useful and valuable response. IMHO one thing that PW miss is massive list of tutorial but I think it is only a matter of time and I hope to personally contribute soon in this respect. The forum is full of info but it is faster learning from tuts. Thank you Ryan (you are a genius) and thanks to all the people that make this possible. PW is wonderful!
    1 point
  44. Hmm, I think that's out of scope here - @statestreet wants to manually specify the page name, and not base it on the page ID. I think it might be a better idea to create a new module that hooks onto the page save event. That callback would then check to see if the user/editor has entered a page name (in a separate field on the page's editor), and if he/she has, then change the page name to that field's content. Yes?
    1 point
  45. He is a creator!! He is god! Welcome to the community https://www.youtube.com/watch?v=rDQb_EMNRx8?t=48s]https://www.youtube.com/watch?v=rDQb_EMNRx8
    1 point
  46. Ryan, next time you're are messing with the module, fancy putting in a drop down for font size on Ace? For us old blokes, you know......
    1 point
  47. I think this is most likely the case, assuming you do have multiple render() calls. Your _init.php may not be the right place to do some of this stuff, or if it is, then you may need to add additional check so that you don't have the same things being run twice. For instance, you have a $config->scripts->removeAll(). If you add some scripts to $config->scripts, and later have another $page->render() call, then the files you previously added to it would again be removed by your $config->scripts->removeAll(). There are a couple ways you could solve this. First would be to just move your code that shouldn't be run twice to a separate include file, and then use PHP's include_once() function on that file. For instance, your _init.php could have this: include_once("./_init_once.php"); The above is the safest bet, because if your _init.php defines any functions or classes, then you don't have to worry about them being defined twice (and resulting in a fatal error). But if you want to keep everything in your _init.php, you could do this: if(!defined("LOADED")) { define("LOADED", true); // your code here // ... } Lastly, I wanted to mention that your files will have access to an $options variable, which has a 'pageStack' property containing a stack (array) of pages that initiated the current render. It will be empty the current render() is not recursive. So you could accomplish the same thing as above like this: if(empty($options['pageStack'])) { // your code here // ... } One more thing I just remembered is that you could also tell your render() call to skip the prependTemplateFile: echo $somePage->render(array('prependFile' => ''));
    1 point
  48. ProcessWire's API doesn't use SQL queries -- it uses selectors. SQL injection is a non-issue in ProcessWire. ProcessWire does not get involved with database abstraction layers, so if you are executing SQL queries then you are using PHP and MySQL (mysqli). You can always add your own database abstraction layers to do whatever you want. But typical usage of ProcessWire for developing a site does not involve SQL. If you are using SQL for something and you want to stick with the DB driver PW is using (PHP's mysqli) then you eliminate SQL injection by either using prepared statements or escaping your strings before putting them in a query. Use it the way you are supposed to and SQL injection is a non issue. Is it possible your company was asking about the security of the software itself? ProcessWire's own queries are well protected against SQL injection, of course. SQL injection is a problem of bad code. If one uses the database driver in the way it is supposed to be used, then you are never subject to SQL injection. Btw, I don't know about what CakePHP is doing, but the whole idea of trying to protect the user from SQL injection (outside of the DB driver) sounds like a security problem in and of itself. We've seen this with PHP's magic quotes, which was meant to protect the user from SQL injection. Anything that tries to protect you from yourself ultimately encourages bad programming practices by making security a grey area. That fosters an environment where many think they don't have to sanitize and validate input, which becomes an even bigger security problem.
    1 point
×
×
  • Create New...