Jump to content

Leaderboard

Popular Content

Showing content with the highest reputation on 12/03/2015 in all areas

  1. wireshell 0.5.1 Changelog Adds log:tail command including filters --limit=, --text=, --from=, --to= Adds log:list command Improves new command, support for site profiles (path/to/profile.zip OR one of beginner, blank, classic, default, languages), autocompletion for timezone Adds field:list command including filters --all, --template=, --type= Adds list field:types command Extends field:create command, allow custom field types Extends new command: adds ability to specify version of ProcessWire --dev, --devns, --sha= Extends upgrade command: adds ability to specify version of ProcessWire --dev, --devns, --sha= Removes unnecessary empty state checks Removes command aliases for better list overview #36 Fixes wrong iso format Improves changelog format Adds field commands field:delete and field:tag Adds tag option for field:create command Extends user:create command, ask for password and email address Extends backup:db command, add option --target ... and there is a brand new documentation! If you use the develop branch, there is another documentation branch. Furthermore all the documentation files are inside the repository, everybody can easily edit them. It's written in markdown and uses a post commit hook to build the documentation.
    5 points
  2. Hhm, this is right, in general. - But, if you use FTP from within a php script, you can use it for deploying. To execute scripts, you can A) upload individual scripts to the server (via FTP). and after upload, you can trigger the execution via HTTP. Accessing DBs also is easy. I have used php for a long time for syncing files on live and local servers. Scanning local project directory and collect last-modified + crc32 checksums, than do the same on the live server. - Hhm, I found an old script, - tested it and - surprise - it is still running! (I will upload some screenshots.) It originally was created in that times when webdev often was writing and deploying static html files, or maybe some php files but without a CMS, etc. (around 1998/99, for me) So, this is only in the context of historical interest.
    4 points
  3. The module could just check if Inputfield Ace Extended is installed and use it if so. That would prevent the big filesize like it's the case for hanna code and leave the code editor optional.
    2 points
  4. Greatly useful module guys, thanks! Just used it to provide a list of collected emails for simple copy/paste into send field return $page->children->implode(', ', 'email'); Couldn't get any simpler than this! PS: of course it would be great to have ACE on the code field like i Hanna Code
    2 points
  5. Are you sure that you ftp program does show the full path? What's the output of $config->paths->root? I can hardly imagine a server to have the full filesystem in the webroot.
    2 points
  6. Sidenote In my experience simply truncating text to a hard limit to make summaries or intro text,rarely gives good results. If possible i would always choose for a designated summary/intro field. This just gives you more control and options and will probably save some headaches in the long run.
    2 points
  7. great - i was planning a write up/tutorial on various ways to do menus on PW; historically i've done it using a lot of different ways (besides the usual generating from the page tree); for some simple sites now i use a profields table, now that it supports page selects. but i do think the menu builder is the best for larger sites; let me know if you need any help on it, i can donate time over the next 2 months.
    2 points
  8. Just in case anyone missed it... https://letsencrypt.org/2014/11/18/announcing-lets-encrypt.html The headline is: Let’s Encrypt is a new Certificate Authority: It’s free, automated, and open. Arriving Summer 2015 Extract: Let’s Encrypt is a new free certificate authority, built on a foundation of cooperation and openness, that lets everyone be up and running with basic server certificates for their domains through a simple one-click process. Mozilla Corporation, Cisco Systems, Inc., Akamai Technologies, Electronic Frontier Foundation, IdenTrust, Inc., and researchers at the University of Michigan are working through the Internet Security Research Group (“ISRG”), a California public benefit corporation, to deliver this much-needed infrastructure in Q2 2015. The ISRG welcomes other organizations dedicated to the same ideal of ubiquitous, open Internet security.
    1 point
  9. I'll wait some time and see if there are any issues, especially with the tool they provide. If I need a new cert for any private site the next time I'll certainly give it a go.
    1 point
  10. Public Beta opening today apparently. Anyone planning on making HTTPS their default from here in?
    1 point
  11. Or check if Ace is installed, and if not add from a cdn http://cdnjs.com/libraries/ace/
    1 point
  12. The password is never stored as plaintext, the latest hook you can get it Password::setPass, which does the hashing as soon as a password is set as field value.
    1 point
  13. Thanks Wanze and LostKobrakai, I changed the path to /home/.sites/24........ (absolute path) and now it works. It was a path problem. Why it works in the past with the old path - ?? Problem solved! Best regards
    1 point
  14. Hi Jürgen, As LostKObrakai says, I guess your FTP programm shows the directory of your web-root as root, so the path you entered in the config is not correct. The purpose of this module is that the files are stored outside of the web root. From your screenshot it looks like your "var" folder is beside ProcessWire's "site" folder, this would still be inside your web-root.
    1 point
  15. Planned for version > 1, maybe 2nd release
    1 point
  16. Drag and drop to sort or to upload? Both are already implemented
    1 point
  17. Try the custom format and put {date_from} into the field. I think this will give you another format than a raw timestamp.
    1 point
  18. @SiNNuT, thanks! I agree. I just like to have a fallback in case the summary field isn't filled in every time. @kongondo's code actually checks for a summary field first, and my imitation does likewise.
    1 point
  19. Simplest way I can think of is to use PHP substr and strip_tags. The latter is very greedy so you need to tell it what to avoid [allowable tags]...(it get could messy very quickly). Anyhow, this is how we do it in the Blog module using those two PHP functions.
    1 point
  20. @kongondo, Thanks for making this. i finally had time to test this out and it's very great - i'm planning to use it from now on for most projects...
    1 point
  21. Rather than reinstalling and reimporting from your old database, you can do the following: Do not test this on the production server, obviously Back up the database of your current Blog install Import your backed-up database into a fresh Blog install on your local/test server. This Blog install should not have 'Schedule Pages' installed (just to better illustrate the steps below) Check that this test Blog works fine OK, now the fun part. Install and configure the module Schedule Pages. If you do not yet have LazyCron installed, ProcessWire will complain that it cannot install Schedule Pages since a required dependency is missing. LazryCron ships with ProcessWire so, in that case, head over to modules -> install to install it. The module 'Schedule Pages' will create two fields with the names 'publish_from' and 'publish_until'. Give them appropriate labels if you wish, e.g. 'Auto-publish from' and 'Auto-unpublish on' respectively. Make sure you read the module's usage notes (e.g. that you need to confirm LazyCron is working properly on your server) Add the above two fields to the template 'blog-post' and save. If this had been done via the Blog Install Wizard, these fields are placed at the very top of the list of fields on this template, just above the 'blog_date' field and given a width of 50%. OK, off to the database we go. In phpMyAdmin or similar, go to the ProcessWire database where you have your (test) Blog installed and find the table 'modules'. In that table, looking into the 'class' column, find the row 'ProcessBlog' (see screenshot below). In the column 'data' you will see saved Blog configurations (see example code below). Find and edit the entry 'schedulePages'. In your case it should be empty and looks like this: schedulePages":"". Modify it to be like this: schedulePages":1. That 1 tells Blog that use of 'Schedule Pages' is true. If using phpMyAdmin, it has inline editing (double click on what you want to edit and make your edits and mouse out to save) In your Blog's Posts Dashboard, under 'Quick Post' You should now see two entries 'Publish from' and 'Publish until'. When editing/creating a post, you should also see the two fields that you added to the 'blog-post' template. Create (but do not publish) a Test Post to test auto-publishing/unpublishing at the dates you set. Note that since the module 'Schedule Pages' uses LazyCron, it needs a browser visit to trigger it. Visit your post (in the frontend, in a different browser where you are not logged in) at a time near its scheduled auto-publish time. You should get 404. Reload your browser some time after the auto-publish date and you should see your 'Test Post'. You are done database blog config database blog config without 'schedulePages' enabled {"blogFullyInstalled":1,"blogStyle":"1","schedulePages":"","commentsUse":1,"templateFilesInstall":"2","tagTemplatesFields":"blog","blog":1020,"blog-posts":1021,"blog-categories":1022,"blog-tags":1023,"blog-comments":1024,"blog-widgets":1025,"blog-authors":1026,"blog-archives":1027,"blog-settings":1028,"blog-asc":1032,"blog-dnc":1033,"blog-dc":1034,"blog-rposts":1035,"blog-rcomments":1036,"blog-broll":1037,"blog-tweets":1039,"blog-pauthor":1040}
    1 point
  22. @Tom. That's actually the same in outcome, just a magnitute worse from the performance standpoint. $pages->count() does let mysql do the counting, whereas your code does first load all found pages to memory and then count them with php.
    1 point
  23. Nice review lol! I had to take care of a website done in Edge Animate a few months ago, oh lord was that painful thing to hack inside the horrible code editor. Having to go under a few clicks to add classes or and ID is already too much loss of time, Macaw looks a lot more easy to use from the video tutorials. What dislike the most about this type of software is that you might be doing good with the features up to a certain point where you want to start doing some fancy customization, and BANG! guess what, this thing is not build to work well outside their "Design -> Build" pipeline, so you find yourself jumping between programs, and getting frustrated because you can't make changes to the final code build, because if you change something on the design software side, it's gonna overwrite whatever you hacked in the final code. (At least this was my experience with Adobe Edge) Though, for example, if Macaw handles responsiveness good enough, I could be using it for small to medium clients with simple websites that focus a lot more on static content, optimization is not critical and saving me a few hours of coding is nice enough and truth be told, working with Processwire makes building this simple websites a breeze. Now, if I could just plug this Macaw thing to the PW API to automagically create templates, fields...
    1 point
  24. @BernhardB, yes, I have considered it. Will look further into it, thanks.
    1 point
  25. Hello - I'm looking for a PW dev to help with some customisation of an already existing website. Based in Manchester. Couple of weeks work. Please PM me and I'll reply with contact details. Best
    1 point
  26. Getting warmer....(OK, so my icons suck, but hey...we're 75% there. ).. Page Edit List View Page Edit Grid View Page Edit Insert Media ProcessMediaManager
    1 point
  27. <silliness>I've been meaning to do a video demo of a list of silly thinks/pranks you can do with RunTimeMarkup...you know, a countdown to lunch break, a thing that shouts "peekaboo" every time you type a certain letter on your keyboard, a (not-so-silly) live spell-checker, etc....But then again, I have been meaning a lot of things... </silliness>
    1 point
  28. Fieldtypes are not for the faint-hearted ; but don't let that discourage you! They will seem difficult in the first instance, but once you get to know what does what (some of the generic methods), you will absolutely love Fieldtypes and appreciate the thoughtfulness that Ryan put into designing PW. I used to be a sucker for Process Modules but now am totally hooked on Fieldtypes. I dare say they are the heart of ProcessWire. Here's some important homework from the forums that will help you with the generic methods I mentioned above. The most important thing to remember is that with Fieldtypes, you are just a heartbeat away from the database so sanitizing data and retrieving data in some expected format is crucial. Enjoy! https://processwire.com/talk/topic/671-relationship-between-sleepvalue-wakeupvalue-and-sanitizevalue-methods/ https://processwire.com/talk/topic/4105-module-create-a-pages-findquery-as-a-field/?p=40411 https://processwire.com/talk/topic/1936-remove-entry-from-pagesfield-via-api/ And don't forget this classic: http://www.flamingruby.com/blog/anatomy-of-fields-in-processwire/ Edit: One more tip. Working with Fieldtypes, you will want to have a tab open showing the table (database) of the field you are working on so that you can observe how things get saved (or don't get saved!). The FieldtypeEvents that @adrian pointed too uses some advanced techniques (e.g. moving some methods to their own PHP classes); you don't always have to do that. It really depends on your coding style. I'd also suggest you have a look at RuntimeMarkup or Concat Fieldtypes and check out the comments. These Fieldtypes don't save anything to the db but have some useful comments. Edit 2: A diagram RE Fieldtypes database schema https://processwire.com/talk/topic/5040-events-fieldtype-inputfield-how-to-make-a-table-fieldtypeinputfield/?p=85759
    1 point
  29. Hey @kongondo, I love this module and I'm featuring it in a comparison to WordPress's menu builder in my screencast series, however I feel there could be some general UI/UX improvements that can really make it feel more "native" and simplify what I feel is option overload. Please take this as constructive criticism. Here are my thoughts: Perhaps remove the ability to create multiple menus. It's a nice feature but it feels like overkill since sites typically don't have more than just a few menus. (or disable this option by default and perhaps have it enabled in the module's settings for advanced used). Perhaps add a standard "Add New" button instead that follows the typical Page creation process. For the same reasons above, remove batch actions to delete, unpublish, etc. (or disable this option by default and perhaps have it enabled in the module's settings for advanced used). When going in to edit a menu, make the first tab be "Structure" which is selected by default. This is typically the first action most people would want to take so it would feel more natural for it to be the first tab item. There should be 3 fieldsets/sections in this "Structure" tab: Add Page Add Custom Link Menu Items Perhaps simplify how you can add pages to your menu: Remove the existing 3 methods: Pages (both ASM and PageAutoComplete), Custom, Selector In regards to adding pages using Selectors, perhaps have this disabled by default, but an option that can be enabled in the modules settings. It's an advanced feature but I'd imagine wouldn't be as commonly used and therefore feels a bit overwhelming. If possible, replace with a ProcessPageList (this is what goes inside the "Add Page" fieldset). It feels like a more natural fieldtype since it uses the tree. since this would replace the ASM way of adding menu items, that means you can't change a CSS Class/ID until AFTER it's been added to the menu. I think that's OK since right now you change CSS Classes/IDs both before and after adding the menu item, which I find a little confusing. If possible, upon clicking a page to add to your menu on the ProcessPageList, it should show an "add" action/button (native ProcessPageList action stuff), that when clicked, adds the page to the actual menu (some ajax/dom manipulation required here I think) instead of putting it in a "limbo" state like it is right now until a page is saved. As far as being able to add custom links, that should go under the "Add Custom Link" fieldset. Perhaps also remove batch ability to add Custom Links and utilize general Inputfieldtext instead of a table structure. Remove ability to set CSS Class and ID at this stage. Now for the "Menu Items" section: Right now, you're utilizing custom styling and javascript for the adding page items and creating the toggle boxes, however it should be possible to use make each added menu item act as an InputfieldFieldset. When each item/fieldset is clicked, it should reveal the 5 editable fields (Title, URL, CSS ID, Class Class, New Window) and ability to delete. Apply the nestedSortable JS to that list to make it have drag/drop capability with indenting. A final result similar to this screenshot which I hacked together. "Main" tab should be renamed to "Settings". Put as second tab. "Items Overview" tab: this could be removed (or disabled by default) since it's essentially just displaying the same menu in a table. Feels repetitive. "Delete" tab should remain as is. What do you think?
    1 point
  30. Page References Tab This little module adds a new tab, References, to the page editor. There it lists pages referencing the page that is being edited (title, path, field). There are also links to view or edit the listed pages (if they're viewable/editable). Only fields of type FieldtypePage are considered to be references and system fields are not listed at all (roles, permissions). It's nothing much, but as the subject has turned up a couple of times in the forums, I decided to give it a try. So watch out what you're asking! Screenshot Links Modules directory: http://modules.processwire.com/modules/page-references-tab/ GitHub: https://github.com/niklaka/PageReferencesTab
    1 point
  31. @Rjay, `data_exact` is just the name given to that index, in other words the index 'Keyname'. I'm no expert but hope the following clarifies this:
    1 point
  32. There needs to be a template that has the 'allowed templates for children' setting set, and a template with allowed template for parent. And the parent holder page needs to be created in the tree. Away from computer, so not quite sure about the terms, but this should get you there.
    1 point
  33. Go to your template and click on the "Family" Tab. Click open the entry as shown above This should be what you want
    1 point
  34. @sins7ven - thanks for sharing the script! I agree with horst on this. I think this version should be much safer, although it might need some more thought. $fn = wire('input')->get->file; $pid = (int) wire('input')->get->pageid; $p = wire('pages')->get($pid); $filename = $p->logo_file->get("name=$fn")->filename; Firstly, it makes sure that pageid is an integer (so that no-one can try entering a path instead) and then gets the page object from that integer. Then it finds the file in the logo_file field that matches the name in $fn. This ensures that the file path in $filename can only be a file from the logo_file field and that it is a valid file in the PW database. You might also want to consider sanitizing the filename that is passed via get->file using something from the cleanBasename core function: https://github.com/ryancramerdesign/ProcessWire/blob/03387f8283d518e9cc405eff8f05cd6a5bf77c4c/wire/core/Pagefiles.php#L296 You could also do some checks to make sure that both pageid and file are not blank and throw an exception if they are, or if the pageid is not provided as an integer, or get->file does not match it's sanitized version - both of which might indicate attempted hacks. An even better, more secure approach might be to use child pages instead of repeaters (or the new PageTable field) and just pass the id of the page to the download script, so with one image per page, the page id is all that you would need to identify the path to the file and start the download.
    1 point
  35. @sins7ven: I'm a bit scared how you use the download filename concatenation with the user input. Maybe I'm wrong, but before you go online you should test if something like this can work: http://www.domain.com/download.php?pageid=../logs/&file=errors.txt or this one? http://www.domain.com/download.php?pageid=../../&file=config.php or this? http://www.domain.com/download.php?pageid=&file=../logs/messages.txt
    1 point
  36. Hi there, just a small update on this for those who are interested. Finally I've got my script / download proxy up and running. This is the code that generates a list with downloadable files (in this case logos) through a repeater field. <?php foreach($page->logos as $logo) { echo "<p><a href='{$config->urls->root}download.php?pageid={$logo->id}&file={$logo->logo_file}'>{$config->urls->root}download.php?pageid={$logo->id}&file={$logo->logo_file}</a></p>"; } ?> So a download links then looks like this: http://www.domain.com/download.php?pageid=1057&file=hi_res_100_percent_pure_logo.zip Here is the download.php: <?php // bootstrap PW include("./index.php"); // make sure user is logged in if(wire("user")->isLoggedin()){ $fn = wire('input')->get->file; $pid = wire('input')->get->pageid; $filepage = wire("config")->paths->files; // put together the complete path to the file $filename = $filepage.$pid.'/'.$fn; if(!$filename) die("download not found"); // send file to browser wireSendFile($filename, array('exit' => true)); } else { wire("session")->redirect("/"); } ?> Everything works great now. However I still wanted to protect the original path of the files (assets/files/...) allthough nobody would know the exact location. To do this I modified to the .htaccess to suite my needs to block all unwanted access to files with the most common endings for downloads (e.g. zip, rar, pdf, etc.) So the part in my .htaccess which takes care of that is the following: <FilesMatch "(^#.*#|\.(htaccess|htpasswd|ini|phps|bak|config|dist|fla|in[ci]|log|psd|pdf|zip|rar|sh|sql|sw[op])|~)$"> # Apache < 2.3 <IfModule !mod_authz_core.c> Order allow,deny Deny from all Satisfy All </IfModule> # Apache 2.3 <IfModule mod_authz_core.c> Require all denied </IfModule> </FilesMatch> I found that part during my research for .htaccess modifications and finally I ended up with using that part of the HTML5 Boilerplate. I know that might be a bit strict and I don't know yet if there are any issues with that but so far everything seems to work fine. Thanks to all the helpers (especially Horst) for guiding me that way to get my solution to work.
    1 point
  37. Welcome to the forums, sins7ven. This is much more comfortable and and it's simple! (I will reply more here in a few minutes, just have to do a phone call.) ------ EDIT: There are different possibilities, you can go with creating a role and a template and only allow access to pages with that template if user has a this special role. Or you could do it on template basis, what I would prefer in this situation. Because you need to build / provide a frontend login form for the press users. (I don't would send them to the backend) How to do it via template: create a new template file press.php and put it into the templates folder of your site profile in admin create a new template "press" by selecting the templatefile create a new user "press" and assign him only the guest-user create a new page "press" in PW, set it to "hidden", (you should upload all downloadable stuff to this page only!) now you have to edit your templatefile press.php as following: At first you need to check if the page is requested by a logged in user. If yes, you may check which user / which role he has, if you have different ones. But I assume you only have stuff and press and nothing more actually. // check if user is logged in if(!$user->isLoggedIn()) { // present him a login form with fields for username, password and a hidden field called "presslogin" // send the form via post ... return; // end with execution here } if($input->post->presslogin) { // a user try to login $user = $sanitizer->username( $input->post->username ); $pass = strval(strip_tags($input->post->password)); $u = $session->login($user, $pass); // try to login with the posted credentials and save result temporary in variable $u if($u) $user = $u; // if it was successfull, override the current user with the temporary one // last check if user is logged in now if(!user->isLoggedin()) { // present him the login form or what ever you like ... // and stop exeuting this page return; } } // user is already logged in, following the stuff for presenting the download listings .... If you need to check for specific users, it could be like: if(!$user->hasRole('superuser|editor') { // or if(!$user->name == 'press') { How to build a simple login form and how to use the $session->login() etc could be found here in the forums, in the API and useful is the cheatsheet.
    1 point
  38. This post from Soma, might be a great place to start: http://processwire.com/talk/topic/3634-down-uploads-on-a-per-user-policy/
    1 point
  39. I'm running out of time but quickly wanted to mention: $config->pagefileSecure = true; in your /site/config.php file (see the comments in the file and search google for more info). You might also want to look at the wireSendFile() function in /wire/core/Functions.php, if you'd like to protect the file in another manner.
    1 point
  40. That awkward moment when people suddenly start discussing things that you don't understand!!!
    1 point
  41. You could use the config options for page secure files... $config->pagefileSecure = true; $config->pagefileSecurePathPrefix = '-'; and make unpublished pages and their files will not be accessible via url. So you could create child pages under the users page with a file field, and leave those pages unpublished. The assets directory will be prefixed with "-" which is restricted by htaccess. But then you can use a passthru script to send the file to the user if certain requirements are given using wireSendFile(); So for example construct the download link to the file like this on a page the user can see. <a href="/download.php?user=1007&file=filename.pdf">Download file</a> and in download.php with something like this for the passthru and user check // bootstrap PW include("./index.php"); // make sure user is logged in if(wire("user")->isLoggedin()){ $file = $_GET['file']; $userid = $_GET['user']; $userpage = wire("pages")->get(wire("user")->id); if($userpage->id != $userid) die("no access"); // make sure it's the user if($filepage = $userpage->child("include=all")){ // since page is unpublished we add include all // get the file from the page $filename = $filepage->images->get($file)->filename; if(!$filename) die("download not found"); // send file to browser wireSendFile($filename, array('exit' => true)); } else { die("no user page found"); } } else { wire("session")->redirect("/somepage/"); }
    1 point
×
×
  • Create New...