Leaderboard

alwayses.use $page->viewable() befour u starts outputtin datas from.it no matters where u.got it from. pw access checks page.hit by urls and u access checks.pages u get on yours own befores u starts throwing datas from.it.

this one is trivial feature request : PW should not disclose its version number to unauthenticated users on the backend login screen. ok, this is about security through mere obscurity, so nothing vital here, but experience tells that attackers really love to easily know the exact version of their target.

Since the days back then of the modx evo course change, many modx refugees here. So welcome to the club You can start off with tutorials or clips: https://processwire.com/docs/tutorials/ https://processwire.com/talk/forum/13-tutorials/ https://processwire.com/videos/ http://processwire.tv/ You can find also some modx/processwire threads in the forum like this one: https://processwire.com/talk/topic/3111-a-modx-refugee-questions-on-features-of-processwire/ When you start with Processwire you have to make your self familiar with the concept that it is "an API-first CMS" a so called decoupled or headless cms. Together with the processwire flexible api makes this a diamond in a pile of cms systems out there. There is no building websites "the cms way" but you build your frontend separately in any way you want. That means, for one example, that you can directly apply any level of html, css and php experience that you already have. Here's another quick walk through https://processwire.com/talk/topic/4173-grouped-forum-posts-links-articles-tutorials-code-snippets/ There are quite a few people here making money with websites using processwire as their tool of choice. https://processwire.com/talk/forum/9-showcase/ Making money with processwire would not be different from any other cms system as it depends on your marketing, contacts, planning, etc. but in any case, processwire is a time saver getting your things done faster.

I read about this new HTTP/2 webserver, Caddy. It's written in Go and it is really super lightweight, the binary is just 3 MB. And the best thing is, that it's super easy to use. You just put the binary in the path of your website and start caddy – and already you have an HTTP/2 server running that serves static files (and who doesn't want, as HTTP/2 is The Future™). And the best thing is: no PITA with certificates and all these thing, as Caddy has letsencrypt already built in. So as you start it, the certs get generated and your site is automatically running on an encrypted connection (which is by the way required for HTTP/2). The best part is however, that you can connect any backend to Caddy, for example php-fpm. This comes even with a "recipe", so you usually don't need to worry about configuration this. So I cobbled something together to have Processwire running with this server, and guess what: it works. Almost. The site is running, but the admin area is still behaving a little bit weird. I cannot edit pages (instead I get the "bookmarks" page) and all the behaviour of the admin area is a bit strange. The other option is that I get "Unrecognized path" I believe this is still a problem with rewriting which I can't figure. This is my Caddyfile: mydomain.com { root /var/www/mypath fastcgi / unix:/run/php/php7.0-fpm.sock php rewrite { regexp .* ext / to /index.php?it={dir}&{args}#{frag} } } I go crazy with the rewriting. Here is the documentation, maybe someone has an idea. Thanks and maybe you have a reason now to try Caddy yourself.

Hi, I'm happily contributing to populating the security section . First, let me say that I highly regard Processwire for its security framework and for its security-conscious core implementation. Now, my issue : the fact that get() requests are not subject to access control, because, as stated in the selectors documentation, "if you are asking for a single specific page, we assume you mean it". -> I must say that, everytime I read this sentence, my jaw drops ... what ? PW does never make any asumption about our frontend code, but *here*, on a very sentitive *security* subject, PW does the *asumption* that my code does not need the security framework and as a result it is bypassed ?!.... the reality is, that yes I can easily imagine situations where I would not be sure that the request would target an allowed page, especially if the workflow would involve prior input from the frontend users. Ok, you can always circumvent this, by enforcing your own controls, and/or you can write your code differently in order to forbid any absolute reference to pages to reach the frontend users, but, .1. first, it's actually the aim of the CMF security framework, to give you tools which make your life easier (and less risky) when dealing with security aspects. Personnally I like to use PW access control in my design of the site resources access policy, but because of this get() behaviour I now have become very cautious EACH time I write a get(....) , thinking twice about "could it be subject to an breach scenario ?" ... and for safety, I sometimes switch to using a find() instead. .2. even in PW core, there's frontend code which makes use of absolute reference to pages : in comments workflow -> Personally, I would feel much better if, for instance, there was a "$config->accesscontrol_get = true" setting which would allow to enforce access control also on get() requests ; plus the ability to override this behaviour for a given request, just like find(). As a side note, related to absolute references to pages ; there is inherently another risk, because everything in PW is a page, so, when the frontend user has access to a single occurrence of this, it allows him to try to grab the whole site data (then comes the access control into play). For security in depth, I really don't like this, and, in my code, everywhere this would happen, I have done things differently (I even applied my method & patched the standard comments workflow . This was subject to following thread : https://processwire.com/talk/topic/10624-more-security-in-regards-to-page-id/ thanks Guillaume

It's basically that in both admin theme's default.php files: --- /Users/Benni/Projekte/ProcessWire2/www/html/wire/modules/AdminTheme/AdminThemeReno/default.php +++ /Users/Benni/Projekte/ProcessWire2/www/html/wire/modules/AdminTheme/AdminThemeReno/default.php (Unsaved) @@ -129,7 +129,7 @@ <a class="action" href="<?php echo $config->urls->admin; ?>login/logout/"><i class="fa <?php echo $adminTheme->signout;?>"></i> <?php echo $helpers->_('Logout'); ?></a> </span> <?php endif; ?> - ProcessWire <?php echo $config->versionName . ' <!--v' . $config->systemVersion; ?>--> © <?php echo date("Y"); ?> + ProcessWire <?php if($user->isLoggedIn())echo $config->versionName . ' <!--v' . $config->systemVersion . '-->'); ?> © <?php echo date("Y"); ?> </p> <?php

What extra tutorials would you like to see? Also 3. I mostly use processwire for my full time freelance web designer work unless there's a legacy cms (in which place I usually try and move them to pw anyway) I'm a front end guy and it's a dream not having to do it the "template engines way" I'm looking at you Drupal :/

I was struggling a bit getting all subfields of a field if type is unknown. I made a small function for use in templates which returns an array() of all properties of (maybe any?) pagefieldvalue. If there is something similar in core (which I couldn't find) please let me know. Tested it with Fiedtype Options, Page, ProfieldsTable. Feel free to use it. /** * ProcessWire UsefulSnippets * * How to get all properties, subfields of any field if you don't know the type only if value is set * @return array */ function getProperties($fieldvalue) { // multiple value field if ($fieldvalue instanceof WireArray) { $result = array(); foreach ($fieldvalue as $subfieldvalue) { $result[] = getProperties($subfieldvalue); } return $result; // single value field with subfields } else if ($fieldvalue instanceof WireData) return get_object_vars($fieldvalue->getIterator()); // single value field else return $fieldvalue; } // Example var_dump(getProperties($page->myfield));

I understand the motivation but think about these: maintenance and readability. Will you, or the next developer know what's going on without pulling out his hair? (for example, six month later) Perhaps you should try Jade: http://jade-lang.com/

Shit happens!

Hey, sorry for the long break here and on the module. I just moved to another country on another continent, and after 4 weeks I moved again in this city I'm living in now, so there were some tideous tasks that required more effort than I thought. I just picked up developing things and writing about stuff again, and will share any improvements on this module here. However, many things haved changed in processwire itself since then, so I have to first read some docs to keep up with all of the things happening.

+1 for at least more integrated cropping. i agree that apeisa and horst did an awesome job on their modules but i don't think that should be a reason to not build this functionality into the core. i use those modules in every project and i really think that's a very common and core-worthy thing. thank you peter for your work on the mockups

Pia - Pageimage Assistant Hello, today I can tell you that Pia Ballerina want to assist you with Pageimages and that can become really helpful! . . . Pia, in its current state, version 1.0.0, provides: a GUI (the module config screen) for quick and easy changes to the sitewide Pageimage default options an alternative way for calling the Pageimage resizing methods with PW selector strings three new methods as shortcuts to the resizing functions a new method called retinafy and its alias hiDPI, (introduced in version 0.2.0) . . . 2) Instead of ->width(), ->height(), ->size() you can call ->pia() now. With a PW selector string you tell Pia what image variation you want to have : . $image->pia("width=100, quality=80, sharpening=medium")->url; . If you want process ->width() just define width. If you want process ->height() only define height. If you want process ->size() just define width and height. If you want process ->size() with equal values for width and height, just define only size, or use the alias square: . $image->pia("width=480")->url; $image->pia("height=320")->url; $image->pia("width=400, height=300")->url; $image->pia("size=350")->url; $image->pia("square=350")->url; . So, yes, - I see. Now you may think: "Ok, nice looking girl, - and she can dance very well, - but for what should it be good that she is involved here? My very old buddies width, height and size - and me, - we don't need any Ballerinas between us!" . Yeah, I see what you mean. But this above is not what Pia is good for, this is just a little warming up for you. . In some cases one need to specify more than just width and / or height. If it comes to that you need explicitly populated options with the individual pageimages, Pia will become faster and more comfortable at some point. Also the code is looking more readable with Pia, at least to me: . // regular style #1: $image->width(800, array("upscaling" => false, "cropping" => true, "quality" => 80, "sharpening" => "strong")); // or regular style #2: $options = array("upscaling" => false, "cropping" => true, "quality" => 80, "sharpening" => "strong"); $image->width(800, $options); // now lets Pia dance: $image->pia('width=800, upscaling=0, cropping=1, quality=80, sharpening=strong'); $image->pia('width=800, upscaling=off, cropping=on, quality=80, sharpening=strong'); . For me it is that not only Pia begin to dance, my fingers do so too when writing selector strings instead of the regular array code. . Ok, last thing before we can go to stage: "You already may have noticed that Pia accepts few different values for boolean expression, yes?" for TRUE you can write these strings: "1, on, ON, true, TRUE, -1" for FALSE you may use one out of "0, off, OFF, false, FALSE" Ready? Ok, lets go to stage. . . . 3) Pia provide three new methods as shortcuts. This means that when using one of the shortcuts you have pre-populated options, regardless of the sitewide default settings: crop :: does what the name says contain :: is equal to the regular method: ->size($width, $height, array("cropping" => false)) cover :: this, Pias third child, is a new kid on the block . Let's have a closer look and compare it. We use Pias image from above as source for this example. (It's dimensions are 289 x 400 px) . . * crop $image->crop('square=100'); . it is 100 x 100 px and the name is: pia-ballerina_titel.100x100-piacrop.jpg . . . * contain $image->contain('square=100'); . it is 73 x 100 px and the name is: pia-ballerina_titel.100x100-piacontain.jpg . . . * cover $image->cover('square=100'); . it is 100 x 139 px and the name is: pia-ballerina_titel.100x139-piacover.jpg . . . Ok, you got it? . "Crop" crop out the area, "Contain" fits the image into the area, and "Cover" calculates the needed dimensions for the image so that the area is completly covered by it. . Following is a link with lots of those crop-, contain-, cover- variations. I have stress-tested it a bit: much variations . ---------- . . Later Additions: . * contain with option weighten Since version 0.0.6 contain can take an additional param called "weighten". (read more here) . . . * retinafy Since version 0.2.0 retinafy is added. It returns a markup string, e.g. a HTML img tag, where placeholders are populated with property values from the pageimage. Default properties are: URL, WIDTH, HEIGHT, DESCRIPTION. The method also can take an optional array with CustomPropertyNames. You also can use the alias HiDPI if you like. (read more here) . . ---------- . . You can get the module from the modules directory or from the repo on Github: . git clone https://github.com/horst-n/PageimageAssistant.git your/path/site/modules/PageimageAssistant . . Bye! . Classical ballet performance at the Aalto Theatre in Essen, in the context of the Red Dot Award ceremony 26 June 2007, Act III, Sleeping Beauty, the wedding reception Photos: Horst Nogajski - www.nogajski.de

Hi guys, Been "kicking the tyres" on some UI tweaks to the PW image fields and modal windows. Many of these are in-progress designs and to be straight, none of the designs are entirely resolved. At this stage, I thought I'd throw them up (poor choice of words!) and maybe someone can take them further or offer some fresh eyes. I'm not a developer so making these a reality is impossible for me. They're flat designs. Why? PW is an amazing experience for editors. It's just so elegant and beautifully realised (especially with Reno Theme) that often, my training sessions with clients are very brief. One area which does cause friction though has always been concerned images, image fields and image modals. Especially with the latest image modules, I think a lot of inconsistency has crept into the UI. Hopefully these designs can help improve things a bit. A tiny part of the design work is influenced by a similar idea I had for MODX but which never progressed. 1A. Current Image Modal Editor has clicked 'Add image' icon in CK editor. Issues: I believe the Upload Image button can be better placed. It's not clear to users that they have a choice of two actions (Select an Image OR Upload one) To help solve this, I thought we could: Place available images under a Choose tab Create another tab titled Upload Rename modal to just Image (from Select Image) tweak slightly the Images on page path to be less prominent The following image illustrates the result. Clicking the Upload tab would result in: In the above image I've created toggle-able accordians for Drag and Drop and Manual upload. This follows closely the UI an editor is presented with when choosing Insert Link within CK Editor. IE Link to URL, Select Page and Select File and the extra Attributes tab. So overall, it's more consistent. 1B. Alternative to above - combined Select and Drag/Drop I thought it might be worth exploring what modal would look like with no tabs and a single UI for both Selecting an image and Drag/Dropping. 1C. The Image field I then moved onto looking at the Image field in PW. So currently it looks like this (below) for a simple image field called Image Gallery. So although the current Image field works great, I wondered if there was a way to simplify it by Making the drag/drop more visual and obvious Moving the Choose Files button and removing the No file chosen text and the file types allowed Here's the result. Admittedly, this treatment adds more height to the overall field. Here's how it looks when images are uploading (slightly smaller plus icon and "drag and drop..." text. To be honest, I can't recall what other changes I made there! And here's a proposed layout for when there are multiple images. This includes image titles grid layout mouse-over for edit and delete options/buttons 2. Cropping Next thing I looked at was cropping. Native cropping introduced recently is one of my clients favourite features and time-savers and I wondered if things could be improved a little. So heres the current layout (this may have changed further recently) And here's my proposal. Changes are: Width, height and X and Y fields are moved below the image Apply and Cancel placed bottom right of the image Save Crop should be titled Apply. I think that's less confusing as in some instances there are so many Save options Save and Replace should be greyed out further In addition to this, I thought it'd be neat if we had the free-form cropping function introduced by Ryan combined with some kind of list of pre-sets (displayed on right hand side). Forgive the croptions label (Crop + Options pun - I was tired!) The benfit of this I think is that Modules such as CoppableImage and native Crop would be unified in a single UI. Presets (on right) could be a few out-of-the-box presets which come natively. Croptions houses any crop ratios defined in image modules. if CopppableImage isn't installed, they just don't display.. That's it. I wish I'd more time to work on this but it's at the stage where it's ready for some initial thoughts. Hope you guys like.

I like the Powered by, DaveP. I'll add this to the list.

I just looked at expired domains until my name came up.

Having access control even for single page retrieval is quite simple. You'll need this only if there's user input in the selector anyway, which at least in my case is the exception. $page = $pages->find("…, limit=1")->first();

Thank you for the tip I put the main email that collects all form submissions of the site in TO and rest of them in CC. This solves the problem fine for now, if it's needed I'll extend the class And thank you for compliment, the old one looked like a mafia guy in deed

Hello all, My name is Jim Jackson (Username: Zislatik) and I am amazed at processwire. I have been a student of MODX and always found my web development endeavors coming up a little short (my failings not MODX). Modx was the first CMS that I installed that made sense to me and I have created several basic site in it. I love the Modx community but in recent years I feel it has gotten pretty "big" as they have grown in a direction I am not sure I want to follow. I still love the community and I am very thankful to have found it. I am extremely please that I have found processwire. Processwire works the way I think when it comes to a CMS. I love that the community is smaller and developing. I feels like I can get in on the ground floor and watch it develop. I loved template variables, snippets and chunks in MODX which is why I gravitated to MODX but I am finding that infinite fields rock! Mind you I am a novice and I am sure I have just scratched the surface of what processwire offers. Anyway, I just wanted to introduce my self and for warn everyone that I will probably have a stream of newbie questions slowing the forums. I do have a couple of quick questions. 1. Are there any other MODX converts here and what would be the advice you would offer to a student of webdev in learning the differences? 2. I have a basic grasp of php, html and CSS, is it really as easy as it seems to build a site with process wire? 3. Any developers out there making money with processwire professionally? I have seen paid modules but I mean building site for customer in process wire? Again, thanks for any information provided. I am happy to have found processwire and I appreciate everything in advance. Thanks, JIm

I just set up a subdomain under my primary domain. Among other things I don't want to spend the bucks to register a ton of domain names $0.0000000000000000002

Yes, this is the basic setup. With this, it's running. Of course you can define rules and everything, like in nginx. To be honest, I'm not even sure if I would want this server to be in a production environment. I just like playing around with things, and I like how straightforward and simple this is

Guys, Thank you so very much for all of the wonderful greeting and great recommendations! I will jump into the recommended links and work to increase my understanding of the Processwire way of doing things. Again, I am humbled and grateful for all of your comments. Thanks, Jim

Jim, What the guys said above. Welcome to ProcessWire and the forums Guilty as charged! ProcessWire makes hard things easy...but you also need to be willing to get your hands dirty. Nothing is output for you. In addition to the stuff above, have a look at the docs (page, pages and selectors are a must)...and you should be on your way I think these guys are on to something http://directory.processwire.com/

This sounds useful, but I'm not sure about sending all request (assets!) through php-fpm, even if they could be directly served.

I'm just not using my name at all

Welcome aboard, 1. We have plenty of converts here. Myself I'm a WordPress convert. However I'm not a convert from MODX so I will not be able to tell you the differences. 2. ProcessWire does not alter any of your markup and only when using ->render() will you find it output markup. With the new front-end editing it does alter your markup but only when logged in with the permission to edit using the front-end. The HTML, CSS and Javascript is completely down to you. By default ProcessWire uses PHP as it's template engine. So the only thing you need to learn is API and that's it Oh yeah, and the API is super easy to learn. Trust me ProcessWire is a front-end developers dream. 3. I work at an agency but also freelance. While I don't charge much at all for freelancing as my job is my hobby. ProcessWire is always my CMS of choice. So I guess you can say I make a living out of ProcessWire.

Thanks a lot. How could I miss this ?!? Are you Santa Clauss Have a great day.

The trick is - really al content is a page in PW - page is _not_ the term like in other CMS...so generally _all_ pages are reusable groups of fields. Repeaters and Pagetables are only a special input or better editing interface for some kind of content. Behind the scene a Repeater or a Pagetable are using real pages.... welcome to Processwire be not afraid you are at home....

What I commonly do: You have to import the .sql file data into a new database, you can do this through phpMyAdmin. Copy the Processwire backup files into your public_html (don't forget the sneaky .htaccess in the PW installation root, it is commonly hidden), and edit site/config.php and edit your database data: $config->dbHost = 'localhost'; $config->dbName = 'dbname'; $config->dbUser = 'dbuser'; $config->dbPass = 'verydifficultpassword'; $config->dbPort = '3306'; If everything goes ok, it should work!

I believe this as well and here's how I came to the same conclusion... I recently read this post by the original creator of Drupal and the fantastic comments there: http://buytaert.net/should-we-decouple-drupal-with-a-client-side-framework ... and that gets you thinking deeply about the evolution of content management systems and what their role is in the coming years. If you believe their role is ultimately some sort of structured content storage database that's decoupled from the frontend, or entirely headless, then platforms that like already exist. They are called Content as a Service systems, like Contentful: https://www.contentful.com/ More about CaaS: http://ecmarchitect.com/archives/2014/10/27/3944 Contentful is "an API-first CMS" and is entirely headless. It exposes the content as an API. You can then build your frontend separately in any way that you like. A very interesting approach is outlined here, using the Roots static site generator: http://carrot.is/coding/static_cms The thing about Contentful is that the concept and simplicity of fields, templates (known as "Content Types" in Contentful) and pages (known as "Entries" in Contentful) is almost exactly like ProcessWire. If you compare the two, you soon realize that ProcessWire is much more robust and feature rich... more field types, ability to nest pages, finer level of control, a User system, not forced into Markdown for rich text fields, ability to create modules, Hannacode/shortcodes and so on. Contentful is great too, but I feel it has a more precise use case. With that being said, the way I see ProcessWire is that it can be a CaaS-like/headless CMS much like Contentful, but also a "traditional" CMS like Drupal/WordPress but with way better architecture. Best of both worlds. I love my CMS too.

New addition to contain: weighten! If you want to put some images of different aspect ratio onto a webpage and you want that they are displayed more equal visual weightened, you can use this method and options now: . * contain with option weighten $image->contain('square=90, weighten=on'); . . There is also the possibility to prioritize portrait or landscape oriented images: . $image->contain('square=90, weighten=x1'); // landscapes are a bit larger than portraits $image->contain('square=90, weighten=x2'); // landscapes are a bit more larger than portraits $image->contain('square=90, weighten=y1'); // portraits are a bit larger than landscapes $image->contain('square=90, weighten=y2'); // portraits are a bit more larger than landscapes . . Have a look to this output here: . . . . . PS: @Martijn: I have taken your code for the calculations and set the percent value hard coded to 38. This way we only need to turn weighten on or off and have not to deal with values here. The only thing I have added to the calculation is an adjustment to fit better with the largest dimension into the initial bounding box dimensions. (Github)

I am a newbie to ProcessWire, but a very experienced web developer (using a variety of other CMS's and frameworks). I think the big picture here, as others have stated, is that PW doesn't really dictate any particular style for structuring your templates -- what you're seeing in the intermediate profile is just an example of how some people choose to do it. I personally do not like that method at all, because I build a lot of sites with very custom designs, so the markup I get from designers is very important and usually I like to keep my CMS templates as close to the original markup as possible. I do not like putting html into variables, and I do not like treating my template output as some kind of machine that generates markup. On the contrary, I like to take the markup I'm given and intersperse content variables in the slots they belong. But I understand that a lot of other developers are not as design- or markup-focused, and instead prefer to treat the html as just something outputted from their own system. My least-favorite CMS I've ever used is Drupal, because the whole thing is based on this mindset of contorting your markup to work within its system of outputting stuff. My most-favorite CMS's are ones that just give you the data and let you output it any way you want (CMS Made Simple, Concrete5, ProcessWire, etc.). So I don't really have a point here, other than wanting to pipe in and let you know that you are *not* doing anything wrong or thinking about anything the wrong way! You should just ignore the way things are done in the intermediate profile (what the PW folks are calling the "delayed output method") and instead stick to the way things are done in the basic profile (what the PW folks are calling the "direct output method"). There is no "eureka" moment really, other than understanding that some people see the world in different ways So if there were one thing I'd want to change about how these profiles are done, it's just that I think calling one "basic" and another "intermediate" gives the wrong impression -- I think it would be better to refer to them as "simple" versus "concentrated", or "designer-focused" versus "programmer-focused", or "markup-oriented" versus "architecture-oriented" -- some way to indicate that they are two different ways to do things and one is not more "advanced" or "better" or "farther along the path of learning" than the other. Just my two cents though.

EDIT: OK, having gone over and over it, I think I have a solution. By default with DropZone, you don't include your own input type of file and you can access the uploaded file(s) as though you did have an input with the name value of "file" (that's Dropzone's default it would seem). So when initiating a new WireUpload: $u = new WireUpload('file'); Anyone has any issues, let me know...

I'm far from a guru (but pete probably is ) but glad to be of help sometimes. I'm sure you are more than capable of googling PDO, but i wanted to mention there are some good intro/tutorials around like this one http://code.tutsplus.com/tutorials/php-database-access-are-you-doing-it-correctly--net-25338 It's really not hard once you get the concept.