Leaderboard

This week on the core dev branch is ProcessWire 3.0.224! Relative to 3.0.223 it has 25 commits and 17 issue resolutions (see dev branch commit log). I think we are within 1-2 weeks of having the new main/master version, so I'll be looking closely for any new reports. Consider us now in a dev branch feature lockdown in preparation for the main/master version. At this stage, there likely won't be any new features added or issue resolutions that would require significant field testing (at least not until the merge to main/master). If you have a chance to test the current dev branch version, please do, and let us know if you run into any issues. Thanks and have a great weekend!

http://shift-up.pt/ Shift-Up is a consultancy company from Portugal that specializes in government incentives and financing. This is my first project using ProFields and RockFrontend, and I can't really believe how long it took me to start using both. Profields' InputMatrix is a huge step up from my previous custom module that I hacked together using file selects and custom field visibility. And RockFrontend, just by getting latte in the mix, makes everything a lot more polished and professional. The project is a fresh start from the previous old Wordpress solution they had, taking care as to not harm the SEO standing this site had built up with all its content. I started out by writing a content import script that took hundreds of pages from the oh so messy WP export and turned them into neat PW pages. I also had to handle the URLs in the process, ensuring that the old unstructured WP links would be fed to the Redirects module. So the focus here was more on carrying over the content without having to rewrite everything, and now that we're here, when new programs come up we have a platform that can properly grow and add new layout solutions and features.

Seems like the field isn't set up correctly. render() on null means the variable doesn't have a valid object or instance associated with it. You likely haven't added the field to your template. Go to Setup => Templates, add the "comments" field you just created to your template where you want them to appear.

@gnarly Thanks, I added it to the post ? Welcome to the forums!

In a recent GitHub issue report, I was asked about output formatting in ProcessWire, and where more information could be found about it. I know I've written about it numerous times, and went to locate the documentation page, only to find we didn't have one! Output formatting is such an important topic, so here is everything you need to know. I hope you'll find it simple enough, but also useful and thorough— https://processwire.com/blog/posts/output-formatting/

Hello, I am wondering how I can show a field based on a options fieldtype that contains multiple values? Sorry solved that I was having a moment! ,?

I noticed the search template and search page do not seem to be alterable by defining a custom page class. If I try creating a page class file where class SearchPage extends Page { it does not appear to effect the Search page class at all - the page still appears as ProcessWire/Page and none of the public functions I define can be used. Is this a feature of having a page that uses a Process or is it because it is a system file, or is there a different class it should extend?

Very glad to see this module featured and immediately had a use for it. However when using it with Combo field from ProFields module (processwire.com/store/pro-fields/combo/) with an image upload field - it throws an exception: Exception: Method ComboValue::getFile does not exist or is not callable in this context My guess is the Combo field uses it's own custom properties or methods for field data.

Looking into it more, I have come to the conclusion that the Search page uses the admin template and as a result falls outside the public facing page class framework. Even though the output from the controller/view is a ProcessWire/Page class, there is no way to extend the pageclass because it is the Process that dominates the function of the page. If I wanted to modify the Search workflow I could hook into it, but because I actually want to grab url segments and run some query magic to convert them into a complex query to pass to search, I think I will need to set up a unique page and pageclass to do that. Hopefully someone with more knowledge of the admin side can chime in.

Thanks @flydev … I just went on the proverbial deep-dive configuring my free version of MAMP to have multiple virtual hosts for the different sites I test, successfully getting my PW core into a wwwroot directory and freeing-up a directory level above it for a cleaner tree-structure similar to yours: now onto some ES6+ module testing.

My word I love this so much. Thank you ??

You see this? That's fine! It's part of ProcessWire since version 3.0.152 - see here: https://processwire.com/blog/posts/pw-3.0.152/#new-ability-to-specify-custom-page-classes It tries to extend the Page class.

For noobs like me that needs a ";" on the end. when you get an "unexpected } on line 17". But thank you it's tremendously helpful having these examples.

This page in the docs helps, but basically inside a module you can use: $this->page; $this->wire('page'); // preferred in Wire-derived classes (i.e. modules) However, for the example you gave above (renderPageTitle()), it might be easier to create a new method for the $page class with a hook. For example: /** * NOTE: the module will need to be set to be 'autoload' => true in the Module Info */ class MyModule extends WireData implements Module, ConfigurableModule { /** * Run when PW is "ready" (like ready.php file) - so it's where you place you ready hooks. */ public function ready() { // Add a hook to define the "renderPageTitle" for the $page class. // Called in your templates with with $page->renderPageTitle() $this->addHook('Page::renderPageTitle', $this, 'renderPageTitleHook'); } /** * The hook code itself (could have been an enclosure on the hook if simple enough) */ public function renderPageTitleHook(HookEvent $event) { $page = $event->object; // the $page class *instance* calling the method $event->return = $page->title; } } Alternatively, this is a good case for using Custom Page Classes (look at the most recent 'site-blank' profile for an example).

This should help:

I posted about this separately (missed this one) and this has become a recurring issue with DH. The following are some things (some mentioned above) I've confirmed through experience and information from DH support- Any new PW website uploaded requires a ticket into support to disable specific ModSec rules These rules must be modified for every domain separately When changes are made to servers, those ModSec rule exceptions for all sites will be wiped, requiring another support ticket to DH If the changes DH makes to a server are not disruptive (not requiring a restart) that could affect these rules, you won't be notified The only option for managing this yourself is to disable ModSec entirely in the admin panel, per-site Granular ModSec configurations are blocked, i.e. .htaccess cannot be used to modify rules (which is odd given that the alternative is turning it off entirely) The ModSec rules in place could be configured better but aren't- I have more complex applications on the same server that do not trigger violations Violations can still occur without triggering a 418 response or any error log entries, which can (has) lead to a lot of misspent time In lieu of a 418, access.log may show a request with a 200 response, but dev tools in Chrome show a connection error, in Firefox the request just hangs. No response/HTTP status/error log entry I spent time with support a couple of weeks ago and the tech disabled the ModSec rules that were showing up in error.log. It looked like it solved the issue, but a week later a client of mine that contacted me with this issue said it was still broken. The server was rejecting uploads over ~120kb and not logging any errors. This time support just disabled ModSec entirely- we didn't even know where to start without logged errors. You might want to check your upload file sizes during this process. I've been with DH almost 10 years and this didn't used to happen (maybe started when pushing DreamPress? just a guess). Being unable to handle this myself even though I'm on a private VPS (albeit managed) is frustrating. I'm confident in PW security, and I have a significant amount of .htaccess rules to block suspicious activity, but shutting ModSec off entirely isn't cool- especially when their admin, documentation, and support team (correctly) recommend strongly that you shouldn't. At this point I'm considering spinning up a VPS at DigitalOcean. I only used managed hosting because it was supposed to "just work", but I've had better experiences with well-configured unmanaged VPS', which have other perks to boot. C'est la vie.

Hi @protro I didn't read the thread linked, but I will try to give a small insight of how I am used to dev with ProcessWire, and a note of ES6+ modules, with the answer of the import statements error, I will give you a starter module too at the end of this thread. And sorry, I have to be quick, so I am posting screenshot instead of a good formatted post, see the setup image at the end. First, there is nothing wrong about using a package manager like node/npm, but you should do it in order to make you the life easier. It's more true when working with all the crypto mess. A word on your previous message, almost all lib/packages are developed using JS (TypeScript) so it will work with quite every frameworks/libs (React, Svelte, Vue, whatever). Some implementation are specialized for React, not surprising, React is in JS world what Wordpress is in the PHP world (check the stats in the linked thread below, fellow members here seem to not used it, hooray, react syntax is weird and slow). My setup of almost every app (stay tuned as the whole things are coming published for free): About the ES6+ module, when working with them, you need to use JS and for production building the app, OR you can call them in your `<script></script>` by setting up the script as module by writing `<script type="module"></script>`. Keep in mind that writing calls like that in templates, make global objects, like window, not available until the document is ready making things like binding events to DOM a bit tiresome.. And a draft of a module. It should not work as is, but it's just to give you an "image" more than words and could be written in templates. Writing JS like that (module or template) is not the better way to do it, and should be avoided, it makes things complicated when they're actually quite simple, even more when speaking about Metamask. Check the method `writeWeb3ModalScript()`, you can see that libs can be used from a CDN when published (unpkg make automatically available dist files of any packages): <?php namespace ProcessWire; class Web3 extends WireData implements Module, ConfigurableModule { const WEB3MODAL_PROJECT_ID = ''; // read from db or .env file const ALCHEMY_API_KEY = ''; // read from db or .env file public static function getModuleInfo() { return [ 'title' => 'Web3', 'version' => '0.0.1', 'summary' => 'Web3 for ProcessWire', 'autoload' => false, 'icon' => '', 'requires' => [], 'installs' => [], ]; } public function writeWeb3ModalScript($buttonDomID) { $scriptTag = <<<EOT <link rel="stylesheet" href="https://unpkg.com/@rainbow-me/rainbowkit@1.0.7/dist/index.css" /> <script type="module"> import Onboard from 'https://unpkg.com/@web3-onboard/core' import injected from 'https://unpkg.com/@web3-onboard/injected-wallets' window.onload = async function() { const MAINNET_RPC_URL = 'https://mainnet.infura.io/v3/[APIKEY-HERE]' const onboard = Onboard({ wallets: [injected], chains: [ { id: '0x1', token: 'ETH', label: 'Ethereum Mainnet', rpcUrl: MAINNET_RPC_URL } ] }) const wallets = await onboard.connectWallet() console.log(wallets) const connectButton = document.getElementById("$buttonDomID"); // 3. Sign In window.onSignIn = function() { console.log(connectButton); console.log(window, window.onSignIn); } } </script> EOT; return $scriptTag; } // wallet can be an ENS formatted address public function getTokensForWallet($wallet) { $url = "https://eth-mainnet.g.alchemy.com/nft/v3/" . self::ALCHEMY_API_KEY; $url .= "/getNFTsForOwner?owner=" . $wallet; // send get request to alchemy api $http = new WireHttp(); $response = $http->getJSON($url); return $response; } // two fields in the backend /** * Config inputfields * * @param InputfieldWrapper $inputfields */ public function getModuleConfigInputfields($inputfields) { $modules = $this->wire()->modules; /** @var InputfieldFieldset $fs */ $fs = $modules->get('InputfieldFieldset'); $fs->label = $this->_('API Configuration'); $inputfields->add($fs); /** @var InputfieldCheckbox $f */ $f = $modules->InputfieldText; $f_name = 'web3modal_project_id'; $f->name = $f_name; $f->label = $this->_('Web3Modal Project ID'); $f->description = $this->_('Get Key there: https://cloud.walletconnect.com'); $f->columnWidth = 50; $f->value = $this->web3modal_project_id; $fs->add($f); /** @var InputfieldText $f */ $f = $modules->InputfieldText; $f_name = 'alchemy_api_key'; $f->name = $f_name; $f->label = $this->_('Alchemy API Key'); $f->description = $this->_('Get Key there: https://dashboard.alchemy.com'); $f->columnWidth = 50; $f->value = $this->alchemy_api_key; $fs->add($f); } } (The NPM package is still not available publicly, but not fully required) I will come back later with a working example using a CDN and a small example of a built js app working with PW. In the meantime, I'll leave you to ponder.

Hi, This message is to be taken as informational and being transparency, NOT as a security alert. In short: The module code do not contain vulnerabilities, you are safe to use it. In depth: Years ago, I could spot some offsec users cloning/forking the project on Github. Theses last days, the project got more activities that can be seen on this graph and it look like the module is now included in some open-source offensive security tools. I took a few hours to find and go back to these tools and took the liberty of testing them myself on three online sites, based on Processwire with the module installed. I obtained no negative results, no red flags to deplore. What's more, the code is now monitored to automatically find and correct vulnerabilities in open source code and dependencies with security tools and DeepCode AI. If you ever find something or even if you are not sure about it, feel free to contact me by following the Security Policy. Have a nice day.

I don't know if "Woah... impressive!" or "WOW!" is the right answer to this.