Jump to content

Leaderboard

Popular Content

Showing content with the highest reputation on 07/21/2018 in Posts

  1. @adrian I guess it will vary. I can't see people with smallish brochure sites wanting it. However, I'm currently using PW to build an admin system for a charity. Most of the users are probably using their (child|spouse|pet)'s name + a year of birth as their password, yet they are trusted to handle their own client's confidential information on the system. I see 2FA as a big win for this kind of user, as a small change in log-in protocol can bring in a big benefit for the charity and its clients, by mitigating the risk of such poor passwords.
    4 points
  2. This week we’re going to discuss a new security feature that’s currently in development on the dev branch: 2-factor authentication. In this post we look at the benefits of 2FA, how it works, the coming implementation in ProcessWire, and more: https://processwire.com/blog/posts/2-factor-authentication-coming-to-processwire/
    3 points
  3. I would never rely on such online services. I also never let browsers save passwords nor credit card info (even worse). What I use is: https://keepassxc.org/download/ Original project: https://keepass.info/download.html
    2 points
  4. An update was made to the module to fix this; Please proceed cautiously and if you experience any errors or unexpected behavior let me know and revert to the previous version. bunch of things got moved around in the module; testing was done and all seems to work fine, but due to the large number of changes in this update, caution is advised;
    2 points
  5. Breadcrumb Dropdowns Adds dropdown menus of page edit links to the breadcrumbs in Page Edit. The module also adds dropdowns in Edit Template, Edit Field, Edit User, Edit Role, Edit Permission, Edit Language, and when viewing a log file at Setup > Logs. Configuration options Features/details The module adds an additional breadcrumb item at the end for the currently edited page. That's because I think it's more intuitive for the dropdown under each breadcrumb item to show the item's sibling pages rather than the item's child pages. In the dropdown menus the current page and the current page's parents are highlighted in a crimson colour to make it easier to quickly locate them in case you want to edit the next or previous sibling page. Unpublished and hidden pages are indicated in the dropdowns with similar styling to that used in Page List. If the option to include uneditable pages is selected then those pages are indicated by italics with a reduced text opacity and the "not-allowed" cursor is shown on hover. There is a limit of 25 pages per dropdown for performance reasons and to avoid the dropdown becoming unwieldy. If the current user is allowed to add new pages under the parent page an "Add New" link is shown at the bottom of the breadcrumb dropdown. If the currently edited page has children or the user may add children, a caret at the end of the breadcrumbs reveals a dropdown of up to the first 25 children and/or an "Add New" link. Overriding the listed siblings for a page If you want to override the siblings that are listed in the Page Edit dropdowns you can hook the BreadcrumbDropdowns::getSiblings method and change the returned PageArray. For most use cases this won't be necessary. Incompatibilities This module replaces the AdminThemeUikit::renderBreadcrumbs method so will potentially be incompatible with other modules that hook the same method. https://modules.processwire.com/modules/breadcrumb-dropdowns/ https://github.com/Toutouwai/BreadcrumbDropdowns
    1 point
  6. This module facilitates quick batch creation (titles only or CSV import for other fields), editing, sorting, deletion, and CSV export of all children under a given page. You can even provide an alternate parent page which allows for editing of an external page tree. http://modules.processwire.com/modules/batch-child-editor/ https://github.com/adrianbj/BatchChildEditor The interface can be added to the Children Tab, or in a new dedicated tab, or placed inline with other fields in the Content tab. Various modes allow you to: Lister - Embeds a customized Lister interface. Installation of ListerPro will allow inline ajax editing of displayed fields. Edit - This allows you to rename existing child pages and add new child pages. It is non-destructive and so could be used on child pages that have their own children or other content fields (not just title). It includes the ability to quickly sort and delete pages and change page templates. Also allows full editing of each page via a modal dialog by clicking on the page name link. This is my preferred default setup - see how it replaces the default Children/Subpages with an easily addable/editable/sortable/renamable/deletable list. Note that the edit links open each child page in a modal for quick editing of all fields. Add - adds newly entered page titles as child pages to the list of existing siblings. You could create a list of pages in Word or whatever and just paste them in here and viola! This screenshot shows the editor in its own tab (name is configurable) and shows some of the CSV creation options. Update and Replace modes look fairly similar but show existing page titles. Update - Updates the titles (and any other fields if you enter CSV data) for the existing pages and adds any additionally entered pages. Replace - Works similarly to Add, but replaces all the existing children. There are checks that prevent this method working if there are any child pages with their own children or other content fields that are not empty. This check can be disabled in the module config settings, but please be very careful with this. Export to CSV - Generates a CSV file containing the fields for all child pages. Fields to be exported can to fixed or customizable by the user. Also includes an API export method. Populating fields on new pages In Add, Update, and Replace modes you can enter CSV formatted rows to populate all text/numeric fields, making for an extremely quick way of creating new pages and populating their content fields. Predefined Field Pairings Like the field connections setup from Ryan's CSV Importer, but defined ahead of time so the dev controls what columns from the CSV pair with which PW fields. This is especially powerful in Update mode giving editors the ability to periodically import a CSV file to update only certain fields on a entire set of child pages. These pairings also allow for importing fieldtypes with subfields - verified to work for Profields Textareas and MapMarker fields, but I think should work for most others as well - let me know if you find any that don't work. Access permission This module requires a new permission: "batch-child-editor". This permission is created automatically on install and is added to the superuser role, but it is up to the developer to add the permission to other roles as required. Config Settings This module is HIGHLY configurable down to setting up custom descriptions and notes for your editors. You define one config globally for the site and then optionally you can define completely custom configurations for each page tree parent on your site. There are too many settings to bother showing here - you really just need to look through all the options and play around with them!
    1 point
  7. Get rid of the confirm password field and use an unmasking button instead Many articles like http://uxmovement.com/forms/why-the-confirm-password-field-must-die and recent user studies show, that there are UX problems with a confirm password field. Also there are comments who disagree with this behaviour. An example of a good password field UX is the signup form of MailChimp https://login.mailchimp.com/signup/ Luke Wroblewski from Google also described the problems with masked password fields, especially for mobile users: https://www.lukew.com/ff/entry.asp?1653 Why would the enhancement be useful to users? A confirm password field does not really add verification that you typed your password correctly. Users tend to make the same typing errors again, if they repeat their password. It would be better to use a show/hide password button, so a user can see the password he typed. This would remove friction and frustration. Luke even wrote, that he displays people’s passwords by default in the Polar app. I did not implement this at the time, but think it is a smart move. Maybe I implement it as an option. Fully functional module is ready Right now I have a working InputfieldPassword to use with AdminThemeUikit. Here is a video of the new Inputfield in action: https://youtu.be/PEWp89TOUsU It would be nice if you vote for this feature request on github if you think it is useful. You can download the module here. InputfieldPassword.zip
    1 point
  8. Instead of assuming clients won't need or want this kind of feature I asked some of my clients today already and some of those who have more than 1 or 2 editors are welcoming such a feature. There are concerns but those shouldn't be the problem as I think that Ryan and therefore ProcessWire will take care of those things. The concerns were: the possibility of a reset for already saved tokens (I don't know how and if this will work with the Google app) the possibility to reset passwords and disabling 2FA for a user the possibility to have exact one user to maintain those settings the possibility to enable/disable it site-wide with a config-entry One client (a one-man business) asked if it's possible to remove username/password and just use this kind of token to login. I personally would use this on my personal sites but won't use it on client sites, as this part could end in an extra amount of work for me.
    1 point
  9. Btw. Instead of "plain JS" I recommend Typescript . It makes JS less confusing and more securing, especially when you are coming from an OOP Language like Delphi, Java, C# .
    1 point
  10. Hey guys, @jmartsch's initial post has 10 likes but the Github request only 5 thumbs-ups. Those who really want to support the request please do not forget to perform that click either.
    1 point
  11. Thanks for the update on this amazing project. Looks more and more promising. Gideon
    1 point
  12. Yes! Very pleased to see this finally make it into the core. Thanks for mentioning my old module too - as it happens, I'm still using it, and just updated it to work with PHP7.2. Thanks, Ryan.
    1 point
  13. @Ivan Gretsky -thanks; sure - in short: FieldDescriptionsExtended Enhanced field descriptions ProcessDocumentation Main function is to provide help pages in the admin which can be separate, and navigable; Since you can control the pages, it allows admins to have any documentation page open in a separate tab or window; contrasting to Admin Help, which has the help information either contextually on the Template (in a tab) or all in 1 process page inside an accordion. This module also allows editors to download a PDF of the help page for offline reading, as well as various other helpers. AdminHelp Original module, not being actively maintained, but soon all of the elements of this module would be covered by ProcessDocumentation. Still helpful if you want the simple help tab on a template, or some basic documentation for a site, all on 1 process page, in an accordion. ----- The next version of ProcessDocumentation will include a feature to show help content contextually on any template, using a help icon in the breadcrumbs bar instead of down in the editor tabs. In addition it will allow for showing expandable/collapsible help text at the top of any Lister/ListerPro. So in the end, ProcessDocumentation should cover most needs for fully documenting and providing help for any admin.
    1 point
  14. Seems like a nice addition to your in-place documentation module suite, @Macrura: + I think that with PW in-place docs are a real help for editors. And you are the expert in this field. I would love to read or watch a screencast about all those modules used together. If you could find time to share your knowledge, that would surely be an awesome gift to the community. And yes, that is just a fancy way to ask something free for myself ?
    1 point
  15. I think I found a little glitch in the module. I've installed the module within a subdir based pw instance. Then the module won't find the nessecary js and css files. The field shows on the page edit page only a blank value and not that it find's no data. I fixed it - for me - with the following change at line 64 in file site/modules/FieldtypeRockGrid/FieldtypeRockGrid.module.php: After that it seems to work for me. Many thanx for the great module!!!
    1 point
  16. got it figured out. A faulty reference to uikit v2 was messings things up.
    1 point
  17. It seems some resources were loaded non-secure over http:// Try this: https://www.whynopadlock.com/
    1 point
  18. In case: https://github.com/Alexia/php7mar https://github.com/phan/phan https://github.com/phpstan/phpstan https://github.com/gisostallenberg/php-to-7-aid https://github.com/swisnl/php7-upgrade-tools https://github.com/wimg/PHPCompatibility
    1 point
  19. Will all those nice functions ever appear in the Api Reference or just when the dev reaches master? I am more or less afraid of forgetting all the nice features mentioned in the blog.
    1 point
  20. Checked some sites and no extra space. Even imported some new entries into text fields. Import Pages from CSV 1.0.6 ProcessWire 3.0.99
    1 point
  21. Oh... kay... as I use the CSV import module a lot I should check my sites to verify this issue. I never noticed any extra space so far but I will have a closer look now.
    1 point
  22. I don't know if this helps or if you already tried it but... .. does $pages->find("template=user, roles=member, limit=100, sort=street") work on its own? .. does your example work when there is no limit in it? .. does it work without pagination? .. are those wrong sorted entries in any kind special or do they have something in common? .. does it work in your dev-environment?
    1 point
  23. Received PM from @ThomasH ThomasH 0 Started conversation: just now Hi, sorry. i can't answer with a post cause i'm a starter here. i fixed my issue. DomainFactory have Problem with DNS. I used the IP address of the mysql server and it work fine. perhaps you can quote my answer and close the thread
    1 point
  24. I'm out of ideas right now. When your db host is fine and (as I assume) your db credentials are correct too there isn't much left to check. Have you tried to connect to your db with a simple PHP script to verify the database is working?
    1 point
  25. Please double check your database server host. As far as I know DomainFactory offered different versions of MySQL and your error message indicates a not supported MySQL version. For example: mysql4.domain.tld = MySQL 4.x mysql5.domain.tld = MySQL 5.x (should be used as we want MySQL 5.x)
    1 point
  26. Try: $rep = $ref->repeater_field->get(1222); It should get the you the repeater item with ID 1222. This is a RepeaterPage which is pretty much a normal Page object. I don't have very clear how you know which repeater item you want to edit and where are you getting the data that is meant to be set on the repeater items. Every repeater field is an array of pages, where you can also use the find/get methods to match pages through selectors. Also, every repeater Item can have it's fields set and saved pretty much the same as normal pages.
    1 point
  27. Hi, This morning the EU parlement has passed Article 13 with 10 votes against and 15 in favor. Have any memes on your website ? From now on the EU will censor them away. And this is only one example. You can fresh up about Article 13 here: https://www.eff.org/deeplinks/2018/06/internet-luminaries-ring-alarm-eu-copyright-filtering-proposal
    1 point
  28. Yep I see, it happen to me with LastPass (could be something different here) but to be sure, did you tried by disabling the PasswordManager ?
    1 point
  29. Could the culprit can be a Password Manager like LastPass or another one ?
    1 point
  30. You can create roles in ProcessWire. For example GuestsA, GuestsB, GuestsC and easily get 'em via Api. // Get them $usersA = $users->find("roles=GuestA"); // Check them if($user->hasRole('GuestA')) Also you can create custom fields inside the user-"pages". So you could create a selectfield which you can set with a hook after registration. $users->find("yourcustomfield=groupA");
    1 point
  31. Update: So I've been using Pete's dashboard module instead of the technique described above; it's quicker to setup, and easier to clone to other installs, and no need to have code in various places like the themes folder and in ready.php The hope/plan is to turn it into a full widget enabled dashboard module that i can install on various installations a) without having to do any hardcoding b) enable control over which widgets are shown on the dashboard (by user/role/permission) c) allow for easy configuration of colors, icons, columns, etc. To achieve this I setup some templates for different widget types, one is a shortcuts widget, another is a page lister widget; these each have pages and fields to configure them; i can set them to appear by user/role. in the future i can add different types of widgets as needed and then include them in the needed user's dashboard. This is using a combination of a free (MIT licensed) admin theme for bootstrap, but instead of using bootstrap as the css layout, it uses a tiny grid called rwdgrid which i s 2KB; it uses the box, and other widget classes from the admin theme.
    1 point
  32. Hola Hanna, actually I dont't know _x() probably this function but __("string to translate") (two underscores) translates strings in template files, or better to say let's you translate via /processwire/setup/languages/ So in your case you would either change the line from <html lang="<?php echo _x('en', 'HTML language code'); ?>"> to <html lang="<?php echo _x('de', 'HTML language code'); ?>"> or you in admin you go to /setup/languages/ select your default (german) language and click on_main.php to translate, somehwere there should be written "HTML language code" and there you enter "de" I used a different approach in _init.php I defined the following // define var $lang for use in tpl files if($user->language->name == 'default') $lang = 'de'; else $lang = $user->language->name; then you can just put this in _main.php <html lang="<?= $lang; ?>"> and of course re-use wherever you like. Or, you could use the languages title field or add another custom field to language template and name it for example "language_short_code" or maybe you got an already created textfiel which you could re-use here. then you don't need to override the default languages name but just output your shortcode field like <html lang="<?= $user->language->language_short_code; ?>"> Hope it helps, enjoy Processwire
    1 point
×
×
  • Create New...