Pete

The only thing I would add to blynx's approach would be to add a CSRF token to the form so it can only be submitted once rather than someone spamming the Submit button - more on that here: https://processwire.com/talk/topic/3633-prevent-form-resubmission/?p=35585 Other than that I use almost the exact same approach in some of my own forms. EDIT: Oh, and so you don't get stuck with the default form styles/classes/markup: https://processwire.com/talk/topic/2089-create-simple-forms-using-api/?p=39436

I ended up ripping apart my code and starting again The original version was based on an older version of Fredi, so I went back and found that Apeisa was doing something totally different there now. Sure enough, adapting the newer Fredi code for my purposes worked well. It also gave me some good ideas for quick custom admin forms too but I don't think there are enough hours in the day to work on all these ideas unfortunately

Hmm... now when I save the debug error is gone, but instead of putting in a created date in the table for that file, it just deletes it!

Duh, turn debug on - it helps! Because my custom form render function was skipping some fields in certain scenarios, one of them isn't there when another one is trying to use it as a dependency. Whoops! Should have this wrapped up in 5 mins - should have realised about 3 hours ago

Setting the field to overwrite seems to skip the draft status on file fields introduced here: https://processwire.com/blog/posts/processwire-2.5.7-core-updates/ which works around my issue. What I still don't understand is why when saving the page with the file field it's no changing them from draft file status to published (putting a created date in the "created" column for the file in the DB).

Hi guys and gals I've created a backend module that essentially just loads in a template and its fields and this saves fine with file fields. My issue is on that page I've created a modal window that also does the same with some other file fields and these get created in the DB with a creation date of 1st Jan 1970, +10 seconds (so basically the Pagefile::createdTemp constant). Next time I go to view this modal window with the files in, the files are deleted: So it seems that files saved by the modal have no date set, which is confusing as the modal page is saved, whereas the parent page - using near-identical code - saves the files with a created date. The code used is this (more or less): if($this->config->ajax && (isset($_SERVER['HTTP_X_FIELDNAME']) || count($_POST))) { $subfiles= $this->input->get('subfiles') ? true : false; // If we're dealing with a file submitted through the SubFiles modal if ($subfiles) { $this->pageContext = $this->pages->get('id=' . (int)$this->input->get('subfiles') . ', include=hidden'); // else it's the parent page the modal was opened on } else { $this->pageContext = $this->pages->get($this->input->urlSegment2)->child('template=attachments, include=hidden'); } $this->pageContext->setTrackChanges(true); $this->input->get->id = $this->pageContext->id; // ProcessPageEdit expects a GET or POST called 'id' $this->pageEdit = $this->modules->getModule("ProcessPageEdit", array('noPermissionCheck' => true)); $this->pageEdit->setTrackChanges(true); $this->pageContext->trackChange($_SERVER['HTTP_X_FIELDNAME']); return $this->pageEdit->ajaxSave($this->pageContext); } Any ideas? It's really difficult to explain, so hopefully someone knows what I'm talking about

Just using a variation of this and, although I'm importing a large amount of posts and pages (pages was quite interesting - not a lot of changes required to import the tree structure as well! ) I do still of course have to go through and check all the pages just in case. This has been a huge help - thanks Ryan!

The idea of a separate URL and repo of modules that folks can set up themselves had crossed my mind, but that wasn't what I thought the OP was asking - now I read it again it was I do like the idea of this if it's easy enough to do.

Hi Thomas I don't think that's practical really mainly because there is a workflow involved with modules appearing in the modules directory. Someone actually takes the time to approve entries (and updates) I think so opening it up to private use would add more burden to the person/people managing that. If you use them across most of your sites, or you don't mind them sitting there uninstalled on the occasion you don't, why not create a Site Profile for yourself where these modules are bundled? It's pretty easy: http://modules.processwire.com/modules/process-export-profile/ So easy in fact I need to do this myself as I'm finding lots of repetition with my installations lately

Before posting, it's worth noting there is an existing section on Security relating to ProcessWire in the Docs section of this website: http://processwire.com/docs/security/ It contains several sub-pages that are worth a read as they offer code examples where appropriate and pointers for general security beyond ProcessWire.

Done. I've been woken up early by my darling daughter (5am...) so doing this on my phone means I can't set where it appears in the forum list so it's below the Jobs forum for now. I would suggest a couple of starter topics - one signposting to the existing docs and another if someone wants to kick off with an example of form validation/sanitation that we might all use on a daily basis (a simple contact form perhaps).

QuickForms? SimpleForms works too. RockettForms sounds cool too I'm actually less interested in the processing than I am of the very first part - JSON array converting to HTML output (which needs to be configurable of course for different form elements so you can use with different UI kits or file uploaders etc).

A great idea - I've been thinking about something similar for a while but just don't have the time myself so will be keeping an eye on this with interest

Welcome to the forums Tom! All kudos to Soma for the cheatsheet. Best thing since sliced bread More detailed examples are a little slower in happening but some of the items do have examples, not all. Shift and Pop are like their PHP array equivalents - shift gets the first item from the array, pop the last, and essentially removes it from the array for use right now. So your example would be something like: // Shift the first item off the beginning of the array to use right now. It's no longer in the array for this instance of the page $featured = $page->gallery->shift(); echo $featured->size(800,550)->url; // Get the footer item now for use later on - we don't want to iterate over it when displaying the other images just below: $footer = $page->gallery->pop(); // Now do some funky gallery stuff - this instance of the gallery array no longer contains the first and last items it did earlier foreach ($page->gallery as $item) { echo $item->size(400,400)->url; } // And now we can echo the footer echo $footer->size(800,550)->url; That should work, though typed into the browser and untested - let us know how you get on P.S. It is also perfectly acceptable to create two new single-image fields for featured and footer - might keep things neater in the admin for you - but this was an interesting request to explain some less-used functionality I think so I went with it

^ That's the same module I linked to But yes Beluga, you're right and that's what I would say too - the API isn't going to fundamentally change any time soon so the majority of frontend development like this module shouldn't be affected by upgrades most of the time. I would say actually admin modules have a little more chance of being affected by upgrades when larger new features are added to PW, but that's why you have to make the decision for yourself which branch you download from Github for your sites. You also have to balance this with the other responsibilities of being a web developer/admin - any updates should theoretically be checked by yourself on a non-live copy to see what the impact will be on the modules/templates you're using. This is best practice, however it doesn't always happen (I know I'm guilty of throwing caution to the wind with my personal sites anyway ). And of course when modules aren't updated or code breaks, there's a forum full of folks here to help out. I think in the absolute worst case scenario, if a module you like doesn't get updated for compatibility with newer versions of ProcessWire, you don't actually have to upgrade ProcessWire itself on the affected site. I know that, unlike any other CMS I've used, my sites are all on varying versions of ProcessWire and ticking along quite nicely which is nice.

Interesting - just the basics like registration, login, change password, email address and name etc? Isn't that what this module does: http://modules.processwire.com/modules/frontend-user/ ? I've not used it myself but seems to be covering similar features.

Not a problem, and glad it worked out for you. Sometimes the easy way is the way to go when you're on a tight timescale that can't be changed, even if you know there could be a better way. Web developers aren't supermen after all (with the exception of Ryan of course). What was the skin you used in the end, just out of curiosity? I don't really like the default one that ships with MediaWiki myself - feels a bit outdated.

This one is pretty fun and gives some ideas on how to make things fun and interesting (just the first 5 mins, once he gets started): https://www.livecoding.tv/video/live-with-stephen-wolfram/ Could have a PW one where you get ideas from the audience before starting and run through a bunch of common scenarios that way

CKEditor is already in the core of ProcessWire nowadays so you don't need to install it again. Simply delete the /site/modules/InputfieldCKEditor/ folder and it will go away. Several versions ago, TinyMCE was the default, so that's why the module exists, but isn't needed on newer installations.

Is it a PW page and you're typing code into a textarea in the admin and saving it or something like that? If it is then it will likely be some mod_security settings on your server that don't allow things that look like code to be sent via forms. Sometimes even individual words can trigger that - "Select", "Drop" etc - since to mod_sec they look like someone trying to do some damage.

Fixed the typo, thanks. The issue with uploading images is proving more difficult - I will have to come back to it tomorrow.

Hi folks There is an issue with the profile form not saving locations at the moment, and I'm not sure it's saving photos either for some reason. I will do some testing tomorrow and then notify those of you who are affected by this by the end of the week, but it seems to be profiles submitted in the last couple of weeks.

@diogo - I've had this suspicion for a while that someone at Google likes us - ever since I realised posts on this forum are indexed on Google within minutes, which doesn't usually happen on such a relatively small forum (at least to my knowledge). Now this has happened - this doesn't seem to crop up for some of the "major" systems out there so... thanks Google! (Or if it's just that Ryan has been applying the correct schema's in the HTML then thanks Ryan).

The cynic in me says it was just about getting publicity, customers and not about the actual cause at all, but maybe I'm just too negative nowadays.

Yeah, I moved house a few months back and haven't cranked my desk up to standing height once yet - very lazy. That must change today!