cwsoft

I am developing on XAMPP too. Just added a little condition in my .htaccess, detecting if I am on localhost or live. When live, I redirect all request to non www with https. On localhost, I just use http. Only thing you need to remember, is that you can‘t set PW to force admin login to use https, as this would break login on localhost. Even wrote a small tutorial dealing with basic auth and https a while ago .

@netcarverThanks for the link. Yes guess Database and WireRandom are both good places to learn about the code used to hash and set the user passwords in PW.

Hi, can someone point me to the code base where user->pass property respective the user->save method is defined in code? I would like to study the PW password hashing and storing a bit more in detail. From what I read in the core User/Users/Page classes, the user->pass prop will be automatically hashed when the user object is saved. I would like to investigate exactly that code which fires up when saving the hashed version of the unhashed password set via the user->pass prop. Any hint or link to the relevant code base in the Github repo would be highly appreciated. Cheer

I don‘t use jQuery in the frontend, unless I want/need to use a third party plugin, which uses jQuery as dependency. One of those repeating plugins I use quite often on the frontend for convenience is DataTables. Whenever I output structured data as data table on the frontend with more than 20 row (tr), I almost always make this table sortable by columns and filterable (only show matching rows) via this plugin. Simply to give the frontend user some intuitive options to quickly narrow down the relevant data. DataTables is powerful, well customizable and well tested. Of course I could implement that stuff with vanilla JS myself. However my next customer needs another feature I would need to manually add, where with DataTables I just switch of stuff I don‘t need for a specific customer via a simple config array (e.g. disable pagination, sorting, filtering, showing detail infos etc.). Same is for font awesome, CSS grids and so on. If I only need a handfull icons, I just go with png files or UTF8 code points instead of the full blown fa-suite. If I just want to collapse some paragraphs like an accordion, I normally go with some handmade vanilla TS/JS and SASS/CSS3. But if I need to spend lot‘s of time writing TS/JS for more serious work already supported by a jQuery plugin like DataTables, I don‘t spend too much time to reinvent the wheel and just go with the jQuery Plugin. Image sliders, hero headers etc. would be examples for using jQuery too. The best part of ProcessWire is, that Ryan give us all the freedom and options to use whatever we would like to use for a specific project in the Frontend with no predefined framework (like Bootstrap) one would need to use by design.

Than I let it unchanged ?

@rastographicsBreaking HTML templates into blocks, sections or partial files is what Latte supports out of the bocks. Details see https://latte.nette.org/en/template-inheritance. Maybe you can a small writeup of your approach with htmx an PW once you made your way through.

@rastographicsYou can find some additional infos in this post here. Meanwhile I used the 2nd approach shown in the linked tutorial with a slightly modified setup (e.g. proper namespaces, use statements, method names etc.) to implement Latte template engine in all my new projects so far. For Latte I would go with official Latte documentation linked above. In addition I would read the Custom Page Classes tutorial linked and watch Bernhards video. Then I would start off with a first project and use normal PW template files (like a controller), loading the required latte template (view) and implement my page specific methods via custom page classes. Nice part is, that you can call the specific page methods via {$page->myAwesomeMethod()} in Latte view too.

Have you tried Content-Type: application/pdf (with space after colon)? Does it work with PW if you remove the .htaccess file? Have you tried different PDF and different browsers too?

The line with the readfile command has three dots at the end which seems strange to me and then adds whatever is your $download variable. Have you checked that path e.g. via outputin template and checked if file is readable?

@BoostGuess stability, security and privacy data protection. I don‘t like my IP send to CDN servers and for some of my customers this would be a no go at all.

I do like to refine some of my code in little steps or to prompt the AI for specific questions on my own code, like I did in the past as part of a development team with my human colleagues. Thats where AI is really not so bad in my opinion, at least if you are working alone on projects and there are no human colleagues you could ask.

Yepp. No big difference from copying code from Stackoverflow and executing it if you are not really understanding what it is doing or to clone and run stuff from Github repos you don‘t own or trust, or entering the NPM dependency hell for something which just pads a string with leading numbers loading other node packages to do the job for example.

@da²Guess Bernhard still checks the generated code for stuff which may break things like rm -rf commands before blindly copying and pasting code to clients projects or executing it blindly on his system with root permissions ?

Have realized my guest login via a custom HTML5 frontend-login form and the PW API $session->login() to log in the user with the provided credentials. Combined this with $session->redirect() to route to the page which requested the authorization via $input->get() param on success or back to the frontend-login page on failure. Finally I used the receipt from @bernhard above in templates/admin.php to send frontend-users identified via $user->hasRole() to the home page when they trying to enter the backend. This allowed me to restrict all or certain pages from non authorized access via a simple method implemented in the default page class. Pretty slick what can be achieved with the great PW API plus core and the power of Latte templates of course.

Have reworked all my projects with Latte and CustomPage classes and the code is more clean, way easier to read and maintain and more structured now. Definitely recommend diving into Latte and CustomPage classes for new projects to anyone. Both techniques were easy to learn and paid off quite soon in my projects.

Hi, yepp ChatGPT or Copilot with VSCode are great ways to refactor code or automatically add features by prompting your needs. Don‘t use StackOverflow very often these days.

Hi, so far worked with Copilot and VSCode. As I have an OpenAI API key as well, I will try out Cursor this weekend. Thanks for sharing the info.

@bernhardThanks for the link and code snippet. Second part is what I had in mind. Your hide from guest method from RockMigration looks like what I am after, thanks for sharing. Need to check if my guest users can have a 40-digit uniqueID as username, than I guess I have all the pieces together to realize the idea I have in mind.

Hi, as htaccess BasicAuth gets more and more blocked by admins via policy rules, I am searching for an alternative solution to hide a PW site from public, non authorized users and spam bots. The „guest users“ should only be able to see the PW frontend after login, but not be able to see the PW backend. The „guest users“ should not even be able to change their login credentials. Login credentials for the up to 500 „guest users“ will be created by the admin in advance and distributed manually e.g. via Email or public post. What would be the best option to realize something like this with PW core or PW modules? Any tip or hint to point me into the right direction would be highly appreciated. Cheers cwsoft

I do the following. Copy all files of the live site via FTP to my local dev environment (e.g, /htdocs/pw-test). Create a backup of the MySQL/MariaDB via phpMyAdmin (online). Open my local dev instance of phpMyAdmin (XAMPP) and import the database. You may need to change the DB settings in your local /site/config.php file in case the DB credentials differ between live and local DB connection.

Two ideas. Give training to the authors not to submit login twice, or explain the error and how to avoid it. Second option is to apply the code changes you proposed and see how it goes. You should consider not to disable login button on wrong user inputs too, otherwise users may not be able to login at all.

Ok. I finally followed my initial tutorial step by step based on a clean ProcessWire 3.0.229 with basic blank profile (output strategy Markup Regions) and PHP 8.2.4. Following the steps and copying the code one by one showed no warnings or errors at all. Of course i needed to adapt the events.php template for markup regions to see the output. However I found two possible traps one can step into. First trap is related to the installation process of the Latte composer package. If a default ProcessWire composer.json exists in the root of your installation, composer asks to use this composer.json file. If you answer Yes (default), this would install the Latte files in /root/vendor instead of /root/site/classes/vendor as I assume in my tutorial. This could explain the file not found error you mentioned. In order to install the Latte composer files inside /root/site/classes, one needs to answer NO to the composer question "Should I use the composer.json in the root?". Added a note in my initial post to avoid this trap. Second trap could be your template output strategy. My tutorial assumed you are using delayed output strategy, not markup regions or others. If you use markup regions, you won't see any Latte output in the events.php at all. So I decided to add an example for markup regions for the events.php template too. In your specific case, the error may be related to the fact that you already installed other Latte template implementations like RockFrontend, LatteTemplateEngine module or others, which may affect each other (e.g. namespaces, autoloaders). So I guess if you would start with a blank ProcessWire installation, my initial solution should work out of the box for you as well ?.

Seem I lost the overview of all your rockstar modules and snippets ?. Anyway keep on rocking. There is almost all times a useful RockX which fits your needs or solves a problem for you.

By bootstrapping Processwire via external PHP script and execute it via console or web browser. Some infos can be found in this topic https://processwire.com/docs/front-end/include/. Another option may be RockMigrations from Bernhard https://processwire.com/modules/rock-migrations/.

@maetmarFrom an earlier post it seemed you got my 2nd code example where I include a simple Latte class via _init.php working. That‘s the approach I used for the refactoring of two medium sized sites. Worked great. One site used delayed output the other layout regions before with plain PW PHP templates. Converted the main template to Latte and also used a simple MVC approach with Latte as the view part in those two sites. Very flexible setup and easy to transfer to existing sites or start off right from the beginning for new projects too. I will go with this setup for my next projects until I feel the need for more complex features like PW translations in Latte files available in RockFrontend for example.