Jump to content


  • Posts

  • Joined

  • Last visited

Posts posted by HerTha

  1. You are using "~=" while I'm prefering "%=" in this place - that's the only difference I can see right now. Should not make a difference, anyway?

    The error message, when admin, is like:

    Error: Exception: Unknown Selector operator: '%=!' -- was your selector value properly escaped? (in /home/abcdefg/public_html/wire/core/Selectors.php line 419)

    Other characters can also do such harm, for instance "?" or ","

    That site is running on PW 3.0.123, BTW

  2. I am setting up a front-end form to allow visitors to do a fulltext site search.

    When external input arrives at the system to be processed in database queries, security is a main issue. Therefore, all the (text) input for this form goes through a $sanitizer->text(), as a first step.

    Then, I thought using a $sanitizer->selectorValue() would be a good idea for building the selector:

    $results = $pages->find("template=contentpage,title|headline|body%={$sanitizer->selectorValue($search_term)}");

    Unfortunately, it turned out to be quite easy to crash the whole thing, for instance by typing a single ! in the search which gives a 500 server error for the visitor.

    Obviously, there are a number of scenarios (including the ! char) which are not catched by the sanitizer, but need to be taken care of. Anyone who can share a list of forbidden chars or an algorithm to handle the filtering more securely in such a situation?

    Of course, the whole filtering should not be overly strict, so the visitor can still find a few things...

  3. Just had a similar problem after switching from PHP5.x to a PHP7.1.x system. Fatal error in admin (line 117 of /wire/core/PWPNG.php) while rebuilding a PNG thumbnail.

    Obviously, utf8_encode() is not necessarily part of core PHP functions (anymore). I fixed the problem by asking my server admin to install the missing PHP XML module.

    Though, I wonder if it would be a worth the effort to avoid use of utf8_encode() in the PW core altogether? It seems to be used rarely - I found two places only in V3.0.123. Would iconv() do the job?


    • Like 1
  4. Website of a small technology business, currently based on

    • Processwire 3
    • jQuery
    • Magnific Popup
    • Font Awesome
    • Padloper

    with a fixed pixel width layout should get a new (more mobile friendly) skin, based on UIkit.

    Looking for help from a (front-end) developer, with good PW knowledge, to create a first mock-up with one typical page/template, including header/footer/menu components.

    No critical deadlines. Please PM for details. German would be nice, as well as English.

  5. On a (quite freshly installed) test site with UIkit3 profile and running on PHP7.1.24 I upgraded to latest dev (3.0.116 -> 3.0.122), which brings up an error message:

    Fatal Error: Uncaught Error: Call to undefined function ProcessWire\mb_convert_encoding() in /wire/core/Sanitizer.php:1036 

    Seems to be related to one of the most recent commits?

    May be specific to that particular PHP version?

    (sorry for reporting here instead of github)


  6. @justb3a thanks for providing this module!

    Before starting to use it to collect new subscribers, I had to import a list of existing newsletter subscribers from our old system.

    The list is just a text file with one email address per line.

    The amazing BCE didn't help in this case because PW users - while still pages - are somewhat special.

    I came up with a little script which can be invoked from a browser window:

    <?php namespace ProcessWire;
    include("../index.php"); // bootstrap PW
     * import newsletter subscribers
     * from a file 'subscribers.txt'
    $file = fopen("subscribers.txt", "r");
    $i = 0;
    while(!feof($file)) {
        $line = fgets($file);
        if($line == '') {
        $email = $sanitizer->email($line);
        if($email == '') {
            echo 'misformed email rejected: ' . $line . '<br>';
        $name = 'zzz-import-' . sprintf('%05d', $i);
        $u = new User();
        $u->name = $name;
        $u->email = $email;
        $log->save('newsletter', "User {$u->name} has been successfully subscribed with email {$u->email}");
    echo "<br>{$i} subscribers imported.<br>";

    I am not sure if a lot of other poeple need something like that as well - if so, maybe adding an "import" feature for the NewsletterSubscription module would make sense.

    Thanks for considering and greetings from the neighborhood!

  7. On 15.6.2017 at 1:54 PM, Mike Rockett said:

    Are you using the legacy branch?

    Thanks, Mike!

    Not sure what's the overall statistics (all users/installs), but for me it's still 100% 2.8.x

    (never touch a running system :-) )

    • Like 1
  8. Hi Mike, appreciate your work, even with tight time budget, thank you so much!

    I'd like to leave a comment on your suggestion to focus module development on PW V3 for future releases.

    As long as new PW versions are being released in the 2.8 branch, module support for this branch would be desireable, IMHO.

    Thanks for considering!

  9. First of all: Thank you for providing this awesome module! It seems to be a whole toolbox - the horn of plenty for page editors, so to say!

    Just installed BCE 1.4.4 on PW 2.8.35 on a test site. All looked great and shiny, but then I ran into a problem:

    I prepared a page with local BCE settings for updating it's 4000+ children. I have defined field pairings just with title and another text field to keep things simple in the beginning. A single line of CSV like Helium,He serves as the input. Thouugh, when I hit Save to start the update I am constantly getting:

    Warning: Creating default object from empty value in /home/.../public_html/site/modules/BatchChildEditor/BatchChildEditor.module on line 1321

    Fatal error: Call to undefined method stdClass::isChanged() in /home/.../public_html/site/modules/BatchChildEditor/BatchChildEditor.module on line 1322

    Any ideas what could be wrong?

  10. I am using ImportPagesCSV to import and update images for some product pages.

    Each CSV line contains the title field of a page and the URL of an image to add to this page.

    While this basically works just fine, I need to change the behaviour in some aspects:

    1. prevent the module from creating any new pages (only add images to existing pages)
    2. any existing images with identical name should be overwritten (replaced)
    3. the image just added should become the first image (index 0) in the image field

    For 2) I tried setting the "Overwrite existing files" option in the image field settings, but that did not help.

    Anyone to give me a hand, please?

    My programming skills seem too limited to identify the right places in the module's code, I'm afraid...

  11. Fellows, I need your advise:

    I am going to use a page field to select (one or more) related products. Everything's nice with just a few products to select from. With a large number of products (say 5000) I am running into trouble, though.

    When using a PageListSelectMultiple input field the user needs to browse through all ~100 columns of pages to find the desired entry.

    When using an AsmSelect input field it is possible to type in the beginning of the desired entry, so it's fairly quick to navigate to the right entry. However, every page (in admin) with such AsmSelect loads with quite some delay because all 5000 page field references have to be collected first. It actually prevents a fluent workflow.

    So, I wonder what's best practice to select from a page field with many entries, provided you know the name (or at least part of it) of the desired entry?

    I don't want to spread the product pages into subfolders at the moment because this would affect a lot of other functions of the site as well.

    I could imagine some text field where you can type in the beginning of the entry name. When hitting return a (reduced) page tree comes up with matching results. And if entering the complete entry name, the page would be added to the list of selected pages instantly, without displaying the page tree first. Does some method like this exist already? Other suggestions, anybody?



  • Create New...