Juergen

Ok, I have misunderstood the field a little bit ?. I have thought you only want to allow passwords containing the pre-defined words and symbols, so it will be easier for frontend validation to write the regex for. I find the idea great to offer password examples, that can be used or not. Maybe I am thinking of implementing such a feature to my module too. Yes, thats exactly what I have used too. For the username saniziation I have used "pageName" sanitizer instead.

Inspired by this topic, I have created my own solution: Creating dynamically a regex using positive look aheads. On my FrontendForms module I offer HTML5 browser validation beside the server side validation. Til now, it was not possible to validate the requirements of a password field by the browser, because I have not implemented a regex solution to this. Now I have created a method (function) to create a regex dynamically depending on the settings of the password requirements in the backend. The password field offers following options for the requirements: 0 => 'letter' // letter 1 => 'lower' // lowercase letter 2 => 'upper' // uppercase letter 3 => 'digit' // number 4 => 'other' // punctuation, symbol 4 => 'none' Starting form this array I have written the following method, which outputs a regex that can be used with the HTML5 pattern attribute to validate the password syntax. /** * Method to generate a regex for the password validation depending on the settings of the password field * @return string|null - returns the regex for usage in HTML5 validation attribute or null if requirements are set * to "none" in the backend * @throws WireException * @throws WirePermissionException */ public function createPasswordRegex(): string|null { // get the password field module $passwordModule = $this->wire('modules')->get('InputfieldPassword'); // get the password field module // get the password field by the name of the field inside the user template, usually "pass" $passwordField = $this->wire('fields')->get('pass'); // get the default requirements of the password module as stored inside the DB $requirements = $passwordModule->requirements; // password conditions can be overwritten on per field base, so check before if they are overwritten. Otherwise take the default from the module if (!$passwordField->requirements) { // if no requirements are stored in the database, take the default data from the inputfield default configuration $requirements = $passwordModule->requirements; } else { $requirements = $passwordField->requirements; } if(!in_array('none', $requirements)){ // create array of positive look ahead for all options of the password as defined in the backend $regex_requirements = [ 'letter' => '(?=.*[A-Za-z])', // at least 1 letter (upper and lowercase) 'lower' => '(?=.*[a-z])', // at least 1 lower case letter 'upper' => '(?=.*[A-Z])', // at least 1 upper case letter 'digit' => '(?=.*\d)', // at least 1 number 'other' => '(?=.*\W)' // at least 1 non-word character ]; $regex_parameters = []; foreach($regex_requirements as $key => $look_ahead){ if(in_array($key, $requirements)){ $regex_parameters[$key] = $look_ahead; } } // get the default min length value as set in the input field if present if($passwordField->minlength){ $length = (string)$passwordField->minlength; } else { // get the default value from the module $length = (string)$passwordModule->minlength; } // Concatenate all look ahead to working regex string and return it return implode('',$regex_parameters).'.{'.$length.',}$'; } return null; } Now I will show you some examples with different settings - please take a closer look at the pattern attribute. Just to mention: the min length of the password (in this case 5), will also be taken from the password settings. Example 1: only letters <input id="validators-required" name="validators-required" type="text" class="input" required="" pattern="(?=.*[A-Za-z]).{5,}$"> Example 2: letters with at least 1 uppercase letter <input id="validators-required" name="validators-required" type="text" class="input" required="" pattern="(?=.*[A-Za-z])(?=.*[A-Z]).{5,}$"> Example 3: letter, digits and symbols <input id="validators-required" name="validators-required" type="text" class="input" required="" pattern="(?=.*[A-Za-z])(?=.*\d)(?=.*\W).{5,}$"> Example 4: upper and lower case letters <input id="validators-required" name="validators-required" type="text" class="input" required="" pattern="(?=.*[a-z])(?=.*[A-Z]).{5,}$"> As you can see the pattern differs depending on the settings of the password field in the backend. Of course, this method needs a little bit more testing, but it works on every case that I have tested. The only parameter, that will not be taken into account is the complexity factor, but this could be solved with another Javascript function if necessary. Maybe this method helps or inspires others solving this issue. BTW: After testing, this method will be a added to the next version of my FrontendForms module?

Very good work @bernhard!!! I think the number of possibilities is enough! I have never thought about this, but it is logical, because no validation takes place. I have always used the same requirements on the frontend as in backend for consistency. What comes into my mind by using pre-defined passwords is, that I do not have experience about the acceptance for choosing a given password instead of your own. Personally I prefer creating my own password. From the point of security I guess it is a very good technique, because a lot of people tend to use the same password in different accounts and these randomly created passwords are passwords that probably no human would think of. Do you think of to create a regex which only allows the letters which are used for the four words in combination with the separators or what is your plan to validate the password?

Thanks @kongondo You are right, I have overread this ? - it was Sunday morning!! Maybe the regex for the username could be used with Javascript too. The validation of the password is not so easy in this case but you can use the password requirements as posted above, put them inside a Javascript variable and check them against multiple if conditions. This is what comes into my mind. Something like this: if(contains letters){ if(contains number){ if(contains symbols { .... } else { return false; } else { return false; } else { return false; }

Hello @bernhard I have created these validators for my FrontendForms module, maybe this can help you to create your own validations. Check username syntax This is the regex that I use: $regex = '/[a-z\d\-_.@]$/'; It contains all the allowed characters. I guess all allowed characters are listed somewhere inside a file of PW or in the API docs. I have found them somewhere, but I cannot remember where ? You will find the code of my validation here. Check password syntax The password is a little bit more elaborate, because you can set the characters that can be used by yourself. This is the code, that I use: $value = $_POST['yourpasswordfield']; // the post value of your password field on the frontend // get the password field module $passwordModule = $this->wire('modules')->get('InputfieldPassword'); // get the password field module // get the password field by the name of the field inside the user template, usually "pass" $passwordField = $this->wire('fields')->get('nameofyourpasswordfield'); // get the default requirements of the password module as stored inside the DB $requirements = $passwordModule->requirements; // password conditions can be overwritten on per field base, so check before if they are overwritten. Otherwise take the default from the module if (!$passwordField->requirements) { // if no requirements are stored in the database, take the default data from the inputfield default configuration $requirements = $passwordModule->requirements; } else { $requirements = $passwordField->requirements; } // set the requirements for the validation on the next line, so you can be sure that you take the correct requirements $passwordModule->set('requirements', $requirements); // Now check the password if the syntax fits the requirements return $passwordModule->isValidPassword($value); // returns true or false You will find the code of my validator here. As you can see, I take methods from the ProcessWire password module class to validate the password. I hope this helps you to solve your issues. Maybe you will find a better solution and I adapt my codes to your changes too. Have a nice Sunday!!

Version 2.1.38: This version now supports HTML5 validation for the 4 new validators added in 2.1.37 by using Javascript. It works by adding min and/or max attribute on the fly to the appropriate input field, if a value has been changed inside the reference field. Please read the full changelog here for more detailed information.

Hello @Andy Please update to FrontendForms 2.1.37 I have added 4 new validation rules for dates: dateBeforeField validator: Checks if a date is before a date entered in another field inside the form dateAfterField validator: Checks if a date is after a date entered in another field inside the form dateWithinDaysRange validator: Checks if a date is within a given time range in days depending on a date entered inside another field inside the form. Fe date must be in a time range of 7 days in the future starting from a date entered inside another form field. Example of time range: start date: 2023-05-15, timerange: 2023-05-15 - 2023-05-22. Value must be inside this time range. Supports a positive (future) and negative (past) days value. dateOutsideOfDaysRange validator: Checks if a date is outside a given time range in days depending on a date entered inside another field inside the form. Fe date must after the end of a time range of 7 days starting from a date entered inside another form field. Example of time range: start date: 2023-05-15, forbidden timerange: 2023-05-15 - 2023-05-22. Value must be outside this time range -> after 2023-05-22. Supports a positive (future) and negative (past) days value. You will find the explanations on how to use here: https://github.com/juergenweb/FrontendForms/tree/main#datebeforefield The complete examples on how to use them on inputfields can be found inside the examples folder: https://github.com/juergenweb/FrontendForms/blob/main/Examples/field-validation.php#L221 This is full PHP validation - no JS or JQuery. Just to mention: HTML 5 validation does not work for these validation rules. HTML5 validation have to implemented via JS - maybe I will add this in the future, but not for now. Just take a look if this solves your problem. Best regards

Hello @Andy Thanks for your input on date fields. To be honest, I have not focused on date fields, because I did not use them a lot, but you have inspired me to enhance them. At the moment, only these 4 date validations can be performed: date - Field is a valid date dateFormat - Field is a valid date in the given format dateBefore - Field is a valid date and is before the given date dateAfter - Field is a valid date and is after the given date You will find examples of these validations at https://github.com/juergenweb/FrontendForms/blob/main/Examples/field-validation.php#L210 I will take a look of what can be implemented of your suggestions. To sum it up once more.: You will need to set a time range on a date field, where dates in between are allowed, others are forbidden You will need a validator, that checks if the date entered in a second date field, is inside a specific time range depending on the date entered inside the first field To the first point, I guess I can write a new method, so you will be able to set the range ( fe $field->setRange('15-05-23', '15-06-23')) or something like this, where first parameter ist the start and the second parameter, the end point of the time range. To the first point: you can set a time range with dateBefore and dateAfter validators: $inputDate = new \FrontendForms\InputDate('date'); $inputDate->setLabel('Input Date'); // add the time range between 01-05-2023 and 30-06-2023 $inputDate->setRule('dateAfter','2023-04-30'); $inputDate->setRule('dateBefore', '2023-07-01'); $form->add($inputDate); For the second issue I guess I have to write a new custom validator, which takes care of the date in the first field. I will take a look what I can do :-)

No other issues have been reported till now and I have tested the module once more and have fixed some problems. Now the module works as expected in my case without problems. Today I have added the module to the module directory - please download it from there after it has been published. Thanks!

Version 1.2.3 is ready! PLEASE DEINSTALL THE OLD VERSION OF FRONTENDLOGINEGISTER AND UPGRADE FRONTENDFORMS TO THE LATEST VERSION BEFORE, BECAUSE THERE ARE A LOT OF CHANGES AND NEW FEATURES!! OTHERWISE YOU WILL GET ERRORS! Beside fixing a lot of bugs, this new version supports upload for an user image too. Supported Fieldtypes for images are FieldtypeImage and FieldtypeCroppableImage3. Please note: You can only use ProcessWire image fields with single upload - multi-upload fields will be ignored and cannot be selected. So if you want to use an existing image field or you need to create a new one, take care to set the image upload only to 1 single file. After you have added this field to the user template, you can select this field inside the module configuration and add it to the profile form and/or to the registration form. Take also care that this field is editable by the user, otherwise it will also not be selectable. Just to mention: Technically you can add as many image fields as you want to these 2 forms, but it would not make sense, because each user needs only one image. But if you want.... you can. There were a lot of changements taken, so please let me know if you discover issues. Best regards

Hello I have also tried to implement this solution to one of my modules, but I cannot get it to work and there are some questions open: Should I create this file manually and store it inside the module folder? I have tried this, but I cannot point the update url to this file by changing the config values as pointed out in this post: I have replaced "http://domain.tld/" with my GitHub account url "https://github.com/juergenweb/" but this points not to my manually created json file. It leads to "https://github.com/juergenweb/nameOfMyModule/?apikey=pw300" and not to "https://github.com/juergenweb/nameOfMyModule/myupdatefile.json". So the "?apikey=pw300" will not be resolved to point to the json file. Is there a special naming convention for this json file, if it should be created manually? Is this important to change too? Can someone give me an example of how I should do it by using a module located on a GitHub account?

You will pass every police interview! ?

OK, other people have struggled with same problem too. Using the module upgrade() function is the way to go, that works. https://processwire.com/talk/topic/26912-module-update-function/#comment-222616 Problem solved ?

Yeah, I have tried that, but nothing had happened. But maybe I have done something wrong. I will take a look if owerwriting, as you have it done, will be the better way to go. Thanks for your help!!!

Hello @all I need a Hook that will run after a user updates a module from the PW module directory. The reason for that is, that the update only affects files which are inside the updated module itself. If a module creates files or directories on other places of the systen, they will never get affected during an update. In my case, my FrontendForms module copies a file (captchaimages.php) from the module to the root directory of the PW installation during the installation process of the module. The problem is, if I update this file, running an update will never updates the file in the root directory. So this file will never be touched again after the installation. For this reason I need a Hook, that will run after a module was updated successfully, so I can write a code to update this file manually (or in other words to replace the file inside the root with the file from the update version). Can anyone help me if there is an appropriate Hook. Thanks in advance

Hello @Mfeuille Thanks for reporting your issue! Can you confirm that you have the required PHP version (8.0) installed. It seems that your system does not understand the union types on that lines. This is the case if you have a lower PHP version. Best regards Jürgen

This is the next module beside the FrontendLoginRegister module which is based on the FrontendForms module. As the name suggests, it has been designed to easily create a contact form for your site with the following characteristics: Fast and easy integration of a contact form inside a template by using only one line of code Show/hide certain fields of the form depending on your preferences and needs Beside the default fields you will be able to extend the form with additional fields if needed Highly customizable (change order of fields, add custom CSS classes,...) Run as many forms on one page as you want Possibility to offer file upload to upload multiple files, which can be sent as attachments Usage of all the benefits of FrontendForms (fe. CAPTCHA, various security settings,...) Multi-language IP of the sender will be send with the email too, so you can use it for IP-blocking if you will get a lot of spam from a certain IP To render a complete working contact form, you will only need to add this line of code to your template: echo $modules->get('FrontendContact')->render(); The output can differ from the image above, because it depends on your settings and customizations, but it will looks like similar to the form in the image. This module is completely new and therefore alpha stage - so be aware of using it on live sites! It works as expected in my tests, but it will need further testing. You can download the module here: FrontendContact or you can install it via the Processwire upgrade-module from the module directory. Alternatively you will find all files inside GitHub. You will also find a more detailed description on the the download page. Live example of this module: https://www.schulfreund.at/kontakt/ As always, please report issues or wishes here or directly on GitHub. Thanks for testing!

@Andy I will probably thinking over to add this feature (support for image upload). Technically, uploading an image without image manipulation should not be a problem in this case. At the moment I am quite busy on creating a new module for a contact form based on FrontendForms, but if I have more time left, I will probably give this feature a chance. Best regards

Hi Andy, Maybe you are thinking of profile images? I have thought about it, but my experience in the the past has shown me, that users do not upload profile images. A few years ago I have created a user registration with the opportunity to upload a profile image, but no one has used it... so I dont think so, because it would only make sense if you can manipulate (crop, position,..) the image after the upload to get the best fit for the image. This is very complex to implement. Best regards

Thank you for the hint @eydun I have added the requirements to the docs.

The custom user fields will be taken from the user template and mapped to the FrontendForms class. So PW fields will be re-written to FrontendForm fields. Take a look at https://github.com/juergenweb/FrontendLoginRegister#support-for-custom-user-fields Some of the values as set in the PW fields will be added to the FrontendForm fields too. Example: If you take the PW password field and you have set the requirements to at least "1 letter and 1 digit", this requirement will also be used in the Frontendforms input field for the password on the frontend. Validation will only be taken by FrontendForms. Does this answer your question?

Ok, Claus! You are close to the solution.? You will get every value by its name attribute. To add all of them to the body, I recommend you concatenate all the values in one string. $email = $form->getValue('email'); $message = $form->getValue('message'); If you have all of your $_POST values than you create your body string (fe with a little HTML markup). $body = '<ul><li>Email: '.$email.'</li><li>Message: '.$message.'</li></ul>; As the last step, add it to the mail body: $m->body($body); // or if you want to use HTML markup $m->bodyHTML($body); You will find a working example at https://github.com/juergenweb/FrontendForms/blob/main/Examples/contactform.php Best regards PS: If you will need help, please post the code of your form here.

Hello Claus, thank you for reporting the bug - it is fixed now. There was a missing typehint declaration at the label file. I have updated the module now to 2.1.26 - alternatively please replace the folllowing file: https://github.com/juergenweb/FrontendForms/blob/main/Formelements/Textelements/Label.php On line 20 I have changed the following: protected int $enableAsterisk = 1; // to protected int|string $enableAsterisk = 1; Best regards Jürgen

A module for ProcessWire CMS to integrate a user registration/login functionality based on the FrontendForms module. This module creates pages and templates during the installation for faster development. The intention for the development of such a module was to provide a ready-to-use solution for user management, which can be installed and put into operation in a few minutes. It works out of the box, but it provides a lot of configuration settings in the backend: Highlights "One-click" integration of an user login/registration system without the hazzle of creating all pages and forms by hand "One-click" switch between login or login and registration option Double opt-in with activation link on new registrations Option for automatic sending of reminder mails, if account activation is still pending Option for automatic deletion of unverified accounts after a certain time to prevent unused accounts Option to use TFA-Email if installed for higher security on login Mutli-language Select if you want to login with username and password or email and password Select the desired roles for newly created users Select, which fields of the user template should be displayed on the registration and profile form (beside the mandatory fields). Fields and order can be changed via drag and drop functionality Offer users the possibility to delete their account in the members area using a deletion link with time expiration Customize the texts of the emails which will be send by this module Usage of all the benefits of FrontendForms (fe. CAPTCHA, various security settings,...) Support for SeoMaestro if installed Lock accounts if suspicious login attempts were made Support of Ajax form submission This module runs on top of the FrontendForms module, so please download and install this module first. UPDATE 03.11.2023: The module is now available inside the Processwire modules directory: Frontendloginregister This module is early Beta stage, so please do not use it on live sites at the moment. If you discover any issues, please report them directly on GitHub ?. Thanks!

This works!!! Thank you so much!!! I can confirm, that the fieldset was always closed in my case. Maybe it has something to do, that the error was produced by a custom inputfield validator via a Hook. Best regards Jürgen