Robin S

If you are using an older version of PW and have Tracy Debugger installed together with SessionHandlerDB you can end up with truncated session data, which causes a CSRF error. See this post (and the thread in general) for more:

Hi @Markus Thomas, and welcome to the forums. In your code example, it doesn't really make sense to do... echo $c->fields; ...or... echo $p->fields; $page->fields is the same as $page->fieldgroup, which the API docs explain as follows: So the fieldgroup is the same for every page that uses the template (i.e. every Repeater item/page in the Repeater field), and you can't simply echo a fieldgroup object in any case. I think instead you want to get the individual subfields you have added to the Repeater field, and you normally do this by getting the subfields by name. For example: <?php foreach ($page->first_rep as $c): ?> <?php echo $c->title; ?> <?php echo $c->body; ?> <?php foreach ($c->second_rep as $p): ?> <?php echo $p->my_other_field_name; ?> <?php endforeach; ?> <?php endforeach; ?>

Could you work out the $feature_group_id of a given option in the code that processes the form submission? If that is difficult then another possibility is to use both the $feature_id and the $feature_group_id in the option value - that is, combine them into a single string with some character such as a pipe as a delimiter. When you process the form submission, explode() on the delimiter to get the two ID variables.

Hi @tpr, I just noticed that the position of the restore icon for PageListSelect looks a bit off when the field is inside a repeater:

You could have the template throw a 404 if it is not an ajax request, but I don't think there is any special security provided by $config->ajax. Putting your ajax response code into a template makes it no more or less secure than how you have it currently. Others here can probably advise you better about security than I can, but I think you'd need proper authentication if your code is returning something sensitive.

You probably did that because PW blocks direct access to PHP files inside the /site/ directory. If you are considering making a change to your site I think it would be better put the contents of file.php into a PW template file and access it as a page at mydomain.com/file/ or whatever. Also no need to bootstrap PW if you do it that way.

I could test it in my current project and report back, but the thing is that I need the file tagging to work inside an ajax-loaded repeater or else I have to go with a different approach. I've had a little look at the JS side of things but haven't been able to figure out what needs to change in order to get that working - particularly around the use of the PW JS config array when a field is ajax-loaded.

I think all that might be needed is to change instances of "InputfieldImage" to "InputfieldFile" and the module will work for both File and Image fields (because InputfieldImage extends InputfieldFile). I checked it quickly and it seemed to work, but might need some more testing or someone with deeper knowledge to verify.

Yes, it navigates between sibling pages, so you would use it when you are on a child page of Section 1, Section 2, etc. If you are on page Section 1 and you want to get the first child of that page you would use $page->child(). So if you want to navigate between levels as well as between siblings you would use some logic in your template to determine how you generate the navigation links. For example, check if $page has children and if so use $page->child(), otherwise use $page->next() - that sort of thing. Edit: I just noticed this... You can't have a page actually be another page (e.g. it's first child). Each page is an independent entity in the tree hierarchy. But you can have a page redirect to another page when it is viewed on the front-end. See $session->redirect().

I tested this and can confirm. @palacios000, could you please open an issue on GitHub for this? https://github.com/processwire/processwire-issues/issues

Hi @Jays and welcome! If I understand right, in your example if you are on "page section 1-2" you want to have a "prev" link to "page section 1-1" and a "next" link to "page section 1-3". If so then the API methods $page->next() and $page->prev() are what you're looking for.

Re #3: I'm not really up to speed on renderReady(), but because you are hooking an existing inputfield I think you may need to use the new renderReadyHook() hookable method, as hooking render() doesn't work so well for ajax fields when adding JS dependencies. This GitHub issue has a bit of background.

I think maybe this module uses the core ProcessForgotPassword module. You may need to set the config option for that module: "Email address to send messages from"

Hi @Macrura, a feature request: could you extend SelectizeImageTags to provide tagging support for File fields too? Hopefully not too difficult as I think the field types are quite similar. Thanks in advance! Also, I noticed a few issues with SelectizeImageTags: 1. The "Selectable Tags " inputfield shows "0" when the module has just been installed and no tags have yet been added. Maybe that's normal. 2. Line 129 isn't producing a proper array of tags in my Windows localhost environment. Changing to from PHP_EOL to "\n" did the trick but not sure if that's a fix that would work on all platforms. 3. The JS isn't initialising when the image field's visibility is set to "Closed + load only when opened (AJAX)", or when the field is inside an AJAX-loaded repeater item.

Learning Git has got to be a good thing (I need to learn more about it myself), but in terms of solving the "two computers for local development" issue in the quickest and simplest way I would have thought this would be the thing to look at: I think you want a single version of the files and DB on the laptop (in case you need to work away from home some time) and then access those on the desktop machine via a local network. Just leave the laptop on when you want to work from the desktop. Or another idea: just carry the laptop downstairs and work exclusively on that machine (I have a large external monitor and external keyboard I plug my laptop into when working at my desk).

@SamC, I usually do what @BitPoet suggests and create custom login and profile edit forms for the front-end if the user only needs to edit their profile (or some other single page). But there are a few modules and snippets around that take the approach of creating a custom dashboard in the PW admin for users with non-superuser roles and redirecting them to that when they log in rather than the page tree. Here are a couple of links, and just search for "dashboard" to find more: http://modules.processwire.com/modules/process-dashboard/

@adrian, just as an aside: reading the issue you opened on the Tracy GitHub about loading speed there was the suggestion that sessions are the bottleneck. Do you think that having the session data in the DB would speed up that data delivery? In other words, might it improve Tracy performance if both Tracy and SessionHandlerDB are installed?

Changing the data column type did fix the issue - thanks! I guess that issue occurs because Tracy is storing a lot of data in the session. Before changing the column type I did some logging of static::$showPanels - much of the time it would be an array but randomly sometimes null. No more nulls after changing the column type.

Thanks. Not worth your time to spend ages debugging 2.7.x issues, as just about everyone will be using 3.x going forward. I think perhaps just advise people using 2.7.x together with SessionHandlerDB to run the Legacy branch. Maybe the module could detect those conditions on install and select the Legacy branch by default. If it's of interest here are a couple of errors I see with Master branch + SessionHandlerDB + PW2.7.3: PHP Warning: session_regenerate_id(): Cannot regenerate session id - session is not active in /home/mysite/web/test/wire/core/Session.php:459 PHP Warning: Invalid argument supplied for foreach() in .../site/modules/TracyDebugger/TracyDebugger.module:756

I would have said only the Tracy config page (not sure why I didn't make the connection to Tracy straight away) but then I got a CSRF error trying to uninstall SessionHandlerDB also. So yes, SessionHandlerDB is installed, and uninstalling it does fix the issue. I am running the latest version of Tracy but the PW version is 2.7.3, and if it matters the SessionHandlerDB module is slightly modified to work around a timezone issue with the module that exists in PW 2.7. Uninstalling SessionHandlerDB won't be a solution for the production site because the module is used for IP address monitoring by the site owner. I'm not keen to upgrade the site to PW3 because there's no budget for that, but I can live with the Legacy branch of Tracy as I really only need the bardump feature anyway. What do I miss out on with the legacy branch vs the master branch?

Page Image Manipulator allows you to watermark image variations, which is more flexible than watermarking the original on upload. If you are concerned about sneaky visitors gaining access to the unwatermarked originals see @horst's solution here:

@adrian, I now think the issue is confined to the Tracy Debugger config page. The site is on a Linode server running PHP 7.0.15 and Ubuntu, yet if I have the "Master" branch selected within the Tracy config every time I submit the config I get a CSRF error. Also, the debug bar does not show in the front-end or back-end on the Master branch. If I temporarily disable CSRF protection, switch to the "Legacy" branch, then re-enable CSRF protection then everything works normally and I can submit the config. Any ideas what the issue is here? (Feel free to move this to the Tracy support thread if you think it belongs there)

I have a site where I periodically get CSRF errors when submitting forms in the back-end, logged in as superuser: "This request was aborted because it appears to be forged." What are the circumstances that will trigger a CSRF error? I know that a change of IP address will, but that won't be happening in this case. Only this one site is affected.

You mean if you are giving roles other than superuser access to to user management? I haven't looked into that a lot, but with a quick test it seems like once you give your "user manager" role edit access to the user template and configure the user-admin permissions for the role, the access to edit user pages is the same through the custom lister as through the default users lister (i.e. they cannot edit users they do not have the permission for). But you have probably investigated this more thoroughly.

@LostKobrakai, you can create custom user listers with ListerPro. They appear under "Pages" by default but you can move the page to be under "Access" and it seems to work fine there. You can also create bookmarks for that custom user lister, but not bookmarks for the built-in users lister (which would be nice).