Jump to content


  • Content Count

  • Joined

  • Last visited

  • Days Won


thetuningspoon last won the day on May 18

thetuningspoon had the most liked content!

Community Reputation

542 Excellent


About thetuningspoon

  • Rank
    Hero Member
  • Birthday 11/03/1986

Contact Methods

  • Website URL

Profile Information

  • Gender
  • Location
    CT, USA
  • Interests
    Design, Programming, Tiny Houses

Recent Profile Visitors

12,854 profile views
  1. At my job we have our own profile that we've created using the most recent version of the profile exporter (v3). Recently we added some new features including some repeater matrix fields to the site that the profile is based on, and re-exported the profile. Now when we go to install the site (submit the database configuration details), the installation times out. I tried upping the timeout in php but it just chugs and chugs. I tried installing using both the current master (3.0.148) and the current dev (3.0.153) version. The blank profile that comes with PW installs no problem. One point of interest here is that we typically use InnoDB for our sites, but the site that is the source of the profile was MyISAM. I tried installing the profile using MyISAM, and it WORKED. So my thought was that maybe if I converted the profile source site to InnoDB and re-exported, then I could install the site with InnoDB. Unfortunately, after doing so, now I cannot install the profile with either InnoDB OR MyISAM (both just hang). Any thoughts on what could be at the root of this, or some way that we could troubleshoot it?
  2. For anyone stumbling on this old thread, it looks as though Ryan has now addressed this issue (though I have yet to have a chance to test it):
  3. @gmclelland UI Blocks is a front-end output strategy that we built at Solution Innovators. Not in the module directory yet due to a lack of good documentation. But I'm getting close to having that ready 😁
  4. Thank you Ryan! The slow rebuild of the page parents table after doing a clone is something that we've run into on one or two of our projects and I'm delighted to hear that this has been addressed.
  5. I can't be limited to just 5... ListerPro MarkupSitemapXML ProFields Table ProFields RepeaterMatrix AdminPageFieldEditLinks AdminModalception Decimal TextformatterVideoEmbed ProCache ProDrafts UI Blocks
  6. Ok, I'll admit it, even I have a hard time remembering the name of AdminPageFieldEditLinks 😂 I'm glad it could at least serve as inspiration for this nice enhancement!
  7. Happy to help! Let me know if you want me to go into more detail on any of these and I will do my best.
  8. Hi huseyin, 1. Use the appropriate Sanitizer methods to test user input from post and get. Depending on the circumstance, you'll either want to validate (reject it completely if there's something wrong with it), or filter/sanitize it (accept it but strip out unwanted characters). If doing both filter and validate, do your validation AFTER your filtering. 2. Even more important than step #1 is to use escaping on your output. This means using htmlspecialchars() or htmlentities() or $sanitizer->entities() when you output any field from the database or user input to the page (if you have htmlentities setup on your field's output formatting, then you can skip this step for those fields). Even if you mess up on the filter/validation from #1, as long as you've escaped all of the html, you should be ok. 3. When using user input (get or post variables) inside ProcessWire selector strings, use the Sanitizer::selectorValue() method on the value first. Even better, just use Selector Arrays since selectorValue can sometimes strip out characters (quotes and commas) that you actually want to search for. 4. If you're using any SQL directly, you must use prepared statements to bind any user input, which automatically escapes the input for SQL. 5. For protection against Cross Site Request Forgery (CSRF), use ProcessWire's SessionCSRF class when building custom forms. See https://processwire.com/api/ref/session-c-s-r-f/ for details on how to use this. 6. Don't use GET for secret data (passwords, security codes, etc). That data can get picked up by browser extensions or appear in server logs that might get compromised. 7. Use SSL/https on your whole site.
  9. I'm a little unclear what the question is here. A ProcessWire selector ($pages->find($selector)) gets converted to a "direct database search", so there is no issue selecting from millions of pages, unless you're expecting to get thousands of pages back from it. Can you clarify what you're trying to accomplish? Edit: Sorry, I should have read your second question more carefully. As others have mentioned, only fields with autojoin turned on would be loaded with the pages (names are always included). After loading you could use WireArray::explode() to get an array with just the names. You might also try Pages::findMany() to prevent memory overload (though that will probably not work with explode) . But if you're talking about thousands or more you'd be off going to RockFinder or straight SQL.
  10. @LostKobrakai Ahhh... I understand now. Thank you for explaining that. Having said that, I'm having a hard time thinking of many cases where I wouldn't want the local time/wall time to change when the definition of the timezone has changed. Otherwise, the value is no longer correct according to the new definition. I'm sure that there are cases where you would want the old wall time preserved (even in your example it is not clear to me whether you would want the wall time or the absolute time preserved for your appointment), but it seems like they would be be few and far between compared to the cases where you would want the values to be able to update dynamically and to be able to easily convert between time zones. My current solution to this problem is to set $config->timezone to UTC at the start of a project that needs to work with multiple time zones and leave it there, converting values to local time as needed on the front end. Perhaps this is what @ryan always had in mind for such situations, but it does require some foresight. Otherwise you do end up with a real mess. Can we all just agree that time zones should be abolished? 😅
  11. Are you saying that there is something wrong with my proposed solution, or are you saying that there is something else wrong with the existing field type? I think either your post went over my head, or you may be misunderstanding my proposed solution. I think the solution is not actually that complicated. ProcessWire natively works with timestamps at runtime, which are always UTC-based. If I save something as a certain timestamp and then my PW/server/php time changes for any reason, I should be able to expect that the timestamp I get back from the field remains the same as the one I put into it. This is how it would work if the field stored a UTC string instead of a local string. Currently, what I get back is effectively a corrupted/meaningless value. I cannot change my $config->timezone once I've initially set it. What timezone the user sees or inputs a date in on the site's front end is a separate issue and is up to the programmer to determine and make clear to the user and convert to/from as necessary. But the programmer should be able to trust the timestamp they are working with when they save and retrieve it from the database. What does this mean?
  12. These updates sound great. Thanks, Ryan! On a related subject, I recently (and painfully) discovered that the DateTime field stores dates in the database as a string (MySQL DateTime) in whatever timezone PW is currently configured to. So if you change your PW time zone, the date string you get back from the DB is now interpreted to be in that new time zone rather than the one it was originally entered as. In other words, the unix timestamp you get out of it is no longer the same as the one you put into it. It seems to me that the "correct" way to handle this would be for the unix timestamp to always be converted to and stored as a UTC string in the MySQL DateTime field, and then converted back to PW's current timezone at run time. This would be an extremely simple change to PW's DateTime field (using gmdate() instead of date() when storing and using php's DateTime class with UTC timezone specified when getting the value back). Then when someone changes their timezone in PW, the absolute values of the dates would stay the same. Only the time zone (how they are represented on the front end) would change. So different users could have different time zone settings and view the PW back end in their own time zone, etc. The problem, of course, is that this would break existing installations, so this would have to be added as a new module or as an alternative version included in the core. Ideally when you converted an existing datetime field to the new version it could automatically update your database values from the current PW timezone to UTC.
  13. Thanks Joss. Glad you found it and it's working well for you. We use it on all our installs where I work.
  14. Hi jploch, Sorry I missed this before. Which input field(s) is the auto-select not working for? Also, which PW version and admin theme are you using? Glad you're finding the module useful!
  15. I've encountered users who don't even know what a tab is, and are confused when they cannot get back to the site they were on before by just hitting the back button! It's no use keeping your site up in the background if your users don't know how to get back to it 🙄 So on principle I agree with @adrian on this, but our clients still keep asking for target="_blank", so that's that.
  • Create New...