webhoes

Interesting. Are you willing to share you module? I have not been able to get a secure setup myself. The pageload in my case is my security setup. I check for referenced users from a parent page or parent parent page. This is really time consuming.

I made a similar something, but it increased the pageload by 3 seconds. This is too much. Do you give the user temporarily page-edits upon granted request of that page?

@MarkE, did you get this working without giving user page-edit rights?

Hello, I am working on a site where multiple users have one ore more pages (studbook). These pages can contain children (animal) and animal can have a child (transfer). I created an admin before the PW admin. Here users can see their the pages the have their users_created_id. I use the feel module for editing. But if someone right clicks the edit button, they end up in the PW admin and can see everything (not allowed). So I created a module to redirect everybody but superuser from the admin templates (except if page id == 10, the edit template). This sort of makes is secure, but if a user knows the id of the page they can still type /processwire/page/edit/?id=xxxx and see that page. I have been working some days around this, but no solid solution came up. I do have the formbuilder module available if this can help. I also thought of making a role for every studbook. That would mean 35 roles and 35 studbook templates. Also animal and transfer templates need to be duplicated per studbook otherwise a user will still be able to see others. What other options are there to make it so people can only see their studbook and their child pages? Nice to have would be that to or more selected users can see and or edit that studbook. Preferbly all without page-edit rights so I can block everyone from the PW admin.

@renobird, have you re-considered releasing the code for your ticket system or partly. Basicly the part that creates new tickets from emails and sends updates is the most important and difficult.

Thanks @jmartsch and @bernhard I have updated the module with your improvements. Works very smooth...

Damnnn... Or you name your module properly instead of having .php as extension. I could not find it among the modules, but I was confused with some other hooks that are not modules (like in ready.php) that just do their thing. Luckily, it works now.

Could not get something working with those changes. After some more searches I came up with this, close to the examples but also still not working. public function init() { // add a hook after the $pages->save, to issue a notice every time a page is saved $this->pages->addHookBefore('save', $this, 'updateProduct'); } /** * Example1 hooks into the pages->save method and displays a notice every time a page is saved * * @param HookEvent $event * */ public function updateProduct($event) { /** @var Page $page */ $page = $event->object; //$page = $event->arguments('page'); if($page->template != 'product') return; $fields = $page->fields; $price = $fields->get('pad_price'); $rrp = $fields->get('pad_rrp'); $discount = $rrp - $price; $percentage = $discount/$rrp * 100; $page->of(false); $page->set('pad_discount', $percentage); $this->message('test'); }

Hello, I have made a module, but I can't get it to work. I have 2 fields with price (price and rrp). On save I want to calculate the difference in percentage and save it to the discount field. It does not update the field. What am I doing wrong? class UpdateDiscount extends WireData implements Module { public static function getModuleInfo() { return array( 'title' => 'Custom discount updater', 'version' => 1, 'summary' => 'Auto update percentage based on prices.', 'singular' => true, 'autoload' => true, 'icon' => 'money', ); } public function init() { // add a hook after the $pages->save, to issue a notice every time a page is saved $this->pages->addHookAfter('save', $this, 'updateProduct'); } /** * Example1 hooks into the pages->save method and displays a notice every time a page is saved * * @param HookEvent $event * */ public function updateProduct($event) { /** @var Page $page*/ $page = $event->arguments[0]; if($page->template != 'product') return; $price = $page->pad_price; $rrp = $page->pad_rrp; $discount = $rrp - $price; $percentage = $discount/$rrp * 100; $page->setAndSave('pad_discount', $percentage); } }

I tried this for a site, but the new button is still visible. The template studbook can have a child with template animal. I have resticted a per page right edit rights for the studbook. On that page you can use the tab to add a new animal. But all people can see the tree and now with every studbook there is a option for new. If this is not visible, only people with the right page rights you can add a child from the page... I am using the current dev version of pw. $this->addHookAfter('ProcessPageListActions::getActions', null, function(HookEvent $event) { $p = $event->arguments[0]; $actions = $event->return; if($p->template->name == 'studbook') { unset($actions['new']); } $event->return = $actions; });

I did test this some time ago. To make this work I would have to make a user specific branch upon registering and dynamicaly give that user rights to that particular branch. that branch would contain all data for that user different child pages. I think that would be difficult to achieve and maintain.

Interesting stuff... But what is defined as one branch? Is that one of the first childs of Home? If so, how would you deal with multiple branches that should all be treated equally? User may only see and edit childs of those branches he created himself? And to make it a little more complicated, some of those pages also contain child pages to which only the creating user should have access.

For this site seeing pages of others in the tree is not an option. Specially with the new GPDR law.

@bernhard if there is another safe way to give user edit rights and still make sure they can't see or edite pages of others I don't mind changing letting them in the backend and create processmodule pages. Current pseudo backend looks like this. Everything a user adds is private and may not be seen by another or changed by another. The only exception is the classifieds section which is to be seen in the frontend (but also in the backend only for the user who made it). I see in your article that you also use forms. But then I would need to apply the same logic as I do now (or lacking to have done now). What would I need to do If don't want anyone to see the standard pw backend (including the tree). And only have them see somthing like image above, but if they click on 'edit' they can use the pw backend for adding/changing text and images (with use of all the backend security present) of that particular page. Or use the page tree and make sure everything they did not make is hidden (except for the parent templates). Turtles is parent for turtle. They did not create the Turtles page but it groups all turtles from all users. That would be something like this Turtles turtle 2 Grourps group 1 Classifieds classified 4 classified 7 Another user would see different pages. I did tried something like this before, but could not get this running correctly. ohjah, the site is multilangual and with the api the title and name are synchronized on save. Also the name is based on userid and a timestamp so no user can have the same name. Title can be the same as this does not creates issues. I know a lot of questions, but I am quite proud of how far I cam so far, but are still far from being a programmer and understanding how it all works.

@bernhard I use the frontend because all the user don't have acces rights to the backend. I have created a pseudobackend where they can add or change their own specific pages. This is the way to keep them from seeing the pw backend and each others pages and being able to edit each others pages (has got sensitive material). from the pw backend I have set the limits, but with api upload these are bypassed. If possible I would like to use the same modules as the backend, but then in a pseudobackend page/form. Could not get this working. Now it is all forms and api's.

I use uikit v3 upload component to upload images. This works, but if the image is too big, that page crashed completely. I would like to either resize all images to max width 900 px on upload or use the same upload upload code as the pw backend does. I currently use this code. <div class="js-upload" uk-form-custom> <input type="file" multiple> <button class="uk-button uk-button-default" type="button" tabindex="-1" onsubmit="validate()">Upload</button> </div> <progress id="js-progressbar" class="uk-progress" value="0" max="100"></progress> <?php $uploadPath = '/upload.php?pid=' . $page->id; $uploadPath = $sanitizer->url($uploadPath); ?> <script> var bar = document.getElementById('js-progressbar'); UIkit.upload('.js-upload', { url: '<?php echo $uploadPath;?>', multiple: true, beforeSend: function () { console.log('beforeSend', arguments); }, beforeAll: function () { console.log('beforeAll', arguments); }, load: function () { console.log('load', arguments); }, error: function () { console.log('error', arguments); }, complete: function () { console.log('complete', arguments); }, loadStart: function (e) { console.log('loadStart', arguments); bar.removeAttribute('hidden'); bar.max = e.total; bar.value = e.loaded; }, progress: function (e) { console.log('progress', arguments); bar.max = e.total; bar.value = e.loaded; }, loadEnd: function (e) { console.log('loadEnd', arguments); bar.max = e.total; bar.value = e.loaded; }, completeAll: function () { console.log('completeAll', arguments); setTimeout(function () { bar.setAttribute('hidden', 'hidden'); }, 1000); alert('Upload Completed'); location.reload(); } }); </script> and this is upload.php <?php namespace ProcessWire; include './index.php'; $p = $pages->get($input->get->pid); //$p = $pages->get($_GET["pid"]); $p = wire('pages')->get($_GET["pid"]); //echo barDumpLive($p); if(isset($_FILES['files'])) { $file_tmp = $_FILES['files']['tmp_name'][0]; $file_ext = pathinfo($_FILES['files']['name'][0], PATHINFO_EXTENSION); $extensions = array("jpeg","jpg","png", "gif"); if(in_array($file_ext, $extensions) === true) { /* $original = $file_tmp.$file_ext; $options = array('upscaling' => false, 'quality' => 100); $imageSizer = new ImageSizer($p->images->path().$original, $options); $success = $imageSizer->resize(500, 500); if ($success) */ //$file_tmp.$file_ext->width(800); //change width to 800 to avoid images that are too large $p->images->add($file_tmp); } $p->save('images'); } I have tried several option in resizing but the moment I change the code it stops working. Where should I implement a solution? Or the other option is to use the inputfieldImage on the fontend. I could not get that to actually upload an image.

Everybody thanks for your input. I just bought a refurbished macbook pro 15" 2015 with 256Gb with 2 months of apple warranty left and 12 months warranty of the retailer. I got a new display and new accu (complete top casing) with 0 cycles. This should sufficient for the coming years. Will get it tomorrow with the postalservice. Looking forward to unpack it ?

thanks for the reply @ryan. Very clear, but also creating doubts ? I am afraid the prices for macbooks are higher here in the netherlands. Eur 975 for a sealed 2017 13 is very cheap. I do like your point of getting the oldest model with the most warranty. The cheapest I could find is a 2015 model 15" with a 512Gb SSD for eur 1900. That one is new and comes with full warranty. I have a company so I can deduct the VAT. All other are between 1 and 3 years old (first sold) and so most of them are without warranty. There is only some warranty on the retina display. But that is also only for a period of 4 years. That makes it tricky to buy a 3 year old model. It is a decision between starting cheap (13", 8Gb and 128Gb) with full warranty for eur 975 or invest eur 1900 and have good specs(2015, I7, 512Gb) with full warranty. I can use an external display when I am home.

I like Ubuntu al lot, but also had to fixed loads of issues. I used to work at a company and could ask one of the linux guru's. Now I can't, so figuring things out takes way more time. As for spotify, the linux variant is a side project from their developers. They use Linux, but the version is not officially supported by spotify. It seems macOs is the only stable one in all solution, but that comes with a price ?

One more reaseon to look at macOs is that lately I have to reinstall everything on ubuntu. Every other 2 weeks I have to reinstall spotify, the system monitor stopped working, so I had to install another one... It could be me, but I hardly tweak and do specific settings on Ubuntu. Even the desktop is untouched.

I have been using Ubuntu for some time now. I runs way smoother than windows. But I can't get used to gimp and the quality of images exported in photoshop seems much better. On the other hand, I always get word and excel documents. Libre office can open them, but layout is off. And if they use something like review it is a big mess. Therefor I want to go to a macbook. It has all that I need in one. The reason I don't use windows is because it's slower (and my current setup is still pretty fast) and it is a hell to get docker running and keep it running. It costs me too much time.

How much RAM do you use when you have all apps active as described above?

thanks @szabesz. The 2017 comes with an invoice and full warranty. The 2015 is out of warranty (don't know I can get the invoice). I also heard about the faults in the retina display. They needed to be replaced in multiple models/years. Do you have the additional GPU on it?

I can get a new macbook pro 13 (2017) with 8Gb and 128 Gb for eur 975. I have no experience with macbooks, only win/ubuntu. Will this one have enough power to run: Phpstorm, photoshop, 3 docker containers, filezilla, chrome and a email client? At the same time? I can also get a second hand macbook pro 15 (2015) 16Gb and 256Gb for eur 1275. What would be the wiser choise?

The same branch contains pages from different users. Tried that and because all users have page edit right, they could edit other pages. I think I found the solutions with an alternative template. I created a my-classifieds-edit template and made it a child of my-classifieds. I made one page with it and called it edit. A user can now call that page through a edit link like /my-classifieds/edit/?id=xxx There is only one strange thing. When I ouput the description on the edit page, I see the <p> and <br> tags. And after a save these are visible in the frontend. Something that doesn't happen when creating the page the first time.