Jump to content


  • Posts

  • Joined

  • Last visited

About Hani

  • Birthday July 12

Profile Information

  • Gender
  • Location
    Santa Barbara, CA

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

Hani's Achievements

Sr. Member

Sr. Member (5/6)




Community Answers

  1. Just adding another note to myself and anyone else that runs into this problem again. Had a new domain on Dreamhost with the same problem and the agent found two additonal rules to whitelist. He gave me the details in case it happens again: SecRuleRemoveById 921150 SecRuleRemoveById 920270
  2. Just a heads up that I added a note about the ModSec rules being tripped in another form post here:
  3. A bunch of my old clients started having this issue on Dreamhost as well. Like @cstevensjr, I noticed that any domains on a VPS weren't affected. However, some domains on shared hosting plans were affected while other ones were not. Probably a difference between servers, but not certain why shared servers would have different ModSec settings. Anyway, I was lucky to chat with a tech that was patient and knew his stuff. (Shout out to John B!) We worked through one of the affected domains and he figured out what ModSec rules were being tripped by the uploads. So he had to add exceptions to those rules until the uploads worked - even with the Extra Web Security option still enabled for the domain. After we got one domain working, he replicated the same exceptions to the other domains and we tested each one as we went. He kindly shared the list of rules that were causing the problem after I asked for them (in case this issue popped up again or if I had to speak to another agent about another domain). The rules being tripped were: application-multi language-multi platform-multi event-correlation attack-generic If you have to talk to a Dreamhost tech to get this problem resolved, it may be helpful to point them to this post or simply pass them the list of rules being tripped that need exceptions added. Like I mentioned earlier, and unfortunately, these rule exceptions need to be added on a domain-by-domain basis.
  4. Ah. Okay, so Martijn's solution won't work for me. I suppose the implementation I imagine something like this would work is that under a page's "Settings" tab, there is the same configuration setting that we see on a template's "Family" tab that allows us to define what templates the children of this page can use. Given PW's core functionality, would adding something like this by using a module be possible - and if so, would clicking "Add New" be able to take into account the parent page's allowed templates for children?
  5. Being able to restrict the templates used for children pages under a template's Family tab has always come in handy (defined under the "Allowed templates for children" setting), but is there a way to restrict the templates used for children pages for a specific parent page (based on ID) rather than the parent page's template? My use case: I have a template called "Data Container" which I use for several pages to keep pages organized. Each of these data containers have children of specific template types. For instance, one data container might have "cities" and another may have "buildings", etc. Currently, an admin user has the freedom to choose any template type for children of any Data Container page. While I could create a new template for each data container that restricts children by template, it seems redundant because every one of those data container templates only has a "title" field and they will always only be used for one page. I think it would be great if I can define a page's children's template type by the specific page itself (based on the page's ID). That way, I can only have one Data Container template but restrict an admin from putting a child with an incorrect template in the appropriate data container.
  6. There's also another way of pulling calendar information from Google - but you have to have an API key to do so. I have a non-Processwire site (still on the task list of one to convert) where I pull Google Calendar data. This is a snippet of what I recently ended up with once I realized that the full calendar feed was no longer working. // GET NEXT FOUR UPCOMING EVENTS // maxResults = 4 // timeMin = current timestamp in ISO8601 format $url = 'https://www.googleapis.com/calendar/v3/calendars/[EMAILADDRESS]/events/?key=[APIKEY]&timeMin=' . date('Y-m-d\TH:i:s\Z') . '&maxResults=4&singleEvents=true&timeZone=Los_Angeles&orderBy=startTime'; $calendar = json_decode(file_get_contents($url), TRUE); $events = array(); foreach ($calendar['items'] as $item) { if (array_key_exists('dateTime', $item['start'])) { // has a specific beginning time $events[] = array( 'title'=> $item['summary'], 'start'=> strtotime(substr($item['start']['dateTime'], 0, -6)), 'end'=> strtotime(substr($item['end']['dateTime'], 0, -6)), ); } else { // an all-day event with no specific beginning time $events[] = array( 'title'=> $item['summary'], 'start'=> strtotime($item['start']['date']), 'end'=> strtotime($item['end']['date']), ); } } return $events; Who knows if Google will eventually close off the basic feed or not, so at least there's a bit of an alternative approach here if they do that.
  7. Sorry it took me a few days to respond, Jonathan. Well, the .htaccess file that's in the page's assets directory should automatically redirect any requests to the pass-through page. So, if I were to try to get http://www.mydomain.com/site/assets/files/xxxx/mydocument.pdf the request will instead will be redirected to http://www.mydomain.com/file-download/?page=xxxx&file=mydocument.pdf The template file is used on the page that I've created at http://www.mydomain.com/file-download Does that help at all? At this point, the .htaccess file has to be manually copied into the files folder for each page that you want assets protected. However, after developing a lot more with PW, I realize that this can be automated by hooking into saveready. The idea is that if there is a flag set to protect the files for this page, copy the .htaccess file to the files directory. Otherwise, delete it if it exists. At one point Ryan had said: I haven't had a chance to really dive back into this issue (because the solution I've implemented works and it's a small-scale website) - but I think that if a module were built and hooked into saveready - instead of copying an .htaccess file, it simply renames the folder and adds the period at the beginning. Of course, this has trickle down effects because PW itself would have to know that that's the new "location" of the folder so it doesn't always look for "files" instead of ".files". Just re-read your question. I may have given you too much detail and not answered your question directly. The .htaccess file that I've manually added to the /sites/assets/files/xxxx directory handles the redirect.
  8. Thanks for taking the time to create this, ESRCH! You should throw this on GitHub and add then add it to the modules directory. I'll let you know if I experience any problems with it.
  9. Thanks, celfred. That fix worked for me too. I don't think that broke anything else, but of course it's not definitely ideal since we've changed it in the core.
  10. On the site I built that has protected files, I'm still using the .htaccess solution I described. It has the pitfalls Ryan mentioned, and the solution isn't perfect or easily scaleable, but it works! I definitely would be excited if this feature made it's way on the ProcessWire roadmap.
  11. Thanks for all the prompts to get this updated and out on GitHub, everyone. My apologies for not doing it a long time ago! Here's the modules directory entry: http://modules.processwire.com/modules/fieldtype-templates/ Out on GitHub: https://github.com/Hani79/Processwire_FieldType_Templates Shout out to @adrian for fixing the bug reported by @Raul and @lisandi
  12. For anyone else who runs into this issue, a quick, temporary fix is to hack the LanguageFunctions.php file. For all three functions in there, you'll need to wrap each with a check to make sure the functions haven't already been declared. For example, the first function: if (!function_exists ('__')){ function __($text, $textdomain = null, $context = '') { ...snip... } } My best guess is that this not recommended as a permanent solution since it may cause issues with WordPress. And of course, ProcessWire upgrades will overwrite the hack. Best solution? Don't use Wordpress. For reference, here's Ryan's awesome Blog Profile for ProcessWire. http://modules.processwire.com/modules/blog-profile/
  13. Now that I think about it, shouldn't the .htaccess file not even give Processwire "control" since the /blog/ directory physically exists on the server? This line in the .htaccess file should take care of that, right? RewriteCond %{REQUEST_FILENAME} !-d
  14. I have a Wordpress blog installed in a subdirectory of a PW site (transferring the blog from WP to PW is on my task list) that was working with Processwire 2.2.9. I just upgraded to 2.4 and it broke. The error I'm getting is: Fatal error: Cannot redeclare __() (previously declared in /home/me/mydomain.com/blog/wp-includes/l10n.php:146) in /home/me/mydomain.com/wire/core/LanguageFunctions.php on line 39 Any idea what I can do (temporarily) to get it up and running? Processwire is installed at the root of the domain and Wordpress is installed at /blog. EDIT: I don't have any of the Language Support modules installed.
  • Create New...