LostKobrakai

PW-Moderators
  • Content count

    4,292
  • Joined

  • Last visited

  • Days Won

    89

LostKobrakai last won the day on February 15

LostKobrakai had the most liked content!

Community Reputation

4,013 Excellent

1 Follower

About LostKobrakai

  • Rank
    Excited Member
  • Birthday 11/29/1991

Contact Methods

  • Website URL
    http://www.kobrakai.de

Profile Information

  • Gender
    Male
  • Location
    Augsburg, Germany

Recent Profile Visitors

10,999 profile views
  1. _func.php and this file probably do have different namespaces (might be because of the compiler). \renderNav() !== \ProcessWire\renderNav().
  2. You only sanitize the user input. So anything coming in via GET/POST/… data. Anything else comes from your system and your system should never have data in it, which aren't "save", so no need to sanitize anything there. It's not only about plainly changing the number to another one. People try to inject all manner of things into websites, like sql statements or else. So it's for security as well as for preventing errors in your system because of values you didn't expect.
  3. array_keys() will just revert your array back to the form of just the sq ft "[500, 1000, …]" so no need to change that one. Just make sure you have all the possible keys of your form inputs accessable when sanitizing. It doesn't matter where those keys come from or how the arrays are created. It's just a shortcut. Both versions below do the same. $minArea = $input->get->options("minArea", $allowed); $minArea = $sanitizer->options($input->get->minArea, $allowed); Edit: Also there's no magic whitelist anywhere. This is all plain php and using arrays.
  4. Even with the setting enabled there are various places in processwire where output formatting is not enabled and therefore one does still get a list of images (might not be the case here, but still). Also I did check the website and the urls for the images are "/site/assets/files/xxxx/", which is the result of using ->url on the images list instead of a single image. Also a field named "images" should probably never return a single image or it should at least be renamed to image.
  5. $page->images is a list of images. You need to select a image out of the lists to be shown, e.g. $page->images->first()
  6. $allowed is a simple array, where you put the values, which the form does present, e.g. <?php $values = [500 => "500 sq ft.", 1000 => "1000 sq ft."]; ?> <select> <?php foreach($values as $value => $label) : ?> <option value="<?=$value?>"><?=$label?></option> </select> <?php // With the same $values array $allowed = array_keys($values); // [500, 1000] $minArea = $input->get->options("minArea", $allowed);
  7. You form looks like $sanitizer->option() and ->options() should be enough. There's no input where a user is supposed to supply other values than the ones you supply.
  8. If you don't need to worry about browser support then you should take a look at the newly available css grids.
  9. There's also elastic search. Also I would advice against lunrjs if your content is not english. At least for german texts the default stopwords/stemmer combo didn't work out very well.
  10. Nothing. The users page is a lister with pagination and the quick access navigation does at some point switch to showing just the available user roles and the number of assigned users for each one instead of all the available users.
  11. Ok, it might not have been clear enough, but my statement still stands true: Removing that config line won't change any existing database tables or the database charset itself. So if someone does have that error without trying to add something new your tip won't help. Adding a field on the other hand does create at least one new table, where pw does again determine by that line which engine it's supposed to use with that new table and this might error as well.
  12. The most flexible version would probably be a monolog (or compatible) implementation, just because how ubiquitous it's in the php community and all it's adapters to various logging backends.
  13. It depends. I'm actually regretting going that path for an application of mine, because it pushes so many if/else conditionals in your controllers/view layer, which could otherwise be handled by a single user class as part of the application domain. But it really depends on how separated your user types are in the application. Edit: Also different user templates don't allow users to be of multiple of those user types.
  14. That's strange, this should normally be handled by the file compiler (and it works for my few pw 3 installations).
  15. Getting just the folder means $file is actually not a file (Pagefile), but a Pagefiles object. File fields are internally always handled as list of files, so you might need to use the following or alike: $file = $upload->file->first();