Jump to content
benbyf

3 new beginner modules

Recommended Posts

Hi!

I've been making my first modules and I've created three so far to help me learn. I would love so feedback or pull requests for improvements as I hope to write a tutorial about my work soon. In particular the third modules isn't very finished.

git: https://github.com/benbyford/PW-starter-modules/

  • HelloUserYouSaved - adds message {your user name, page saved} in admin when a page is saved.

    • This module shows how to implement a basic module,
    • get and use variables,
    • create a message in the admin
  • RedirectAdminPages - redirect specific user role to a custom page set in the module config.

    • This module shows how to implement module configuration,
    • using variables saved in the admin,
    • redirecting a user using session->redirect()
  • HotSwapUser - Swap user on the fly in the admin or frontend of your site

    • This module shows how users can be used in a module
    • how to set a user permission
    • how to install / uninstall something within your module
    • how to create a function that can be output in the frontend of your site.
  • Like 10

Share this post


Link to post
Share on other sites

Hi!

Very good initiative! ^-^

I have skimread through the code and my opinion is: The first and second ones looks good. But to be honest, this hotswap user thing is a big security issue. Sorry! :)

Also only for demonstration / tutorial purposes, it is better not to use hot user swapping as a thema. The audience for beginner tutorials often will be, yes, the name says it: beginners. And assumed they simply do not know about such security issues and best practices in regard of how to validate user-inputs, you should not show code like this to them. At least you would need to embedd all security relevant stuff too. But then it fastly will become to complex for a beginner tutorial. A good one would be to only pick up how to validate user inputs and how PW provides good tools for that. (type and format validation, whitelist matching, ...)

With your code, everyone can login with each existing account (also Superuser) just by knowing / trying (multiple til endless!) user name(s). In regard to this, you may have a look into ALIF or TracyDebugger, how the security for this is tackled there.

I hope you do not mind me my frankness.

-------------

Looking to the code of the users redirect module, you can shorten it a bit. When found a matching user / role, you don't need to store true in a temporary var, break the loop and then check the temporary vars value / state, if you should redirect the current user. You simply can redirect the current user if a role matches:

    /*
    * ___renderPageRedirect
    *
    * redirect user to page if current user role found in config
    */
    public function ___renderPageRedirect($event) {

        // check to see if current page = admin template page
        // otherwise: early return!
        if($this->page->template != "admin") {
            return;
        }

        // find roles set in module configuration and create array
        $roles = explode(',', $this->userRoles);

        // for each user in module config check to see if current user
        foreach ($roles as $key => $val) {
            $roles[$key] = trim($roles[$key]);

            // if current user found then redirect = true
            if($this->user->hasRole($roles[$key])) {

                // this will leave the page and code immediately!
                $this->session->redirect($this->redirectPage);

                // stop user search
                break; // this can stay in here, just as fallback, 
                       // if something went wrong with calling the redirect, 
                       // but normally this line will not get executed.
            }
        }
    }

 

  • Like 4

Share this post


Link to post
Share on other sites

Hi Horst! Thanks for you code amends, will alter now.

I totally agree with you, the third module not really beginner level and needs a heck load more work on it before anyone was to actually use it. The security aspect I'm looking at next and thanks for those links.

Bar the first module, I was trying to make modules that didn't already exist that would be useful and interesting for me to make and had aspects I could teach. If you have any more suggestions for a third module whcih doesn't already exist then I'm all ears.

Thanks,

  • Like 2

Share this post


Link to post
Share on other sites
8 minutes ago, benbyf said:

If you have any more suggestions for a third module whcih doesn't already exist then I'm all ears.

You could write a beginner module about Fieldtype/Inputfield which accept a simple text, save it and render its markup :rolleyes:.

As Horst said, nice initiative !

  • Like 5

Share this post


Link to post
Share on other sites

anyone happen to have any ideas for inputfields that we havent already got??

  • Like 1

Share this post


Link to post
Share on other sites

A simple fieldtype might be "Name", where you enter a firstname and a lastname, which is stored separately and maybe a computed property for the fullname. I think it shouldn't hold more values, as it'll probably become complex just for the amount of fields. 

Also interesting might be other often extended core classes/modules like Process or Textformatter, with the latter actually being quite simple with often just a single method.

  • Like 4

Share this post


Link to post
Share on other sites

I've updated the my modules replacing HotUserSwap with simple TextformatterFindReplace instead. I'm going to work on some field types next :)

  • Like 3

Share this post


Link to post
Share on other sites

It would be good to also work on some Modules that do not 'autoload' :) Thanks for your efforts....

  • Like 1

Share this post


Link to post
Share on other sites

Ok been trying to take on everyones comments. In doing so I've split repos into beginner and intermediate.

https://github.com/benbyford/PW-starter-modules/
https://github.com/benbyford/PW-intermediate-modules

In doing so I can add to them with simple and more complex modules as and when I create them (and learn a new skill). The basic ones are currently super basic, so could probably do a couple more and then stop of crucial things to learn in modeul making. Any more suggestions welcome.

  • Like 5

Share this post


Link to post
Share on other sites

I think composer and dependency mamgement in general is a little out of scope for this series of module creation tutorials, looks interesting though, I've never felt the need for this myself mostly working on small projects and happy using profile exporting and wireshell for different installing / exporting tasks.

Share this post


Link to post
Share on other sites

Would love to see a simple tut on using hooks from a front-end form. Like if a form creates or saves a PW page, can I take the value of a user ID in that saved form/page, and then use that ID to update an altogether different page.

Share this post


Link to post
Share on other sites

Added new module PageDeferredPublish to Intermediate modules - Module allows you to publish a page at a time interval in the future e.g. 24hrs.

  • adds Publish Later buttons to edit page and page tree
  • uses LazyCron to count down pages that are both unpublished and have been checked to publish later
  • when page count down reaches 0, page publishes
     

Screenshot 2016-08-12 10.51.38.png

Screenshot 2016-08-12 10.51.16.png

  • Like 7

Share this post


Link to post
Share on other sites

Great work @benbyf!

I understand you wrote the tutorial to show that the module can do stuff on installing and uninstalling. There is another example you could use to handle creating pages and permissions (more info):

public static function getModuleInfo() {
	return array(

		// Some default stuff
		'title' => 'Title of the module',
		'version' => 001,
		'summary' => 'Summary of the module',
		'autoload' => false,
		'singular' => true,
		'icon' => 'bookmark',
		'permission' => 'name-of-the-permission',

		// Creates the page (and removes after uninstalling)
		'page' => array(
			'name' => 'name-of-the-page',
			'parent' => 'admin', // Or whatever
			'title' => 'Title of the Page',
			),	
		
		// Creates the permission (and removes after uninstalling)
		'permissions' => array(
			'name-of-the-permission' => 'Title of the permission'
			),
	);
}

Written in browser, so not tested. I guess you'll get the idea ;)

Edited by arjen
link added
  • Like 5

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By Robin S
      A community member raised a question and I thought a new sanitizer method for the purpose would be useful, hence...
      Sanitizer Transliterate
      Adds a transliterate method to $sanitizer that performs character replacements as defined in the module config. The default character replacements are based on the defaults from InputfieldPageName, but with uppercase characters included too.
      Usage
      Install the Sanitizer Transliterate module.
      Customise the character replacements in the module config as needed.
      Use the sanitizer on strings like so:
      $transliterated_string = $sanitizer->transliterate($string);
       
      https://github.com/Toutouwai/SanitizerTransliterate
      https://modules.processwire.com/modules/sanitizer-transliterate/
       
    • By dimitrios
      Hello,
      this module can publish content of a Processwire page on a Facebook page, triggered by saving the Processwire page.
      To set it up, configure the module with a Facebook app ID, secret and a Page ID. Following is additional configuration on Facebook for developers:
      Minimum Required Facebook App configuration:
      on Settings -> Basics, provide the App Domains, provide the Site URL, on Settings -> Advanced, set the API version to 2.10, add Product: Facebook Login, on Facebook Login -> Settings, set Client OAuth Login: Yes, set Web OAuth Login: Yes, set Enforce HTTPS: Yes, add "http://www.example.com/processwire/page/" to field Valid OAuth Redirect URIs. This module is configurable as follows:
      Templates: posts can take place only for pages with the defined templates. On/Off switch: specify a checkbox field that will not allow the post if checked. Specify a message and/or an image for the post.
      Usage
      edit the desired PW page and save; it will post right after the initial Facebook log in and permission granting. After that, an access token is kept.
       
      Download
      PW module directory: http://modules.processwire.com/modules/auto-fb-post/ Github: https://github.com/kastrind/AutoFbPost   Note: Facebook SDK for PHP is utilized.


    • By thomasaull
      I created a little helper module to trigger a CI pipeline when your website has been changed. It's quite simple and works like this: As soon as you save a page the module sets a Boolean via a pages save after hook. Once a day via LazyCron the module checks if the Boolean is set and sends a POST Request to a configurable Webhook URL.
      Some ideas to extend this:
      make request type configurable (GET, POST) make the module trigger at a specified time (probably only possible with a server cronjob) trigger manually Anything else? If there's interest, I might put in some more functionality. Let me know what you're interested in. Until then, maybe it is useful for a couple of people 🙂
      Github Repo: https://github.com/thomasaull/CiTrigger
    • By Robin S
      I created this module a while ago and never got around to publicising it, but it has been outed in the latest PW Weekly so here goes the support thread...
      Unique Image Variations
      Ensures that all ImageSizer options and focus settings affect image variation filenames.

      Background
      When using methods that produce image variations such as Pageimage::size(), ProcessWire includes some of the ImageSizer settings (height, width, cropping location, etc) in the variation filename. This is useful so that if you change these settings in your size() call a new variation is generated and you see this variation on the front-end.
      However, ProcessWire does not include several of the other ImageSizer settings in the variation filename:
      upscaling cropping, when set to false or a blank string interlace sharpening quality hidpi quality focus (whether any saved focus area for an image should affect cropping) focus data (the top/left/zoom data for the focus area) This means that if you change any of these settings, either in $config->imageSizerOptions or in an $options array passed to a method like size(), and you already have variations at the requested size/crop, then ProcessWire will not create new variations and will continue to serve the old variations. In other words you won't see the effect of your changed ImageSizer options on the front-end until you delete the old variations.
      Features
      The Unique Image Variations module ensures that any changes to ImageSizer options and any changes to the focus area made in Page Edit are reflected in the variation filename, so new variations will always be generated and displayed on the front-end.
      Installation
      Install the Unique Image Variations module.
      In the module config, set the ImageSizer options that you want to include in image variation filenames.
      Warnings
      Installing the module (and keeping one or more of the options selected in the module config) will cause all existing image variations to be regenerated the next time they are requested. If you have an existing website with a large number of images you may not want the performance impact of that. The module is perhaps best suited to new sites where image variations have not yet been generated.
      Similarly, if you change the module config settings on an existing site then all image variations will be regenerated the next time they are requested.
      If you think you might want to change an ImageSizer option in the future (I'm thinking here primarily of options such as interlace that are typically set in $config->imageSizerOptions) and would not want that change to cause existing image variations to be regenerated then best to not include that option in the module config after you first install the module.
       
      https://github.com/Toutouwai/UniqueImageVariations
      https://modules.processwire.com/modules/unique-image-variations/
    • By Sebi
      I've created a small module which lets you define a timestamp after which a page should be accessible. In addition you can define a timestamp when the release should end and the page should not be accessable any more.
      ProcessWire-Module: http://modules.processwire.com/modules/page-access-releasetime/
      Github: https://github.com/Sebiworld/PageAccessReleasetime
      Usage
      PageAccessReleasetime can be installed like every other module in ProcessWire. Check the following guide for detailed information: How-To Install or Uninstall Modules
      After that, you will find checkboxes for activating the releasetime-fields at the settings-tab of each page. You don't need to add the fields to your templates manually.
      Check e.g. the checkbox "Activate Releasetime from?" and fill in a date in the future. The page will not be accessable for your users until the given date is reached.
      If you have $config->pagefileSecure = true, the module will protect files of unreleased pages as well.
      How it works
      This module hooks into Page::viewable to prevent users to access unreleased pages:
      public function hookPageViewable($event) { $page = $event->object; $viewable = $event->return; if($viewable){ // If the page would be viewable, additionally check Releasetime and User-Permission $viewable = $this->canUserSee($page); } $event->return = $viewable; } To prevent access to the files of unreleased pages, we hook into Page::isPublic and ProcessPageView::sendFile.
      public function hookPageIsPublic($e) { $page = $e->object; if($e->return && $this->isReleaseTimeSet($page)) { $e->return = false; } } The site/assets/files/ directory of pages, which isPublic() returns false, will get a '-' as prefix. This indicates ProcessWire (with activated $config->pagefileSecure) to check the file's permissions via PHP before delivering it to the client.
      The check wether a not-public file should be accessable happens in ProcessPageView::sendFile. We throw an 404 Exception if the current user must not see the file.
      public function hookProcessPageViewSendFile($e) { $page = $e->arguments[0]; if(!$this->canUserSee($page)) { throw new Wire404Exception('File not found'); } } Additionally we hook into ProcessPageEdit::buildForm to add the PageAccessReleasetime fields to each page and move them to the settings tab.
      Limitations
      In the current version, releasetime-protected pages will appear in wire('pages')->find() queries. If you want to display a list of pages, where pages could be releasetime-protected, you should double-check with $page->viewable() wether the page can be accessed. $page->viewable() returns false, if the page is not released yet.
      If you have an idea how unreleased pages can be filtered out of ProcessWire selector queries, feel free to write an issue, comment or make a pull request!
×
×
  • Create New...