Jump to content

ProcessWire 2.3 features


ryan

Recommended Posts

To prevent double post even without a redirect could a unique ID just not be sent with the form submission?

There are other ways to prevent a double post, but there are actually a few other reasons why I want to do a redirect after a successful comment submission, so figured that's the method we'd use. That's not to say we might also add another method of duplicate detection though.

Textformatter plugins - are we talking about support for Markdown and the new BBCode one you've done? That would be fab.

That's the plan, though Markdown is not anonymous-user safe, unless we can get a version like the one GitHub is using. Both BBCode and Textile provide modes that are anon-user safe, so they would be good candidates to use with a comments field.

Link to comment
Share on other sites

Ok this thread is not a FR thread ;-) , but nevertheless I vote for "optional website field" and "honeypot spam protection".

Plus, as a user I personally like when replies are tree-oriented instead of flat, I don't know if this is something you think about.

Link to comment
Share on other sites

In the blog profile, I tried adding a new post under /posts/, and the family there is configured to limit it to that template (posts template only allows children of post, and post only allows parent of posts). But can't seem to duplicate this. I'm wondering if the scenario you had was a little different or maybe involved user access or something else? Either way, I'm thinking I can setup the Inputfields to not generate an error for any required fields that have a disabled attribute set, but just wanted to make sure I had a repeatable test case so that I could confirm when it is fixed.

I tried to replicate this myself today with same install and couldn't do it. I am pretty sure I wasn't dreaming when I got this, but it seems to been one time problem. I'll report if I find a way to replicate this.

Link to comment
Share on other sites

  • 4 weeks later...

Some 2.3 updates now present on the ProcessWire dev branch at GitHub:

New session handling features

  • ProcessWire now supports alternate session handlers and includes a new module that provides for managing them in the database, rather than the file system. To enable, you just install the SessionHandlerDB module, and that takes over as the session handler. The advantage of a database session handler is that it can potentially be more secure in some shared hosting situations. It also enables ProcessWire to report on active sessions in the admin, so the new handler also adds a "Sessions" option to your "Setup" menu that gives you a table showing everyone browsing your site and where they are. I plan to expand upon this a bit more though. The new session handling interface also makes it possible for you to add modules that would move session handling to something like memcache, Amazon Dynamo DB, or really anywhere.

New password security updates

  • ProcessWire now uses Blowfish hashing for passwords when you are on PHP 5.3 or newer. If your database were to ever be compromised, this provides better protection from someone attempting to reverse engineer passwords from the hashes. Beyond blowfish hashing, we still use double salting as before (with one salt on the file system, and other unique to each user in the database). For existing accounts, the blowfish hash doesn't actually take effect until you change your password, so it'll be a gradual transition for many of us. Though the admin does give you a reminder every now and then. However, once you go blowfish, you can't go back, so don't develop a site in PHP 5.3 and then launch it to a PHP 5.2 server, unless you don't mind changing your password(s).

And more…

  • Addition of the WireHttp class, which provides ability to perform POST requests from the API.
  • ImageSizer now uses better image type detection rather than image extension detection (via @teppo)
  • WireArray now supports ability to sort by multiple fields at once as well as implements 'limit' and 'start' in selectors (via @nik)
  • Updated to latest jQuery and jQuery UI (via @mindplay-dk)
  • Removal of some big bottlenecks from FieldtypeRepeater (via @nik)
  • Transparent GIFs are now supported during resizes (via @mrx)
  • Support for 'min' and 'max' with integer and float fields
  • Support for HTML5 'number' type with integer and float fields
  • Support for HTML5 'required' attribute with many fields
  • The datepicker in the datetime fieldtype now supports ability to specify selectable year range
  • Several other updates in the commit log.
  • Like 11
Link to comment
Share on other sites

  • 1 month later...

I have dev branch installed and using session db. It worked well so far, but loggin out the first time after a while gave me an error:

Error session_start() [function.session-start]: Failed to initialize storage module: user (path: /Applications/XAMPP/xamppfiles/htdocs/pw-dev/site/assets/sessions) (line 301 of /Applications/XAMPP/xamppfiles/htdocs/pw-dev/wire/core/Session.php)

It shows me this error now everytime I log in or out. After a refresh it's gone till next time.

Link to comment
Share on other sites

I have a feeling this is something to do with a behavior change between 5.2 and 5.3, I will do some testing in 5.2. It sounds like PHP is trying to revert back to file-based sessions with that session_start() call, based on the error you mentioned.

Link to comment
Share on other sites

While I still can't duplicate the issue, I did find discussion of there being an issue (on PHP.net) along with ways to resolve. I think I've got it fixed, but was wondering if you could test the latest dev, whenever you get the chance? I also have added some things to the SessionHandlerDB module, so you'll want to un-install and re-install the module before testing (couple fields were added to the DB table). Thanks for tracking down the issue.

  • Like 1
Link to comment
Share on other sites

Tested with current dev branch and first had some problems after uninstall the module. Couldn't login as it was "forged" and the sessions folder I deleted was missing, so also some warnings. But after creating the folder again and retrying to login it worked again. Installed the module again and it seems to work so far. No error this time when loggin in and out.

  • Like 1
Link to comment
Share on other sites

Here are some more recent 2.3 additions that are currently in the dev branch. This list is far from complete, but covers the more interesting ones:

Admin Theme

  • The default admin theme now handles long titles better. If you are editing a page with a really long title, it will dynamically reduce the size of the headline in the admin theme so that it can fit. After a certain point, if it still won't fit, then it will wrap it. If you try to make a headline as long as a paragraph, then you are on your own though. :)

Inputfields

  • Added the 'side-by-side' (inline) option to Checkboxes and Radios Inputfields. This lets you have them all display on one line, floated, rather than placed in columns. To do this, specify "1" for the optionColumns setting.
  • Added ability for PageEditImageSelect to select images from within repeater fields on a page.
  • Update InputfieldDatetime to support i18n jQuery UI translation files with the datepicker.
  • TinyMCE: Add config option to ProcessPageEditImageSelect enabling you to turn off the population of width/height attributes in TinyMCE inserted images. This is desirable for responsive images. To configure this go to Modules > Process > Page Image Select.

Sanitizer

  • Added new $sanitizer->entities($str); method, which is the same thing as htmlentities($str, ENT_QUOTES, 'UTF-8');
  • Added $sanitizer->emailHeader($str); method that does what it says (sanitizes an email header).
  • $sanitizer->url(); will now optionally accept query strings.

Comments Fieldtype

  • Add new 'redirect after post' option which makes the Comments form perform a redirect after a comment is submitted. This prevents the possibility of duplicate submissions and enables the user to see their posted comment immediately (when applicable). To enable, see the 'details' tab of your comments field.
  • You can now search the contents of comments fields from $pages->find() selectors in the same way you search text fields. Example: $pages->find("comments*=some text");
  • Added new 'website' field option to comments fields. To enable, check the box in your comments field 'details' tab.
  • Added Gravatar support to comments fields. To enable, select the Gravatar rating in your comments field 'details' tab.
  • Added option to not send notifications to admin when comment is detected as spam. Some of us were getting dozens of emails a day from spam bots making the rounds through our sites, so this prevents that from annoying us.
  • Added new gravatar() method to Comment class that returns the Gravatar image URL (this is a convenience for those implementing their own comment output).

File and Image Fieldtypes

  • Add new 'tags' option to FieldtypeFile. This gives you the option of specifying a 'tags' field with each file/image. From the API, you can then retrieve a files/images by tag using $page->files_field->getTag('some-tag') to retrieve first match or $page->files_field->findTag('some-tag') to retrieve all matching files. Previously you could only retrieve files/images by filename or index. You can also use "[field_name].tags=[tag_name]" in $pages->find() type selectors. To enable tags for any files/images field, see the checkbox on the field details tab. (Note that this also affects InputfieldFile, Pagefile, Pagefiles, FieldtypeImage, InputfieldImage, Pageimage, Pageimages).
  • Add support for secured pagefiles. Now unpublished or non-public pages may have their files (in /site/assets/files/...) protected from direct URL access. For existing installations, you need to add $config->pagefileSecure = true; to your /site/config.php in order to enable this capability. See also $config->pagefileUrlPrefix and $config->fileContentTypes in /wire/config.php, if interested. Files become secured when the page is not accessible to the 'guest' role.

Functions/Methods

  • Add new methods to WireArray class: replace(), findRandom() and findRandomTimed(); Name of the last one may change to findRandomInterval before 2.3 is final.
  • Add new wireRmdir() function, to go along with the existing wireMkdir(). The wireRmdir() function works the same as PHP's rmdir() except that you can specify a second boolean argument to make it recursive. This essentially results in a directory prune function that not just removes the directory, but everything in it, recursively. Be careful with this!
  • Add new wireSendFile($filename); function that works as a file passthrough script. This is used by the new secured file functions, but also available for your use should you want it.
  • Add new wireRelativeTimeStr("timestamp or date string"); function that provides a relative time string like "1 minute ago" or "10 hours ago" or "5 minutes from now" type string.
  • Like 16
Link to comment
Share on other sites

Some nice stuff in there Ryan. Particularly excited to be able to tag and query images by tag. On this point, can you specify more than a single tag in a query? I often need to pull back images based on more than one tag.

Thanks for all your efforts!

Link to comment
Share on other sites

Some nice stuff in there Ryan. Particularly excited to be able to tag and query images by tag. On this point, can you specify more than a single tag in a query? I often need to pull back images based on more than one tag.

The tags are fairly no-frills at the moment, and they behave exactly the same as text fields. I haven't tried it out yet, but think that you could specify more than one tag in a query like this: "files.tags~=hello, files.tags~=greetings". Once you have the actual page field, the hasTag and findTag methods don't accept more than one tag at a time. The actual tags field on the Pagefile is just a string.

The tags came about for backwards compatibility with Dictator CMS (~2003). I recently had to redo a couple of sites running Dictator into ProcessWire. It was going to save a lot of time to implement the tags back into ProcessWire rather than manually converting a bunch of image and file placements. But I've found that the tags really can be useful today, as it provides a way for you to reference a file separately from the filename, or a way to group multiple files together, within the same field.

For the file download, I think something more robust, like this should implemented, allowing for partial downloads (download resuming), for instance.

That sounds good for the future. A little more than I want to get into now, but will bookmark this.

I can confirm that it is a issue with PHP 5.3/4 and 5.2

Are you talking about the session issue that Soma was running into? This should now be fixed in the latest dev branch. Let me know if you are still experiencing it.

Link to comment
Share on other sites

Are you talking about the session issue that Soma was running into? This should now be fixed in the latest dev branch. Let me know if you are still experiencing it.

Yes, that issue, and I just dobbelt checked, still there...

Link to comment
Share on other sites

For those that wanted field/template categorization, I've got them implemented for fields and now development the same for templates. This is one of those features that don't take effect until you use it. The hope is that it won't add any complexity for those that don't need it. There is now a "tags" field on the 'advanced' menu of any field:

post-2-0-45760300-1353869580_thumb.png

You can populate that field with one or more tags. Read the description in the screenshot. When you populate that tags field, suddenly the fields list starts grouping them by tag, like this:

post-2-0-28329800-1353869591_thumb.png

You can make a tag group appear collapsed by default by prepending a "-" to the tag. Any field can have multiple tags. It'll appear in as many groups as it's defined in. This isn't yet on the dev branch -- I will push it tomorrow after finishing up the Template tags.

Yes, that issue, and I just dobbelt checked, still there...

Can anyone else duplicate in 2.2.10 dev branch, DB session support module installed? I've never been able to duplicate it, but followed the official instructions on the solution to this issue so afraid to change much more until it's repeatable.

  • Like 9
Link to comment
Share on other sites

Testing dev branch on my local linux: great work with responsive stuff!

But modules page gives me this:

Error Class SessionHandlerDB contains 2 abstract methods and must therefore be declared abstract or implement the remaining methods (ConfigurableModule::__get, ConfigurableModule::__set) (line 195 of /home/apeisa/Apache/Admintest/wire/modules/Session/SessionHandlerDB/SessionHandlerDB.module)

I tried to clear modules cache, but still no luck. PHP is 5.4 something.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...