Planet Drupal

Subscribe to Planet Drupal feed - aggregated feeds in category Planet Drupal
Updated: 24 min 57 sec ago

Lullabot: Making Web Accessibility Great Again: Auditing the US Presidential Candidates Websites for Accessibility

Wed, 17/08/2016 - 15:00

Imagine that you arrive at a website, but you cannot see the screen. How do you know what’s there? How do you navigate? This is normal for many people, and the accessibility of your site will make or break their experience. Accessibility is about including everyone. People with physical and cognitive disabilities have specific challenges online—and making your site accessible removes those barriers and opens the door to more users.

Severely disabled Americans constitute a population of 38.3 million people, and make up a huge swath of voters (see the #CripTheVote movement on Twitter). Some notable U.S. presidential elections have been decided by much less, and because of this, we’re auditing the US presidential election candidates’ websites.

During this audit, we’ll see what the candidates’ websites are doing right and wrong, and where the low-hanging fruit lies. This article won’t be a full top-to-bottom audit, but we will show some of the important things to look for and explain why they’re important.

Our Methods Automated Testing

The first step in our a11y audit is to do a quick automated check. If you’re new to accessibility, the WAVE tool by WebAIM is a great place to start. It’ll check for standard accessibility features and errors in alt attributes, contrast, document outline, and form labels. For the features or errors it finds, it provides an info icon that you can click to learn what the issue is, why it’s important, and how to do it right. WAVE is free, and highlights both negative (errors, alerts, features, structural elements, ARIA attributes, contrast), and positive (features, structural elements, ARIA attributes).

Keyboard Testing

As great as WAVE is, an automated tool is never as good as a live person. This is because some accessibility requirements need human logic to apply them properly. For the next part, we’re going to navigate around each website using only the keyboard.

This is done by using the tab button to move to the next element, and shift-tab to move backwards. The spacebar (or return) is used to click or submit a form element. If everything is done right, a person will be able to navigate through your website without falling into tab rabbit-holes (tabbit-holes?). We should be able to tab through the whole page in a logical order without getting stuck or finding things that we can’t access or interact with.

Beyond that, we need to be able to see where the focus lies as we tab across the page. Just as interactive elements give a visual cue on hover, we should get an indication when we land on an interactive element while tabbing, too. That state is referred to as ‘having focus’. You can extend your hover state to focus, or you can make a whole new interaction for focus. It’s up to you!

.link--cta-button:hover, .link--cta-button:focus { /* The :focus pseudo-class for a11y */ background: #2284c0; } Screen Reader Audit

Screen readers are used by visually impaired and blind people to navigate websites. For this purpose we’ll use VoiceOver, which is the default pre-installed screen reader for OS X. We’re looking for things that read oddly (like an acronym), things that don’t get read that should get read (and vice-versa), and making sure all of the information is available.

Let’s start with Donald Trump’s website

The first thing that we did while looking at Donald Trump’s website was audit it using the WAVE tool. Here’s what we found:

  • 8 Errors
  • 14 Alerts
  • 15 Features
  • 35 Structural Elements
  • 5 HTML5 and ARIA
  • 5 Contrast Errors (2 were false flags)
The Good Bold Colors for a Bold Candidate

The color scheme is very accessible. On the front page, there were only two places where the contrast wasn’t sufficient. Outside of that, his color scheme provides text that stands out well from the background and is easy to read for low-vision users.

The Bad Lacking Focus

Remember how we talked about focus states? This site has almost none. Tabbing through the page is confusing because there are no visual indications of where you are.

This is especially egregious because the browser automatically applies focus states to focusable elements for you. In order for there not to be focus elements at all, the developer has to actively go out of their way to break them by applying outline: 0; to the element’s focus state. This is okay if you’re doing it to replace the focus state with something more decorative, but taking it off and not replacing it is a big accessibility no-no.

Skipped Skip Link

When tabbing through The Donald’s website, the first thing we notice is the absence of a skip link. Without a skip link, a keyboard user is forced to tab through each link in the navigation when arriving at each page before they can access the rest of the content. This repetitive task can become aggravating quickly, especially on sites with a lot of navigation links.

Unclear Link Text

Links should always have text that clearly explains where the user is going. The link’s text is what a person using a screen reader will hear, so text like ‘Read More’ or text and icons that require visual context to understand their destination aren’t ideal.

In this area, the link text that goes out to the linked Twitter posts read ‘12h’ and ‘13h’. Without the visual context of a Twitter icon (that’s a background image, so there’s no alternative text to provide that), the user probably has no idea what ‘12h’ is referring to or where that link will lead.

The Ugly Navigation Nightmares

The most important part of any website, in terms of access, is the navigation. An inaccessible navigation menu can block access to large portions of the website. Unfortunately, the navigation system of Trump’s website does just that, and prevents users with disabilities from directly accessing the sub-navigation items under the issues and media sections.

A more accessible way to do this is to use a click dropdown instead of a :hover. If that doesn’t work for the design, make sure that the :hover state of the menu applies to :focus as well, so that the menu will open the nested links when the parent menu item is tabbed to.

Disorganized Structure

Structural elements (h1, h2, h3, etc tags) are very helpful when used properly. In this case, they’re definitely not. Heading levels aren’t sequential, and nested information isn’t always relevant to its parent.

Audit of Hillary Clinton’s website The Good

Overall, Clinton’s website is better than most when it comes to accessibility. It’s that clear that her development team made it a purposeful consideration during the development process. While it’s not perfect, there was a lot of good done here. Let’s explore some examples of things done right.

Keyboard Accessibility

The keyboard accessibility on this site is very good. We found that we could access the elements and navigate to other pages easily without a mouse. It was easy to open and shut the drop-down ‘More’ area in the navigation, and access its nested links, which is a good example of how to implement what we were talking about when we covered the shortfalls of the navigation system on Trump’s website.

Skip Link

Hillary Clinton’s website includes a proper skip link, which allows users to skip the navigation and go directly to the content.

Great Focus States

The other thing we found when checking the keyboard accessibility was that everything has a focus state that makes it visually obvious where you are on the page. The light dotted border focus state is a bit subtle for low-vision users, but the fact that the focus state of the elements was styled independently from the hover state shows that the developer was aware of the need for focus indicators and made a conscious effort to implement them.


We usually think of accessibility in terms of people with disabilities because they often benefit from it the most, but accessibility is really just about including as many people as possible. A nice touch we found on Clinton’s site was a button at the top to translate the site into Spanish. With 41 million native Spanish speakers in the US, providing the option to experience the content in the user’s first language is a great accessibility move.

Video Captioning

Deaf people rely on captions to get the dialogue from videos, since it’s very difficult to lip-read in film. The videos on Hillary’s site are furnished with open captions, which means that they’re always on. Open captions are great for people with disabilities, but they’re also a smart move to capture your non-disabled audience as well. Often autoplay videos won’t play any sound unless they’re interacted with, but providing open captions on the video gives you another chance to capture the audience’s interest by displaying the words on the screen.

The Bad No Transcripts for Video

While it was great that the videos were captioned, we couldn’t find a transcript provided. Many people erroneously believe that you only need one or the other, but captions and transcripts actually serve different purposes, so it’s ideal to provide both. Captions are great for the Deaf, who want to read the words in real-time with the video. Transcripts are more useful for the blind and the Deaf-blind, who benefit from a written summary of what’s visually happening onscreen in each scene before the written dialogue begins. A braille terminal, used by the Deaf-blind, can’t convert open captions inlaid into the video’s frames into braille for its users, so these users won’t benefit from that.

Low Contrast

Contrast is important for low-vision users. We know that subtlety is all the rage, but design choices like putting blue text on a blue background makes it really difficult for some people to read. There are some great free tools like Das Plankton that will let you see if your contrast level is high enough to meet accessibility standards.

Schemes like this fail contrast testing on every level, so it’s best to avoid them. A better choice probably would have been white over a slightly darker blue.

The Ugly The Horrible Modal

Despite the obvious hard work that went into making Hillary’s website accessible, much of the effort is lost due to a modal that appears when visiting the website for the first time (or in incognito mode). The problem is that the modal doesn’t receive focus when it pops up, and its close button has no focus indicator. While it technically can be closed via keyboard by navigating backwards (or tabbing through every single link on the page) once it pops up, it’s not obvious visually when that close button has focus, and navigating backwards isn’t exactly intuitive.


With one glaring exception, it’s obvious that lots of thought and work had been put into making Hillary Clinton’s website accessible to voters with disabilities. There is definitely room for improvement with small things like somewhat irrelevant alternative attributes on photos, but on the whole the site is better on accessibility than the vast majority of the sites that we see.

Unfortunately, it is also obvious that accessibility is deeply neglected within Donald Trump’s website, which leaves a large swath of potential voters unable to browse to his stance on issues and other content. Hopefully, this will be attended to shortly.

Hopefully these auditing case studies lead you to think about your own website from the point of view of a person with a disability. There are plenty of challenges online for the disability community, but lots of those can be fixed with a few easy tweaks like the ones we covered here. We hope you'll use what you've learned to make your website accessible, too.

Categories: Elsewhere

Anexus: How to use ES6 in Drupal 8

Wed, 17/08/2016 - 12:58
How to use ES6 in Drupal 8

I bet many of you doesn't understand what is ES6, being honest I didn't know this term until a few days ago. 

ES6 stands for ECMAScript v6 or ES2015, but in simple words, is just Javascript; Correct Javascript as simple as that.

So, ES6 one of the latest version of Javascript specification, but is not supported by all browsers, because was released in June 2015, even worst in June 2016 we got ES7 and as you can imagine not supported yet.

Right now all browsers support ES5, then, if it's not compatible with all browsers, why ES6+ is a big thing? Because, now Javascript is more OOP, using classes, constants, and modules, enabling to create more complex and organized projects.

So, how we could use ES6 in our web projects like Drupal, to avoid to have a particular version of our site based on our client's browser? The solution is Babel

Babel transforms your code to ES5 to be used in your web applications. 

Babel works using plugins that allow the transformation and enable to use a particular plugin based on the source of your code like React that requires an especial plugin to do the conversion.

Let me show an example that creates a simple ReactJS.

1. Install Node.js

The first thing we need to do is install Node.js in your system, the easy way to do that is downloading the proper installer for our platform from

We need to install Node.js because we are going to use the NPM which is a package manager for javascript libraries 

2.  Modify gitignore file

Drupal 8 projects include their own .gitignore file, but because we are about to include npm in our development process, we need to add some extra rules listed below:

# Node.js # Logs logs *.log npm-debug.log* # Runtime data pids *.pid *.seed *.pid.lock # Directory for instrumented libs generated by jscoverage/JSCover lib-cov # Coverage directory used by tools like istanbul coverage # nyc test coverage .nyc_output # Grunt intermediate storage ( .grunt # node-waf configuration .lock-wscript # Compiled binary addons ( build/Release # Dependency directories node_modules jspm_packages # Optional npm cache directory .npm # Optional REPL history .node_repl_history
3. Create a package.json file

To be able to distribute later your javascript library you need to create a package.json file, you create that file in interactive mode using the command:

$ npm init

In the end, you will get a file similar to the following file.

{   "name": "drupalreactform",   "version": "1.0.0",   "description": "ReactJS form to be embed in Drupal 8 Controller",   "main": "index.js",   "scripts": {     "test": "echo \"Error: no test specified\" && exit 1"   }   "author": "enzo - Eduardo Garcia",   "license": "ISC" } 4. Install Webpack

To expose our library in Drupal we need to create a distribution package, for that purpose, we will use [Webpack]( that is a module bundler which takes modules with dependencies to generates static assets by bundling them together.

$ npm install webpack --save

The command about will install webpack with all required libraries and modify our package.json, in the same way that we use in Composer the composer.json file.

5. Configuring Webpack & creating bundle

It's necessary to inform to Webpack using file webpack.config.js, how we can to create our bundle to be used Drupal, the following configuration assumes we have a custom module located in web/modules/custom/mysearch.

var webpack = require('webpack'); var path = require('path'); var MODULE_BUILD_DIR = path.resolve(__dirname, 'web/modules/custom/mysearch/js'); var MODULE_APP_DIR = path.resolve(__dirname, 'web/modules/custom/mysearch/js/es6'); var config = {   entry: MODULE_APP_DIR + '/mysearch.form.jsx',   output: {     path: MODULE_BUILD_DIR,     filename: 'mysearch.form.js'   } }; module.exports = config;

With the configuration above, we are saying we will load the file mysearch.form.jsx and all included files in mysearch.form.js file

If you write something simple like

console.log('Hello ES6!');

You don't need any special transformation and you can create the bundle, for that propose you need to execute the following command:

$ ./node_modules/.bin/webpack -d

You will get an output similar to this image:

The generation will work correctly because the source in ES5 and the output too; So, no transformation was required.

6. Testing transformation

I know I said we would embed the file generated in Drupal, but in a development process is faster if we could test first outside Drupal, for that, we could create a file named test/es62es5/index.htm inside module directory  with the following content.

          Testing transformation ES6 -> ES5              

Opening that file in our browser would enable any possible error and reduce the change to blame Drupal 8 for a malfunction in our code.

7. Use Babel to transform ES6

Now we need to install Babel and Babel loaders to be able to transform our ReactJS form into ES5; the next command installs the required packages.

$ npm install babel-loader babel-preset-es2015 babel-preset-react --save

Also, we need to create a .babelrc file, to inform to Babel what presents will be used in transformation, check and example of that file below:

{   "presets" : ["es2015", "react"] }

Finally, we need to modify out webpack configuration to report what loader we are going to use in our transformation, the new aspect of webpack.config.js will be like this:

var webpack = require('webpack'); var path = require('path'); var MODULE_BUILD_DIR = path.resolve(__dirname, 'web/modules/custom/mysearch/js'); var MODULE_APP_DIR = path.resolve(__dirname, 'web/modules/custom/mysearch/js/es6'); var config = {     entry: MODULE_APP_DIR + '/mysearch.form.jsx',     output: {         path: MODULE_BUILD_DIR,         filename: 'mysearch.form.js'     },     module : {         loaders : [             {                 test : /\.jsx?/,                 include : MODULE_APP_DIR,                 loader : 'babel'             }         ]     } }; 8. Create React form

Before to create the form we need to install some libraries to build our form.

$ npm install react react-dom antd --save

If we plan to embed CSS or LESS files in our app, need to install loaders for that using the following instructions, and register the loader in webpack

$ npm install css-loader less less-loader style-loader  --save-dev

The code of our form will be an example form React created in a previous blog post:

import React, { PropTypes } from 'react'; var Search = React.createClass({     render: function(){         return (             React.createElement('form', {onSubmit: this.onSubmit, className: 'SearchForm', noValidate: true},                 React.createElement('input', {                     type: 'text',                     placeholder: 'Search'                 }),                 React.createElement("select", { placeholder: 'Category', value: '', onChange: this.changeHandler },                     React.createElement("option", { value: 1 }, "Software"),                     React.createElement("option", { value: 2 }, "Movie")                 ),                 React.createElement('button', {type: 'submit'}, "Go")             )         );     }, }); ReactDOM.render(React.createElement(Search),  document.getElementById("app"));

Of course, you can create a more advanced form, importing other libraries.

9. Include form in a Drupal controller

After "compile" our form in one file, the remaining step is to include it in a Drupal Controller, to do that you just need to follow the blog entry

I hope did you find this blog entry useful.

enzo Wed, 08/17/2016 - 04:58
Categories: Elsewhere

Liip: Drupalaton 2016

Wed, 17/08/2016 - 11:13

Last week Drupalaton 2016 took place. With about 150 registrations this was the largest Drupalaton so far. The organizers did an amazing job in coping with this mass. There were two session threads and a sprint room. Of the many interesting presentations I would like to mention Fabian Bircher’s “Configuration Management: theory and practice” (a must for everyone who gets lost while trying to work in a team on a Drupal8 project) , Pieter Frenssen’s “Working with REST APIs”  (it was good to see how simple it is in Drupal8) and “Drupal 8 Media” from Pónya Péter, Szanyi Tamás and Rubén Teijeiro (seems we have a huge step forward in media handling since Drupal7!). I held a session on caching in Drupal 8 which was the shortened version the one I did on Drupal Developer Days in Milan.

Liip was a silver sponsor of the event.

Finally, some pictures on the Friday ship cruise. Thanks to Brainsum for sponsoring it!

Categories: Elsewhere

DrupalCon News: Build your DrupalCon agenda: the session and BOF schedule is live

Wed, 17/08/2016 - 05:00

DrupalCon starts in just 40 days. But you can plan your schedule today. There'll be more than 140 sessions, three keynotes, and one unforgettable pre-note.

Categories: Elsewhere

Anchal: GSoC'16 - Port Comment Alter Module - Week 12

Wed, 17/08/2016 - 02:00

As part of GSoC’16 I’m working on Porting Comment Alter module to Drupal 8 under the mentorship of boobaa and czigor. This blog is an excerpt of the work which I did in the twelfth week of the coding period of GSoC’16. The blogpost for the work done in the eleventh week can be found here.

The GSoC coding period ends this week and I’m glad that I was able to complete the project as per my proposal. All these three months have been very productive for me during which I learned a ton of things not just related to Drupal but also things like writing blogs, managing the project, etc.

During the coding period being stuck on a problem for 3-4 days and after countless hours of debugging finding the solution to be a one-liner or getting good reviews from mentors were some of the most intriguing and satisfying moments for me. I would like to thank both of my mentors boobaa and czigor for always helping me with coding, blogs and project management. It would have never been possible without them. I would also like to thank the whole Drupal community and Google Summer of Code for providing this opportunity to me.

Now talking about the work which I did this week, since most of the coding part was completed last week this week I focused on adding documentation for the module, doing cleaning and proof reading of the whole repo. I’ve created a short demo video: Comment Alter module for Drupal 8 demonstrating a simple use case and working of the module.

This week I also fixed some minor issues like changing the #parent property for the comment form for all the fields to avoid any clashes. In order to allow same name fields on both comment as well as parent entity the #parent property was used in the comment_alter_form_comment_form_alter() function. Due to this the submitted field values appeared at a different location preventing instances of multiple field value in the same #parent space or $form element (see commit).

In the upcoming week I would first move the module to and will update the description about the module on the project page. I planned to move the module to last week only but because of some complications, my mentors were unable to do the final review of the module. My mentors will do with the review before this Friday so I’ll move the module to by then.

By the end of the week I’ve created a demo video for the module and fixed some issues. My mentors have already reviewed the code for the work which I did during this week. If anyone is interested, my progress can be followed on my GitHub repo.

Categories: Elsewhere

OSTraining: Would You Be Interested in an Online Drupal 8 Day?

Tue, 16/08/2016 - 20:59

Drupal 8 has been out since November and is now maturing into a really powerful platform.

We'd like to hold an online event all about Drupal 8. 

The event will be called "Drupal 8 Day" and will be an online version of a Drupal Camp.

It will be one complete day of live presentations. To get a good feel for this type of event, check out in the WordPress space.

The goal is to present Drupal 8 in the best possible light, especially to people who normally can't attend a Drupal Camp. We talk with a lot of people who just don't live near any kind of DrupalCamp. Some typical examples are people outside the big Canadian cities, people living in Eastern Europe but outside capital cities, and people in sub-Saharan Africa.

Categories: Elsewhere Basic Hello World with composer and php

Tue, 16/08/2016 - 19:40
Getting started with composer I want this to be an introduction to using Composer. If you are looking for more information about using Drupal with Composer then you should checkout the official composer facade doc page on I will not be talking about publishing to Packagist. My php is nearly always for Drupal, and as such, if I publish anything it will most likely be to a project on...
Categories: Elsewhere

Galaxy: GSoC’ 16: Port Search Configuration module; coding week #12

Tue, 16/08/2016 - 19:14

Google Summer of Code' 16 coding phase has almost come to an end. The link for the final submissions will be open from 16-23 August 2016. I am sure all the students and mentors had a memorable time learning new technologies, sharing their ideas and giving shape for the proposals submitted to the organisations in the initial phase. Now ,its time for the works to get evaluated.

As you know, I was engaged with porting search configuration module to Drupal 8.The past week I devoted for documentation of the ported module, writing few tests for the module and then fixing some of the issues reported/ I came across in the testing time. The collapsible elements were not active. It had to be ported to the HTML5 elements. This was an important fix that I could achieve in the past week. So, I will help you understand what this actually is.
In Drupal 7, to make the field-sets collapsible, we had to set the collapsible attribute as true.

$form[‘settings’] = array(
‘#type’ = ‘fieldset’,
‘#title’ = t(‘Search Configuration’),
‘#collapsible’ => TRUE,
‘#collapsed’ => TRUE,

In Drupal 8, we make use of the HTML5 details and the open elements to achieve this collapsible state for the field-sets. I.e,

$form[‘settings’] = array(
‘#type’ = ‘details’,
‘#title’ = t(‘Search Configuration’),
‘#open’ => TRUE,

This was one important task that was left behind. I should have done it before. So, now the collapsible issue is fixed for now. Now, I need to spend some time for the testing the module documentation.

Another issue that I had to fix was the removal of the !placeholders. The !placeholder has been removed from the t() and the format_string() of Drupal 8. This has been moved to :variable format.
<.a href = “:variable”>@variable

Documentation is always an important process when it comes to any software development. We need to document the functionalities available and the various functions added to the module so that it will be beneficial for users as a future reference. I found time to document the important functions involved. I am sure this is really an essential component for developers who would like to contribute to this module. I have documented mainly the helper functions which have been used in the module.

I was mentored by Karthik Kumar, Naveen Valecha and Neetu Morwani. They stood along with me for any sort of help and helped me a lot to improve my basic skills in Drupal. Thanks to all of you for the support and co- operations. I am also thankful to Alan for his tips and suggestions even in his very busy schedules. He was also very much helpful in reviewing some of the patches for some of the issues reported. I can never forget the contribution of our organisation admin- Slurpee in the progress of my project. The weekly analysis of the project and the blog posts on the status updates have really benefitted me. I would also like to extend my sincere thanks to all the other community members for supporting me and guiding me in this long process. I really enjoyed this project development process. I could learn a lot and I want to stay connected with the Drupal community contributing to various projects and help the members of the community. It is really a proud moment to see our commits being reviewed by experienced developers. Moreover, the support from the community members was really exciting. People were ready to share ideas and help whenever I was stuck in the implementation process. I would also thank Google for bringing up a platform for university students to work on some of the high quality projects of the open source organisations.

Tags: drupal-planet
Categories: Elsewhere

Arpit Jalan: GSOC 2016- Making Label Detection results configurable and improving documentation- Week 12

Tue, 16/08/2016 - 18:02
TL;DR Last week I had worked moving the helper functions for filling Alt Text of image file to a new service; and moving the reused/supporting functions of the tests to an abstract parent class, GoogleVisionTestBase. This week I have worked on improving the documentation of the module and making the label detection results configurable.
With all major issues and features committed to the module, this week I worked on few minor issues, including the documentation and cleanup in the project..
It is an immense pleasure for me that I am getting the feedbacks from the community on the Google Vision API module. An issue Improve documentation for helper functions was created to develop more on documentation and provide the minute details on the code. I have worked on it, and added more documentation to the helper functions so that they can be understood better.
In addition, a need was felt to let the number of results obtained from the Vision API for each of the feature as configurable, and allow the end user to take the control on that. The corresponding issue is Make max results for Label Detection configurable. In my humble opinion, most of the feature implementations and requests to the Google Cloud Vision API have nothing to do with allowing the end user to configure the number of results. For instance, the Safe Search Detection feature detects and avoids the explicit contents to be uploaded, and does not need the number of results to be configurable. However, the taxonomy tagging using Label Detection should be user dependent, and hence, I worked on the issue to make the value configurable only for Label Detection purpose. This value can be configured from the Google Vision settings page, where we set the API key. I have also developed simple web tests to verify that the value is configurable. Presently, the issue is under review.
I have also worked on standard coding fixes and pa-reviews and assisted my mentor, Naveen Valecha to develop interfaces for the services. I assisted him on access rights of the functions, and fixing the documentation issues which clashed with the present one.
Lastly, I worked on improving the README and the module page to include all the new information and instructions implemented during the Google Summer of Code phase.
With all these works done, and all the minor issues resolved, I believe that the module is ready for usage with all the features and end user cases implemented.
Next Week, I’ll work on creating a video demonstration on how to use Google Vision API to fill the Alt Text attribute of an image file, detect the emotion in the user profile pictures and to group the similar images which share the same dominant color.
Categories: Elsewhere

Four Kitchens: Launch Announcement: American Craft Council

Tue, 16/08/2016 - 18:00

The American Craft Council (ACC) gets a shiny new Drupal 8 site, encouraging visitors to appreciate the culture of craft. […]

Categories: Elsewhere

Acquia Developer Center Blog: Making Drupal User File Uploads Safe(r)

Tue, 16/08/2016 - 16:48

Do you let users upload files to your Drupal site? You know that "user" is a synonym for attacker, right?.

To keep your Drupal site secure you need to remember and account for the fact that any string or file upload that comes from a user can be an attack. Even if you don't let users register without administrator approval, a site user may have re-used their password or otherwise have their account compromised and then used to attack the site.

Tags: acquia drupal planet
Categories: Elsewhere

Zivtech: 3 Developer Podcasts to Hear

Tue, 16/08/2016 - 15:58
Podcasts are a great way to get intel on the go. Listen while you walk, drive, exercise, or unwind. According to recent research in The Infinite Dial 2016, podcast listening has experienced sharp gains, with an average of 5 podcasts consumed per week.

If you can think of a topic, there’s probably a podcast about it. Web development is no different. Here are three podcasts to listen to if you’re a developer. Code Newbies​ For new developers, it’s enlightening to listen to others talk about how they started coding and the struggles that they faced along the way. Saron always interviews interesting people (including many women in tech) and has a segment where she asks about the worst advice the interviewee has ever received. With over one hundred episodes, there’s a lot of content to leave you feeling inspired. Javascript Jabber This podcast has an incredible amount of content at over two hundred episodes and counting. Rather than a single interviewee, the episodes include panels of individuals, all with different but equally insightful perspectives. As a newer developer, you’ll get exposure to new concepts and resources, which is extremely valuable considering Javascript is all the rage these days. PhillyDev Podcast This podcast is fairly new and was created by a NYCDA grad. It’s fun and informative and provides a closer look at the Philly tech scene: it highlights the movers and shakers, how they got into the field, and the technologies they use. Steven always includes his “sweet nug” segment where he asks the interviewee to share a piece of wisdom or a recommendation for his listeners.

Do you have a favorite podcast about development? Let us know in the comments below!

Categories: Elsewhere

InternetDevels: Lviv Euro DrupalCamp 2016: every drupaler’s destination for September 3-4

Tue, 16/08/2016 - 14:47

Greetings, dear readers! We have recently welcomed you behind the curtains to show you how we organize our famous IT events. And now it’s time to announce one of them approaching! This is a very famous annual Drupal meetup, long awaited by so many people across Ukraine and beyond. Lviv Euro DrupalCamp 2016 in the magic city of Lviv is coming on September 3-4!

Read more
Categories: Elsewhere

Jay How To Make The Web Widgets Module Work With Drupal 7.50

Tue, 16/08/2016 - 14:04

For users of the awesome Web Widgets module, you'll notice that it'll no longer work after installing Drupal 7.50. But after digging into this issue, I realized that the problem was much simpler than I had originally imagined (Drupal 7.50 supporting PHP 7). Sometimes all it takes is to just RTFM lol. Anyway, here's how to solve it:

1) Understand what the source of the issue is. The cause of the problem was "Protection against clickjacking enabled by default".

Tags: Drupal 7Drupal Planet
Categories: Elsewhere Dependency Injection - how to access services in controllers

Tue, 16/08/2016 - 14:00

If you are trying to get to grips with Dependency Injection in Drupal 8 then here is a walk-through of how I applied it in one of my Drupal 8 test projects.

I have a project I have been using to investigate Drupal 8 since alpha10 which has been invaluable in my learning process. But as a result, some of my code is over 2 years old and written when I barely had a grasp of Drupal 8 concepts.

In the past week a very old @todo jumped out to me:

Categories: Elsewhere

Dries Buytaert: Drupal goes to Rio

Tue, 16/08/2016 - 09:05

As the 2016 Summer Olympics in Rio de Janeiro enters its second and final week, it's worth noting that the last time I blogged about Drupal and the Olympics was way back in 2008 when I called attention to the fact that Nike was running its sponsorship site on Drupal 6 and using Drupal's multilingual capabilities to deliver their message in 13 languages.

While watching some track and field events on television, I also spent a lot of time on my laptop with the NBC Olympics website. It is a site that has run on Drupal for several years, and this year I noticed they took it up a notch and did a redesign to enhance the overall visitor experience.

Last week NBC issued a news release that it has streamed over one billion minutes of sports via their site so far. That's a massive number!

I take pride in knowing that an event as far-reaching as the Olympics is being delivered digitally to a massive audience by Drupal. In fact, some of the biggest sporting leagues around the globe run their websites off of Drupal, including NASCAR, the NBA, NFL, MLS, and NCAA. Massive events like the Super Bowl, Kentucky Derby, and the Olympics run on Drupal, making it the chosen platform for global athletic organizations.

Categories: Elsewhere

Drupal Blog: Drupal goes to Rio

Tue, 16/08/2016 - 09:00

As the 2016 Summer Olympics in Rio de Janeiro enters its second and final week, it's worth noting that the last time I blogged about Drupal and the Olympics was way back in 2008 when I called attention to the fact that Nike was running its sponsorship site on Drupal 6 and using Drupal's multilingual capabilities to deliver their message in 13 languages.

While watching some track and field events on television, I also spent a lot of time on my laptop with the NBC Olympics website. It is a site that has run on Drupal for several years, and this year I noticed they took it up a notch and did a redesign to enhance the overall visitor experience.

Last week NBC issued a news release that it has streamed over one billion minutes of sports via their site so far. That's a massive number!

I take pride in knowing that an event as far-reaching as the Olympics is being delivered digitally to a massive audience by Drupal. In fact, some of the biggest sporting leagues around the globe run their websites off of Drupal, including NASCAR, the NBA, NFL, MLS, and NCAA. Massive events like the Super Bowl, Kentucky Derby, and the Olympics run on Drupal, making it the chosen platform for global athletic organizations.

Categories: Elsewhere

Palantir: The Secret Sauce, Ep. 27: A Peek at Drupal GovCon

Tue, 16/08/2016 - 04:19
The Secret Sauce, Ep. 27: A Peek at Drupal GovCon The Secret Sauce manley Mon, 08/15/2016 - 21:19 Ken Rickard, Kirsten Burgard, and James King with Allison Manley Aug 16, 2016

We want to make your project a success.

Let's Chat.

Drupal GovCon has been gaining momentum for four years now. Curious about what it has to offer?

On this week’s episode of The Secret Sauce, we are joined by guests Kirsten Burgard and James King, organizers of Drupal GovCon.

iTunes | RSS Feed | Download| Transcript

Subscribe to all of our episodes over on iTunes.

Stay connected with the latest news on web strategy, design, and development.

Sign up for our newsletter. Transcript

Allison Manley [AM]: Hi again everyone, and welcome to The Secret Sauce, a short podcast by, that offers a quick bit of advice to help your business run a little bit better. 

I’m Allison Manley, an Account Manager, and today we have a different Secret Sauce. Ken Rickard, our Director of Professional Services, recently attending Drupal GovCon in Washington DC in July, and got to sit down with two of the organizers: James King from the National Institutes of Health (NIH), and Kirsten Burgard from the US Department of State to chat about this annual Drupal event. So they are going to share what this event is about, and why you may want to check it out next year. 
All right! Take it away Ken . . . 

Ken Rickard [KR]:  This is Ken Rickard. We’re at the Palantir Secret Sauce podcast. This is our broadcast from Drupal GovCon, and we’ve invited two of the organizers to join us today: we’re with Kirsten Burgard and James King. 

Kirsten Burgard [KB]: Yay! Welcome to Drupal GovCon.

KR: Thank you. This is I think my third or fourth . . . it used to be Capital Camp, and it’s now GovCon. This is the second year I’ve been here at the NIH, I know that. So tell me, how did the two of you get involved in this event?

KB: Well, it started . . . this is all really Tim Wood’s fault. He’s at the Department of Commerce. And he thought it would be really great if we all got together and started to do events, mini events where we could share information. The very first event one we did we had thirteen people. Then we decided to hold a larger event as a government-focused one at Commerce, and that was 2012.
KR: Yes, I was there.
KB: Yeah, we killed the wifi before 8:00 in the morning [laughs]. I had never seen that before. We thought we’d get about 200 people. We had 330. And at that event James approached me and said, “Hey, what about NIH hosting it?” And I thought, ‘this is never going to happen. Who at NIH is really going to make this happen?’ And it’s been James for three years now.
James King [JK]: So I did go to the Commerce event, and I had started using Drupal since 2010. When I got hired here in 2009, they gave me a project that hadn’t been started, and they bought this thing called Drupal and had a server, and I knew nothing about Drupal so I was learning on my feet Drupal 6. And I started playing with it and really liked it, and wanted to learn more about it. Found out about the Commerce event and that, like what was there, but saw how cramped it was.
KB: [Laughs]
JK: And wanted to get involved, and also selfishly wanted to be able to get more exposure at NIH on Drupal. I work for the NIH Library . . . the internal research library for NIH . . . and one of the things that we’re trying to do is foster community in different areas. And since I have a technology background, I’m trying to encourage use of technology across NIH. And Drupal being one of the things we’re working on, we were trying to encourage more people to know about and use Drupal.
So it made sense to at least try to have an event at our place. Since then obviously this has continued to grow, and we now have user group meetings as well just for NIH people. And those are growing as well.
KR: Yeah, the GovCon is a little bit of a special event of all the ones that I go to. Most of the ones that I go to are regionally-themed, but this one is industry-themed, or in this case, government service.
KB: Yeah.
KR: Public service themed. So, I mean, what are the goals of the whole idea? What are we trying to accomplish here?
KB: Well when we started doing DrupalGov . . . it’s actually called Drupal For Gov . . . we really just wanted to make it possible for government practitioners in open source communities to get together. Drupal just had the largest influx of folks within government. We also have Linux people, WordPress people, Joomla people. We have a wide cross-section of open source CMS’ mostly, and some back-end things. And our primary goal was to make it possible for government employees to get access to the information they needed. Whether it was training, or collaboration, or even just innovative new thoughts and processes.
Oftentimes in government we’re very stove-piped. We don’t collaborate, we don’t cross sections. We don’t . . . even within my old agency, Department of Veterans Affairs, one section didn’t talk to the next section. It’s very confrontational almost between offices. So to make an organization like ours, which started with 11 people, to an event that now has over 1,000 people attending, is pretty weird [laughs]! It’s just pretty darn weird.
JK: So as a librarian geek or information professional, information architect, I very much embrace the idea of open source, but also government use. The government spends a lot of money with contractors developing themes, developing modules, so forth, at a minimum I wanted to try and bring together the NIH people to be able to share that. To not only share the products, the deliverables, but to share lessons learned, to share the modules they’re using, tips and tricks, to come together on training, and so forth. Drupal GovCon was an easy way to foster that.
Having it here on campus made it very easy for the NIH people to come, but we’re also trying to be a sharing, open environment, so we’re making it as broadly available as possible. That’s why we continue to try to keep it to be free so that any level person, whether they’re a budding sysadmin, or developer, or a UX person, we’ll be able to come and learn.
KB: And we’ll have something for them too. We have sections that aren’t just like the regular “here are the tracks,” but actually sections across the board, and on top of that, additional training too.
KR: Yes, it’s a very interesting lineup. You have a very diverse speaker group, and very diverse attendee group. It’s interesting too, a lot of the Drupal events are weekend events . . . this is during the week. And so it’s almost a professional event. I think that’s fascinating too.
So based on the success we’ve seen from the last few years, I was at the Commerce event, what are you hoping to see next year?
KB: So next year might be a little bit more difficult because like I said, we’re over 1,000 now. Our attendee drop is nowhere where it needs to be on a free event. So typically a free event will have like a 50% drop in attendance over registration. Ours hovers at less than 40%. That makes it much more difficult for us to gauge how many lunches to buy, how many cups of coffee we need . . . we ran out of coffee yesterday morning an hour into coffee service, and we bought 800 cups! We ran out of lunches really close to the very end, so it wasn’t as like a lot of people had to go buy lunches. I believe we ran out of lunches again today, but not badly . . . only a couple.
JK: No, we were pretty close. The auditorium seats 500.
KR: And that’s the biggest space we have available.
KB: Yeah. And what we do through the day is we flux space everything. So we try to tell all the attendees, “Please, refresh your screens. Sessions will move.” And they do. And sometimes speakers forget where they’re supposed to be.
JK: I appreciate and I expect that we’ll continue to have that diversity as highlighted in our keynotes. The first day keynote was challenging attendees to really look at diversity and bias that’s in the industry, and how do we step back and address that. Today was more of a practical on how do we practically move an agency top-level site to Drupal. And tomorrow . . .
KB: Tomorrow it’s all security. We actually have the keynote from Velocity from last year, Laura Bell, who is a security expert from New Zealand. So I’ve had all kinds of fan boys come up to me and say, “oh my god, how did you get Laura Bell?” and I’m like, “I asked.” [laughs] 
KR: That might be the lesson for folks to takeaway from this episode of the podcast is sometimes all you have to do is show up and ask.
KB: Yeah. Show up and ask. It works really well.
KR: All right. Thank you both for joining me.
KB: Thank you. 

AM: That’s the end of this week’s Secret Sauce. For more great tips, check out our website at, and check us out on Twitter. Our handle is @palantir. 

Have a great day!

Categories: Elsewhere

Drupal Association News: Changes for the Drupal Association Events Team

Tue, 16/08/2016 - 02:22

As Megan mentioned in her blog post, The Association’s mission is to unite the community to build and promote Drupal and DrupalCon remains an important way to achieve this mission. Unfortunately, our DrupalCon team is smaller due to staff reductions and we needed to adjust our work accordingly. To decide on what to eliminate, we took a critical look at what services the Association can continue to provide with minimal impact to the mission critical event elements that help move the Project forward.

DrupalCon has traditionally supported our contribution journey, helping developers and other contributors level up their skill to not only build better sites, but to also learn how to contribute code to core or through modules. We will continue providing the programing elements to support our contributors.

Over the years, these events have attracted some people whose  organizations aren't Drupal service providers. They've been organizations who chose, or considered, Drupal for their own systems. Going forward, we want to focus more on welcoming these newcomers and make sure they connect with content that serves their needs, for example: how to expand their use of Drupal and find new ways to solve their business solutions, find agencies and new technologies to include in their solutions, and connect with their peers. We already began this work through Summits and we are looking into other programs for them in the future.

Yet, while we will sustain our programming and even expand upon it, we do need to eliminate some of our workload. As a team, and with Megan and the board of directors, we looked at all of our work with a few lenses - what can we streamline, what can other remaining staff pick up and run with, what do we need to reduce or eliminate. We tried to prioritize the things that were mission critical to the project, would be noticeable to a community members' event experience, and do as many cuts behind-the-scenes as possible.

Things that we have decided to eliminate:

  • Hotel welcome letter - If you've stayed at one of the partner hotels at a DrupalCon, you may have noticed the welcome letter from the Drupal Association. We will not be producing these letters going forward.
  • Extended Sprints hosted lunches - I know this one may be disappointing, but it's time consuming for staff to manage, particularly on site during the Con and has a direct expense associated with it. Having no formal ticketing or RSVP system made planning the appropriate amount of food (with a myriad of unknown dietary needs) rather challenging and occasionally left attendees grumbling if their needs weren't met.
  • Re-bidding vendors each year - We have cultivated a list of reliable & cost-effective vendors for various production supplies that offer competitive pricing. Rather than seeking additional bids for each Con, and then picking the ones we used last time, we will renew previous contracts when feasible, a good working relationship is established, and the value is less than $25,000 USD. (behind-the-scenes)

Things that we have decided to decrease or reduce:

  • Scholarship reimbursement procedure has changed - In the past we have assisted recipients in making appropriate accommodations - hotel arrangements on our staff block, working with a travel agent to procure flights, etc. Moving forward, recipients will book / arrange for their own travel and accommodations and will submit expenses to the Drupal Association for reimbursement.
  • Scholarship funds will be reduced - We have reduced the grants / scholarship budget from 20,000€ to 10,000€. We made this reduction as a part of our cost savings effort.
  • BOF boards will be pre-printed - We will have a cut-off date and print sessions directly onto signage. You would be surprised how much time it takes on site to get those boards lined up and written out. We will reserve the slots that weren’t booked by the cut-off date as well as additional timeslots for on-site sign-ups.
  • Visa letters will not be mailed - we will no longer print and mail visa letters unless specifically requested to. The PDF that is emailed to the attendee is sufficient for the majority of visa applications. Special requests will be honored.
  • Customer service will be distributed - Whereas in the past we had one primary team member focused on customer service, we are now taking a team approach to this. Submissions to our Contact Us form are now being split amongst staff and on site registration support will now happen from a variety of staff members. (behind the scenes)
  • DrupalCon website theming has shifted - While the Drupal Association engineering team continues to maintain, we no longer have staff resources to build new features, nor to implement the custom themes we use to represent the character of our host cities. Instead, we have updated our contracts with our contracted DrupalCon design firms so that they will provide the sub-themes for upcoming events. (behind the scenes)

Our goal throughout this process was to make DrupalCon continue to be as seamless of an experience for you as possible. While we believe we've done a solid first pass at turning the behemoth amount of work into a realistic workload for the remaining team, there may continue to be minor tweaks as we run through our first Con with our new team format.

As we rebound from the re-organization, we look forward to enhancing what DrupalCon provides. We have a host of ideas, and are eager to dig in with this new framework to see what all we can accomplish with the assistance of the community.

If you are interested in getting involved with DrupalCons, here are 7 easy ways you can contribute:

  1. Stay at a partner hotel
    This lowers event costs, which keeps ticket prices lower. Hotels want your business and we are able to negotiate special rates and accommodations for the group with group purchasing power. When we fill up our hotel block - the hotels "comp" hotel room nights for the Association - dropping our production expenses notably. For instance in New Orleans, we earned 122 free hotel room nights.
  2. Thank a sponsor, talk to them on site
    Sponsorships greatly subsidize the costs of DrupalCon. Go out of your way to tell a sponsor thank you, ask them about why sponsoring DrupalCon was important to them. Check them out in the exhibit hall, they've got more going on than just t-shirts… ...although they do make great t-shirts!
  3. Thank the speakers and program team
    They are volunteering a substantial amount of their time to speaking at DrupalCon, or selecting sessions for DrupalCon - it is no small feat. They are driven to contribute to the community and help everyone become super Drupalers by sharing their knowledge.
  4. Buy a ticket
    Rather self-explanatory, but DrupalCon conference, training, and summit ticket sales are vital to the sustainability of future DrupalCon events.
  5. Spread the word, invite someone
    Tell your co-workers, maybe a counterpart at a client or customer, speak at a local meet-up, tweet it out - that DrupalCon is the place to go for Drupal education and training. 92% of people believe recommendations from friends and family, use your influence to impact an event you care about.
  6. Volunteer on site
    In the weeks before the Con we ask for people who are interested in volunteering on site to step up. There are a host of ways, from helping stuff name badges, to watching sessions and counting attendees, to being a sprint mentor. There is a volunteer role to fit all types of interests.
  7. Complete the surveys!
    After the Con we always email out a survey, please complete them with your feedback. We read every response and use it to make decisions for future Cons.

About Rachel

Rachel Friesen (RachFrieee) joined the Drupal Association in April of 2014, and is the Events Manager. She leads the events team that produces DrupalCons across the globe. You probably have seen her running around a DrupalCon talking into a walkie talkie or at the Closing Session.

When not wrangling events, Rachel can be found running and biking around Portland, OR, USA.

Categories: Elsewhere

Talha Paracha: GSoC'16 – Pubkey Encrypt – Week 12 Report

Tue, 16/08/2016 - 02:00

This week marks the completion of my Google Summer of Code 2016 project Pubkey Encrypt. So I’ve spent the past 3 months building this module for Drupal 8 in the supervision of mentors Adam Bergstein (@nerdstein) and Colan Schwartz (@colan). You can download Pubkey Encrypt from its official project page. Accordingly, the module provides a way of encrypting data with users’ login-credentials. It is based on ownCloud’s Data Encryption Model and is an attempt of providing an easy-to-use security module for website maintainers.

Categories: Elsewhere