Planet Drupal

Subscribe to flux Planet Drupal
Drupal.org - aggregated feeds in category Planet Drupal
Mis à jour : il y a 47 min 20 sec

ThinkShout: A Tale of Two Devsigners

mar, 16/06/2015 - 14:00

It’s June, which means Devsigner is just around the corner so, naturally, we’ve got design on the brain. What’s Devsigner? Well, I’m glad you asked. Devsigner is a conference held here in the Pacific Northwest geared towards front end developers and development-minded designers. Sessions focus on the relationship between design and web development, bridging the gap that separates the design from the code. The math looks like this: developer + designer = devsigner.

ThinkShout’s own devsigners Josh Riggs (User Experience Lead) and Eric Paxton (Front End Engineer), will be speaking at this conference at the end of the month. I sat down with Josh and Eric to learn a little bit more about their design process, and how we work with our nonprofit clients to ensure that their sites don’t just work, but that they also deliver a fantastic user experience.

You two make up the dynamic design duo here at ThinkShout. What do your respective roles entail? How do you leverage your different skill sets?

Josh: My role as the UX lead right now is handling all aspects of user experience and visual design. I’m responsible for interpreting site maps and requirements, plus things like client/user needs and creating a user interface out of that. That starts with wireframing and ends with a visual design layer.

Eric: My role as Front End Engineer is very much in the implementation phase. Though I do advise in the discovery and budgeting phase, just so we can be sure that we can actually implement what the client wants. It’s nice because in the past, before joining the ThinkShout team, I’d done the whole gamut. From the requirements gathering phase to wireframing, and then the implementation. Here at ThinkShout, I’ve found my sweet spot. I do occasional wireframing, but I get to focus on lots of implementation. I also implement Josh’s designs. I write a lot of Javascript and Sass, basically.

Josh: Eric is like the alchemist. He takes the metals - the designs from me - and turns them into websites. There is actually a large spectrum in between where my responsibilities stop and Eric’s begin. We still talk about things like, how do we go from an idea being on a screen, to that idea being a functioning website? We’re constantly thinking about how to best utilize our respective skillsets, always reevaluating our process to improve upon it.

What’s a recent project that you’ve really enjoyed working on?

Eric: The SPLC (Southern Poverty Law Center) microsite. I thought that was very well done. Josh did a lot of the front end work on that and I came in and did the site optimization, which is what I’ll be talking about at Devsigner. I thought that went really smoothly because at that time, all the work he’d done in the browser went directly to implementation. We were able to take exactly what he’d designed and just build off of it.

Can you talk a little bit about what the design process for the SPLC microsite was like, Josh?

Josh: We happened to be working on that right around the same time as I was doing wireframes for the upcoming SPLC main site that we’re redesigning. We were already doing a lot of thinking about their content and what their needs were. Because the Selma: Bridge to the Ballot movie was coming out on the anniversary of the Selma March, we wanted to have this ready to go in time for that day. There was no way we were going to launch the whole SPLC site along with it - we were too early in development for that - so we decided to split that project up and give them a campaign microsite that would be easy to build while we continued to work on their main site.

A lot of that meant working with their team to define their content needs. I began with basic wireframes in Sketch, and uploaded them into Invision to give them interactivity. As SPLC came up with more fidelity to what their needs were, we solidified the visual designs. Luckily, they already had a lot of assets that their really great internal design team had created for the movie, so I was able to go off of that style. I took their visual style and applied it to the wireframes and at that point, I went to Eric for a consultation and said, "Ok, if we’re going to build this in Jekyll, what’s the best way to do this as far as the architecture goes?" Eric was a huge help in regards to file structure. He wrote a great rake script to automate all the Jekyll, Sass, and Javascript components. That’s when I jumped in and rebuilt what I’d done in Sketch, and added more fidelity with HTML and Sass. I then passed it onto to Eric so he could do his unicorn magic.

Eric: And that’s a nice part about where our skills overlap: we can get closer to what we want. He’s a better designer than I am. My strengths lie in the code. I’ve designed when I had to, but it’s not my forte, so it’s nice to have Josh’s expertise. So these skill sets compliment each other. I feel comfortable handing over my implementation to design and saying, "Hey, can you polish the nav? Or the design?" Things like that.

What design trends do you want to see more of? Or less of?

Eric: I think flat design is getting boring. I’m starting to see a little bit more texture in the things we’ve done. Like patterns, not just flat design for the sake of flat design. There’s texture strategically used to make things look better. For instance, in the Capital Area Food Bank of Texas site, there’s a bit of a pattern in the footer. It’s not just a flat blue background with text. I really like patterns that are used to call out different sections of a design. It adds to it and brings something out of the page. It used to just be that admin interfaces were this flat. But now everything reflects that. Lots of rectangles. I personally like shapes and textures and patterns.

Josh: It’s tricky to know when to add life to what’s a very flat trend right now. I come from the old school world of web design, which was about how cool can you make your shadows look in Photoshop, how three-dimensional can you make things appear. Now that’s kind of like wearing skinny jeans in the late nineties, when you wouldn’t be caught dead wearing them. Or neon colors. So I think what’s happening is that it’s not just that flat design is popular. If you look at other design mediums, like automotive or architecture, there’s a phase with extreme ornate elements. You know, crazy fins, details, lights, every car had a custom badge. All that stuff. And then you have the modern era after that where everything gets streamlined and simplified. It’s more about the function over the form, and the function drives the form. You see the opposite in the Victorian era. Go walk along the St. Johns bridge and look up at a lamp. You’ll see these ornate, twisted little embellishments along the lamps. But the purpose of a lamp is to provide light. Those embellishments do nothing to support the function. They’re just there to make it look pretty.

I think we’re seeing a lot of that in digital design as it matures. We’re getting rid of the stuff that doesn’t support the function and focusing more on the intent of the users. While we’re taking that ornate-ness out of it, we’re also adding a lot more micro-interactions and animations. Things that actually help you do what you’re there to do. At first, I was kind of against that. But now that I think about it as post-modern design for the web, it makes more sense to me.

How do you advise nonprofits on this? Do these same trends benefit nonprofits as much as they do for-profits?

Eric: I think knowing your end user is what determines your path. A lot of nonprofits have similar goals as for-profits when it comes to their websites - they’re trying to tell a story and engage their users. But the main thing is, do the organizational goals reflect what the user is coming there for? For instance, we work with the LA Conservancy. They work to preserve historical buildings in LA. We didn’t just look at them, and then try to make their website look like a pretty building. But we also had this discussion in LA about form versus function. But I wonder, where does that meet in the middle? That’s what I struggle with. Because I do think there’s value in ornate elements like that. They set a mood. So I think that’s part of function - that ornateness sets the mood you want to present to your users to help them feel the connection to the organization’s cause.

Josh: Nearly every major design phase, whether it be automotive, architecture, art, whatever, there’s always a backlash to those current trends. So there will be backlash to flat web design. It may be a subculture, it may take over. But whenever something gets to be ubiquitous, there’s always someone who wants to do something totally different. It’ll be interesting to see what that is.

I feel like that’s the nature of creativity… We see something, we make it part of our process, plus a spark of something new.

Eric: We all have things we’re influenced by. To me, Google stands out. They’ve really led in the trends that people are using. There’s a level of depth to their designs that make me feel like I can reach out and grab it. It’s flat in some ways, but yeah, there’s definitely some depth.

Josh: Yeah, I think Google’s done a really great job. And you can see this happening in the app world. The current trend is also getting ubiquitous.

Devsigner is at the end of the month and you both are leading your own sessions. Can you tell us a bit about them?

Eric: My session is called "Optimization is User Experience." I think this is something everybody can use, which is why it’s listed as a beginner talk. We learn web design, we learn app design, we release these things to the world where we don’t have control over devices and users’ bandwidth, so it’s important to know that this beautiful thing you’ve created can be experienced correctly regardless of what device it’s viewed on.

Josh: So my session is based on something I’ve noticed. I worked on a lot of projects where there’s limited time, budget, or resources. Maybe there isn’t any resource for stock photography, or there’s just a really small team working on it. I’ve always had to find ways to be creative with what I have and with a small budget. I signed up to speak at Refresh Portland and I figured this might be a shared struggle and that other people could learn from my experience: how to stay under budget and still come up with a great, workable design. It’s called "Ballin’ on a Budget."

Want to dig deeper into design with Josh and Eric and pick their brains? Come to Devsigner, which takes place during June 27-28 at the Pacific Northwest College of Art in Portland, Oregon. Check out the full session schedule on the Devsigner site. You can also follow Josh and Eric on Twitter at @joshriggs and @epxtn.

Catégories: Elsewhere

InternetDevels: Best Drupal Video Player Modules

mar, 16/06/2015 - 13:47

Greetings to all who want to add video integration to their Drupal website! Drupal module development never stops, offering us a large number of various modules for working with videos. I have hunted through a huge amount of Drupal video modules for you.

To begin with, you need to decide where you want to store your video, how you want to display it, etc.

Let's discuss the pros and cons of each method. Here we go!

Read more
Catégories: Elsewhere

KnackForge: Mitigating Apache Internal Dummy Connection issue

mar, 16/06/2015 - 06:00

This is one of the bothering issues we had lately in our project. I'm summarizing the list of causes and possible ways to fix / mitigate the same. So what is Apache's Internal Dummy Connection is all about? Official Wiki page explains it better. See snip below,

When the Apache HTTP Server manages its child processes, it needs a way to wake up processes that are listening for new connections. To do this, it sends a simple HTTP request back to itself. This request will appear in the access_log file with the remote address set to the loop-back interface (typically 127.0.0.1 or ::1 if IPv6 is configured). If you log the User-Agent string (as in the combined log format), you will see the server signature followed by "(internal dummy connection)" on non-SSL servers. During certain periods you may see up to one such request for each httpd child process.

#1: VirtualHost

As mentioned, Apache makes a call to itself. If your default VirtualHost is configured to serve dynamic database driven site like Drupal, it will certainly result in increased resource utilization. Changing the same to serve static index.html should make the dummy http request faster and less resource intense. Even if you have directory listing, symbolic links and/or AllowOverriding turned on, it is suggested to disable them.

#2: .htaccess Rewrite Rule

If default VirtualHost couldn't be changed for some reason, with mod_rewrite you can prevent request hitting the Drupal with rewrite rule. 

Catégories: Elsewhere

Mediacurrent: Contrib Committee Status Review for May, 2015

lun, 15/06/2015 - 22:18

As with most other Drupal development studios, our May was dominated by DrupalCon. For the first week we were doing final preparations - making sure everything was ready for our booth, adding the final polish to our presentations, and packing for the trip. Needless to say, it was an excellent week from many perspectives, and we look forward to DrupalCon being in New Orleans next year.

Catégories: Elsewhere

Drupal Watchdog: Caffeinated Drupal

lun, 15/06/2015 - 18:42
Column

Once upon a time, I drank coffee purely to wake myself up in the morning or to stay awake during a late night coding marathon. Eventually, I gained an appreciation for the different flavors, smells, and textures to be found in different coffees and brewing methods. That appreciation has grown into a pursuit of the perfect cup of coffee which, while it may never be achieved, provides me with a fun hobby as well as an endless supply of amazing coffee.

Performance tuning a website is another of those endless pursuits wherein you may never actually reach a happy ending.

Is there such a thing as a perfectly performing website? The answer to that question is much like the perfect cup of coffee: perfection lies in the eye of the beholder. While we may not ever be able to achieve a perfectly performing website, we can certainly define goals for what would be considered a well performing site. And by precisely measuring aspects of the site’s performance, we can know if our adjustments are moving us in the right direction or not.

Of course, when defining performance goals, like any project, it’s best to begin at the beginning. In this case there’s no better place to start than a nice cup of Kenya Peaberry, brewed in a manual pour-over to bring out the amazing citrus fruitiness (with a touch of spice). Mmmm, if that’s not nirvana, it sure is close! Now we can jump right in.

Defining Performance Goals

As I mentioned, we need to define goals in order to know where we’re going with the performance tuning, otherwise we’re likely to get people working on random performance improvements that may or may not meet our business requirements. The more specific the goals, the better. Here are a few ideas to get us going:

  • The front page must load in under X seconds.
  • The site must support at least Y concurrent users.
  • Popular entry points to the site must load in under Z seconds.

The important point here is to create an authoritative list which will get everyone on the same page and understand exactly what they’re working towards. Even if you are a team of one person, this is still a great way to define an endpoint for your (current) performance work.

Catégories: Elsewhere

Microserve: Setting Up Drupal Bootstrap

lun, 15/06/2015 - 18:02

For those looking for a reliable, responsive front-end framework to base their website/drupal theme upon, Twitter Bootstrap can be hard to beat. Luckily there is an existing, contributed theme available to take out the hard work of integrating Bootstrap and Drupal... Well nearly all the hard work.

This step by step tutorial hopes to serve as an extension to existing documentation for Drupal Bootstrap and strives to fill in a few blanks and signpost the odd 'gotcha' that can potentially leave the novice banging their head against their monitor. It assumes you already have a decent grasp of the drupal folder structure and a knowledge of LESS CSS preprocessor.

Drupal Bootstrap Theme

Download the latest version of the Bootstrap Drupal Theme.
https://www.drupal.org/project/bootstrap

Unzip the contents into the sites/all/themes/ folder of your drupal site.

Copy the folder 'bootstrap_subtheme' and place the copy in the root of your regular sites/all/themes/ folder (You should now have two separate theme folders 'Bootstrap' and 'bootstrap_subtheme' at the same level in your theme folder structure).

Before anything else, rename the 'subtheme' copy to reflect the project you are working on. (for the purposes of this tutorial we'll name ours 'mytheme')

Bootstrap Editable Source Files

Bootstrap Drupal Theme provides the core framework to use bootstrap within Drupal, but we still need to include the latest working distribution of the editable bootstrap source files themselves.

In the future this should be possible using drush, but for now there are two methods for including these files. Either via link to the CDN, which is convenient, but does not give us full editability of LESS files, or by downloading the files to our theme to be used locally. Further info: https://www.drupal.org/node/1978010

We want to choose the second method...

  1. Download the latest distribution of bootstrap from: http://getbootstrap.com/getting-started/#download (Choose the second, 'SOURCE CODE' version.)
  2. Download to the root of your new sub_theme (mytheme).
  3. Unzip and rename the unzipped folder 'bootstrap'. (Yep this is where it can seem confusing, you will now have a new folder called 'bootstrap' inside your new bootstrap sub_theme)
  4. Inside your new subtheme edit the .info file. On the first line change 'name =' value to match your new theme name ('mytheme' in this instance).
  5. Now we need to tell the theme which method to use for including the Bootstrap distribution. Towards the bottom of the  .info file, uncomment all lines under the heading 'METHOD 1: Bootstrap Source Files'  (yes, all those JS files.)
LESS Preprocessor Method

Although you can run a (very restrictive) installation of Bootstrap using standard CSS, it's unlikely you'll want to pass up access to the wealth of in-built variables and mixins available in the core LESS files, so now we need to choose which method of LESS compilation we want to use.

If you wish to install and use a local LESS compiler, you can leave the .info file set to use /css/style.css and then set your preprocessor to compile all LESS files to this file.

*I recommend however using the Drupal LESS module, to let Drupal do the compiling for you in browser. For this method, change the 'Stylesheets' entry in .info to point directly to /less/style.less

For this method to work, you will need to download and install the drupal Less module here:
https://www.drupal.org/project/less

Secondly download the Preprocessor library (lessphp) from:
http://lessphp.gpeasy.com/#integration-with-other-projects

to > /sites/all/libraries/ unzip and rename the folder to 'lessphp'

Enable the LESS module (if you haven't already) and go to /admin/config/development/less in the Drupal admin menu.

Choose 'less.php' as your LESS engine and turn on 'Developer Mode'. (This will ensure LESS files are recompiled on each page load.) - *Make sure this is turned OFF before site goes live.

Turn On The Theme

If you haven't already, enable your sub_theme and make it the default theme.

Disable the main Bootstrap theme (it doesn't need to be enabled for the subtheme to work.)

Clear your drupal cache and you should be good to go.

JQuery Update

For boostrap to run properly, you will have to have JQuery installed and running at atleast version 1.7. Make sure you have the JQuery Update module installed and set to 1.7 or above. (I've run bootstrap on 1.10 without problems.) 

You can change the version on the JQuery Update config page, or specifically for the theme, you can switch the version on your bootstrap sub_theme's theme settings page. 

*If you have selected a version of JQuery 1.7 or above and you're still getting drupal errors complaining that Bootstrap requires this version, you can choose to 'Suppress jQuery version error message' under Advanced on the sub_theme settings page. 

Missing Variable Errors?

Sometimes the Drupal Bootstrap theme can fall out of sync with the latest Bootstrap version.

If after enabling the subtheme you get lots of red errors about missing variables, do the following:

Inside your subtheme:

Make a COPY of the latest variables.less from the distribution files (mytheme/bootstrap/less/variables.less) and use it to REPLACE the version in your theme's custom files (mytheme/less/variables.less)

This should stop bootstrap looking for out of date variables.

Page Templates

While you 'could' copy the page.tpl.php and html.tpl.php templates from the Drupal core and set about adding all the necessary bootstrap classes and regions to them, It makes much more sense to start off by making copies of the versions supplied inside the main Bootstrap parent theme, where most of the ground work has been done for you.

You can find templates at: bootstrap/theme/ (where 'bootstrap' is the main parent theme installed from drupal.org.) the page and html templates are inside the 'system' sub folder.

Copy the templates you need, to you sub_theme's template folder. (Create one if there isn't one already.)

Bootstrap LESS Files

In your sub_theme, you will initially have the following LESS files:

  • bootstrap.less 
    Never edit this. It's only purpose is to import all of bootstrap's core less files - the integral part of the framework.
  • overrides.less
    You will sometimes want edit some values in this file. It mainly contains drupal specific resets and 'overrides'.
  • variables.less
    This is where you can change the values of default bootstrap variables to set site wide typography, form styles, grid styles, branding etc. VERY USEFUL
  • styles.less
    This is initially empty other than a few import declarations. This like a normal style.css or .less file, is where you will put the bulk of your project specific custom LESS code.
  • header.less, content.less, footer.less
    I don't personally tend to find any use for these region specific files. These can safely be deleted if you don't intend to use them. If you do delete them, also make sure to delete their import declarations from the top of 'style.less'.
Custom Variables

You could create a new LESS file for your own custom variables, but I find a lot of my custom variables can be additions to existing bootstrap variable structures (for instance there is already a @brand-primary color value in variables.less and I nearly always add a @brand-secondary color), so it makes sense to include them in the same file and flow. So I add my variables to the existing file, making one consolidated, semantic file.

Custom Mixins

Mixins are a little different. You can just include them in style.less. You can also include them in the bottom of the existing overrides.less file. (You can include them anywhere really, but as you will often want to use variables within your mixins, it's advisable to call them after all variables have been imported from bootstrap and your own custom files.) I think the neatest way is to create new custom LESS file and keep all the custom mixins separate. For instance, on my current project, i've created a ‘custom-mixins.less’ file and imported it into style.less straight AFTER the existing imports like so:

// Bootstrap library. @import 'bootstrap.less'; // Base-theme overrides. @import 'overrides.less'; // Theme specific. @import 'custom-mixins.less';

Wait!? Where was variables.less in those import declarations? 

Well, one thing to be careful of is that you don't want to import the same file into more than one other less file directly. This would in essence mean the entire file would be imported twice. So because variables.less has already been imported into overrides.less, it's content will be inherited through importing override.less into the above file.

Here's a diagram to try and better explain the bootstrap .less inheritance flow, mentioned above: 

In Conclusion

Hopefully these tips will be of use and help navigate the initially daunting landscape of getting Drupal and Bootstrap to play nice together.

This guide is based on the worflow I have personally found most logical and efficient, but if you have other methods or further tips to 'share with the class', feel free to leave a comment below.

My closing 'top tip' to developing with Bootstrap, Drupal or otherwise is to always have the Bootstrap site open in a tab, for easy reference of it's existng grid structure, variables, mixins, js plugins and info.

Martin White
Catégories: Elsewhere

Acquia: Build Your Drupal 8 Team: The Forrester Digital Maturity Model

lun, 15/06/2015 - 16:46

In business, technology is a means to an end, and using it effectively to achieve that end requires planning and strategy.

The Capability Maturity Model, designed for assessing the formality of a software development process, was initially described back in 1989. The Forrester Digital Maturity Model is one of several models that update the CMM for modern software development in the age of e-commerce and mobile development, when digital capability isn't an add-on but rather is fundamental to business success. The model emphasizes communicating strategy while putting management and control processes into place.

Organizations that are further along within the maturity model are more likely to repeatedly achieve successful completion of their projects.

Let's take a look at the stages of this model, as the final post in our Build Your Drupal 8 Team series.

Here are the four stages:

Stage 1 is ad hoc development. When companies begin e-commerce development, there is no defined strategy, and the companies' products are not integrated with other systems. Most products are released in isolation and managed independently.

Stage 2 organizations follow a defined process model. The company is still reactive and managing projects individually, but the desired digital strategy has been identified.

Stage 3 is when the digital strategy and implementation is managed. An overall environment supportive for web and e-commerce development exists, and products are created within the context of that environment.

In Stage 4, the digital business needs are integrated. Products aren't defined in isolation, but rather are part of an overall strategic approach to online business. The company has a process for planning and developing the products and is focused on both deployment and ongoing support.

The final capability level, Stage 5, is when digital development is optimized. Cross-channel products are developed and do more than integrate: they are optimized for performance. The company is able to focus on optimizing the development team as well, with continuous improvement and agile development providing a competitive advantage.

Understanding where your company currently finds itself on the maturity scale can help you plan how you will integrate and adapt the new functionality of Drupal 8 into your development organization.

If you are an ad hoc development shop, adopting Drupal 8 and achieving its benefits may be very challenging for you. You may need to work with your team to move up at least one maturity level before you try to bring in the new technology.

In contrast, if your team is at stage 5, you can work on understanding how Drupal 8 will benefit not just your specific upcoming project, but also everything else that is going on within your organization.

Resources:

  • A comprehensive SlideShare presentation on Digital Maturity Models.
  • A blog post by Forrester's Martin Gill that mentions the Digital Maturity Model in the context of digital acceleration.
Tags:  acquia drupal planet
Catégories: Elsewhere

Annertech: Web Development on Fire? Smoke testing a Drupal Website

lun, 15/06/2015 - 12:57
Web Development on Fire? Smoke testing a Drupal Website

Documenting code 10 years ago was always something that I wanted to do, but, let's face it: clients didn't give a damn, so unless you did it for free, it rarely happened. And I felt very sorry for the developer that had to fix any bugs without documentation (yes, even my code contains bugs from time to time!).

Catégories: Elsewhere

Drupal core announcements: Recording from June 12th 2015 Drupal 8 critical issues discussion

lun, 15/06/2015 - 11:56

It came up multiple times at recent events that it would be very helpful for people significantly working on Drupal 8 critical issues to get together more often to talk about the issues and unblock each other on things where discussion is needed. While these do not by any means replace the issue queue discussions (much like in-person meetings at events are not), they do help to unblock things much more quickly. We also don't believe that the number of or the concrete people working on critical issues should be limited, so we did not want to keep the discussions closed. After our second meeting last week, here is the recording of the third meeting from today in the hope that it helps more than just those who were on the meeting:

Unfortunately not all people invited made it this time. If you also have significant time to work on critical issues in Drupal 8 and we did not include you, let me know as soon as possible.

The issues mentioned were as follows:

Alex Pott
Rebuilding service container results in endless stampede: https://www.drupal.org/node/2497243
Twig placeholder filter should not map to raw filter: https://www.drupal.org/node/2495179

Francesco Placella
https://www.drupal.org/project/issues/search/drupal?project_issue_followers=&status[]=Open&priorities[]=400&version[]=8.x&component[]=entity+system&component[]=field+system&component[]=language+system&component[]=content_translation.module&component[]=language.module&component[]=views.module&issue_tags_op=%3D
FieldItemInterface methods are only invoked for SQL storage and are inconsistent with hooks: https://www.drupal.org/node/2478459

Lee Rowlands
Make block context faster by removing onBlock event and replace it with loading from a BlockContextManager: https://www.drupal.org/node/2354889

Francesco Placella
FieldItemInterface methods are only invoked for SQL storage and are inconsistent with hooks: https://www.drupal.org/node/2478459

Alex Pott
Rewrite \Drupal\file\Controller\FileWidgetAjaxController::upload() to not rely on form cache https://www.drupal.org/node/2500527

Gábor Hojtsy
Twig placeholder filter should not map to raw filter: https://www.drupal.org/node/2495179

Daniel Wehner
drupal_html_id() considered harmful; remove ajax_html_ids to use GET (not POST) AJAX requests: https://www.drupal.org/node/1305882

Francesco Placella
Node revisions cannot be reverted per translation: https://www.drupal.org/node/2453153
https://www.drupal.org/project/issues/search/drupal?project_issue_followers=&status[]=Open&priorities[]=400&version[]=8.x&issue_tags_op=%3D&issue_tags=D8+upgrade+path

Daniel Wehner
SA-CORE-2014-002 forward port only checks internal cache: https://www.drupal.org/node/2421503

Francesco Placella
Nat: it would be good to have your feedback on the proposed solution the translation revisions issue aside from its criticality (see https://www.drupal.org/node/2453153#comment-9991563 and following)

Fabian Franz
[PP-2] Remove support for #ajax['url'] and $form_state->setCached() for GET requests: https://www.drupal.org/node/2502785
Condition plugins should provide cache contexts AND cacheability metadata needs to be exposed: https://www.drupal.org/node/2375695
Make block context faster by removing onBlock event and replace it with loading from a BlockContextManager: https://www.drupal.org/node/2354889

Alex Pott
[meta] Identify necessary performance optimizations for common profiling scenarios: http://drupal.org/node/2470679

Nathaniel Catchpole
Core profiling scenarios: https://www.drupal.org/node/2497185
Node::isPublished() and Node:getOwnerId() are expensive: https://www.drupal.org/node/2498919
And User:getAnonymousUser() takes 13ms due to ContentEntityBase::setDefaultLangcode() (https://www.drupal.org/node/2504849) is similar.

Catégories: Elsewhere

Jim Birch: Using CKFinder to organize image uploads by Content type in Drupal 7

lun, 15/06/2015 - 11:00

As you may have noticed, /sites/default/files can quickly become a pretty busy place in your Drupal installation.  When creating image or file fields, we can add folders in the Drupal UI to organize the uploads.  But when we allow users to upload using the CKEditor WYSIWYG Editor, we have to work a bit harder to organize those uploads.

I am currently working on a project where we want to organize the uploads by content type.  Certain users have access to certain content types.  We want to be able to keep the separation going with the files.  Our goal is to have the wysiwyg uploads in the same folder as the "featured image" field on each content type, which is in /sites/default/files/[content-type].

What I quickly learned, was that IMCE is great in so many ways, and part of our normal Drupal install, but there is no obvious way to do this.  You can use IMCE to organize in a variety of different ways, like php date based folders and user id folders.  You could even have a roles based system, by creating an IMCE profile per role.  But I couldn't figure out a way to organize by field, or Content Type.

CKFinder to the rescue.  CKFinder is a premium file manager plugin for CKEditor.  When integrated with the CKEditor Drupal Module, both can be customized right in the Drupal UI.

Read more

Catégories: Elsewhere

PreviousNext: How to index panelizer node pages using Drupal Apache Solr module

lun, 15/06/2015 - 09:44

Apache Solr Search is a great module for integrating your Drupal site with the powerful Apache Solr search tool. Out of the box it can index nodes and their fields, but Panelizer pages won't be indexed. In this post I show how you can get around this by indexing the rendered HTML of a panelizer node page.

Catégories: Elsewhere

Web Omelette: Drupal 8: custom data on configuration entities using the ThirdPartySettingsInterface

lun, 15/06/2015 - 09:00

In this article we are going to look at how to use the ThirdPartySettingsInterface to add some extra data to existing configuration entities. For example, if you ever need to store some config together with a node type or a taxonomy vocabulary, there is a great way to do so using this interface. Today we are going to see an example of this and add an extra field to the menu definition and store the value in this way.

There are a number of steps involved in this process. First, we need to alter the form with which the entity configuration data is added and saved. In the case of the menu entity there are two forms (one for adding and one for editing) so we need to alter them both. We can do something like this:

/** * Implements hook_form_alter(). */ function my_module_form_alter(&$form, \Drupal\Core\Form\FormStateInterface $form_state, $form_id) { if ($form_id === 'menu_add_form' || $form_id === 'menu_edit_form') { my_module_alter_menu_forms($form, $form_state, $form_id); } }

Inside this general hook_form_alter() implementation we delegate the logic to a custom function if the form is one of the two we need. Alternatively you can also implement hook_form_FORM_ID_alter() for both those forms and delegate from each. That would limit a bit on the function calls. But let's see our custom function:

/** * Handles the form alter for the menu_add_form and menu_edit_form forms. */ function my_module_alter_menu_forms(&$form, \Drupal\Core\Form\FormStateInterface $form_state, $form_id) { $menu = $form_state->getFormObject()->getEntity(); $form['my_text_field'] = array( '#type' => 'textfield', '#title' => t('My text field'), '#description' => t('This is some extra data'), '#default_value' => $menu->getThirdPartySetting('my_module', 'my_text_field'), '#weight' => 1 ); if (isset($form['links'])) { $form['links']['#weight'] = 2; } $form['#entity_builders'][] = 'my_module_form_menu_add_form_builder'; }

In here we do a couple of things. First, we retrieve the configuration entity object which the form is currently editing. Then, we define a new textfield and add it to the form. Next, we check if the form has menu links on it (meaning that it's probably the edit form) in which case we make its weight higher than one of our new field (just so that the form looks nicer). And last, we add a new #entity_builder to the form which will be triggered when the form is submitted.

The getThirdPartySetting() method on the entity object is provided by the ThirdPartySettingsInterface which all configuration entities have by default if they extend from the ConfigEntityBase class. With this method we simply retrieve a value that is stored as third party for a given module (my_module in this case). It will return NULL if none is set so we don't even need to provide a default in this case.

Let us now turn to our #entity_builder which gets called when the form is submitted and is responsible for mapping data to the entity:

/** * Entity builder for the menu configuration entity. */ function my_module_form_menu_add_form_builder($entity_type, \Drupal\system\Entity\Menu $menu, &$form, \Drupal\Core\Form\FormStateInterface $form_state) { if ($form_state->getValue('my_text_field')) { $menu->setThirdPartySetting('my_module', 'my_text_field', $form_state->getValue('my_text_field')); return; } $type->unsetThirdPartySetting('my_module', 'my_text_field'); }

Inside we check if our textfield was filled in and set it to the third party setting we can access from the config entity object that is passed as an argument. If the form value is empty we reset the third party setting to remove lingering data in case there is something there.

And that's pretty much it for the business logic. We can clear the cache and try this out by creating/editing a menu and storing new data with it. However, our job is not quite finished. We need to add our configuration schema so that it becomes translatable. Inside the /config/schema/my_module.schema.yml file of our module we need to add this:

system.menu.*.third_party.my_module: type: mapping label: 'My module textfield' mapping: my_text_field: type: text label: 'My textfield'

With this schema definition we are basically appending to the schema of the system.menu config entity by specifying some metadata about the third party settings our module provides. For more information on config schemas be sure to check out the docs on Drupal.org.

Now if we reinstall our module and turn on configuration translation, we can translate the values users add to my_text_field. You go to admin/config/regional/config-translation/menu, select a menu and when translating in a different language you see a new Third Party Settings fieldset containing all the translatable values defined in the schema.

Hope this helps.

In Drupal 8 var switchTo5x = true;stLight.options({"publisher":"dr-8de6c3c4-3462-9715-caaf-ce2c161a50c"});
Catégories: Elsewhere

Chen Hui Jing: Developing Drupal sites as a team

lun, 15/06/2015 - 02:00

A lot of people, myself included, start out with Drupal on their own, developing and building everything as a one-person operation. When we’re working by ourselves, there will be certain good practices that we neglect, either out of convenience (there’s no point doing X since I’m the only one touching this project), or out of ignorance (wow, I had no idea that was how Y was supposed to be used).

Working with a team of people to build a Drupal site (or any other development project) requires more structure and discipline to ensure the project doesn’t descend into a pile of spaghetti code. I’m going to try to summarise the processes that worked for my team thus far. I...

Catégories: Elsewhere

Code Karate: How to A/B test your Drupal Site

dim, 14/06/2015 - 15:48
Episode Number: 208

Are you testing your site? Until recently, we weren’t and it was costing us. Every element on your website should have a meaning and if you aren’t testing it against something else how can you be sure that you are maximizing your results!

Tags: DrupalDrupal 7Site BuildingDrupal PlanetTips and TricksUI/DesignJavascript
Catégories: Elsewhere

DrupalOnWindows: Database Transactions in Drupal

dim, 14/06/2015 - 07:00
Language English

This article is not what about transactions are, but the particularities of its implementation in Drupal.

Drupal database abstraction layer has the ability to handle transactions and nested transactions.

It uses the PDO transaction capabilities to start/commit/rollback the higher level transaction in the scope, and database specific functions such as SAVENPOINT to handle the nested transactions.

Transactions in Drupal are quite a mess to use:

More articles...
Catégories: Elsewhere

Drupal core announcements: Drupal core security release window on Wednesday, June 17

sam, 13/06/2015 - 00:30
Start:  2015-06-17 (All day) America/New_York Online meeting (eg. IRC meeting) Organizers:  David_Rothstein

The monthly security release window for Drupal 6 and Drupal 7 core will take place on Wednesday, June 17.

This does not mean that a Drupal core security release will necessarily take place on that date for either the Drupal 6 or Drupal 7 branches, only that you should prepare to look out for one (and be ready to update your Drupal sites in the event that the Drupal security team decides to make a release).

There will be no bug fix/feature release on this date; the next window for a Drupal core bug fix/feature release is Wednesday, July 1.

For more information on Drupal core release windows, see the documentation on release timing and security releases, and the discussion that led to this policy being implemented.

Catégories: Elsewhere

Open Source Training: Easily Apply Drupal Patches with Patch Manager

ven, 12/06/2015 - 21:56

Have you ever updated your Drupal site only to suddenly have errors?

If you use Drupal regularly, this will happen to you at some point. However, one of the good things about using Drupal is there are so many other users that someone else may well have found and solved the error.

One common way to solve an error is with a patch. A patch changes the code on your site, but only by editing a file rather than providing a complete update.

Many of the available instructions for applying patches ask you to use an application called Git and to use command line instructions. These instructions can be intimidating, so we're going to show you how non-coders can safely and effectively apply patches.

Catégories: Elsewhere

LightSky: LightSky is Seeking a Senior Ruby on Rails Developer / Drupal Developer

ven, 12/06/2015 - 21:20

LightSky is seeking a Senior Ruby on Rails Developer.

About the job

Catégories: Elsewhere

Drupal Watchdog: Yubikey NEO and a Better Password Manager: pass

ven, 12/06/2015 - 18:52
Supergenpass and its Problems

For a very long time I have been using supergenpass as my primary password “manager”. It started as a simple bookmarklet and evolved into browser extensions and mobile apps. Taking a primary password and the domain name, it creates a password unique to the domain. There are a number of problems with this: if the master password gets compromised, all your passwords are compromised even the ones you will only create in the future. The created password is not flexible: some systems have nonsensical and ill-advised limitations on what the password must contain. It’s not easy to change your password every few months if you want to since it’d involve changing the master password. Also, since it’s domain dependent, logging into amazon.ca with your amazon.com password or ba.com with your britishairways.com password is slightly problematic/annoying. One Shall Pass iterates on this idea and adds a “generation” parameter so you can easily change your password but then you need to remember what generation were you using for a site...

And it’s only a password, it’s not a storage, so it can’t help with PIN codes or security questions and answers which is necessary because you should never use real answers to those questions as they are too easy to social engineer. When asked about your childhood address, use something like “That red van down by the river” or something similar but if you want to put in a different one for every site, you need to store your answers.

Other Solutions

Many use solutions like Lastpass, but I find them entirely unacceptable as they are black boxes and you have no control over your own data. In my world view anything interacting with my passwords must be open source. Also, it creates a huge “single point of failure” in your digital life -- if your cloud-based password manager goes down you can’t log into anything. Something like KeePassX or Kwallet is slightly better but there you have another problem: the master password. It obviously needs to be strong, but that means it’s cumbersome to type in all the time so you will have some long timeout between password prompts and then compromising your machine means compromising all your passwords in one go.

Pass and the NEO

I’ve found a program called pass “the standard unix password manager”. In fact, it’s just a friendly wrapper around GPG encoded files (GPG really needs more friendly UIs). One file per domain is the recommended way to organize your files. Pass can copy the first line of the file to the clipboard so it is recommended to put the password there and use the rest of the file for other data. By itself it’s not much stronger than KeePassX or similar: you have the gpg-agent keeping your private key open (much like ssh-agent). But then there is the Yubikey NEO (and the NEO-n) which can store a GPG key. Now you only present your private key when it’s needed for decryption. Also, since the private key can not be exported from the NEO, a simple (easy to remember and enter) PIN is adequate as it is impossible to brute force the PIN as the device will lock after a few tries.

The Worst Case

Even in the worst case where an attacker can execute arbitrary commands on your computer the pass-NEO combo is not defeated immediately: again, the NEO does not support exporting the key so each password file would need to be sent to the NEO for decryption. However, it is only present very briefly -- just when you log in. So it will take time for the attacker to walk away with every password you have and in such a catastrophic event every small hindrance might matter. (The really worst case is a machine compromised in this fashion and then the attacker physically stealing your YubiKey later. Our only advice for this case: try not to cross any three letter agencies.)

The Various Modes of the NEO One Time Password (OTP)

The NEO can operate in a number of modes: it can provide a one time password (OTP) which is not particularly useful because the server would need to implement the YubiKey API for this to be useful and few websites do.

Universal Two Factor (U2F)

The U2F mode implements an up-and-coming standard which -- as these standards usually do -- won’t be ubiquitous any time soon. Where it is implemented, it prevents both phishing and spear-phishing attacks.

Chip Card Interface Device (CCID)

Finally, it can emulate a smartcard reader and the smartcard both, this is called the CCID mode. It is capable of emulating the removal of the smartcard as well which is very useful for the “worst case” described above. YubiKey calls this the “eject” mode: one touch of the device “inserts” the smartcard, another “ejects” it. It is even capable of triggering an “eject” automatically a few seconds after the “insert”. How long it should wait for the automated eject is configurable.

Setting up Eject Mode GUI to Read the Warnings

There are no less than three utilities provided for mode switching. The GUI, called neoman is useless for us: it is not capable of switching on eject mode at all. Experimenting with it, however, shows a very useful warning: after switching modes you need to remove the device and plug it back. No other utility shows this warning. For this reason, if you are setting up a NEO-n I recommend using a simple USB extension cord to make it (much) easier to unplug and replug.

ykpersonalize to Set

The ykpersonalize utility can set eject mode and also can set the automated timeout. To do this, run ykpersonalize -m81:12:1 where 81 is the mode for eject, the middle number belongs to a mode we do not use (can not use alongside eject, in fact) and the last 1 means one second automated timeout. Once you’ve run this command, do not forget to unplug and replug. After that, ykpersonalize no longer recognizes the NEO. If you run pscc_scan you will get

Reader 0: Yubico Yubikey NEO CCID 00 00 Card state: Card removed, Exclusive Mode

And touching the device will switch on the LED and make pcsc_scan show the card “inserted” (press Ctrl+C to exit pcsc_scan). After one second the LED switches off and pcsc_scan now reports the card removed. If you do not get these results from pcsc_scan, make sure you have pcscd running.

ykneomngr to Reset

If you want to change the eject timeout then you need to run the third utility provided with the NEO, ykneomgr. Even this won’t be able to read the status of your device, but it will be able to reset to a mode where ykpersonalize can work again. Since this requires the device to be “present” and we set up a very short timeout, it’s recommended to run this in an infinite loop: until ykneomgr -M0 2&> /dev/null ; do sleep 0.1 ; done then touch the NEO. Once reset to mode 0, don’t forget to unplug and replug, and then you can set a different timeout if you want or completely without an automated timeout even with ykpersonalize -m81.

Now that’s sorted, we can turn to creating GPG keys, subkeys and installing them into the NEO/NEO-n. This process I won’t cover because it’s extensively covered elsewhere.

Using it All

After all this setup, the usage is fairly simple:

On Mobile

This combo works with Android as well: the NEO is NFC compatible and there is an Android version of pass which uses OpenKeyChain (the rough equivalent of gpg-agent for Android) to communicate with the NEO.

On Desktop

I’ve written a little script to make my life easier: first it waits for an URL to appear on the clipboard, then it’ll wait for a Yubikey and call pass with the domain extracted from the URL. Since there is an extension for copying URLs from Chrome and I have a NEO-n the login process becomes this: click the URL copy button in the addressbar (or press Ctrl-L Ctrl-C or F6 Ctrl-C), touch the NEO-n, wait for the notification and paste the password. Without this script, the one second auto timeout recommended in the setup section is not viable. Although certainly not as simple as the Supergenpass extension, it’s still pretty easy and incomparably more secure.

Catégories: Elsewhere

Sooper Drupal Themes: What's your opinion on "premium Drupal modules"

ven, 12/06/2015 - 18:45

We had this discussion 4 years ago. Why bring it up again now? Because several big codecanyon projects are coming to Drupal soon and I think it will have an impact. One of them is Slider Revolution. Slider Revolution is an "All-purpose Slide Displaying Solution that allows for showing almost any kind of content with highly customizable transitions, effects and custom animations". With nearly 60.000 sales at 18 USD it's the second most popular Wordpress plugin on codecanyon. The number of sites using this module is much greater because hundreds of premium Wordpress themes ship with the slider built into the theme. Some of these themes like Avada (140.000 sales) are widespread and amplify the impact of paid plugins in Wordpress.

To refresh our memories here are some quotes from 2011:

the DrupalAppStore that killed drupal

MortenDK, http://morten.dk/blog/drupalappstore-killed-drupal

..one thing that open source doesn't do a good job with: building teams of people with complementary skills to make sure that the software is a good experience for the customer. Why? Because there is no customer. Oh sure, hundreds of thousands of people use my software and they consider themselves customers, but ultimately they are not. Why? The definition of a customer involves, among other things, providing a revenue stream.

Earl Miles (merlinofchaos), http://www.angrydonuts.com/contributing-to-open-source

The pay-per-copy business model just doesn't work very well, practically, unless you have the completely artificial system of copyright restrictions to prop it up. (Physical objects have a natural scarcity that makes pay-per-copy vastly more practical.) When you're dealing with copyleft software, it works even more poorly.

Larry Garfield, http://www.angrydonuts.com/contributing-to-open-source

Sometimes I keep wondering why on almost every drupaller comment I read on the net is against making money on selling modules but it is OK to sell themes?

If themer can get away / circumvent GPL by licensing their css/images/js in different license than GPL why can't module developer create a separate php class api that doesn't touch any of drupal api and license it with commercial license?

Jason Xie, http://drupal-translation.com/content/it-evil-request-payment

With respect to the question "How" this last commenter was on to something. Large projects on CodeCanyon protect themselves against redistribution by having a functional code library that can work independently from the CMS integration. If there is any open source lawyer reading this I would love to hear comments on GPL compatibility of this structure.

My opinion

As a (premium) Drupal themes developer I have a special interest in development of these plugins: they provide great value to clients of my premium theme. For only around 100 USD I can buy an extended license for a module that cost the developer hundreds of man-hours to develop. By including several plugins into my theme that cost 20 USD per plugin, my theme which costs 48 USD is instantly more valuable to end-users. In general I have a positive attitude to CodeCanyon developers joining the Drupal modules. However, there will be some modules that are good for Drupal and others that could be bad for the Drupal ecosystem. 

For example, me and several other Drupal developers have been working on improving Bootstrap+Views integration through the views_bootstrap module: https://www.drupal.org/node/2203111. In the meantime, some guy on CodeCanyon seems to have all our problems figured out already and he is selling a very sleek Views+Bootstrap module on CodeCanyon. The code he sells is all Drupal-integrated programming. As far as I understand GPL this means that all his code is also GPL. So what can we do, is it legal to copy his code into the views_bootstrap module? Is it compliant with the rules and code of conduct on Drupal.org? Is it morally OK?

 

Tags planet drupal app store premium modules premium themes Drupal 7.x
Catégories: Elsewhere

Pages