Agrégateur de flux

SitePoint PHP Drupal: 7 CRM Options Compatible with Drupal

Planet Drupal - mer, 10/12/2014 - 18:00

I love Drupal and end up undertaking most of my programming projects with it. I have been using it for so long that I find it far easier to push out projects with Drupal than with anything else, despite it’s infamous learning curve.

Whether you want to call Drupal a CMS (Content Management System), a CMF (Content Management Framework) or a CMSomething, the ‘C’ always stands for Content. Content is where Drupal shines and is what it’s designed for.

When an organisation is at a stage and mindset that they also want to manage their contacts and interactions effectively they will often need tools designed specifically for that function. These are generally referred to as a CRM, which stands for Client Relationship Manager or Constituent Relationship Manager, depending on the sector (For-Profit or Not-for-Profit respectively). CRMs are big business, with many free and paid options available, all with their own advantages and disadvantages.

Often these interactions that people have with your organisation will include things such as registering for an event, making a donation, becoming a member, expressing interest in a product or receiving a newsletter. This all sounds quite simple, but often representing a business rule in the digital realm is very difficult as everyone thinks ‘their way’ is ‘the only way’ and that surely every off-the-shelf system should represent them out of the box.

Continue reading %7 CRM Options Compatible with Drupal%

Catégories: Elsewhere

Code Drop: Drupal Security Tips for Developers

Planet Drupal - mer, 10/12/2014 - 05:30

I’ve recently been reviewing a few security related patches and it soon became apparent that many developers make the same mistakes over and over in regards to best practices for security in Drupal. So below, a very short post on the common mistakes and solutions.

Correct usage of t()

Use the right placeholder for t(). You should be using "% and @" which are both escaped to protect against Cross Site Scripting vulnerabilities. Whenever you use "!" as a placeholder, double check the content has already been escaped.

Escaping Output in #markup

If you’re providing a custom field, widget and formatter you need to make sure that any content coming from the admin is correctly escaped. For example, you’re implementing hook_field_formatter_view() and doing something like:

Catégories: Elsewhere

Drupal governance announcements: DrupalSouth - Early Bird tix almost sold out!

Planet Drupal - mer, 10/12/2014 - 02:26

There are only a few early bird tickets left. So if you want one, grab it now.

Catégories: Elsewhere

Dirk Eddelbuettel: Wilco!!

Planet Debian - mer, 10/12/2014 - 01:47

With a bit of luck due to a collegue having a spare ticket, I managed to make it to an awesome Wilco show at The Riviera in Uptown.

This concert was part of a set a six shows. Tweedy and the band were fast, and loose, and wonderful, and totally beloved by the home crowd. An truly outstanding show, and a great evening.

Also: I should get out more often. Last blog entry about Wilco was from 2005. Ouch.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.

Catégories: Elsewhere

Dirk Eddelbuettel: RcppAnnoy 0.0.4

Planet Debian - mer, 10/12/2014 - 01:29

A few weeks ago, RcppAnnoy had its initial release 0.0.2 and subsequent update in release 0.0.3. The latter brought Windows support, thanks to a neat pull request by Qiang Kou.

RcppAnnoy wraps the small, fast, and lightweight C++ template header library Annoy written by Erik Bernhardsson for use at Spotify. RcppAnnoy uses Rcpp Modules to offer the exact same functionality as the Python module wrapped around Annoy.

In the 0.0.3 release, I overlooked one thing: that with builds on Windows, we would also get builds against what CRAN calls R-oldrel: the previous release, which cannot turn on C++11 via the simple CXX_STD = CXX11 declaration in src/Makevars (and which we need because use of Boost brings in long long which R can only cope with under C++11 ...).

So this new release 0.0.4 does nothing more than add a constraint in a Depends: R (>= 3.1.0) to avoid builds not being able to turn on C++11.

Courtesy of CRANberries, there is also a diffstat report for this release. More detailed information is on the RcppAnnoy page page.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.

Catégories: Elsewhere

Pixelite: How to add subtabs under the User Edit tab in Drupal

Planet Drupal - mer, 10/12/2014 - 01:00

To get your tabs to appear on the user edit page use hook_user_categories() and hook_menu_alter().

The detail

Getting submenu items to appear within the user edit area of Drupal has not always worked as I would expect from reading the documentation around hook_menu(). As it happens the user module provides hooks to make this quite simple.

hook_user_categories() allows you to return a subset of the parameters you’d expect to see in hook_menu().

In this example we would have a new set of tabs added to the User Edit page. The first is Account and is now presented because we have more than one tab here now. The second is Report Settings and it would have a URL like user/12345/edit/report_settings where report_settings is taken from the name parameter.

<?php /** * Implements hook_user_categories(). */ function my_module_user_categories() { return array( array( 'name' => 'report_settings', 'title' => t('Report settings'), 'weight' => 1, 'access callback' => 'user_edit_access', 'access arguments' => array(1), ) ); } ?>

At this point we have a new menu item presented as a tab on the user edit page and clicking it takes us to a blank form with a submit button. I think this is due to the way menu items can inherit behaviour from parent menu items. We’ll be wanting to overload that behaviour though and present our own form. This can be done through hook_menu_alter().

Checking the keys of the array passed to hook_menu_alter() we should find that we have a new one called user/%user_category/edit/report_settings. We can edit this one to point it at our preferred form built using the Form API as usual.

<?php /** * Implements hook_menu_alter(). */ function my_module_menu_alter(&$callbacks) { $callbacks['user/%user_category/edit/report_settings']['page arguments'] = array('my_module_user_report_settings', 1); // We need to set the file path as it defaults to the user module. $callbacks['user/%user_category/edit/report_settings']['file path'] = drupal_get_path('module', 'my_module'); $callbacks['user/%user_category/edit/report_settings']['file'] = ''; } ?> Gotchas
  • You will want to be clearing your menu cache a lot while getting this working. Every edit will require a drush cc menu.
  • Ensure you have set the file path in the hook_menu_alter() if you have your have your page callback or form function for drupal_get_form() in a separate file.

If you have found that this post has been helpful ping me in the comments, on twitter (@Unifex) or on D.o at Gold.

Catégories: Elsewhere

Gregor Herrmann: GDAC 2014/9

Planet Debian - mar, 09/12/2014 - 21:37

today, I again had a pleasant experience around an RC bug, featuring a diligent patch submitter, & a maintainer showing his appreciation for the help. – motivating!

this posting is part of GDAC (gregoa's debian advent calendar), a project to show the bright side of debian & why it's fun for me to contribute.

Catégories: Elsewhere

Chapter Three: Principles of Configuration Management - Part One

Planet Drupal - mar, 09/12/2014 - 20:16

This is the first in a series of posts about Drupal 8's configuration management system. This system is one of its most eagerly anticipated features, according to a recent survey. The Configuration Management Initiative (CMI) was the first Drupal 8 initiative to be announced in 2011, and we've learned a lot during thousands of hours of work on the initiative since then. These posts will share what we've learned and provide background on the why and how.

Catégories: Elsewhere

Joey Hess: podcasts that don't suck, 2014 edition

Planet Debian - mar, 09/12/2014 - 20:05
  • The Memory Palace: This is the way history should be taught, but rarely is. Nate DiMeo takes past events and puts you in the middle of them, in a way that makes you emphathise so much with people from the past. Each episode is a little short story, and they're often only a few minutes long. A great example is this description of when Niagra falls stopped. I have listened to the entire back archive, and want more. Only downside is it's a looong time between new episodes.

  • The Haskell Cast: Panel discussion with a guest, there is a lot of expertise amoung them and I'm often scrambling to keep up with the barrage of ideas. If this seems too tame, check out The Type Theory Podcast instead..

  • Benjamen Walker's Theory of Everything: Only caught 2 episodes so far, but they've both been great. Short, punchy, quirky, geeky. Astoundingly good production values.

  • Lightspeed magazine and Escape Pod blur together for me. Both feature 20-50 minute science fiction short stories, and occasionally other genre fictions. They seem to get all the award-winning short stories. I sometimes fall asleep to these which can make for strange dreams. Two strongly contrasting examples: "Observations About Eggs from the Man Sitting Next to Me on a Flight from Chicago, Illinois to Cedar Rapids, Iowa" and "Pay Phobetor"

  • Serial: You probably already know about this high profile TAL spinoff. If you didn't before: You're welcome. :) Nuff said.

  • Redecentralize: Interviews with creators of decentralized internet tools like Tahoe-LAFS, Ethereum, Media Goblin, TeleHash. I just wish it went into more depth on protocols and how they work.

  • Love and Radio: This American Life squared and on acid.

  • Debian & Stuff: My friend Asheesh and that guy I ate Thai food with once in Portland in a marvelously unfocused podcast that somehow connects everything up in the end. Only one episode so far; what are you guys waiting on? :P

  • Hacker Public Radio: Anyone can upload an episode, and multiple episodes are published each week, which makes this a grab bag to pick and choose from occasionally. While mostly about Linux and Free Software, the best episodes are those that veer var afield, such as the 40 minute river swim recording featured in Wildswimming in France.

Also, out of the podcasts I listed previously, I still listen to and enjoy Free As In Freedom, Off the Hook, and the Long Now Seminars.

PS: A nice podcatcher, for the technically inclined is git-annex importfeed. Featuring list of feeds in a text file, and distributed podcatching!

Catégories: Elsewhere

Wouter Verhelst: Playing with ExtreMon

Planet Debian - mar, 09/12/2014 - 19:43

Munin is a great tool. If you can script it, you can monitor it with munin. Unfortunately, however, munin is slow; that is, it will take snapshots once every five minutes, and not look at systems in between. If you have a short load spike that takes just a few seconds, chances are pretty high munin missed it. It also comes with a great webinterfacefrontendthing that allows you to dig deep in the history of what you've been monitoring.

By the time munin tells you that your Kerberos KDCs are all down, you've probably had each of your users call you several times to tell you that they can't log in. You could use nagios or one of its brethren, but it takes about a minute before such tools will notice these things, too.

Maybe use CollectD then? Rather than check once every several minutes, CollectD will collect information every few seconds. Unfortunately, however, due to the performance requirements to accomplish that (without causing undue server load), writing scripts for CollectD is not as easy as it is for Munin. In addition, webinterfacefrontendthings aren't really part of the CollectD code (there are several, but most that I've looked at are lacking in some respect), so usually if you're using CollectD, you're missing out some.

And collectd doesn't do the nagios thing of actually telling you when things go down.

So what if you could see it when things go bad?

At one customer, I came in contact with Frank, who wrote ExtreMon, an amazing tool that allows you to visualize the CollectD output as things are happening, in a full-screen fully customizable visualization of the data. The problem is that ExtreMon is rather... complex to set up. When I tried to talk Frank into helping me getting things set up for myself so I could play with it, I got a reply along the lines of...

well, extremon requires a lot of work right now... I really want to fix foo and bar and quux before I start documenting things. Oh, and there's also that part which is a dead end, really. Ask me in a few months?

which is fair enough (I can't argue with some things being suboptimal), but the code exists, and (as I can see every day at $CUSTOMER) actually works. So I decided to just figure it out by myself. After all, it's free software, so if it doesn't work I can just read the censored code.

As the manual explains, ExtreMon is a plugin-based system; plugins can add information to the "coven", read information from it, or both. A typical setup will run several of them; e.g., you'd have the from_collectd plugin (which parses the binary network protocol used by collectd) to get raw data into the coven; you'd run several aggregator plugins (which take that raw data and interpret it, allowing you do express things along the lines of "if the system's load gets above X, set load.status to warning"; and you'd run at least one output plugin so that you can actually see the damn data somewhere.

While setting up ExtreMon as is isn't as easy as one would like, I did manage to get it to work. Here's what I had to do.

You will need:

  • A monitor with a FullHD (or better) resolution. Currently, the display frontend of ExtreMon assumes it has a FullHD display at all time. Even if you have a lower resolution. Or a higher one.
  • Python3
  • OpenJDK 6 (or better)

First, we clone the ExtreMon git repository:

git clone extremon cd extremon

There's a README there which explains the bare necessities on getting the coven to work. Read it. Do what it says. It's not wrong. It's not entirely complete, though; it fails to mention that you need to

  • install CollectD (which is required for its types.db)
  • Configure CollectD to have a line like Hostname "com.example.myhost" rather than the (usual) FQDNLookup true. This is because extremon uses the java-style reverse hostname, rather than the internet-style FQDN.

Make sure the script outputs something from collectd. You'll know when it shows something not containing "plugin" or "plugins" in the name. If it doesn't, fiddle with the #x3. lines at the top of the from_collectd file until it does. Note that ExtreMon uses inotify to detect whether a plugin has been added to or modified in its plugins directory; so you don't need to do anything special when updating things.

Next, we build the java libraries (which we'll need for the display thing later on):

cd java/extremon mvn install cd ../client/ mvn install

This will download half the Internet, build some java sources, and drop the precompiled .jar files in your $HOME/.m2/repository.

We'll now build the display frontend. This is maintained in a separate repository:

cd ../.. git clone display cd display mvn install

This will download the other half of the Internet, and then fail, because Frank forgot to add a few repositories. Patch (and push request) on github

With that patch, it will build, but things will still fail when trying to sign a .jar file. I know of four ways on how to fix that particular problem:

  1. Add your passphrase for your java keystore, in cleartext, to the pom.xml file. This is a terrible idea.
  2. Pass your passphrase to maven, in cleartext, by using some command line flags. This is not much better.
  3. Ensure you use the maven-jarsigner-plugin 1.3.something or above, and figure out how the maven encrypted passphrase store thing works. I failed at that.
  4. Give up on trying to have maven sign your jar file, and do it manually. It's not that hard, after all.

If you're going with 1 through 3, you're on your own. For the last option, however, here's what you do. First, you need a key:

keytool -genkeypair -alias extremontest

after you enter all the information that keytool will ask for, it will generate a self-signed code signing certificate, valid for six months, called extremontest. Producing a code signing certificate with longer validity and/or one which is signed by an actual CA is left as an exercise to the reader.

Now, we will sign the .jar file:

jarsigner target/extremon-console-1.0-SNAPSHOT.jar extremontest

There. Who needs help from the internet to sign a .jar file? Well, apart from this blog post, of course.

You will now want to copy your freshly-signed .jar file to a location served by HTTPS. Yes, HTTPS, not HTTP; ExtreMon-Display will fail on plain HTTP sites.

Download this SVG file, and open it in an editor. Find all references to be.grep as well as those to barbershop and replace them with your own prefix and hostname. Store it along with the .jar file in a useful directory.

Download this JNLP file, and store it on the same location (or you might want to actually open it with "javaws" to see the very basic animated idleness of my system). Open it in an editor, and replace any references to by the location where you've stored your signed .jar file.

Add the chalins_in_http plugin from the plugins directory. Make sure to configure it correctly (by way of its first few comment lines) so that its input and output filters are set up right.

Add the configuration snippet in section 2.1.3 of the manual (or something functionally equivalent) to your webserver's configuration. Make sure to have authentication—chalice_in_http is an input mechanism.

Add the chalice_out_http plugin from the plugins directory. Make sure to configure it correctly (by way of its first few comment lines) so that its input and output filters are set up right.

Add the configuration snippet in section 2.2.1 of the manual (or something functionally equivalent) to your webserver's configuration. Authentication isn't strictly required for the output plugin, but you might wish for it anyway if you care whether the whole internet can see your monitoring.

Now run javaws https://url/x3console.jnlp to start Extremon-Display.

At this point, I got stuck for several hours. Whenever I tried to run x3mon, this java webstart thing would tell me simply that things failed. When clicking on the "Details" button, I would find an error message along the lines of "Could not connect (name must not be null)". It would appear that the Java people believe this to be a proper error message for a fairly large number of constraints, all of which are slightly related to TLS connectivity. No, it's not the keystore. No, it's not an API issue, either. Or any of the loads of other rabbit holes that I dug myself in.

Instead, you should simply make sure you have Server Name Indication enabled. If you don't, the defaults in Java will cause it to refuse to even try to talk to your webserver.

The ExtreMon github repository comes with a bunch of extra plugins; some are special-case for the place where I first learned about it (and should therefore probably be considered "examples"), others are general-purpose plugins which implement things like "is the system load within reasonable limits". Be sure to check them out.

Note also that while you'll probably be getting most of your data from CollectD, you don't actually need to do that; you can write your own plugins, completely bypassing collectd. Indeed, the from_collectd thing we talked about earlier is, simply, also a plugin. At $CUSTOMER, for instance, we have one plugin which simply downloads a file every so often and checks it against a checksum, to verify that a particular piece of nonlinear software hasn't gone astray yet again. That doesn't need collectd.

The example above will get you a small white bar, the width of which is defined by the cpu "idle" statistic, as reported by CollectD. You probably want more. The manual (chapter 4, specifically) explains how to do that.

Unfortunately, in order for things to work right, you need to pretty much manually create an SVG file with a fairly strict structure. This is the one thing which Frank tells me is a dead and and needs to be pretty much rewritten. If you don't feel like spending several days manually drawing a schematic representation of your network, you probably want to wait until Frank's finished. If you don't mind, or if you're like me and you're impatient, you'll be happy to know that you can use inkscape to make the SVG file. You'll just have to use dialog behind ctrl+shift+X. A lot.

Once you've done that though, you can see when your server is down. Like, now. Before your customers call you.

Catégories: Elsewhere

Open Source Training: Filter Drupal Content Based on File Type

Planet Drupal - mar, 09/12/2014 - 19:11

One of our members asked an interesting question about Views.

They had a file field on their user profiles. In that field, the user could upload an image, an audio file, or link to a YouTube video. So far, so good. However, in Views, they only wanted to show that field if it contained a video.

Here's the solution to that problem. We're going to show you how to filter Drupal content based on the type of file that's attached to it.

Catégories: Elsewhere

Drupal Watchdog: Test Now! - Travis Integration for your Drupal Modules

Planet Drupal - mar, 09/12/2014 - 18:46

Travis-CI is a free-for-OSS continuous integration server, which has become very popular in the PHP world. Drush, Symfony, and dreditor all use it for frequently testing their code base and pull requests for regressions and ensuring new functionality has the needed test coverage.

Compared to the current Drupal testbot, Travis-CI allows testing of not only simpletest on PHP 5.3 (for Drupal 7 projects), but of most everything that you can install on a Debian system, e.g. QUnit for JavaScript, Behat, PHPUnit, but also Ruby based projects, Bash projects, Go projects, etc.

You can also test various scenarios in a matrix like setup, e.g. different PHP versions to ensure your code runs on both PHP 5.3 and 5.4 or with different versions of a dependent library.

This flexibility comes with a price however, because you need to setup the whole environment yourself. The selected PHP version (with xdebug) and composer are pre-installed, but that's it. The Drupal base installation, the running of the tests, the parsing of the test output, and ensuring dependencies are there is all your own responsibility.

And because of that there are many different .travis.yml files floating around the net for various scenarios of setting up this or that, but in the end everyone re-invents the wheel. Until now…

As Easy as it Gets

I am proud to announce the drupal_ti project, which allows any module on to easily leverage for testing:

  • PHPUnit
  • SimpleTest
  • Behat

The process (which I will show in more detail below) is as simple as copying a generic .travis.yml.dist file as .travis.yml to your modules root, push your repository to Github, activate the repository at and you are done.

Oh, and while you are at it, if you add a .coveralls.yml file, then code coverage is automatically reported to, too (for PHPUnit).

All the hard work of installing drupal, running a web server, setting up Selenium, etc. is done by drupal_ti.

So you don't have to copy some .travis.yml you found on the net and spend hours debugging little edge cases (HHVM and sendmail, how to parse the simpletest output, etc.), but can depend on a proven and self-tested code base.

  • Drupal 8 ready: drupal_ti supports both Drupal 7 and 8 modules. Use DRUPAL_TI_ENVIRONMENT="drupal-8" for your Drupal 8 modules.
  • Tested: drupal_ti tests its own code base for both Drupal 7 and Drupal 8 modules.
  • Modular architecture: drupal_ti has so called 'runners' and you can combine either e.g. "phpunit simpletest" or run them as separate workers by specifying a matrix.
  • Environment aware: drupal_ti has a file for each environment, which makes the code generic for both Drupal 7 and 8.
  • Examples provided: drupal_ti provides easy examples of the needed files in tests/drupal-{7,8}/drupal_ti_test. So you can get started easily!
  • Extensible: By specifying DRUPAL_TI_SCRIPT_DIR_BEFORE or DRUPAL_TI_SCRIPT_DIR_AFTER you can easily create your own runners and environment includes that run before or after the main runners. This could even come from composer.
  • Usable for non-travis CI: Because drupal-ti is just a command and because .travis.yml just has some environment vars, you can just copy the main declarations to some file, set the TRAVIS_BUILD_DIR and use it locally, too.
An Example Conversion

My module registry_autoload uses simpletest on to test its features. Now I want to test some advanced trait support, which needs PHP 5.4, so is an option to do so.

Step 1 - Create the GitHub Repository and Push Your Code
  1. Sign in to
  2. Click: + > New repository, enter: registry_autoload
  3. Click: Create repository

Copy the commands displayed by Github to push your code to GitHub. I like to use as my upstream and GitHub as my origin remote:

$ git clone --branch 7.x-1.x $ cd registry_autoload $ git remote rename origin upstream $ git remote add origin $ git push -u origin 7.x-1.x Step 2 - Activate

Now head over to

  1. Choose "Sign in with GitHub" and follow instructions
  2. Click on your name at the top right, "Fabian Franz" for me
  3. Click: "Sync now" if you don't see the repository, yet
  4. Simply switch the toggle to "ON" for the project
  5. Click on the repository settings icon (the "tools icon")
  6. Toggle "Build only if .travis.yml is present"
  7. Click on "Build history"
  8. Leave the browser window open
Step 3 - Add drupal_ti .travis.yml

Now checkout a new branch, and add the .travis.yml file:

$ git checkout -b travis-integration $ curl -O $ mv .travis.yml.dist .travis.yml

Then, customize the following parts of the file:

# Configuration vars. - DRUPAL_TI_MODULE_NAME="registry_autoload" - DRUPAL_TI_SIMPLETEST_GROUP="Registry"


matrix: # [[[ SELECT ANY OR MORE OPTIONS ]]] - DRUPAL_TI_RUNNERS="simpletest"

The simpletest group is returned from getInfo() in Drupal 7, but an annotation @group x in Drupal 8. Despite the name of the variable, you could also put in a class like RegistryAutoloadTestCase. Basically anything that SimpleTest accepts on the command line as last argument. The clue is that this variable accepts spaces e.g. "DrupalTi Test", which is else very difficult to achieve when passing variables around.

Now add the file and push to GitHub:

$ git add .travis.yml $ git commit -m "Added travis integration" $ git push origin travis-integration Step 4 - Watch the Test Run

Now head back over to your browser window and magically there will be a new build, click on it and you will see a matrix like structure, here shown for build #2:

Click on PHP 5.4 and click the little button on the far right with "follow", to follow the output.

After a while the build is finished and all tests passed:

Congratulations, your project is now tested on!

Now merge, the branch into your mainline and whenever you want to test a change on just push a branch or make a pull request:

$ git checkout 7.x-1.x $ git merge travis-integration $ git push origin 7.x-1.x # Also push the changes back to $ git push upstream 7.x-1.x

The easiest way to work with this kind of integration is to push all patches to origin first and once satisfied, push to upstream. That way GitHub and are always in sync.

To be Continued…

In the next part of this series, I will explore how you can get started with unit testing locally and on (using drupal_ti) and afterwards we will take a look at some easy behat setup.

If you are curious and want to start now, take a look at the run-* scripts in:

Enjoy and please leave me feedback either in the Drupal issue queue or on the GitHub project page.

About the Author

Fabian Franz is a Senior Performance Engineer and Technical Lead at Tag1
Consulting. He is author of the registry_autoload, service_container and render_cache modules for Drupal 7 and a contributor to Drupal 8 Core in the form of reviews, patches, and co-leader of the Twig initiative.

Tags:  Testing Contributed modules Third-party tools Images: 
Catégories: Elsewhere

C.J. Adams-Collier: MySQL Meet-up 20141208

Planet Debian - mar, 09/12/2014 - 18:31

I had an enjoyable time last night at Twitter with local MySQL DBAs and developers. We had an attendee who has no experience with SQL or programming at all. She is interested in organizing her collection of recipes and had heard a rumor that MySQL was a good tool to use for this task. She indicated that her desktop runs Windows 7. I think I’m going to encourage her to turn her concept in to a community project, as she is not the first person I’ve met who wants to organize recipes!

We were hosted by Rob at Twitter, who used to work with Lisa back before she retired. He’s a member of the site reliability team and keeps the fail whale from rearing its blubbery head.

Pizza was provided by my dear friend and long-time open source buddy Gerry Narvaja with the assistance of the folks in the kitchen at Zeek’s.

We discussed new techniques in the areas of load balancing and high availability. Five nines is no longer the thing that people talk about, instead it’s six nines. It’s a brave new world out there!

I was not the only person who was excited about one of the latest features in MariaDB / MySQL to come out of HP, the high resolution time data types.

One of the attendees is an old hand at COBOL and was asking if anyone knows where one can get a COBOL runtime environment. I’ve never thought about that before… Let me ask the googs… Looks like there’s an active project called GNU COBOL which is officially part of the GNU project:

Catégories: Elsewhere

Aten Design Group: Debugging New to You Drupal Blocks

Planet Drupal - mar, 09/12/2014 - 17:20

Let’s say a friend (or a new client) asks you to make a small change to their Drupal website. You’ve never seen this site before and the original developer(s) are long gone. Of course the text is in some obscure block. Sometimes finding where to make the requested change is easy. Sometimes it’s not. I’m going to go through some debugging tips for such a case.

The first thing you should do is inspect that part of the page with your browser’s dev tools (e.g. Firefox, Chrome). Often IDs and class names will help identify the block.

Here’s an example of the DOM of a view block from the nodequeue module.

<div id="block-views-nodequeue-2-block" class="block block-views contextual-links-region block--marquee">

The ID "block-views-nodequeue-2-block" means this is a views block. "nodequeue-2" is the view machine name, and "block" is the name of the specific display in that view. You can browse the list of views at /admin/structure/views, or in this case, go directly to /admin/structure/views/view/nodequeue_2/edit/block. The path to edit a view in Drupal 7 is always at /admin/structure/views/view/[VIEW NAME]/edit/[DISPLAY NAME]. If contextual links are on, it may be even quicker to access the edit page from the options available. Look for a gear icon in the upper right corner of the section.

Here’s a block defined in code:

<div id="block-cei-custom-blocks-cei-unicef-timeline" class="block block-cei-custom-blocks contextual-links-region">

In this case in cei_custom_blocks_block_info() defines a block delta: $blocks['cei_unicef_timeline'] The code that defines this block’s output will either be in cei_custom_blocks_block_view() or that function will call another.

In one particular case I didn’t have a lot to go on. There was very little in the DOM. This members page consisted of user images, name, and title. The client requested one additional field be included for each user on the members page. It wasn’t a view or anything else easily identifiable. The output was in system block 0 which doesn't give me anything to go on. One particularly unique class name was block-totem-common-embed-type-search-0 (this was the totem install profile) but a search of the code turned up nothing. That’s because the code that built these blocks was highly abstracted. Reviewing that code didn’t reveal where I could add the field either. Finally I searched on another class name. I didn’t find exactly where the class name was inserted, but it happened to match a template file that was in one of the submodule's ‘inc’ directories.

<div<?php print $attributes; ?>> <?php print $user_profile['images']['user_thumb']; ?> <?php print render($title_prefix); ?> <h3><?php print render($user_profile['name']); ?></h3> <?php print render($title_suffix); ?>   <div class="clearfix"></div> </div>

Once I found that, making the needed modification was simple.

To help identify a block, you can also look at what is placing the block on the page. Some ways this can be done include the blocks UI, Context module, Panels, print directly in code, and template files. If a lot of blocks are placed using the blocks UI, this page can get unwieldy. It’s worth searching the codebase for any distinct phrases. A quick search in the database can also be useful.

Blocks saved in the database are in the blocks and blocks_custom tables. One way to find such a block in the database uses a query for some matching text:

SELECT * FROM block_custom WHERE body LIKE "%participate in discussions%"\G

The query matched the following entry:

*************************** 1. row *************************** bid: 3 body: <p><strong>A message from the GEC team</strong></p> <p>During the recent GEC baseline sharing events, one of the key messages that came through loud and clear from you was the value of meeting other projects and exchanging knowledge, sharing challenges, solutions, experiences and advice. We began to see the GEC community take root, and to continue this momentum we are launching the GEC forum &ndash; a place for the GEC Community of Practice to develop and grow. This will be the place for you share your expertise, participate in discussions, and interact with other projects that form the community of the Girls&rsquo; Education Challenge. <a href="">Read more...</a></p> <p>&nbsp;</p>   info: GEC welcome message (deliberately not in code) format: full_html

Such a block can be edited at /admin/structure/block/manage/block/3/configure. The path to edit a block is always at /admin/structure/block/manage/[Block ID]/configure.

Hopefully these tips will be useful the next time a completely unknown website is dropped in your lap.

Catégories: Elsewhere

Acquia: PHP: Under the Hood, Running the Web

Planet Drupal - mar, 09/12/2014 - 17:13

Most non-technical people out on the Web haven't heard of PHP before. They might not have even heard of many of the products that were built with this technology like Drupal, Magento, or WordPress. And together with other products built with PHP, these run about 83% of all internet web applications. The technology of PHP is very important to an enormous number of businesses, governments, and organisations around the world, so even though people might not be familiar with the language itself, there’s a very good chance they’ve used it online today.

Catégories: Elsewhere

Enrico Zini: radicale-davdroid

Planet Debian - mar, 09/12/2014 - 16:35
Radicale and DAVDroid

radicale and DAVdroid appeal to me. Let's try to make the whole thing work.

A self-signed SSL certificate

Generating the certificate:

openssl req -nodes -x509 -newkey rsa:2048 -keyout cal-key.pem -out cal-cert.pem -days 3650 [...] Country Name (2 letter code) [AU]:IT State or Province Name (full name) [Some-State]:Bologna Locality Name (eg, city) []: Organization Name (eg, company) [Internet Widgits Pty Ltd] Organizational Unit Name (eg, section) []: Common Name (e.g. server FQDN or YOUR name) [] Email Address []

Installing it on my phone:

openssl x509 -in cal-cert.pem -outform DER -out cal-cert.crt adb push cal-cert.crt /mnt/sdcard/ enrico --follow-instructions Installing radicale in my VPS

An updated radicale package, with this patch to make it work with DAVDroid:

apt-get source radicale # I reviewed 063f7de7a2c7c50de5fe3f8382358f9a1124fbb6 git clone Move the python code from git to the Debian source dch -v 0.10~enrico "Pulled in the not yet released 0.10 work from upstream" debuild -us -uc -rfakeroot

Install the package:

# dpkg -i python-radicale_0.10~enrico0-1_all.deb # dpkg -i radicale_0.10~enrico0-1_all.deb

Create a system user to run it:

# adduser --system --disabled-password radicale

Configure it for mod_wsgi with auth done by Apache:

# For brevity, this is my config file with comments removed [storage] # Storage backend # Value: filesystem | multifilesystem | database | custom type = filesystem # Folder for storing local collections, created if not present filesystem_folder = /var/lib/radicale/collections [logging] config = /etc/radicale/logging

Create the wsgi file to run it:

# mkdir /srv/radicale # cat <<EOT > /srv/radicale/radicale.wsgi import radicale radicale.log.start() application = radicale.Application() EOT # chown radicale.radicale /srv/radicale/radicale.wsgi # chmod 0755 /srv/radicale/radicale.wsgi Make radicale commit to git # apt-get install python-dulwich # cd /var/lib/radicale/collections # git init # chown radicale.radicale -R /var/lib/radicale/collections/.git Apache configuration

Add a new site to apache:

$ cat /etc/apache2/sites-available/cal.conf # For brevity, this is my config file with comments removed <IfModule mod_ssl.c> <VirtualHost *:443> ServerName ServerAdmin Alias /robots.txt /srv/radicale/robots.txt Alias /favicon.ico /srv/radicale/favicon.ico WSGIDaemonProcess radicale user=radicale group=radicale threads=1 umask=0027 display-name=%{GROUP} WSGIProcessGroup radicale WSGIScriptAlias / /srv/radicale/radicale.wsgi <Directory /srv/radicale> # WSGIProcessGroup radicale # WSGIApplicationGroup radicale # WSGIPassAuthorization On AllowOverride None Require all granted </Directory> <Location /> AuthType basic AuthName "Enrico's Calendar" AuthBasicProvider file AuthUserFile /usr/local/etc/radicale/htpasswd Require user enrico </Location> ErrorLog{APACHE_LOG_DIR}/cal-enricozini-org-error.log LogLevel warn CustomLog{APACHE_LOG_DIR}/cal-enricozini-org-access.log combined SSLEngine on SSLCertificateFile /etc/ssl/certs/cal.pem SSLCertificateKeyFile /etc/ssl/private/cal.key </VirtualHost> </IfModule>

Then enable it:

# a2ensite cal.conf # service apache2 reload Create collections

DAVdroid seems to want to see existing collections on the server, so we create them:

$ apt-get install cadaver $ cat <<EOT > /tmp/empty.ics BEGIN:VCALENDAR VERSION:2.0 END:VCALENDAR EOT $ cat <<EOT > /tmp/empty.vcf BEGIN:VCARD VERSION:2.1 END:VCARD EOT $ cadaver WARNING: Untrusted server certificate presented for `': [...] Do you wish to accept the certificate? (y/n) y Authentication required for Enrico's Calendar on server `': Username: enrico Password: **** dav:/> cd enrico/contacts.vcf/ dav:/> put /tmp/empty.vcf dav:/> cd ../calendar.ics/ dav:/> put /tmp/empty.ics dav:/enrico/calendar.ics/> ^D Connection to `' closed. DAVdroid configuration
  1. Add a new DAVdroid sync account
  2. Use server/username configuration
  3. For server, use https:////
  4. Add username and password

It should work.

Related links
Catégories: Elsewhere

Tanguy Ortolo: Using BSD tar to change an archive format

Planet Debian - mar, 09/12/2014 - 16:00
Using BSD tar to change an archive format Streamable archive formats

Archive formats such as tar(5) and cpio(5) have the advantage of being streamable, so you can use them for transferring data with pipes and remote shells, without having to store the archive in the middle of the process, for instance:

$ cd public_html/blog $ rgrep -lF "archive" data/articles \ | pax -w \ | ssh newserver "mkdir public_html/blog ; cd public_html/blog ; pax -r" Turning a ZIP archive into tarball

Unfortunately, many people will send you data in non-streamable archive formats such as ZIP¹. For such cases, bsdtar(1) can be useful, as it is able to convert an archive from one format to another:

$ bsdtar -cf - \ | COMMAND

These arguments tell bsdtar to:

  • create an archive;
  • write it to stdout (contrary to GNU tar which defaults to stdout, BSD tar defaults to a tape device);
  • put into it the files it will find in the archive

The result is a tape archive, which is easier to manipulate in a stream than a ZIP archive.

  1. Some will say that although ZIP is based on an file index, it can be stream because that index is placed at the end of the archive. In fact, that characteristic only allows to stream the archive creation, but requires to store the full archive before being able to extract it. .
Catégories: Elsewhere

Hideki Yamane: ThinkPad X121e with UFEI boot

Planet Debian - mar, 09/12/2014 - 14:09
I have ThinkPad X121e and recenly exchanged its HDD to SSD, then I've tried to boot from UEFI but I couldn't. And I considered its something wrong with this old BIOS verion but new one can improve the situation, tried to update it. Steps are below.
  1. get iso image file from Lenovo (Japanese site) (release note)
  2. put iso image into /boot
  3. add custom grub file as /etc/grub.d/99_bios (note: I don't separate /boot partition, maybe you should specify path for file if you don't do so). $ sudo sh -c "touch /etc/grub.d/99_bios; chmod +x /etc/grub.d/99_bios"and edit /etc/grub.d/99_bio file. #! /bin/sh
    menuentry "BIOS Update" {
    linux16 memdisk iso
    initrd16 xxxxxxxxxx.iso
  4. update grub menu with and check /boot/grub/grub.cfg file $ sudo update-grub
    $ tail /boot/grub/grub.cfg
  5. make sure memdisk command is installed $ sudo apt-get install syslinux
  6. just reboot and select bios update menu
Looks okay, its firmware update was success but I cannot boot it (installation was okay). Hmm...

As Matthew Garrett blogged before, probably ThinkPad X121e's firmware doesn't allow to boot from any entries in UEFI except "Windows Boot Manager" :-(

 ...So I have to back to legacy BIOS. *sigh*
Catégories: Elsewhere

Thorsten Glaser: The colon in the shell: corrigenda

Planet Debian - mar, 09/12/2014 - 11:40

Bernhard’s article on Plänet Debian about the “colon” command in the shell could use a clarification and a security-relevant correcture.

There is, indeed, no difference between the : and true built-in commands.

Stéphane Chazelas points out that writing : ${VARNAME:=default} is bad, : "${VARNAME:=default}" is correct. Reason: someone could preset $VARNAME with, for example, /*/*/*/*/../../../../*/*/*/*/../../../../*/*/*/* which will exhaust during globbing.

Besides that, the article is good. Thanks Bernhard for posting it!

PS: I sometimes use the colon as comment leader in the last line of a script or function, because it, unlike the octothorpe, sets $? to 0, which can be useful.

Catégories: Elsewhere

Russ Allbery: wallet 1.2

Planet Debian - mar, 09/12/2014 - 06:39

wallet is a system for secure credential management and distribution.

This release renames the duo object type to duo-pam (since it really only handles PAM integrations) and adds new object types duo-radius, duo-ldap, and duo-rdp to handle other types of Duo Security integrations.

It also adds a rename command, which can be used to rename existing objects without destroying them and recreating them. Currently, this only supports file objects.

My only role in this release was to do the final release management and a bit of release testing. The new code was implemented by Jon Robertson (who's also done a lot of work on wallet in the past).

You can get the latest release from the wallet distribution page.

Catégories: Elsewhere


Subscribe to jfhovinne agrégateur