Planet Drupal

Syndicate content - aggregated feeds in category Planet Drupal
Updated: 7 min 29 sec ago

Drupal Association News: Here’s to our Drupal Association Supporting Partners! – Q3

Fri, 10/14/2016 - 20:54
div class=field field-name-body field-type-text-with-summary field-label-hiddendiv class=field-itemsdiv class=field-item evenpThere are many inspiring companies that are giving their time to contribute code, help educate others, share their experiences, and be part of the Drupal community. Some of these companies have taken one step further, becoming Supporting Partners with the Drupal Association./p pa href= Partners/a fund and the engineering team who make the improvements you continuously see. Without our Supporting Partners, the work we do would not be possible./p pHere is what is going on now./p pstronga href= 2016 Roadmap/a/strong/p ulli Establish a Technical Advisory Committee (TAP)/li li Evolve the D.O front page to support the adoption journey./li li Identify cost savings/li li Stable release of the Composer façade/li li a href= Migration/a/li li a href= Application Process Revamp/a/li li a href= 8 User Guide/a/li li The search function is now an icon in the header/li li You can now directly download PDF invoices of DrupalCon ticket orders, right from a href=http://events.drupal.org li a href= shield icon/a/li li Virtualized Infrastructure/li /ulp /p pWe would like to acknowledge the companies that continue to show their endless support. Here is a list of new and renewing companies just this quarter:/p olli a href= li a href= li a href= Tech Solutions Ltd./a/li li a href= Group GmbH amp; Co. KG/a/li li a href= Inc/a/li li a href= li a href= li a href= li a href= Koalas Digital Bridge Solutions/a/li li a href= Interactive Solutions/a/li li a href= LLC/a/li li a href= li a href= Person/a/li li a href= li a href= Ltd./a/li li a href=, Inc./a/li li a href= Inc./a/li li a href=, LLC/a/li li a href= Geeks/a/li li a href= li a href= li a href= Press/a/li li a href= Group/a/li li a href= Solutions/a/li li a href= Inc./a/li li a href= Technologies/a/li li a href= li a href= li a href= li a href= One/a/li li a href= /olpbr / Our a href= Partners/a, a href= Supporters/a, and a href= Supporters/a help us make great. They also become some of the best-known Drupal contributors. a href= about the program benefits/a and if you want to give back to the Project, please contact our Executive Director, a href= Sanicki/a, for details./p /div/div/div

Zivtech: 4 Common Developer Concerns in a Site Migration

Fri, 10/14/2016 - 18:43
div class=field-image-photo img src=/sites/default/files/styles/large/public/migration.jpeg?itok=lzXGwg_K width=645 height=410 alt= / /div div class=field-body p dir=ltrWebsites have a shelf life of about 5 years, give or take. Once a site gets stale, it’s time to update. You may be going from one CMS to another, i.e., WordPress to Drupal, or you may be moving from Drupal 6 to Drupal 8. Perhaps the legacy site was handcrafted, or it may have been built on Squarespace or Wix. /p p dir=ltrContent is the lifeblood of a site. A developer may be able to automate the migration, but in many cases, content migration from an older site may be a manual process. Indeed, the development of a custom tool to automate a migration can take weeks to create, and end up being far costlier than a manual effort. /p p dir=ltrBefore setting out, determine if the process is best accomplished manually or automatically. Let’s look at the most common concerns for developers charged with migrating content from old to new./p h2 dir=ltr1. It’s All About Data Quality/h2 p dir=ltrOld data might not be very structured, or even structured at all. A common bad scenario occurs when you try to take something that was handcrafted and unstructured and turn it into a structured system. Case in point would be an event system managed through HTML dumped into pages./p p dir=ltrThere's tabular data, there are dates, and there are sessions; these structured things represent times and days, and the presenters who took part. There could also be assets like video, audio, the slides from the presentation, and an accompanying paper. /p p dir=ltrWhat if all that data is in handcrafted HTML in one big blob with links? If the HTML was created using a template, you might be able to parse it and figure out which fields represent what, and you can synthesize structured data from it. If not, and it's all in a slightly different format that's almost impossible to synthesize, it just has to be done manually. /p h2 dir=ltr2. Secret Data Relationships/h2 p dir=ltrAnother big concern is a system that doesn't expose how data is related./p p dir=ltrYou could be working on a system that seems to manage data in a reasonable way, but it's very hard to figure out what’s going on behind the scenes. Data may be broken into components, but then it does something confusing./p p dir=ltrA previous developer may have used a system that's structured, but used a page builder tool that inserted a text blob in the top right corner and other content in the bottom left corner. In that scenario, you can't even fetch a single record that has all the information in it because it's split up, and those pieces might not semantically describe what they are./p h2 dir=ltr3. Bad Architecture/h2 p dir=ltrAnother top concern is a poorly architected database. /p p dir=ltrA site can be deceptive because it has structured data that describes itself. The system could find stuff as each element was requested, but then it is really hard to find the list of elements and load all of the data in a coordinated way. /p p dir=ltrIt's just a matter of your architecture. It’s important to have a clearly structured, normalized database with descriptively named columns. And you need consistency, with all the required fields actually in all the records./p h2 dir=ltr4. Automated Vs. Manual Data Migration/h2 p dir=ltrYour migration needs to make some assumptions about what data it’s going to find and how it can use that to connect to other data. /p p dir=ltrWhether there are 6 or 600,000 records of 6 different varieties, it's the same amount of effort to automate a migration. So how do you know if you should be automating, or just cutting and pasting? /p p dir=ltrUse a benchmark. Migrate five pieces of content and time out how long that takes. Multiply by the number of pieces of content in the entire project to try to get a baseline of what it would take to do it manually. Then estimate the effort to migrate in an automated fashion. Then double it. Go with the number that’s lower./p p dir=ltrOne of the reasons to pick a system like Drupal is that the data is yours. It's an open platform. You can read the code and look at the database. You can easily extract all of the data and take it wherever you want. /p p dir=ltrIf you’re with a hosted platform, that may not be the case. It's not in the hosted platform’s best interest to give you a really easy way to extract everything so you can migrate it somewhere else. /p p dir=ltrIf you're not careful and you pick something because it seems like an easy choice now, you run the risk of getting locked in. That can be really painful because the only way to get everything out is to cut and paste. It’s still technically a migration. It's just not an automated one./p div /div /div nav role=navigation class=links-inline/nav

Acquia Developer Center Blog: Nothing About Us Without Us - Diversity of the Web with Nikki Stevens

Fri, 10/14/2016 - 18:42
div class=field field-name-field-podcast-image field-type-image field-label-hiddendiv class=field-itemsdiv class=field-item evenimg typeof=foaf:Image src= width=340 height=260 alt=Nikki Stevens and Jeffrey A. quot;jamquot; McGuire talk at Drupal Camp Costa Rica 2016 title=Nikki Stevens and Jeffrey A. quot;jamquot; McGuire talk at Drupal Camp Costa Rica 2016 //div/div/divdiv class=field field-name-body field-type-text-with-summary field-label-hiddendiv class=field-itemsdiv class=field-item even property=content:encodedp Following her inspiring keynote on diversity, inclusion, and equality at Drupal Camp Costa Rica 2016, I got the chance to speak with a href= Stevens/a on front of my mic and camera. Along with sharing some fun Drupal memories like the time young Nikki broke production when Steve Rude was out for the day, a lot of this conversation is about the benefits diversity brings and how we all can improve our own organisations and communities. /p p One eye-opening moment for me was when Nikki talked about how many diversity surveys are themselves flawed by the assumptions of their authors. Seemed perfectly obvious to me once I got there. Nikki and a href= Lewis/a have been working on a better diversity survey by crowdsourcing the survey itself. /p h2 Help write the diversity survey!br //h2 p Go to the a href= of the Web community-drafted survey/a and make your own contributions and suggestions now! /p p For more background information on the survey and the challenges of involvement, identity, and measuring it all, read its origin story on Nikki's blog: a href= About Us Without Us/a. /p h2 Interview Video - 19 //h2 piframe width=640 height=360 src= frameborder=0/iframe/p h2 Transcriptbr //h2 p A full transcript of our conversation will appear here shortly! /p /div/div/divdiv class=field field-name-field-podcast-audio field-type-file field-label-hiddendiv class=field-itemsdiv class=field-item evenaudio controls=controlssource src= type=audio/mpeg //audio/div/div/divdiv class=field field-name-field-skill-level field-type-taxonomy-term-reference field-label-inline clearfixdiv class=field-labelSkill Level:nbsp;/divdiv class=field-itemsdiv class=field-item evena href=/skill-level/beginner typeof=skos:Concept property=rdfs:label skos:prefLabel datatype=Beginner/a/divdiv class=field-item odda href=/skill-level/intermediate typeof=skos:Concept property=rdfs:label skos:prefLabel datatype=Intermediate/a/divdiv class=field-item evena href=/skill-level/advanced typeof=skos:Concept property=rdfs:label skos:prefLabel datatype=Advanced/a/div/div/div

DrupalEasy: Announcing Florida DrupalCamp’s Second Featured Speaker, Drupal Association Director Megan Sanicki!

Fri, 10/14/2016 - 18:37
pThe 9th annual a href=https://www.fldrupal.campFlorida DrupalCamp/a (FLDC) will be held February 17,18, and 19th, 2017 in Orlando, Florida; DrupalEasy is proud to be a sponsor./p pWe’re super excited to announce a href= Sanicki/a as our second featured speaker. Megan is the Executive Director of the Drupal Association (DA), and will talk about all the things that the DA does to promote and serve Drupal./p pMegan joins a href= Zubkow/a as a featured speaker for FLDC. Helena is an accessibility expert for Lullabot and will be leading a double-length session on how to make Drupal sites accessible. The third (and final) featured speaker will be announced in the coming weeks./p h2Bigger and better!/h2 pFLDC is expanding to 3 full days of activities in 2017. On Friday, February 17, we'll be offering several free training events (details coming soon) as well as sprint opportunities and a social event. Saturday, February 18 will be a day full of sessions followed by an afterparty. Sunday, February 19 will include a half-day of sessions and additional sprints./p h2Sponsor Florida Drupalcamp!/h2 pFLDC is accepting sponsorships. More information can be found at a href= h2Session Submissions are Open!/h2 pHave new Drupal or web development knowledge that you’d like to share? We’d love to have you! Submit your session proposal at a href= class=feedflare a href= src= border=0/img/a a href= src= border=0/img/a /divimg src= height=1 width=1 alt=/ Entity validation in Drupal 8 - part 1 - how validation works

Fri, 10/14/2016 - 18:10
div class=field field-name-body field-type-text-with-summary field-label-hiddendiv class=field-itemsdiv class=field-item evenpDrupal 8 has its entity validation separate and decoupled from the typical validation given by its form API. This is done for a lot of reasons. For one, entities might get added from other non UI means, like via the REST API, or programmatically, while importing data from an external source. Under these circumstances, the entity validation API comes in handy./p pDrupal 8's validation API uses the a href= validator/a component.Each validation mechanism can be at the entity level(composite), field level or entity property level. Validation can be specified by multiple means./p p1.While creating the entity as a part of the annotation./p pEx: the Comment entity has a validation constraint which imposes a restriction where the name of the anonymous comment author cannot match the name of any registered user. This is implemented using codeCommentNameConstraint/code and specified in the Comment entity annotation./p precode * bundle_entity_type = comment_type, * field_ui_base_route = entity.comment_type.edit_form, * constraints = { * CommentName = {} * } * ) */ class Comment extends ContentEntityBase implements CommentInterface { /code/pre p2.Inside the entity class's codebaseFieldDefinitions()/code./p pEx: The User entity has a constraint where each user name should be a unique value./p precode$fields['name'] = BaseFieldDefinition::create('string') -gt;setLabel(t('Name')) -gt;setDescription(t('The name of this user.')) -gt;setRequired(TRUE) -gt;setConstraints(array( // No Length constraint here because the UserName constraint also covers // that. 'UserName' =gt; array(), 'UserNameUnique' =gt; array(), )); /code/pre pWe will see what codeBaseFieldDefinition/code means in a future post. For now, all you have to understand is, the above line places a validation constraint that the codename/code property of every user object should be unique./p p3.Entity validation constraints can be placed on existing entities from other modules via hooks./p pThis implements codehook_entity_type_alter/code./p precodefunction my_module_name_entity_type_alter(array amp;$entity_types) { $node = $entity_types['node']; $node-gt;addConstraint('CustomPluginName', ['plugin', 'options']); } /code/pre pWe shall be creating one such validation constraint on the codenode/code entity shortly./p pA validation component consists of 2 parts./p ul liThe constraint class, which is a concrete implementation of a href=, implemented as a a href=!lib!Drupal!Core!Validation!Annotation!Constraint.php/class/Constraint/8.2.xDrupal 8 plugin/a./li liThe validation class, a concrete implementation of a href= /ul pThe constraint contains the metadata/rules required for the validation, the messages to show as to what exactly got invalidated, and a pointer to the validation class, whose default value is a Validator string appended to the fully qualified constraint class name./p precode/** * Returns the name of the class that validates this constraint. * * By default, this is the fully qualified name of the constraint class * suffixed with Validator. You can override this method to change that * behaviour. * * @return string */ public function validatedBy() { return get_class($this).'Validator'; } /code/pre pThe validation class contains the actual validation implementation. For example, a unique name constraint's validator will iterate through all entities in the database to ensure that the name of the entity being validated is not used by any other entity. The validator class also has access to the constraint class metadata, messages etc. It should, at minimum, implement the codevalidate/code method, which takes in the object to be validated(string, entity etc.) and the associated constraint. Upon failing the validation, this method returns an object of type a href= This gives all the information as to why the validation failed, where exactly it failed, the invalid value etc./p pLet's see how a node can be validated and the validation errors consumed with the below example./p precodeuse Drupal\node\Entity\Node; $node = Node::create([ 'title' =gt; 'New article', 'type' =gt; 'article']); $node-gt;field_email = 'foobar'; $violations = $node-gt;validate(); if ($violations-gt;count() gt; 0) { foreach($violations as $violation) { print_r($violation-gt;getMessage()-gt;render()); print(\n); print_r($violation-gt;getPropertyPath()); print(\n); print_r($violation-gt;getInvalidValue()); print(\n); } } /code/pre pAssuming you have an email field which goes by the machine name codefield_email/code, if you run this code using codedrush scr/code command in a Drupal 8 setup, your output should be very similar to this./p precode$ drush scr node-validate.php This value is not a valid email address. field_email.0.value foobar /code/pre pThe codegetPropertyPath/code give the field name and the delta as to where the violation occurs./p pNow that we got a hang of how entity validation works, let's create our own validation constraint in the next post./p /div/div/divul class=tags lia href=/categories/drupalDrupal/a/li lia href=/categories/drupal-8Drupal 8/a/li lia href=/categories/drupal-planetDrupal Planet/a/li /ul

Acquia Developer Center Blog: The White House is Open Sourcing a Drupal Chat Module for Facebook Messenger

Fri, 10/14/2016 - 17:02
div class=field field-name-field-blog-image field-type-image field-label-hiddendiv class=field-itemsdiv class=field-item evenimg typeof=foaf:Image src= width=140 height=85 alt=white house title=white house //div/div/divdiv class=field field-name-body field-type-text-with-summary field-label-hiddendiv class=field-itemsdiv class=field-item even property=content:encodedpToday, Jason Goldman, Chief Digital Officer of the White House, announced that the White House is open-sourcing a Drupal module that will enable Drupal 8 developers to quickly launch a Facebook Messenger bot. /p pThe goal, Goldman said, is to make it easier for citizens to message the President via Facebook. /p pThis is the first-ever government bot on Facebook messenger./p/div/div/divdiv class=field field-name-field-blog-tags field-type-taxonomy-term-reference field-label-inline clearfixdiv class=field-labelTags:nbsp;/divdiv class=field-itemsdiv class=field-item evena href=/tags/acquia-drupal-planet typeof=skos:Concept property=rdfs:label skos:prefLabel datatype=acquia drupal planet/a/div/div/div

ThinkShout: Content Modeling in Drupal 8

Fri, 10/14/2016 - 17:00
pIn many modern frameworks, data modeling is done by building out database tables. In Drupal, we use a web-based interface to build our models. This interface makes building the database accessible for people with no database experience. However, this easy access can lead to overly complex content models because it’s so easy to build out advanced structures with a few hours of clicking. It’s surprising how often Drupal developers are expected to be content modeling experts. Rachel Lovinger wrote this great a href= of content modeling/a for the rest of us who aren’t experts yet./p h2 id=data-modeling-goalData Modeling Goal/h2 pOur goal when modeling content in Drupal is to build out the structure that will become our editor interface and HTML output. We also need to create a model that supports the functionality needed in the website. While accomplishing this, we want to reduce the complexity of our models as much as possible./p h2 id=getting-startedGetting Started/h2 pOne of the first things to do when building a Drupal site is build content types. So, before you start a site build, start with either a content model or a detail page wireframe. This a href= from Palantir/a will help you. The home page design may look amazing, but it’s unhelpful for building out content types. Get the detail pages before you start building./p h2 id=why-reduce-complexityWhy Reduce Complexity?/h2 pThe more content types you create, the more effort it will take to produce a site. Furthermore, the more types you have, the more time it will take to maintain the site in the future. If you have 15 content types and need to make a site-wide change, you need to edit 15 different pages./p pThe more pages you need to edit, the more mistakes you will make in choosing labels, settings, and formatters. Lastly, content can’t easily be copied from one type to another, which makes moving content around your site harder when there are many content types. So, the first thing you’ll want to do with your content model is collapse your types into as few types as feasible. How many is that?/p h2 id=content-types-is-enough5 Content Types is Enough/h2 pDrupal has many built in entities like files, taxonomy, users, nodes, comments, and config. So, the vast majority of sites don’t need any more than 5 content types. Instead of adding a new content type for every design, look for ways to reuse existing types by adding fields and applying layouts to those fields./p h2 id=break-up-the-edit-formBreak Up the Edit Form/h2 pDrupal 8 allows you to have different form displays for a single content type. With either a href= Mode Control/a or a href= Mode Manager/a, you can create different edit experiences for the same content type without overloading the admin interface./p pBy reducing the complexity of the content model, we decrease maintenance cost, improve the consistency of the website, and simplify the editing experience. Now that you’ve got some content modeling basics, look for opportunities to reduce and reuse content types in your Drupal projects. Content editors will thank you./p

Mediacurrent: Friday 5: 5 Advantages of Component-Driven Theming

Fri, 10/14/2016 - 16:44
img typeof=foaf:Image src= width=200 height=188 / pHappy Friday and thanks for tuning into Episode 17, it's good to be back!/p

Drupal @ Penn State: Increasing accessibility empathy through simulation

Fri, 10/14/2016 - 16:16
pA few months ago I did a post showing span class=capsELMS/span:span class=capsLN/span’s initial work on the A11y module which provides blocks for improving as well as simulating accessibility conditions. After lots of testing I’m marking a full release of the project we’ve been using in span class=capsELMS/span:span class=capsLN/span for months (as dev)./p pThis latest release includes many bug fixes and most notable new features of:/p

Drupal @ Penn State: Building conversational interfaces in Drupal

Fri, 10/14/2016 - 16:16
pI know Dreis caused a lot of smiles when he used Amazon Echo and Drupal 8 to be notified about “Awesome Sauce” going on sale. The future is bright and requires increasingly more ways of engaging with technology. But what if you wanted to start to have a conversation without Echo to do it? What if we wanted to progressively enhance the browser experience to include lessons learned from conversational input technologies./p

Drupal @ Penn State: How to export fields from one content type to another

Fri, 10/14/2016 - 16:16
pThe title kind of explains it all. Check out the screencast for a quick demo on how to donbsp;it. /p

Drupal @ Penn State: #Drupal GovDay: #Purespeed talk

Fri, 10/14/2016 - 16:16
pThis is a recording of a presentation I gave at Drupal Gov Day called Purespeed. There’s many posts on this site that are tagged with purespeed if you want to dig into deeper detail about anything mentioned in this talk. This talk consolidates a lot of lessons learned in optimizing drupal to power elms learning network. I talk through apache, php, mysql, front end, backend, module selection, cache bin management, and other optimizations in this comprehensive full-stack tuning talk./p

Drupal @ Penn State: Web service requests via snakes and spiders

Fri, 10/14/2016 - 16:16
pFirst off, hope you are all enjoying Drupalcon, super jealous./p pIts been almost three months since I wrote about a href= secure, low-level bootstraps in D7/a, the gist of which is skipping index.php when you make webservice calls so that Drupal doesn't have to bootstrap as high. Now that I've been playing with this, we've been starting to work on a series of simplied calls that can propagate data across the network in different ways./p

OSTraining: Use the Drupal Hacked! module for peace of mind

Fri, 10/14/2016 - 13:21
div class=ost-intro-imageimg src= alt=Use the Drupal Hacked! module for peace of mind width=200 height=134 //div pHacked! Is an extremely powerful Drupal module avalible in both Drupal 7 and 8 that allows you to check Drupal's modules and core against stored versions to make sure they have not been tampered with. This module is great for none coders to ensure that the modules are safe and have not been tampered with. It will not check any subthemes or custom modules that do not exist on divnbsp;/div

Unimity Solutions Drupal Blog: My DrupalCon Dublin Board Retreat!

Fri, 10/14/2016 - 07:10
div class=field field-name-body field-type-text-with-summary field-label-hiddendiv class=field-itemsdiv class=field-item even property=content:encodedpDrupalcon is always special! Back from DrupalCon, left feeling happy, proud to be part of a caring Board, a passionate DA team and last but not least the wonderful Drupal community./p /div/div/div

Aurelien Navarre: How to find PHP code in Drupal nodes

Thu, 10/13/2016 - 11:49
pBefore Drupal 8 was released, the a href= title=PHP module project pagePHP Filter/a module was part of Drupal core and allowed site builders and developers to create a PHP filter text format. While very convenient for developers and themers, this was also very risky as you could easily introduce security or even performance issues on your site, as a result of executing arbitrary PHP code./p h2 id=whatstheusecaseforinjectingphpcodeincontentanywayWhat's the use case for injecting PHP code in content anyway?/h2 pThere never is a truly good reason to do so except when you're developing the site and willing to quickly test something. Most of the time, using PHP in content is either the result of laziness, lack of time (easiest to add raw PHP directly rather than having to build a custom module) or lack of Drupal API knowledge. PHP Filter is most often used to inject logic in nodes or blocks. As horrible as it sounds, there are very interesting (and smart!) use cases people have come up with and you have to respect the effort. But this is just not something acceptable as you should always advise a clear separation of concerns and use the Drupal API in every instance./p pIn the past 5 years I've seen things such as:/p ul liCreating logic for displaying ads after the body/li liInjecting theming elements on the page/li liRedirecting users via a href=! title=drupal_goto() API referencedrupal_goto()/a which was breaking cron and search indexing/li liUsing a href= title=variable_set() API referencevariable_set()/a to store data on a href= title=node_view() API referencenode_view()/a/li liIncluding raw PHP files/li li.../li /ul pThe list goes on and on and on./p pAfter a href= title=Remove the PHP module from Drupal coreheated discussions/a, and because it was far too easy to have users shoot themselves in the foot, it was finally decided to a href= title=PHP Filter module removed from Drupal coreremove the module from core/a for Drupal 8. But as the a href= title=Weekly usage statistics for Drupal coreusage statistics for Drupal core/a page shows, we still have more than 1 million Drupal 6 and 7 sites out there that are potentially using it./p pIf you're still building Drupal 7 sites or if you're taking over maintaining a Drupal 6 or 7 site, it's thus your responsibility to ensure no PHP code is being executed in nodes, blocks, comments, views, etc./p h2 id=determineifthephptextformatisinuseDetermine if the PHP text format is in use/h2 pSo, before you start wondering if you have an issue to fix, let's find out if the PHP module is enabled./p precode class=language-sqlmysqlgt; SELECT name FROM system WHERE name = 'php'; +------+ | name | +------+ | php | +------+ 1 row in set (0.00 sec) /code/pre pNow, we need to confirm there is indeed a PHP filter text format on your site. You can use the a href= title=Security Review project pageSecurity Review/a module, navigate through the Drupal UI, or query MySQL, which is preferred here and later on because it gives us the granularity we need./p precode class=language-sqlmysqlgt; SELECT format,name,status FROM filter_format WHERE format=php_code; +----------+----------+--------+ | format | name | status | +----------+----------+--------+ | php_code | PHP code | 1 | +----------+----------+--------+ 1 row in set (0.00 sec) /code/pre pWhen you do have the codephp_code/code text format in use on a site, then you need to start your investigation. In this post we'll focus only on nodes. But the same logic applies for all entities./p h2 id=auditallnodeswiththephp_codetextformatAudit all nodes with the codephp_code/code text format/h2 pIn the below example we only have 4 nodes. This means codephp_code/code was used only when it was required. But it might very well be that all nodes on a site would use the PHP text filter by default. Tracking down issues would then become more challenging. Worse, removing the text filter entirely would be a very time-consuming task in terms of site auditing, as you might not know what is or isn't going to break when you do the change./p precode class=language-sqlmysqlgt; SELECT nid,title,bundle,entity_type FROM field_data_body LEFT JOIN node ON node.nid=field_data_body.entity_id WHERE body_format='php_code'; +------+-----------------------+----------+-------------+ | nid | title | bundle | entity_type | +------+-----------------------+----------+-------------+ | 7571 | Test nid 7571 | article | node | +------+-----------------------+----------+-------------+ | 538 | Test nid 538 | page | node | +------+-----------------------+----------+-------------+ | 5432 | Test nid 5432 | article | node | +------+-----------------------+----------+-------------+ | 1209 | Test nid 1209 | article | node | +------+-----------------------+----------+-------------+ /code/pre h2 id=findphpcodeinnodesFind PHP code in nodes/h2 pNow that we know which nodes have the codephp_code/code text filter set, it's easy to find out if there's indeed PHP code in them, and if it's breaking the site in any way, causing performance troubles, or introducing a security hole./p precode class=language-sqlmysqlgt; SELECT body_value FROM field_data_body WHERE entity_id=7571; +--------------------------------------------------------------+ | body_value | +--------------------------------------------------------------+ | Thank you for participating! Your results can be found below. lt;?php include path_to_theme()./calculator-results.php; ?gt; | +--------------------------------------------------------------+ /code/pre h2 id=whataboutdrupal8What about Drupal 8?/h2 pAs we said in the introduction, the a href= title=PHP module project pagePHP Filter/a module now lives in contrib instead of Drupal core. And it's very good like that, because it'll prevent the vast majority of Drupal users from installing it. Because, you know, if they can, they will./p pIf it does exist in production though, then you're in for the same investigation. Fortunately, with Drupal 8 it's even easier to determine when a node is using the codephp_code/code text format as you only need one MySQL query and no JOIN./p precode class=language-sqlmysqlgt; SELECT entity_id,bundle,body_value,body_format FROM node__body WHERE body_format = 'php_code'; +-----------+---------+----------------------------+-------------+ | entity_id | bundle | body_value | body_format | +-----------+---------+----------------------------+-------------+ | 1 | article | lt;?php echo 'hi there!'; ?gt; | php_code | +-----------+---------+----------------------------+-------------+ 1 row in set (0.00 sec) /code/pre pNow that you know how to find PHP code in nodes, it's your job to review the code and fix it if necessary, then find ways to remove it completely (custom / contrib module? Theming?). You'll feel a sense of joy when you can switch back to Basic HTML, Markdown, or any other controlled and secure text format./p Drupal 6 security update for Elysia Cron

Wed, 10/12/2016 - 19:18
div class=field field-name-body field-type-text-with-summary field-label-hiddendiv class=field-itemsdiv class=field-item evenpemAs you may know, a href= 6 has reached End-of-Life (EOL)/a which means the Drupal Security Team is no longer doing Security Advisories or working on security patches for Drupal 6 core or contrib modules - but the a href= 6 LTS vendors/a are and we're one of them!/em/ppstrongToday, there is a Moderately Critical security release for the a href= Cron/a module to fix a Cross-Site Scripting (XSS) vulnerability./strong/ppUsers who have permission to configure this module have the ability to add insufficiently sanitized JavaScript in the Predefined rules field, however, tspanhis vulnerability is mitigated by the fact that an attacker must have a role with the permission Administer elysia cron./span/ppYou can download the patch for Elysia Cron a href= you have a Drupal 6 site using the Elysia Cron module, we recommend you update immediately! We have already deployed the patch for all of our Drupal 6 Long-Term Support clients. :-)/ppstrongIf you'd like all your Drupal 6 modules to receive security updates and have the fixes deployed the same day they're released, please a href= out our D6LTS plans/a./strong/ppemspanNote/span: if you use the a href= module (totally free!), you'll be alerted to these and any future security updates, and will be able to use drush to install them (even though they won't necessarily have a release on

Third Grove: Third Grove sponsors Bay Area Drupal BadCamp 2016

Wed, 10/12/2016 - 17:43
span property=schema:nameThird Grove sponsors Bay Area Drupal BadCamp 2016/span span rel=schema:authorspan lang= about= typeof=schema:Person property=schema:name datatype= xml:lang=antonella/span/span span property=schema:dateCreated content=2016-10-12T15:43:11+00:00Wed, 10/12/2016 - 11:43/span

Appnovation Technologies: My Experience At DrupalCon Dublin

Wed, 10/12/2016 - 11:31
div class=field field-name-body field-type-text-with-summary field-label-hiddendiv class=field-itemsdiv class=field-item even property=content:encoded pThis year was special for me, for the first time since DrupalCon Copenhagen (back in 2010), I was able to attend a DrupalCon, thanks to Appnovation./p /div/div/divdiv class=field field-name-field-blog-header-image field-type-image field-label-hiddendiv class=field-itemsdiv class=field-item evena href=/blog/my-experience-drupalcon-dublinimg typeof=foaf:Image src= width=1400 height=400 alt= //a/div/div/divdiv class=sharethis-buttonsdiv class=sharethis-wrapperspan st_url= st_title=My Experience At DrupalCon Dublin class=st_facebook/span span st_url= st_title=My Experience At DrupalCon Dublin class=st_twitter/span span st_url= st_title=My Experience At DrupalCon Dublin class=st_sharethis/span /div/div Blog: AGILEDROP: Drupal's path from 4.0 to 8.0

Wed, 10/12/2016 - 07:23
a href= src= Last time we guided you through early beginnings of Drupal. We explained how all started and how first versions of Drupal were made. This time we will look how this open-source content-management framework evolved from its fourth to its latest, eight version. Drupal 4.0 Drupal’s fourth version was released on 15. 6. 2002. It became a platform for any type of web application. Users were able to modify it and extend it to fit their needs. Developers came from all across Europe and US, so Drupal became international open source project with over 100 major pages using it. Taxonomy module, who… a href= MORE/a