No one seems quite sure what to call SA-CORE-2018-002, although there does seem to be a trend towards drupalgeddon2. Whatever we call it, it's here and it is every bit as scary as everyone had feared - the key lines from the update : How difficult is it for the attacker to leverage the vulnerability? None (user visits page). What privilege level is required for an exploit to be successful? None (all/anonymous users). Does this...
If you are reading this, then you are probably already aware of the impending security update that is due to drop this evening (UK time). At this stage, it is not clear quite how serious the security update is, we are hoping it's not at the level of Drupalgeddon (PSA-2014-003 - Oct '14) - but we are working on the assumption that it is. So this means, we are aiming to get all sites we...
We've settled on what we think is a best practice for class naming for Javascript in Drupal – let me explain what I mean and then talk you through our reasoning.
Extra quick tip for developers working with Drupal 8 or 9: Adding views to your page content is now incredibly straightforward: $content['editor_tools']['view'] = [ '#type' => 'view', '#name' => 'editor_tools', '#display_id' => 'embed', '#arguments' => [ 123, ], ]; And that's it! $content is my render array which I'll return and let Drupal render. I suspect most of the bits there are self-explanatory, but in case they aren't: * '#type' => 'view' is the magic...
Following on from my feature branching bash script I thought I would do another quick post about a super handy tool I use to streamline my dev workflow a little more (marginal gains and all that). Hub is a command line tool that lets you do all kinds of clever github stuff without ever having to open a browser. All the setup instructions are here https://hub.github.com/ - it's pretty simple to get working (if I can do it ...). I wasn't quite brave enough to alias my git command so I skipped that bit!
During a typical working day I can easily flip between 15 projects, fixing small bugs or working on various features. Each flip normally requires a new feature branch, and i found myself repeating myself. A lot. I'm a parent so I'm pretty used to this, but in this instance I figured I could probably do something about it - so put together a simple bash script.
Having PII in Google Analytics is a big no no, it violates their terms of service and can cause you to have to remove all your analytics data - not fun. The good news is, most 'standard' Drupal sites using most 'standard' GA implementations avoid sending any PII with one exception - and that is the user password reset page. The problem occurs when a user attempts to login but enters and incorrect password. They...
Ten years ago today Adrian Rossouw committed the first code for the Aegir project. ComputerMinds have been involved in Aegir for many of those years, particularly one of our senior developers: Steven Jones. We asked him some questions about it to mark the occasion. ### When did you get involved in the Aegir project? I went to a session at Drupalcon Washington DC in March 2009 and Adrian was presenting this mad thing: Drupal managing...
In Drupal 7, we had menu_get_object() to get the object in code for whichever node, term, or whatever entity makes up the current page. But in Drupal 8, that has been replaced, and entities can usually be operated on in a generic way. If you know the type of entity you want, it's pretty simple. But I keep running into different suggestions of how to get the entity object when you don't know its type. Given that D8 allows us to deal with entities in a unified way, I thought there must be a good way! The code of core itself is usually the best place to look for examples of how to do common things.
Define a schema for any bespoke configuration, it's not too hard. It's needed to make it translatable, but Drupal 8 will also validate your config against it so it's still handy on non-translatable sites. As a schema ensures your configuration is valid, your code, or Drupal itself, can trip up without one. Set up a schema and you avoid those problems, and get robust validation for free. Hopefully my example YAML shows how it can be quite simple to do.