Planet Drupal

Anyone familiar with the Drupal core development lifecycle will know that presently the Drupal community supports two major versions at any one time: the current major release and its immediate predecessor. This means that at ComputerMinds we are currently helping our clients support and develop both Drupal 7 and Drupal 8 sites. So the obvious question that we get asked is ‘when is it time to upgrade’? We can’t properly answer this question without bringing...

At ComputerMinds we like to think that we’re all pretty good at what we do; however, nobody is perfect and this is why we always ensure that our code is properly peer reviewed as part of our quality assurance process. Peer review is literally just what the name implies; we work together to review each other’s code to make sure that it all makes sense. This approach means that we’re able to spot obvious mistakes...

There's nothing like Drupal's default spinning blue AJAX animation to make you notice that a site's design hasn't been fully customised. The code from my previous article showing how to fetch a link over AJAX to open in a Foundation reveal popup would suffer from this without some further customisation. After clicking the 'Enquire' button, a loading icon of some kind is needed whilst the linked content is fetched. By default, Drupal just sticks that blue 'throbber' next to the link, but that looks totally out of place. Our client's site uses a loading graphic that feels much more appropriate in style and placement, but my point is that you can set up your own bespoke version. Since it's Christmas, let's add some festive fun!

After reading this from Ars Technica, which describes how a developer offered to 'help' the maintainer of an NPM module - and then slowly introduced malicious code to it - I can't help but wonder if the Drupal community is vulnerable to the exact same issue. Let's discuss! ###Please, don't touch my package NPM modules have been hacked at before, and it's not pretty when it happens. Because of the way we use packages, it's...

Let me take you on a journey. We'll pass by Drupal content renderer services, AJAX commands, javascript libraries and a popular front-end framework. If you've only heard of one or two of those things, come lean on the experience I took diving deep into Drupal. I'm pleased with where my adventure took me to, and maybe what I learned will be useful to you too. Here's the end result: a contact form, launched from a...

I'll keep this short and sweet, but we thought this would be a useful tip to share with the world as a potential security issue with the combined use of File::getFileUri() and FileSystem::realpath(). Consider the following code excerpt : $file = File::load($some_file_uri); if ($file) { $uri = $file->getFileUri(); $file_realpath = \Drupal::service('file_system')->realpath($uri); } Seems pretty harmless right? Load up the file from $some_file_uri , If we have a valid file then get the URI and then...

Update: this article's suggested method has serious shortcomings, use other methods when you can! For example, run the following with drush to just upgrade drupal core code (leaving database updates to be run separately): drush pm-updatecode drupal --check-updatedb=0 If you've got a Drupal site, which you need to update quickly (for example, to address last night's security advisory!), here's a tip. Run this from the command line: curl 'https://github.com/drupal/drupal/compare/7.59..7.60.patch' | patch -p1 This assumes your...

A client noticed the dates on their news articles were not being translated into the correct language. The name of the month would always appear in English, even though all the month names had themselves been translated and showed correctly elsewhere. The problem turned out to be down to the twig filter being used in the template to format the date. This is what we did have: ```twig {% set newsDate = node.getCreatedTime|date('j F Y')...

The Problem I imagine many of us have been there: there’s some CSS class in your markup, and you need to do something with it. Maybe you want to remove it, change it, or perhaps alter its style declarations. “Easy peasy,” you think, “I’m a developer. I got this.” And so you should. Next, if you’re anything like me, your first instinct is to fire up your search tool of choice and search your...

Let's say you've built a custom form for your Drupal 8 site. It contains various elements for input (name, email address, a message, that kind of thing), and you want to send the submitted values in an email to someone (perhaps a site admin). That's a pretty common thing to need to do. This could be done with Drupal's core contact forms, webforms, or similar -- but there are cases when a bespoke form is...