Jun 15 2018
Jun 15

As you may or may not have noticed, we’re having a lot of fun over here at Ashday building Drupal sites with React. Check out our own site, for example. We are really digging this new direction for front-end and you can learn more about why we did it how we approached it in other articles, but here we are going to talk about how we approached the Drupal editorial experience, because honestly - we just didn’t find a lot of great resources out there discussing how this might be done well in a decoupled experience.

Something about Gift-Horses

While we can’t speak with authority on the potential detriment of literally looking gift-horses in the mouth, we can speak to the idea that we should be grateful for what we’ve been given, and Drupal has given us a lot! If you were in this industry when most of us built everything from scratch, you’ll know that it’s a crazy pile of work to do the most basic things and nothing is taken for granted. Need a login form? Sure thing. Oh, now you need flood control? Um, ok. Captcha? Boy. Password reset? Ugh. Ok, I need a week just to get user authentication in place.

Drupal does so much out of the box and we aren’t about to throw it all away so we can call ourselves fully decoupled, which is the idea that Drupal isn’t providing any of the front-end at all. It’s worth noting that some are pursuing the concept of “Progressively Decoupled,” where only select components of the front-end site are managed with React, but we don’t prefer that approach in most cases because we don’t want the overhead of taking on traditional Drupal theming and a React build out, yet with less obvious design constraints, potentially extra hosting, multiple development workflows, duplicated styles, etc - leaving us short of many of the benefits of going decoupled at all.

We prefer to an approach that we’ve, for the moment, dubbed “Deliberately Decoupled.”

Deliberately Decoupled

What we mean by “Deliberately Decoupled” is that we aren’t decoupling purists, who see ourselves just as much evangelists of a particular approach as we are just software engineers, and we also aren’t operating by a FOMO (fear of missing out), where anxiety about not being on a bandwagon drives our decisions. We prefer to leverage what we think is beneficial for our clients and the site, and secondarily abide by our preferences. A good example is the Open Source philosophy. We love open source! But we aren’t for a minute going to bypass a proprietary library that does something really cool just because it’s not open source. It’s the same with decoupling. We want what gives us good bang for the buck - either in the deliverable, or the cost, or the UX, or whatever else is impactful - and it helps far more than it hurts. So, for the largely public facing ends of our sites, we hands-down love what React is giving us and rarely find Drupal’s out of the box front-end solution to be easier or more flexible. On the back-end? For the editorial and admin experience, we really have no interest in trying to replace everything Drupal provides unless there is a major overarching requirement or clear benefit that can justify hundreds or thousands of hours of additional work. There are some projects that do merit it, such as when you have highly dynamic and interactive forms, but if that’s not the case Drupal can do the job on its own.

Considering Outsourcing? Consider Ashday!  Request your free consultation today. 

One prime example of leveraging cool stuff in Drupal is the use of Paragraphs for content. If you haven’t heard of Paragraphs, you really must check it out. It’s been our favorite way to give editors the ability to create interesting and dynamic content creation without the cringe-worthy experience of complex WYSIWYG and HTML source editing, especially when it comes to the mobile experience. Nearly all of the Ashday.com pages are built with paragraphs, so that means an editor can do parallax, add related content boxes, throw in some CTAs, etc. Pretty cool! And as you’ll see later, we leverage React for our pages, but Drupal’s admin for editing the paragraphs and it creates a clean and intuitive editorial experience.

So does all this mean for editing we just hand over Drupal Admin accounts to our users so they can swim through the Sea Nettle-like admin experience say good luck? Hardly. Let’s get into the nitty gritty.

Our Philosophy - Less is More

Generally speaking, Drupal doesn’t matter much to the user. Of course Drupal matters, but not really to the end user just trying to do their editorial work. Not as far as they are aware. And they shouldn’t have to be “aware”. Do you remember when you first looked into Drupal? Do you remember how weird the world was as you learned that a “node” is “content”, but then so is a “block” (kinda), and a “view” is a query but maybe with a page attached, or a “taxonomy” is hierarchical data, but with display pages? All frameworks have to be abstracted sufficiently, which means making up generic terms and concepts that only make sense when you’ve spent time with them. Well, guess what? Most users would really rather not just learn all of those concepts and instead just easily write content and update their site. The key to that is to reduce, simplify and obfuscate.

Most users would really rather not just learn all of those concepts and instead just easily write content and update their site.

Drupal’s admin is very friendly to developers, but unnecessarily verbose when it comes to editors. They don’t need half the contextual menus, vertical tabs, sidebars, etc most of the time. And the stuff they do need should be stripped down to the obvious and helpful. So let’s hide tons of help text on a WYSIWYG with multiple text format options and use Paragraphs + a simple WYSIWYG instead. Let’s rename any buttons or links that have the word “node” in them because really, who cares if it’s a node? Let’s put our field labels inline to save vertical space and use something like Field Group to organize them cleanly. And let’s take away that rats’ nest default Drupal menu and create an alternative that just gives them what they care about. Here is an example of what we’re talking about.

From this…

Example of Drupal admin showing contextual menus, vertical tabs, and sidebars.

To this. 

Example of streamlined Drupal Menu. 

In addition, let’s take the coolness of contextual admin, like Drupal provides, and make it more intuitive as well. If you hover over a block you can edit it or configure it. If you’re on a node page, you get view and edit links in the tab bar. And you can even sometimes use the new inline editing features in Drupal 8. The problem, though, is that once again the user has to understand what each of these elements are and why they’re all different in terms of the triggering UX. We are having a lot of fun in React finding more consistent and creative ways to manage content without understanding it.

So here’s a rudimentary example using Ashday.com.

Example of Drupal contextual admin, showing node page.

You see some sorting icons and some edit icons. That’s it. Technically, those sortable sections are paragraphs, which - thanks to React - can be sorted inline - but are also editable individually apart from the others. The “Free Consultation” button in the header is a React button tied to a few settings stored in some custom Drupal configuration in the back-end. Further, that edit icon in the page title area can be used to edit the entire page at once so you can change the page title and things like meta tags, although the next step is to probably provide more direct access to edit those things so that you don’t have to know what all is buried in a node form. So the goal here is for the user to have just some basic concepts to think about, like edit and sort, instead of Edit Node vs Configure Block vs Edit Block vs Sort Paragraph vs Some Other Drupal Configuration Buried Deep In the Admin or Form.

And by the way, here’s what happens when you click the edit link on the header button, vs the first paragraph. 

 

Edit link on header button

Intuitive Drupal 8 admin

  

Edit link on first paragraph

Screen shot of admin interface for Drupal page built with React.

 

So despite varied back-end architectural implementations, the user has a very similar experience contextually editing something. A simple page mask + offcanvas + clean form. Its cool stuff, all made easier with the ability to re-use display elements in React all while still getting a ton out of Drupal’s back-end for content management and forms. Simple, kinda easy, and totally user friendly.

New Call-to-action

Jun 15 2018
Jun 15

This blog has been re-posted and edited with permission from Dries Buytaert's blog. Please leave your comments on the original post.

Composer Initiative

At DrupalCon Nashville, we launched a strategic initiative to improve support for Composer in Drupal 8. To learn more, you can watch the recording of my DrupalCon Nashville keynote or read the Composer Initiative issue on Drupal.org.

While Composer isn't required when using Drupal core, many Drupal site builders use it as the preferred way of assembling websites (myself included). A growing number of contributed modules also require the use of Composer, which increases the need to make Composer easier to use with Drupal.

The first step of the Composer Initiative was to develop a plan to simplify Drupal's Composer experience. Since DrupalCon Nashville, Mixologic, Mile23, Bojanz, Webflo, and other Drupal community members have worked on this plan. I was excited to see that last week, they shared their proposal.

The first phase of the proposal is focused on a series of changes in the main Drupal core repository. The directory structure will remain the same, but it will include scripts, plugins, and embedded packages that enable the bundled Drupal product to be built from the core repository using Composer. This provides users who download Drupal from Drupal.org a clear path to manage their Drupal codebase with Composer if they choose.

I'm excited about this first step because it will establish a default, official approach for using Composer with Drupal. That makes using Composer more straightforward, less confusing, and could theoretically lower the bar for evaluators and newcomers who are familiar with other PHP frameworks. Making things easier for site builders is a very important goal; web development has become a difficult task, and removing complexity out of the process is crucial.

It's also worth noting that we are planning the Automatic Updates Initiative. We are exploring if an automated update system can be build on top of the Composer Initiative's work, and provide an abstraction layer for those that don't want to use Composer directly. I believe that could be truly game-changing for Drupal, as it would remove a great deal of complexity.

If you're interested in learning more about the Composer plan, or if you want to provide feedback on the proposal, I recommend you check out the Composer Initiative issue and comment 37 on that issue.

Implementing this plan will be a lot of work. How fast we execute these changes depends on how many people will help. There are a number of different third-party Composer related efforts, and my hope is to see many of them redirect their efforts to make Drupal's out-of-the-box Composer effort better. If you're interested in getting involved or sponsoring this work, let me know and I'd be happy to connect you with the right people!

Jun 15 2018
Jun 15
The Composer Initiative for Drupal

At DrupalCon Nashville, we launched a strategic initiative to improve support for Composer in Drupal 8. To learn more, you can watch the recording of my DrupalCon Nashville keynote or read the Composer Initiative issue on Drupal.org.

While Composer isn't required when using Drupal core, many Drupal site builders use it as the preferred way of assembling websites (myself included). A growing number of contributed modules also require the use of Composer, which increases the need to make Composer easier to use with Drupal.

The first step of the Composer Initiative was to develop a plan to simplify Drupal's Composer experience. Since DrupalCon Nashville, Mixologic, Mile23, Bojanz, Webflo, and other Drupal community members have worked on this plan. I was excited to see that last week, they shared their proposal.

The first phase of the proposal is focused on a series of changes in the main Drupal core repository. The directory structure will remain the same, but it will include scripts, plugins, and embedded packages that enable the bundled Drupal product to be built from the core repository using Composer. This provides users who download Drupal from Drupal.org a clear path to manage their Drupal codebase with Composer if they choose.

I'm excited about this first step because it will establish a default, official approach for using Composer with Drupal. That makes using Composer more straightforward, less confusing, and could theoretically lower the bar for evaluators and newcomers who are familiar with other PHP frameworks. Making things easier for site builders is a very important goal; web development has become a difficult task, and removing complexity out of the process is crucial.

It's also worth noting that we are planning the Automatic Updates Initiative. We are exploring if an automated update system can be build on top of the Composer Initiative's work, and provide an abstraction layer for those that don't want to use Composer directly. I believe that could be truly game-changing for Drupal, as it would remove a great deal of complexity.

If you're interested in learning more about the Composer plan, or if you want to provide feedback on the proposal, I recommend you check out the Composer Initiative issue and comment 37 on that issue.

Implementing this plan will be a lot of work. How fast we execute these changes depends on how many people will help. There are a number of different third-party Composer related efforts, and my hope is to see many of them redirect their efforts to make Drupal's out-of-the-box Composer effort better. If you're interested in getting involved or sponsoring this work, let me know and I'd be happy to connect you with the right people!

Jun 14 2018
Ana
Jun 14

Drupal and Commerce. These are two words that aren’t usually associated with each other. But do you know that Drupal can become a great eCommerce solution thanks to a dedicated software for it called Drupal Commerce? If you didn’t, then well, you are in for a treat. Let’s take a look at what Drupal Commerce is and how it can be used to create an eCommerce store using Drupal.

Drupal Commerce at its core is a set of modules for Drupal that enable a host of eCommerce functionalities for Drupal which I’ll be highlighting further in the post. It was developed and is maintained by The Commerce Guys. The great thing about Drupal Commerce is the fact that it isn’t just a software that has a limited set of predefined functions it can do out-of-the-box. Staying true to the Drupal philosophy, Drupal Commerce itself is a framework, meaning it focuses on what solutions can be built by using it. Owing to this, developers have the freedom to extend Drupal Commerce’s functionality even further by developing contributed modules for it.

Basic Features

Drupal Commerce leverages Drupal’s entities concept to bring some of the very basic eCommerce functions like Product, Order, Customer Profile, Line Item and Payment Transaction to the platform. Here’s what these entities represent:

  • Product: Pretty much self-explanatory, a product is the thing you sell.
  • Orders: These are the summary of what products have been ordered, what options have been attached to these products as well as whether transactions have been successful or failed.
  • Line Items: Products with specific options attached to them. For example shoes with their size and colour options. If you order a shoe with size 10 and black colour, then this will be a line item which will be added to a cart.
  • Payment Gateways: Payment Gateways are mediums through which online payments are made. Since developing a dedicated payment gateway is no small task, 3rd party gateways are usually integrated to eCommerce sites for processing payments. There are many trustworthy 3rd party payment gateways like PayPal, Payoneer, Skrill etc.
Calculator

 

Advanced Features

Apart from the basics mentioned in the previous section, there are also many advanced features offered by Drupal commerce that can be further extended by the use of contributed modules. Let’s take a look at some of them:

  • Shipping: Drupal commerce has a contributed module called Commerce Shipping using which you can make use of customer profiles to entertain cases where a customers’ billing address and shipping address is different.
  • Inventory Management: Thanks to modules like Commerce Stock and Commerce Inventory, inventory management is made really easy on Drupal commerce.
  • Commerce Rules: Buying a product online is subject to many variable costs like taxes, shipping costs etc. In order to implement these rules easily, Drupal commerce offers integration of 3rd party shipping sites like FedEx, UPS etc to implement these rules automatically.
  • Tax: Ease of use is the name of the game when it comes to user accessibility for any website. Make it easier on your customers by displaying the total price with sales tax and VAT tax or any other tax included with your product’s price. This can again be done by using Commerce Rules.

Apart from contributed modules, Drupal commerce much like Drupal offers tons of hooks that can be implemented by developers in their own solutions to easily leverage various functionalities offered by Drupal Commerce.

 

Versions

There are currently two versions of Drupal Commerce: Drupal Commerce 1.x and Drupal Commerce 2.x. The 1.x versions are for Drupal 7 and 2.x versions are for Drupal 8. Both of these can be downloaded on the project’s official Drupal repository.

 

Commerce Kickstart

To get a feel for Drupal Commerce, it is recommended to give Drupal Commerce 2.0 Demo a try. It is the quickest way to get up and running with a prebuilt Drupal commerce site. It can be given a whirl here.

Are you an aspiring entrepreneur but aren’t sure how to go about building an eCommerce site using Drupal? Let us handle that and focus on making money yourself!
 

Jun 14 2018
Jun 14
Mike and Matt talk with Angie "Webchick" Byron on what she's been up to, various Drupal initiatives, and what Drupal needs to do to succeed.
Jun 14 2018
Jun 14
Empower your customers to customize products.


There is a high likelihood that the tshirt on your back or in your closet started life as someone’s idea that was being uploaded to an online tool. The idea that a person could not only buy tshirts, but design them in a tool and approve the proof before payment seems almost commonplace. Why aren’t more people talking about this? Your customers are expecting more tailored experiences when buying decorated apparel, signage and personalized promotional products from the small to medium web store fronts. Getting the “Web to Print” toolset just right on Drupal is not easy.

Here’s just a few of the expectations for ordering printed materials from the web on Drupal:

  • Drupal integration: Full integration with existing Drupal website
  • Intuitive editor experience: Drag and drop toolset, uploading of files (jpg, png, tiff, pdf, eps, ai, psd), cropping and quick fixes to pictures, lots of fonts, pop-over text formatting, white labelled branding with plenty of customizations, low resolution upload warnings, and mobile friendly web to print tool.
  • Proof and checkout workflow: Print-quality PDF proof, edit before purchase, edit after purchase, CMYK color space, super large files that need processing

Getting off the bespoke product editor island

An example of a bespoke web to print tool Acro Media built with Drupal and jQuery UI.

An example of a bespoke web to print tool Acro Media built with Drupal and jQuery UI.

Like many Drupal agencies, there’s rarely a problem we face that can’t be solved with in-house open source tools. Before we decry the problems, we are very proud of what we accomplished in the past given budget and available tools. With jQuery UI and html-to-pdf experience, we’ve built these kinds of tools before, to varying degrees of success. Every time we tackled a project like web-to-print, the struggle became very real. With minimal hours, the tools we knew and loved created a functional experience that was hard to maintain and very error prone.

Demo Drupal Commerce today! View our demo site.More often than not, we had trouble with converting HTML to PDF reliably enough for high-resolution print-quality, especially with customer supplied imagery and layout. Offering fonts in a customized product builder is challenging to get right, especially when you’re creating a PDF that has to have the font attached. The RGB colorspace doesn’t translate easily to CMYK, the most common four color process for printing. And all of our experience in software revolved around pixels, not these things called picas. In this crazy world resolution could go as high as 3200 dpi on standard printers, dimensions suddenly couldn’t be determined based on pixels.

When one of our clients that had a tool we had built with existing technologies asked for some (not all) of the features mentioned in the beginning of the article, we also wanted to solve all the technical challenges that we grappled with over a year ago. As the planning stage was coming to an end, it was clear the budget wasn’t going to support such a complicated software build.

Product Customization is not the right phrase

Example screenshot of keditor in action.

Example screenshot of keditor in action.

We started to look for product customization tools and found nada. Then we looked for web layout tools which would maybe give Drupal a better HTML editing experience, but found a disappointing lack of online web to print solutions. We did find grapejs, innovastudio, and keditor

But, almost universally, these javascript-based libraries were focused on content and not editing products that would be printed. We needed something that had the goal of creating a printable image or PDF with a tight integration around the editor experience. We had nearly convinced ourselves there wasn’t a vertical for this concept, it seemed like nearly all product builders in the wild were powered by one-off conglomerations of toolsets.

Web to Print using Customer’s Canvas works with Drupal, right?

Finally, via a project manager, an industry phrase was discovered that opened the floodgates: web to print. After a bit of sifting through the sales pitch of all the technologies, almost all tools were found to be cumbersome and hard to integrate in an existing Drupal website, save one. Customer’s Canvas checked all the boxes and then some:

  • SAAS (so we don’t have to host customer’s images, or maintain the technology)
  • White label
  • More than fully featured
  • Completely customizable
  • Iframe-friendly. Meaning we could seamlessly plop the product customization tool into an existing or new layout.

Example of Customers Canvas running in Drupal Commerce.

Example of Customers Canvas running in Drupal Commerce.

To make an even longer story short, we jumped on board with Customer’s Canvas and built the first (to our knowledge) third party web to print Drupal 7 module. We might make a Tech Talk regarding the installation and feature set of the module. Until then, here’s what you can do:

  1. Download and install the module
  2. Provide some API credentials in the form of a javascript link
  3. Turn on the Drupal Commerce integration
  4. Provide some JSON configuration for a product via a field that gets added to your choice of product types.
  5. Click on Add to Cart for a Customer’s Canvas product
  6. Get redirected to a beautiful tool
  7. Click “Finish” and directed to a cart that can redirect you back to edit or download your product.
  8. As a store administrator, you can also edit the product from the order view page.

web-to-print_customers_canvas_drupal_cart

Drupal 8 and Web to Print and the Future

Currently, the module is built for Drupal 7. Upgrading to Drupal 8 Commerce 2 is definitely on our roadmap and should be a straightforward upgrade. Other things on the roadmap:

  • Better B2B features
    You can imagine a company needs signs for all of it’s franchisee partners and would want the ability to create stores of customizable signage. With Commerce on Drupal 8, that would be pretty straightforward to build.
  • More download options
    Customer’s Canvas supports lower res watermarked downloads for the customers as well as the high res PDF downloads. Currently the module displays the high resolution for all parties.
  • Better administrative interface
    If you’re using Drupal 7, the integration for this module is pretty easy, but the technical experience required for creating the JSON formatting for each product is pretty cumbersome. So it would be awesome (and very possible) to build out the most common customizations in an administration interface so you wouldn’t have to manage the JSON formatting for most situations.
  • Improve the architecture
    Possibly support Customer’s Canvas templates like entities that are referenced so that you could create a dozen or so customizable experiences and then link them up to thousands of products.
  • Webform support
    The base module assumes your experience at least starts with an entity that has fields and gets rendered. We could build a webform integration that would allow the webform to have a customer’s canvas build step. T-shirt design content anyone?

Integration can be a game changer

One of the big reasons we work with Drupal and Drupal Commerce is that anything with an API can be integrated. This opens the doors to allow the platform to do so much more than any other platform out there. If an integration needs to be made, we can do. If you need an integration made, talk to us! We're happy to help.

Contact Acro Media Today!

Contact us and learn more about our custom ecommerce solutions

Jun 14 2018
Jun 14

Drupal's field system is awesome and it is one of the reasons why I started using Drupal in the first place. However, there are some small limitations in it which surface from time to time. Say, you have a Text (Plain) field named field_one_liner which is 64 characters long. You created around 30 nodes and then you realized that the field size should have been 255. Now, if you try to do this from Drupal's field management UI, you will get a message saying:

There is data for this field in the database. The field settings can no longer be changed.

So, the only way you can resize it is after deleting the existing field! This doesn't make much sense because it's indeed possible to increase a field's size using SQL without saying goodbye to the data.

In this tutorial, we'll see how to increase the size of an existing Text (Plain) field in Drupal 8 without losing data using a hook_update_N().

Assumptions

  • You have intermediate / advanced knowledge of Drupal.
  • You know how to develop modules for Drupal.
  • You have basic knowledge of SQL.

Prerequisites

If you're going to try out the code provided in this example, make sure you have the following field on any node type:

  • Name: One-liner
  • Machine name: field_one_liner
  • Type: Text (Plain)
  • Length: 64

After you configure the field, create some nodes with some data on the One-liner field.

Note: Reducing the length of a field might result in data loss / truncation.

Implementing hook_update_N()

Reference: Custom Field Resize module on GitHub

hook_update_N() lets you run commands to update the database schema. You can create, update and delete database tables and columns using this hook after your module has been installed. To implement this hook, you need to have a custom module. For this example, I've implemented this hook in a custom module which I've named <a>custom_field_resize</a>. I usually name all my custom modules custom_ to namespace them. In the custom module, we implement the hook in a MODULE.install file, where MODULE is the machine-name of your module.

/**
 * Increase the length of "field_one_liner" to 255 characters.
 */
function custom_field_resize_update_8001() {}

To change the field size, there are four things we will do inside this hook.

Resize the Columns

We'll run a set of queries to update the relevant database columns.

$database = \Drupal::database();
$database->query("ALTER TABLE node__field_one_liner MODIFY field_one_liner_value VARCHAR(255)");
$database->query("ALTER TABLE node_revision__field_one_liner MODIFY field_one_liner_value VARCHAR(255)");

If revisions are disabled then the node_revision__field_one_liner table won't exist. So, you can remove the second query if your entity doesn't allow revisions.

Update Storage Schema

Resizing the columns with a query is not sufficient. Drupal maintains a record of what database schema is currently installed. If we don't do this then Drupal will think that the database schema needs to be updated because the column lengths in the database will not match the configuration storage.

$storage_key = 'node.field_schema_data.field_one_liner';
$storage_schema = \Drupal::keyValue('entity.storage_schema.sql');
$field_schema = $storage_schema->get($storage_key);
$field_schema['node__field_one_liner']['fields']['field_one_liner_value']['length'] = 255;
$field_schema['node_revision__field_one_liner']['fields']['field_one_liner_value']['length'] = 255;
$storage_schema->set($storage_key, $field_schema);

The above code will update the key_value table to store the updated length of the field_one_liner in its configuration.

Update Field Configuration

We took care of the database schema data. However, there are other places where Drupal stores the configuration. Now, we will need to tell the Drupal config management system that the field length is 255.

// Update field configuration.
$config = \Drupal::configFactory()
  ->getEditable('field.storage.node.field_one_liner');
$config->set('settings.max_length', 255);
$config->save(TRUE);

Finally, Drupal also stores info about the actively installed configuration and schema. To refresh this, we will need to re-save the field storage configuration to make Drupal detect all our changes.

// Update field storage configuration.
FieldStorageConfig::loadByName($entity_type, $field_name)->save();

After this, running drush updb or running update.php from the admin interface should detect your hook_update_N() and it should update your field size. If you're committing your configuration to git, you'll need to run drush config-export after running the database updates to update the config in the filesystem and then commit it.

Conclusion

Though we've talked about resizing a Text (Plain) or varchar field in this tutorial, we can resize any field type which can be safely resized using SQL. In certain rare scenarios, it might be necessary to create a temporary table with the new data-structure, copy the existing data into that table with queries and once all the data has been copied successfully, replace the existing table with the temporary table. For example, if you want to convert a Text (Plain) field to a Text (Long) field or some other type.

Maybe someday we'll have a resizing feature in Drupal where Drupal will intelligently allow us to increase a field's size from it's field UI and only deny reduction of field size where there is a possibility of data loss. But, in the meanwhile, we can use this handy trick to resize our fields. Thanks for reading! Please leave your comments / questions in the comments below and I'll get back to them as soon as I have time.

Jun 14 2018
Jun 14

by Elliot Christenson on June 14, 2018 - 12:15am

We're Drupalers who only recently started digging deep into CiviCRM and we're finding some really cool things! This series of videos is meant to share those secrets with other Drupalers, in case they come across a project that could use them. :-)

In the screencast below, I'll demonstrate the new demo of Roundearth! Roundearth is our Drupal 8 + CiviCRM Distribution.

Watch the screencast to see the progress so far on the Roundearth project:

Video of Roundearth June 2018 Update

Some highlights from the video:

  • Drupal 8.5
  • CiviCRM + Bootstrap based Shoreditch theme
  • Quick demo of adding Contacts, using a Group, and sending a Bulk Mailing
  • Quick demo of a Public Event

Please leave a comment below!

Jun 14 2018
Jun 14

If you've ever patched Drupal core with Composer you may have noticed patched files can sometimes end up in the wrong place like core/core or core/b. Thankfully there's a quick fix to ensure the files make it into the correct location.

When using cweagans/composer-patches it's easy to include patches in your composer.json

"patches": {
    "drupal/core": {
        "Introduce a batch builder class to make the batch API easier to use": "https://www.drupal.org/files/issues/2018-03-21/2401797-111.patch"
    }
}

However in certain situations patches will get applied incorrectly. This can happen when the patch is only adding new files (not altering existing files), like in the patch above. The result is the patched files end up in a subfolder core/core. If the patch is adding new files and editing existing files the new files will end up in core/b. This is because composer-patches cycle through the -p levels trying to apply them; 1, 0, 2, then 4.

Thankfully there is an easy fix!

"extra": {
   ...
   "patchLevel": {
       "drupal/core": "-p2"
    }
}

Setting the patch level to p2 ensures any patch for core will get applied correctly.

Note that until composer-patches has a 1.6.5 release, specifically this PR, you'll need to use the dev release like:

"require": {
    ...
    "cweagans/composer-patches": "1.x-dev"
}

The 2.x branch of composer-patches also includes this feature.

Big thanks to cweagans for this great tool and jhedstrom for helping to get this into the 1.x branch.

Comments

thanks for the blog @Saul Willers .

Pagination

Add new comment

Jun 14 2018
Jun 14
Official 8.0 Version Now Available


The Drupal Point of Sale provides a point of sale (POS) interface for Drupal Commerce, allowing in-person transactions via cash or card, returns, multiple registers and locations, and EOD reporting. It’s completely integrated with Drupal Commerce and uses the same products, customers, and orders between both systems. You can now bring your Drupal 8 online store and your physical store locations onto the same platform; maintaining a single data point.

The Drupal 7 version has been in the wild for a while now, but today marks the official, production ready release for Drupal 8.

Release Highlights

What features make up the new version of Drupal Point of Sale 8? There are so many that it will probably surprise you!

Omnichannel

Omnichannel is not just a buzzword, but a word that describes handling your online and offline stores with one platform, connecting your sales, stock and fulfillment centers in one digital location. Drupal Commerce has multi-store capabilities out of the box that allow you to create unique stores and share whatever product inventory, stock, promotions, and more between them. Drupal Point of Sale gives you the final tool you need to handle in-person transactions in a physical storefront location, all using your single Drupal Commerce platform. That’s pretty powerful stuff. Watch these videos (here and here) to learn more about how Drupal Commerce is true omnichannel.

Registers

Set up new registers with ease. Whether you have 1 or 1000 store locations, each store can have as many registers as you want. Because Drupal Point of Sale is a web-based solution, all you need to use a register is a web browser. A touch screen all-in-one computer, a laptop, an iPad; if it has a web browser, it can be your register. The Point of Sale is also fully open source, so there are no licensing fees and costs do not add up as you add more registers.

Customer Display


While a cashier is ringing through products, the Customer Display uses WebSocket technology to display the product, price, and current totals on a screen in real-time so the customer can follow along from the other side of the counter. Your customers can instantly verify everything you’re adding to the cart. All you need for the Customer Display is a web browser, so you can use an iPad, a TV or second monitor to display the information in real-time as the transaction progresses.

Barcode Scanning

Camera based barcode scanning
Don’t have a barcode scanner? No problem. With this release, any browser connected camera can be used to scan barcodes. Use a webcam, use your phone, use an iPad, whatever! If it has a camera, it works. This is helpful when you’re at an event or working a tradeshow and you don’t want to bring your hardware along.


Traditional barcode scanning
A traditional barcode scanner works too. Simply use the barcode scanner to scan the physical product’s barcode. The matching UPC code attached to one of your Drupal Commerce product variations will instantly add the product to your cashier’s display.

Labels

Generate and print labels complete with barcodes, directly from your Drupal Point of Sale interface. Labels are template based and can be easily customized to match any printer or label size so you can prep inventory or re-label goods as needed.

Receipts

Easily customize the header and footer of your receipts using the built in editor. Add your logo and contact information, return/exchange policy, special messaging or promotions, etc.

Drupal Point of Sale cusomized receipts

When issuing receipts, you can choose to print the receipt in a traditional fashion or go paperless and email it to your customer. You can do either, both, or none… whatever you want.

Returns

Whether online or in store, all of your orders are captured in Drupal Commerce and so can be returned, with or without the original receipt. A return can be an entire order or an individual product.

End of Day (EOD) Reports

When closing a register, you cashiers can declare their totals for the day. You can quickly see if you’re over or short. When finished, an ongoing daily report is collected that you can look back on. On top of this, Drupal Point of Sale is integrated with the core Drupal Commerce Reporting suite.

Drupal Point of Sale end of day reporting

Hardware

Use Drupal POS 8 with anything that supports a browser and has an internet connection.

Technical Highlights

Adding to all of the user highlights above are a number of important technical improvements. It’s the underlying architecture that really makes Drupal Point of Sale shine.

Themable

Cashiers login to Drupal Point of Sale via a designed login page. Once logged in, the theme used is the default Drupal admin theme. However, like any other part of Drupal, your admin theme can be modified as much as you like. Keep it default or customize it to your brand; it’s yours to do with as you please.

Drupal Point of Sale themable cashier login screen

Search API Enabled

The search API is a powerful search engine that lets you customize exactly what information is searchable. Using the Search API, your cashiers are sure to quickly find any product in your inventory by searching for a product’s title, SKU, UPC code (via barcode scanner), description, etc. Search API is completely customizable, so any additional unique search requirements can be easily added (brand, color, weight, etc.). The search API references the products on your site, and at any other store or multi-warehouse location to allow for you to serve customers in real-time. 

Fully Integrated with Drupal Commerce

The Drupal Point of Sale module seamlessly integrates into the existing Drupal Commerce systems and architecture. It shares products, stock, customers, orders, promotions and more. This makes Drupal Point of Sale plug-and-play while also making sure that the code base is maintainable and can take advantage of future Drupal Commerce features and improvements.

Permissions and Roles

When Drupal Point of Sale is installed, a “cashier” user role is created that limits the access users of this type have with your Drupal Commerce backend. Use Drupal’s fine grained permissions and roles system to manage your cashiers and give different permissions to employees, managers, marketers, owners, IT, etc. Any way you want it.

Custom Hardware

As mentioned above, all you need to use Drupal POS 8 is anything that supports a browser and has an internet connection. This opens the door for all kinds of custom Point of Sale hardware such as branded terminals, self-serve kiosks, tradeshow-ready hardware, and more.

Drupal Point of Sale Raspberry Pi custom hardware

We’ve been having fun prototyping various Raspberry Pi based POS hardware solutions. You can see some of them here and stay tuned for more. Drupal Point of Sale is open source, so why not open up the hardware too?

Drupal Point of Sale 8, Ready for your Drupal Commerce platform

We’re excited to finally release the production ready version of Drupal Point of Sale 8.0. There are many ecommerce-only platforms out there, but almost none of them can ALSO run in your physical store too. This is a BIG DEAL. Drupal Point of Sale gives you the last piece needed to run your entire store using Drupal Commerce allowing for centralized data and a single system for your team to learn and manage.

One admin login, one inventory list, one user list, one marketing platform, ONE. True omnichannel, without the fees.

Next Step

Commerce Kickstart
Starting a Drupal Commerce project from scratch? Use Commerce Kickstart to configure your install package (including Drupal Point of Sale).

Install with Composer
Already using Commerce for Drupal 8? Install Drupal Point of Sale with Composer.

$ composer require drupal/commerce_pos

Let Acro Media help
Acro Media is North America’s #1 Drupal Commerce provider. We build enterprise commerce using open source solutions. Unsure if Drupal Commerce and Drupal Point of Sale meet your business requirements? A teammate here at Acro Media would be happy to walk you through a replatforming evaluation exercise and provide you with the Point of Sale workbook to help you make your decision.

Contact Acro Media Today!

More from Acro Media
Jun 13 2018
Jun 13

Our sales team often refers to our Hierarchy of Qualification when evaluating projects. This pyramid, inspired by Maslow’s hierarchy of needs, gives us the tools not just to evaluate the business needs of a project, but the human needs that are “encoded” in the project and team.

I’ve been thinking about how this applies to software development, particularly in the enterprise space. Enterprise implies that the software is maintained by large teams over long periods of time. Most developers have encountered internal enterprise software that leaves us shaking our heads, asking “how was this ever released?” Alternatively, we’ve used an internal tool that is quite good, but where the business has trouble repeating that success with new projects.

If we can describe the path towards self-actualizing software quality, we can elevate our teams from solving a series of one-off problems towards building value for our businesses and ourselves. It’s important to acknowledge that these steps are additive, meaning a team may benefit by mastering the lower rungs of the pyramid before moving on to the next.

Hierarchy of Software Quality Illustration

Describing software and how humans will use it

This is the base of the pyramid and undergirds everything else. Before writing a line of code, a team needs to have a good handle on who the audience is and how the software will affect them, along with the overall goals of the new project. Often, enterprise teams are given work to do by their customers or their management with the explanation: “a big internal department has told us this is a blocker, so don’t ask why and get to coding, so we aren’t late.”

This leaves project managers and developers in the dark, and unable to make reasonable guesses when requirements and technology conflict. Knowing the audience lets teams prioritize their work when time is short. Is the audience a group of editorial users? What’s their day-to-day workflow like? In that case, time may be best spent on testing and iterating the user interface, at the expense of implementing every last feature request. Is the audience another group of developers? Then perhaps the project doesn’t require a user interface initially, so developers can focus on great APIs and documentation. Not knowing the audience may lead to otherwise avoidable mistakes.

Like audience, project or product goals are another important piece of the puzzle. When goals are fuzzy, it is hard to know when a software project is done, or at least at a “1.0” release. Teams tend to leave projects at a nebulous “0.x” version, making future developers uncertain about the quality or robustness of a system. For example, perhaps a client asks to implement Apple News and Facebook Instant Articles on their website. It’s a reasonable request. Nevertheless, prematurely ending requirements gathering at “implement the feature” deprives your team of critical information.

There’s a business reason behind the request. Is the analytics team seeing declining traffic on their website, and worried the website audience is defecting to social networks? It may be good to suggest working on Facebook integration first, assuming you have some analytics data from existing Facebook posts to back it up. Or, perhaps the sales team is hearing from advertisers that they want to purchase ads against your content inside of the Apple News app. In that case, finding out some rough estimates for the additional ad revenue the sales team expects can help with qualifying estimates for the integration effort. If the estimated development budget eclipses the expected revenues, the team can investigate different implementation methods to bring costs down, or even rework the implementation as a one-off proof of concept.

Using audiences and goals to guide your development team makes it possible to discover opportunities beyond the immediate code, elevating the team from an “IT expense” to a “technical partner.”

Technical architecture and documentation

Writing the right software for today is one thing. Writing maintainable software that future developers can easily iterate on is another. Spaghetti architecture can leave you with software that works for now but is very expensive to maintain. For Drupal sites, that means avoiding god-objects (and services), writing true object-oriented code (and not procedural code that happens to live in classes), and avoiding side effects such as global and public variables. It’s important to document (preferably in code) not just what you built but why you built it, and how the architecture works to solve the original business problems. Think of it as writing a letter to your future self, or to whatever team inherits your code.

Determining the effort to put into this work is tricky, and time pressures can lead to quickly written, but poorly architected software. It’s useful to think about the expected life of the application. Look at similar applications in the company and ask about their initial and current development. For example, in our CMS projects, we often find we are replacing systems that are over a decade old. The code has gone through many teams of developers but is in a decrepit state as the architecture doesn’t follow common design patterns and the documentation is non-existent. No one wants to touch the existing application or infrastructure because experience has shown that may lead to a multi-day outage.

In cases like this, we know that following good design patterns and effectively documenting code will pay dividends later. A marketing site for an event in 3 months? You can probably take a lot of shortcuts without risk. Treat the project for what it is—a startup within an enterprise.

A culture of iterative feedback

Defining the software to write and following good architecture in its execution is important but we can do more. Now that our efforts are well documented, its time to create a proper harness for testing. Without one, it’s impossible to know if your team is meeting your quality goals. It’s easy for teams to fall into a fragile, untrustworthy process for testing. For sites, that typically means not defining and following deployment best practices or creating a QA bottleneck through infrastructure.

The typical git model of development implies not just a few branches that are merge destinations (like master and develop) but many feature branches, too. It’s not uncommon for developers to create multiple branches breaking a single ticket into smaller code components that can be independently reviewed and tested.

For developers, “waiting for a QA build” is one of the biggest motivation killers they face. For QA, trying to coordinate testing of various features onto a single QA server is complex and leaves them questioning the validity of their test plans.

Just as “smaller, chunkier” pull requests are a best practice for developers, a similar guideline helps QA analysts feel confident when certifying a feature or release.

Tugboat is one tool that lets teams implement automatic, lightweight, and disposable testing environments. When a developer opens a pull request, a complete working copy of the website is built and available for anyone with access to poke at. It’s easy to rebuild new testing environments because the setup is automated and repeatable—not manual. A process like this extends the effective QA team by including both developers (who can reproduce and take ownership of bugs “live” with QA, before code is merged), and the actual patrons of the build—project managers and business stakeholders—who will eventually need to sign off on the product.

These tools also change the culture of communication between stakeholders and implementation teams. Even with two-week sprints, there still can be an information gap stakeholders face between sprint planning and the sprint demo. Instead, getting their feedback is as frictionless as sending a link. There are fewer surprises at demos because stakeholders have already seen the constituent parts of the work that compose the whole demo.

Automated tests and quality metrics

Frictionless QA is great, but it’s still a manual process. It’s incredibly frustrating for an entire team to be going through manual QA for regression testing. Sometimes, regression tests uncover the sort of bugs that mean “rewrite the feature from scratch,” leading to failed sprints and missed demos. That’s especially likely when regression testing occurs at the end of a sprint, leaving precious little time for rework and another round of QA.

In contrast, developers love when automated tests alert them to issues. Not only does it save developers and QA time (they can work on a new ticket while waiting for a test suite to run), but it reduces the cognitive load of developing a new feature in a complex application. Instead of developers having to become the application experts, and maintain that knowledge in perpetuity, the automated tests themselves become the legal description of how the code should work.

Comprehensive test coverage, regardless of the actual tool used (like PHPUnit or Behat), also helps ensure that software quality remains constant as underlying dependencies are upgraded. For a Drupal site, teams should expect at least two significant upgrades of Drupal per year, along with an update to PHP itself. Automated testing means the initial work is as simple as “upgrade Drupal, run tests, and see what breaks,” instead of throwing a bunch of time and money at manual testing. It also means that testing of security patches is much faster, saving time between vulnerability disclosure and deployment.

Of course, there’s a cost to automated testing. Tests are still code that need to be maintained. Tests can be buggy themselves (like that time I accidentally tested for the current year in a string, which broke when 2018 rolled around). Someone has to pay for a continuous integration service or maintain custom infrastructure. Reducing these costs is a particular interest of ours, leading to templates like Drupal 8 CI and the Drupal Testing Container.

Again, knowing the expected life of the software you write helps to inform how deep into testing to go. I don’t think I’ve ever written automated tests for a microsite but for a multi-step payment form expected to endure for 5 years, they were critical.

Technical architecture, for all of its focus on “clean code,” can rapidly devolve into unresolvable conflicts within a team. After all, everyone has their idea of what “good design” looks like. While automated tools can’t tell you (yet) if you’re using the right design pattern to solve a given problem, they can tell you if your app is getting better or worse over time.

Start with enforcing basic code standards within your team. Code standards help team members to read code written by others, which is “step 0” in evaluating if a given codebase meets quality goals or not.

For example:

As a technical      architect, you       want reading the          code to feel as natural as             reading written text — so you            can focus on the meaning, and not       the individual words.

Think about how much harder it is to focus on the idea I’m trying to communicate. Even though you can understand it, you have to slow down and focus. Writing code without code standards sacrifices future comprehension at the altar of expediency. I’ve seen teams miss critical application bugs even though they were hiding in plain sight due to poor code formatting.

Luckily, while different projects may have different standards, they tend to be internally consistent. I compare it to reading different books with different fonts and layouts. You may have to context switch between them, but you would rarely have the paragraphs of the books interspersed with each other.

While code standards tend to either be “right” or “wrong,” code quality metrics are much more of an art than a science—at least, as far as interpreting and applying them to a project goes. I like to use PhpMetrics as it has a very nice user interface (and works perfectly within continuous integration tools). These reports inherently involve some subjective measure of what a failure is. Is the cyclomatic complexity of a method a fail at 15, or 50, or not at all? Sometimes, with difficult codebases, the goals come down to “not making things any worse.” Whatever your team decides, using these tools daily will help ensure that your team delivers the best product it can.

Continuous delivery

As a team addresses each new layer of the hierarchy, the lower layers become habits that don’t require day-to-day focus. The team can start to focus on solving business problems quickly, becoming an IT partner instead of an IT expense. Each person can fully participate in the business instead of the narrow field in front of them.

With all of these prerequisites in place, you will start to see a shift in how your team approaches application development. Instead of a conservative and fragile approach to development, your team will start to design and develop applications without fear. Many teams find themselves rotating between the bottom two levels of the pyramid. With careful planning and hard work, teams can work towards the upper tiers. The whole software delivery process—from ideas to releases to hotfixes to security releases—becomes a habit rather than a scramble every time.

Hero Image Photo by Ricardo Gomez Angel on Unsplash

Jun 13 2018
Jun 13

In the Twin Cities of Minneapolis and St.Paul, we are proud of our Drupal camp and this past weekend we hosted the ninth annual.  This established and well-attended event attracts the majority of local Drupalistas, some out-of-towners, and the odd Drupal luminary or two.

For many, it is the most anticipated Drupal event of the year, and like any Drupal camp it is a joint effort of dedicated individuals coming together to deliver something useful for the wider community.  If you have ever helped organize such an event you’ll know that it takes a great deal of time, coordination and old-fashioned hard graft to make it happen.  Kudos to everyone who organized, volunteered, attended, sponsored, shared knowledge, BOFed, socialized, networked or participated in any way. Thank you all!

There are many components of a successful camp, but having good sessions is essential.  Nearly 40 sessions were offered this year with true diversity of topics and delivery styles; ranging from introductory talks to more technical, and from entertaining and fun to inspiring and thought-provoking.  At Electric Citizen we were very pleased to have four sessions approved, and these were recorded for anyone to watch.  See below.

Jun 13 2018
Jun 13

Did you know you have a say in who is on the Drupal Association Board? Each year, the Drupal community votes in a member who serves two years on the board. It’s your chance to decide which community voice you want to represent you in discussions that set the strategic direction for the Drupal Association. Go here for more details.

Voting takes place from July 2 until July 13. Anyone who has a Drupal.org profile page and has logged in to their account in the last year is eligible to vote. This year, there are candidates from around the world. Now it’s time for you to meet them.

Meet The Candidates

We just concluded the phase where nine candidates nominated themselves from six different continents for the board seat. From now through July 2, we encourage you to check out each person’s candidate profile, where they explain which board discussion topics they are most passionate about and what perspectives they will bring to the board.

This year, we asked candidates to include a short video - a statement of candidacy - that summarizes why you should vote for them. Be sure to check them out. Videos are found in the candidate’s profile as well as here:

What To Consider

When reviewing the candidates, it is helpful to know what the board is focusing on over the next year or two, so you can decide who can best represent you.

Here are the key topics the board will focus on.

  • Strengthening Drupal Association’s sustainability. The board discusses how the Association can improve its financial health while expanding its mission work.

  • Understanding what the Project needs to move forward and determine how the Association can help meet those needs through Drupal.org and DrupalCon.

  • Growing Drupal adoption through our own channels and partner channels.

  • Developing the strategic direction for DrupalCon and Drupal.org.

There are certain duties that a candidate must be able to perform as a board member. The three legal obligations are duty of care, duty of loyalty, and duty of obedience. In addition to these legal obligations, there is a lot of practical work that the board undertakes. These generally fall under the fiduciary responsibilities and include:

  • overseeing Financial Performance

  • setting Strategy

  • setting and Reviewing Legal Policies

  • fundraising

  • managing the Executive Director

Hopefully providing this context gives you a helpful way to assess the candidates as you decide how to vote From July 2 until July 13.

We encourage you to ask the candidates questions. Use comments to leave a question on their candidate profile page.

Jun 13 2018
Ana
Jun 13

You have already seen what Drupal blogs were trending in the previous month, and now it is time to look at all our blog post we wrote. Here are the blog topics we covered in May.

The first blog post was How to Integrate Google Analytics with Drupal 8. It’s really important to keep track of the statistics of your websites. One tool that stands out and probably beats all others in terms of popularity when it comes to website analytics is Google Analytics. In this blog posts, we looked at how you can integrate Google Analytics with Drupal, specifically with Drupal 8. 

The second was a Drupal SEO Tips. Drupal’s excellent built-in SEO functionality. While Drupal itself plays pretty well with search engines, there are a host of measures you can take to ensure you stay on top of the SEO game even more. After all, the internet is a competitive market, making a site’s SEO all the more competitive. In this post, I’ll explore some of the most common SEO measures you can take to bolster your Drupal site’s SEO efforts.

reading

We continued with blog post A Short Introduction to Headless Drupal. A title of this blog posts tells it all - we explain what headless means, what is the difference between headless and “normal” Drupal and why it’s so great. 

The fourth blog post was a Drupal for Mobile Solutions. There is no doubt that mobile internet usage is getting more and more popular, in fact, the number of mobile internet users overtook desktop users. In order to avoid losing customers, it’s necessary that web and business owners carter to mobile internet users. In this post, we took a deeper look at how Drupal is great for mobile solutions and why you should use Drupal for your mobile needs. 

Those were our blog post from May. Looking forward to continuing having you as readers!
 

Jun 13 2018
Jun 13
The deadline is today. A remote development team have worked for several weeks on your software. You obtain the long-awaited access to the system. You check it and you are not satisfied with the achieved results. All that was needed to avoid this problem is a team with experience in technology and working using SCRUM. What is SCRUM Wikipedia defines SCRUM as an agile framework for managing work. It is an approach used in many companies to develop software. Full definition can be found here https://en.wikipedia.org/wiki/Scrum SCRUM solves most of the problems arising during software development This is my opinion and many people agree with it. I have been developing commercial projects since 2008. I started as a programmer. Currently, I am supervising high-level projects.
Jun 12 2018
Jun 12

Here at Freelock, we are all in for web development. Truly, what could be more important for our clients in today's climate than a properly functioning and safe website? We are pleased to share that our expertise has paid off as we have been identified again an industry leader by Clutch. 

 

Clutch, a Washington, D.C. based ratings and reviews firm, has released their top 2018 picks of companies along a number of locations and segments. They selected these leaders through both the analysis of their client reviews, primarily obtained through interview-style phone calls, as well as their own ranking system and market research. We could not be happier to have been featured as a top Seattle web, PHP and e-commerce development shop and the number one Drupal developer in the area, as well as #2 web developer in Seattle! 

Thumbnail

 

The good news from Clutch does not stop there, Freelock has also been profiled on Clutch’s sister site, The Manifest, as one of the top web developers in Seattle! This profile includes an overview of our clients as well as a description of our recent projects.

 

One of our favorite components of a Clutch profile is the ability to see our clients feedback. Our clients have spoken to our success on the front of both customer service as well as overall quality! Check out a few highlights from what they had to say:

 

Thumbnail

“They're an excellent company. They communicate well, they're on top of things, and I've been extremely pleased with their service. Freelock is one of the best external vendors we've ever worked with.”

 

“Their project manager is stellar. He keeps you informed; he’s always on it. I never have to remind them. They usually have to remind me when we need something. I can’t really come up with a complaint.”

 

“I have never been left hanging by Freelock in all the years I’ve worked with them.”

 

“They never built walls and told us we couldn’t have something. They found new ways to do it.”

 

With feedback as good as this, it's no surprise that we have also received a perfect 5-star rating along the metric of willingness to refer! We are very pleased with our inclusion in Clutch’s press release, as well as overall success on Clutch and The Manifest! Make sure to contact us if you are ready to start your next web development project!

Jun 12 2018
Jun 12
  • By : Ganesh
  • Date :12-06-2018

The power of the Web is in its universality. Access by everyone regardless of disability is an essential aspect. - Tim Berners Lee, Inventor of World Wide Web.

The internet as we know it today, is 10680 days old! Orginally conceived to meet the demand for automatic information sharing between scientists in universities and institutes around the world, the internet today is an integral part of more that 3 Billion people in the world. For various reasons ranging from social networking to collecting information for projects, internet today is arguably the most powerful resource known to mankind.

Over the years, the boom in chatbot and machine learning applications has led to businesses crafting their online presence in the form of websites and using artificial intelligence for a better customer experience. This is not surprising, given the fact that in recent years, chat or messaging has taken over social media to be the "go-to" option for users who want to contact a business.

But have you ever stopped to think, can everyone access the web?

It is 2018 and I wonder, why is web accessibility still less, well, accessible?? As a business, the competitive market pushes you to reach as many people as you can to promote your brand. More the barriers, lower the chances of reaching potential customers. This basically is the concept behind web accessibility: to eliminate the barriers that the audience face!

What is Web Accessibility?

Generally people refer web accessibility with screen readers or visual disabilities. However, the range of topics that it covers is vast and includes more than just the disabilities. For example, having an appropriate screen contrast for a person to see the screen on a sunny day is a use case for someone with a normal vision rather than for someone with a disability.

The World Wide Web Consortium has introduced some guidelines to chieve certain levels of accessibility to ensure that a website is as useful as possible. Published in 1999 as version 1.0 and later in 2008 as version 2.0, the WCAG 2.0 is generally accepted as the standard to measure when talking about web accessibility and the information you present to a user.

How is Web Accessibility Important??

With the internet's growing importance in people's life, if what you want to convey (your content basically) is not easily accessible to everyone, you’re turning away your audience before they ever get to the door. For example, something as simple as a broken hand or a temporary blindness can make it difficult to navigate the web.

While the fact that web accessibility is not only for those with disabilities is quite resonant, businesses need to know that the flexible and responsive design of a fully accessible website is a benefit to everyone.

What does Drupal do?

Drupal CMS, a web based SaaS provides the ability to organize a manage an organization's web content in a systematic manner. The guidelines of the World Wide Web Consortium is divided into two - ATAG 2.0 that addresses the authoring tools and the WCAG 2.0 which addresses the web content and is widely used by developers and accessibility evaluation tools. Drupal CMS, as a platform, has been built to adhere to both the guidelines. While the accessibility initiative started with Drupal 7, the content management system's latest version addresses some of the best accessibility features.

Drupal 8 Accessibility Features?

The most advanced version of Drupal CMS allows your website to be far more likely to be accessible, to assistive technologies and the users who depend on them, than ever before.

Better Contrast

Poor contrast level is often cited as the most commonly overlooked feature by the developers. However, in Drupal 8, the core themes have higher contrasts, thanks to the Drupal's accessibility maintainers. With improved contrasts, users suffering from colour-blindness can easily websites. Also, this feature is an added advantage when visiting a website under bright sunlight in a portable device like a mobile phone or a tab.

Forms

Errors while filling forms is one of the most common factors that affect the user interface. With the new standards, identifying these errors becomes much easier. By using a better form validation error verbiage, Drupal 8 provides an option to turn on this feature that improves accessibility related to the display of form errors. For example, a visually impaired person can now easily identify what errors he might have made when filling in a web form.

Alt text usuallt refers to the words that are used to describe a particular image. Though not visible or rendered on the page, these alt texts are used by tools like screen readers and is a great asset to web accessibility. This feature which is set to required by default in Drupal 8 helps visually impaired audience to know what the image is all about with the help of the text.

Buttons instead of links

A common practice among many website owners is to use anchor texts as "call to action" instead of buttons. From a semantic standpoint, it is more logical to use a button rather than anchor texts as these user interface elements are action oriented. Thus, Drupal 8 has called for this measure to use buttons rather than links. This new standard set by Drupal 8 can be handled without becoming heavily dependent on WAI-ARIA that can be useful in identifying the purpose of some elements.

The Future of Web Accessibility in Drupal

Over the years, Drupal has taken some great steps forward to achieve web accessibility through several of its major releases, and is one of the leading implementation of the web accessibility standards. With web accessibility being one of the major factors contributing to the user interface and the ability of a business to reach maximum audience, several strategic initiatives for Drupal core is sure to shape the future of how people interact with a website. Some of the noteworthy ones include:

  • Application-like interfaces and various UI interactions that are presented without full-page refreshes: sliding panels, autofocus, live result filters, drag-and-drop, pop-up success messages, live previews,wizard-like progress steps, and role impersonation.
  • Automated accessibility testing using headless browser drivers.
  • Supporting more interaction modes, such as MS Windows' high-contrast mode, and speech-driven control.
  • End-user testing for accessibility
  • The theme component library initiative which involves much refactoring of how Drupal produces output.

With its latest version, Drupal CMS now adopts more WAI-ARIA practices which makes content architecture easier to understand. Drupal 8 is now much closer to the ideal, which is to render the web accessible to all. Drupal developers and core maintainers have done a great job to accomplish enhancements regarding accessibility with some of the best features that will play a major role in being beneficial for better usability. However, whatever features Drupal CMS brings out, it is always upto organizations to decide, plan and build websites or web applications by keeping web accessibility in mind.

Jun 12 2018
Jun 12

Join us on Wednesday, at Gridonic, for the upcoming Zurich Drupal user group meetup.

The gathering is dedicated to all those interested in Drupal. Everyone, from beginners to experts, are more than welcome.

Hope to see you there!

Date and time: Wednesday, June 13, 2018, from 6:30 PM to 9:00 PM

Venue: Gridonic - Ernastrasse 22, Zürich

Jun 12 2018
Jun 12

The world’s top news and media networks operate different sites to targeting a wide audience. They know that the only thing better than playing to a niche market is playing to all the niche markets --by running multiple websites tailor-made to fit the preferences of their different market segments, they play to win.

This kind of business model takes effort. Their content has to be distributed in multiple languages and reworked to fit different cultures. Naturally, it takes the right CMS to be able to pull this off while still managing to be user-friendly (after all, new content pops up every hour of a given day).

This article will cover the reasons why leading news and media outlets opt for Drupal 8, choosing the framework for all other alternatives in the market. Read on to find out why Drupal is trusted by 73% of the top news and media networks (including Al Jazeera, the Walt Disney Company, Time Inc., The Economist, Twenty-First Century, CBS, and Viacom) are using it.

 

Drupal 8 is Optimized for a 24 Hour News Cycle

Drupal 8 News Publishing Platform

The news cycle is both the greatest and worst thing to ever happen to news media. On one hand, it guarantees a steady stream of content, and therefore opportunities to earn from subscriptions and ad space. On the other hand, news media practitioners are almost always on the clock.

The freshness of a news item is time-sensitive and highly dependent on presentation (nobody wants to read a poorly-presented article, for instance). This is why a CMS like Drupal 8, which offers core features straight out of the box, is preferred among newsmen. For example, Drupal offers a rich media editor for the content creation stage of editorial work.

Drupal’s functionality also extends beyond the newsroom, with offerings such as monetization tools, social media integration, and near-universal 3rd party integration.

 

Drupal 8 is Easy to Personalize and Localize

Drupal 8 Localization and Personalization

Personalization is the key to engaging with an audience. Users want to see content that appeals to their interests and challenges them to discover new information. Naturally, timing is also a major factor; a news site that is aware of their readers’ most active times can take full advantage of things like push notifications, and special offers to exclusive content.

Beyond this, news agencies need to be able to push content that appeals to a person’s sense of locality --people are naturally drawn to things that might have an impact on their lives directly. While there’s no contesting the average person’s curiosity about distant happenings, top news and media networks know how to tap into the power of the parochial mindset.

Drupal enables personalization through a suite of powerful tools designed by its large community of developers. The platform makes it easy to connect readers to the kinds of content that align with their interests. Likewise, localizing content is a necessity made accessible through the platform --nurturing a loyal following is easier with Drupal 8, which allows your content to be relevant to events that take place in their immediate surroundings.

 

Drupal 8 Allows for Convenient Multi-Site Management

Drupal 8 Multi-Site Management

Running multiple websites is easy with Drupal. The platform allows businesses to run multiple websites grounded in the same code base. In plain English, you don’t need to build websites from scratch every time you want to expand your base of captive niches, and you can apply the same brand of aesthetic and experiential quality to your different digital holdings.

Drupal offers a multi-site management solution, complete with tutorials, that makes the job of expanding a news empire about as accessible designing a blog. Put this together with Drupal’s offer of news and media distribution solutions straight from the box, and sprawling online presences for news agencies can grow virtually overnight.

Drupal 8 is Secure

Security is a natural concern for any organization, and news companies are no exception. Nobody wants to lose credibility in the face of a cyber attack, or worse, have their subscribers’ data leaked.
One of the pivotal reasons why the media prefers Drupal is the long tradition of security that surrounds the platform. Between the swarms of developers working to close every loophole and patch over every possible entry point and the dedicated team of security specialists attached to Drupal, the framework does an excellent job of guaranteeing its users’ security.

 

Case Study: Uber Publisher & Al Jazeera

Drupal 8 Case Study: Uber Publisher and Al Jazeera

We mentioned Al Jazeera among the list of news agencies that rely on Drupal for their CMS needs. They were generous enough to agree to serve as an extensive case study on the official Drupal website, and some of the major takeaways do a good job of proving how the platform is a good fit for the industry.

The case study banks on the news agency’s growth after their tie-in with Drupal. It also describes how the agency met their myriad goals, including the unification of AJMN’s digital assets and workflows into a single interface. All told, the decision to opt for Drupal was a success for Al Jazeera.

Now, what the case study didn’t cover was Al Jazeera’s decision to opt for one Drupal-based solution in particular: Uber Publisher, a sub-profile of Varbase. Uber Publisher is a Drupal distribution that contains over a thousand out-of-the-box features and is continuously funded, supported, and improved by Vardot --and likely a contributing factor to Al Jazeera’s digital success. Its features for media marketing, automated tagging, easy authoring, and SEO make it a potent tool in the hands of a business of any size.

 

Conclusion

Drupal 8 is an optimal solution for news and media networks, regardless of their size. It’s affordable, convenient, and easy to both implement and maintain over the lifespan of a media agency. A good network would do well to tap into the functionality that Drupal has to offer, and a great one would scan the market for tools such like Vardot’s Uber Publisher; with any luck, they’ll meet the same digital success as Al Jazeera and its cohort (or exceed it).

Jun 11 2018
Jun 11

Read our Roadmap to understand how this work falls into priorities set by the Drupal Association with direction and collaboration from the Board and community.

AnnouncementsDrupal Association logo

Change your git remote configuration

We will be deprecating the git remote format @git.drupal.org/project/;.git in favor of [email protected]/project/<yourproject>.git in preparation for changes to our developer tooling stack. If you used the <username>@ format for your git remotes, you should change your remote to the [email protected] format. You can use $ git remote set-url to make this change for existing repositories you have cloned.

We have updated the version control instructions on Drupal.org to reflect this change, and will be updating the git daemon to warn developers who are using the deprecated remote format.

Proposal: Improving Core's Relationship with Composer

In May, Mixologic from the Drupal Association engineering team worked with community members Mile23, Bojanz, Webflo, and others in the community to develop a proposal for improving Drupal Core's relationship with Composer.

In its simplest form, the proposal is to: Conceptually separate Drupal, the product, from Drupal's git repository, and provide a mechanism that creates a composer ready Drupal installation.

Going into early June, we've been circulating this proposal to the Core Committers, the Auto-Updates Initiative team, Contrib maintainers, Distribution maintainers etc.

Credit for non-code projects on Drupal.org

We're excited to announce that we've created a 'Community Projects' section in the Drupal.org issue queues. This section exists to record all the tremendous community labor exercised to promote the Drupal project in ways other than code. This format was pioneered by the Drupal Diversity and Inclusion group, who started recording their meeting minutes in the issue queues so they could provide contribution credit for attendees. This same model can be used by initiative coordinators, camp organizers, or any other Drupal community group that would like a place to recognize their work with the official contribution credit system.

The Contribution Credit system is one of the Drupal projects most successful innovations in the way that open source projects are managed, and it will continue to evolve and grow as time goes on.

Updates for GDPR

AEU GDPRre the words "We've updated our privacy policy" burned into your laptop screen yet? Well in May we did the same.  In particular, we've updated our Terms of Service, Privacy Policy, Digital Advertising Policy, and Git Contributor Agreement to clarify our compliance with the EU's GDPR. We also initiated a re-consent campaign for our marketing lists. If you have not re-consented to communications we strongly encourage you to do so

Launched the Customer Supporter program

Have you built great relationships with your Drupal customers? Help them contribute back to the project by becoming part of our Customer Supporter program.

Drupal.org Updates

Self-nominations for the Drupal Association board are live

Each year one of the two community-held seats on the Drupal Association board comes up for election. We opened the self-nomination process for this year, and some passionate and dedicated members of the community have already stepped forward with their candidacy.

To learn more, you can view our portal for the 2018 Elections Process. Key dates to remember:

  • Self nominations: 1-11 June, 2018
  • Meet the candidates: 12-29 June 2018
  • Voting: 2-13 July, 2018
  • Votes ratified, Winner announced: 25 July, 2018

Better landing pages for Drupal's strategic initiatives

Did you know there are 12 active Drupal strategic initiatives right now?

To help the initiative coordinators promote this work, and recruit more open source contributors to the cause, we've given initiative coordinators new landing page tools. Check out the first initiative to use this landing page: the Admin UI and Javascript Modernization Initiative.

These tools are the first step in improving the project management tools available to initiative coordinators to help move the Drupal project forward.

Historical user and organization contribution data is now available.

Drupal.org user profiles show the last year's worth of contributions by users. We chose the one year window deliberately, to promote the importance of a user's more recent activity. However, seeing a user's complete contribution history can be valuable as well. We've recently added a link to the bottom of this view to display that history.

Similarly, organization profiles have shown the last 90 days of contributions by organization. Again, we chose this very deliberately to emphasize the  importance of recent and ongoing contribution. However, as with user accounts, these profiles now also include a link to the organization's complete contribution history. You can see an example of where to find this link below:

Organizations - View all credit history

Expanded spam protections

After the sunsetting of Mollom in March of this year, we've been implementing a new set of tools to mitigate spam on Drupal.org. We expanded these protections in May, using a combination of bot detection, content analysis, rate limiting, and more to try and reduce the impact of spam attacks on Drupal.org. The less time the community spends wading through spam, the greater the velocity of the Drupal project.

And a Thank You

We'd also like to give a special shout out to contributor Wim Leers, for his incredibly kind 'Ode to the Drupal Association' about our work on the testing infrastructure. The nature of software engineering has a tendency to draw our attention to things that are broken, buggy, or unoptimized, and so when things are working well that success can sometimes feel invisible.

Fortunately, the Drupal community puts people first, and celebrates our collective success, and Wim's words are a tremendous example of that ethos.

Thank you, Wim - and thank you to everyone who takes the time to recognize the hard work and dedication of your fellow contributors.

———

As always, we’d like to say thanks to all the volunteers who work with us, and to the Drupal Association Supporters, who make it possible for us to work on these projects. In particular we want to thank:

If you would like to support our work as an individual or an organization, consider becoming a member of the Drupal Association.

Follow us on Twitter for regular updates: @drupal_org, @drupal_infra

Jun 11 2018
Jun 11

These are some of the ingredients that can make open source sustainable

The title of this blog post, "Project Management + Estimation + Mentorship = Sustainability" does not represent an exact formula for solving the challenges of open source sustainability. It establishes what I feel are the ingredients to a recipe that could significantly improve the sustainability of open source projects. To discover the right recipe for sustainability, it is key to define sustainability.

Defining open source sustainability

Open source sustainability is the ability of a community of people and organizations to collaboratively contribute to software that is freely available for anyone to use and alter.

The above description could sound like a standard cooperative or partnership agreement except that the General Public License (GPL), attached to most open source projects, makes the product of this arrangement entirely free for anyone to use and alter. This is the challenge of open source sustainability: the result of our labor, aka the product, is absolutely free. There is no doubt that people and organizations have found incredible value in open source software. But what is the value of the labor?

If no one owns something that is so important to us, how do we know that it will be cared for?

Personally, I am passionate about maintaining my project the Webform module for Drupal 8, because it is my baby. The reality is that our kids grow up and we need to make sure they are independent and healthy. We put in the time and effort because we consider it worthwhile and because we care. This parent/child analogy helps clarify the simple but key notion that everyone who contributes and is involved in open source cares about their project and community. People and organizations contribute a considerable amount of time to build and maintain their open source projects. It’s time and energy that could equate to money.

Time = Value = Money

Let's accept the reality that when a developer contributes to open source, they are typically taking time away for their paying jobs (and family) to write code, respond to issues, and even mentor contributors. Open source has added a massive amount of value to our work and society. Open source software is everywhere. It is on our devices and is used and relied upon by every tech giant.

Open source software requires time that results in high quality and valuable software, which has monetary value.

Money != Sustainability
(Money does NOT equal Sustainability)

When I was first starting thinking about how I could make my massive contribution to Drupal sustainable, I mistakenly thought money would automatically solve my problem. Money helps, but when money enters an open source collaboration things get more challenging to manage. One of the big takeaways from the Request for Commit podcast is that even when an open source project has funds, it’s complicated to determine how to distribute this money.

To properly propose, collect, track, distribute, and manage the funding of open source projects there needs to be a process.

Process = Sustainability

We are a community of people contributing to a vast collaboration, and this collaboration is defined and driven by our process. The fact that Wikipedia’s definition of 'Software maintainer' originates from Open Source software says so much about our process.

In free and Open Source software, a software maintainer or package maintainer is usually one or more people who build source code into a binary package for distribution, commit patches, or organize code in a source repository.

-- https://en.wikipedia.org/wiki/Software_maintainer

The role of software maintainer does not exist unless people contribute patches to be committed to the project. Software maintainers are mentoring contributors when they are reviewing patches. We are all mentoring each other when we review someone else's patch.

Everyone needs a mentor, and everyone is a mentor in open source.

Mentorship is what grows open source

Mentorship is a relationship in which a more experienced or more knowledgeable person helps to guide a less experienced or less knowledgeable person.

-- https://en.wikipedia.org/wiki/Mentorship

Mentorship helps to encourage high-quality contributions while also growing the community around open source software. It is essential that we embrace this very basic aspect of opening source development. Mentorship and code review is something that everyone understands and values.

Code review ensures quality and security. Organizations generally trust open source software because they know that multiple people review patches and pull requests before they are committed, and everyone is continually reviewing the code after it has been committed.

Open source communities need to leverage the fact that all code is peer-reviewed before and after it is committed to a project, especially when approaching organizations to fund and contribute to open source projects.

Getting organizations involved in funding and contributing to open source is crucial to improving sustainability.

Organizations need to be involved and committed to open source sustainability

Initially, I thought that leveraging the importance of mentorship and peer code review would inspire everyone to help fund and sustain open source. My mistake in this approach is that it is only applicable to people and organizations who understand and are involved in open source - they already care about and value mentorship and code review. The real challenge for improving open source sustainability is getting people who are not involved, yet rely on open source, to start contributing and funding the open source projects on which they depend

The more we can inspire people and organizations to become involved in open source the more sustainable we will make our projects and community.

How do we get people and organizations more involved in open source?

I found that the only way to begin answering this question is to step into the shoes of people and organizations who are not part of open source. One of my most immediate conclusions was…

People and organizations need tangible results to justify contributing to open source.

It is entirely fair for anyone being asked to contribute to open source to question what do they get in return. Sorry, but "free software" is too vague of an answer and there are some fantastic articles and blog posts that do provide great arguments as to why people should contribute to open source. Generally, we tout the benefits of contributing to open source and every project, including Drupal, offers ways to get involved. Open source development is a different process than what anyone is accustomed to in their regular day-to-day education or employment. Open source projects tend to not have tightly structured organization charts, hard deadlines, salaries or holiday bonuses. There are certain aspects of how businesses work that undeniably make sense and help everyone get their jobs done in a productive and happy work environment.

People and organizations need a tangible process to contribute to open source.

Yes, open source is a different process which changes from project to project. Two things I found that were typically under-recognized in most open source projects is the importance of project management and estimation.

We are underestimating the value of estimation

Estimation helps set reasonable expectations

Estimation (or estimating) is the process of finding an estimate, or approximation, which is a value that is usable for some purpose even if input data may be incomplete, uncertain, or unstable.

-- https://en.wikipedia.org/wiki/Estimation

My last blog addressed, "Are we afraid to estimate our work in Drupal and Open Source?" and I hope the biggest take away is that estimation helps set reasonable expectations that make it easier for people and organizations to get involved in open source. Improving estimation within our open source projects would remove the "incomplete, uncertain, or unstable" aspects from our work. Estimation, even incorrect estimation (there will undoubtedly be trial-and-error periods), allows everyone to better understand the amount of work that needs to be done and the money required to accomplish it.

Discovering and improving how we collaborative estimate within open source would make everyone's experience more enjoyable and productive. I want to emphasize that anyone who gets involved in open source should have an enjoyable and productive experience

Excellent and thoughtful project management is what ensures that everyone is productive and happy.

Project management helps people be more productive and happy

Project management is the practice of initiating, planning, executing, controlling, and closing the work of a team to achieve specific goals and meet specific success criteria at the specified time.

-- https://en.wikipedia.org/wiki/Project_management

Open source software is created via a massive team effort from people spread out across the globe. We have created a process where people collaborate to develop high quality, valuable, and secure products. Along our journeys to develop open source software we have built amazing communities that consists of more than just developers, and include people from every role in the software industry. Generally, open source does attract more developers because they write the code.

I am one of those open source software developers. I value my experience within open source but I have also come to understand that open source software is more than writing code - it is about the process of contributing code to a community.

The open source process has some major problems. Personally, at the beginning of this year, I recognized the risk of burning out and recently wrote about offboarding contributors. My post concluded with the realization that improving how we manage our projects and how the role of project management is going to keep open source communities healthy and sustainable.

Besides keeping people within the open source community prosperous, better project management will make it easier for people and organizations outside of open source to become members of our community.

Estimation combined with project management makes it easier for people and organizations to contribute to open source

Let’s acknowledge that Drupal is being used to build enterprise applications for some very big organizations. Some of these organizations have the potential to bring their game-changing resources to our community. Fortune 500 companies can easily contribute a few hundred thousand dollars to Drupal and open source. And some do because they see it as an investment. Frankly, I think the only thing limiting more organizations from investing in Drupal is the fact that it is hard for them to understand precisely what they will be getting for their money. Estimation would help them in that regard.

I am willing to go a step further and say that…

Better project management will increase the level open source contribution from existing contributors.

1 Project Manager = 100 contributors

Open source projects are always looking for new contributors. Open source disproved the notion that adding more developers to a project does not increase productivity. Still, open source needs to pay attention to everyone’s experience when contributing to open source. Thoughtful and excellent project management can make the difference between a developer making one contribution vs. a developer making a sustained ongoing contribution to an open source project.

I have personally seen numerous times how a good project manager can mediate conflicts and negotiate resolutions with our community. Project managers make sure developers don’t burn out while making sure a stakeholder's needs are addressed.

Project managers can help ensure that people and organizations get tangible results when they contribute and support open source.

Showing the value of project management (and leadership) in open source

Gábor Hojtsy, the multilingual initiative lead for Drupal 8, learned and shared his incredible experience, scaling Open Source projects, how 1300+ improved Drupal 8’s multilingual features. His leadership shows how careful project management can get people involved and providing sustainable contributions to an open source project.

Addressing the challenges of mentorship, estimation, and project management

To improve sustainability within open source we need to address a few challenges.

First, we need to explore how to make sure people and organizations get the most out of their experience when contributing and funding open source. Encouraging mentorship fosters a healthy interaction between software maintainers and contributors. Estimation sets reasonable expectations for people and organizations working within open source.

Secondly, I strongly feel that improving and valuing project management is the unrecognized secret sauce to growing open source communities and ensuring that people and organizations have a positive and sustainable experience.

Finally, open source communities must respect that some organizations need to see tangible results when contributing and funding open source software.

Recipes require taste testers.

This recipe, 'Project Management + Estimation + Mentorship = Sustainability' is going to require some more thought, experimentation, and tweaking. This summer I am going to do a more in-depth exploration of the recipe and open source sustainability.

For now, I would love to get your first impressions and thoughts in the comments below.

If we consider all the projects we’ve successfully collaborated on thus far, it’s a no-brainer that we can come up with some pretty great solutions when it comes to estimation too.

By this Fall, I am hoping we can try out some new sustainability experiments

Jun 11 2018
Jun 11

There's definitely no way around it, not anymore: with Google's index now mobile-first, adopting a mobile-first approach when building a new Drupal site (or redesigning a legacy one) is… a must! It no longer depends on a specific project's needs or on the used technology. The need to develop a mobile-first content strategy has gone from particular to universal.

And facing the challenge of:
 

  1. (re)creating
  2. optimizing
  3. structuring
     

… content on your Drupal website means conforming to those specific patterns that mobile users have developed for reading content on their smartphones.

In short: developing a fully responsive Drupal site comes down to centering your mobile content strategy around the ideat that:

It's for the smallest screen sizes that you should plan your content for, first things first … then scale it up from there.

Now, let's see precisely what it takes to develop a mobile-first content strategy. What focus points and must-have components to include:
 

1. Take the Smallest Screen Size as the Starting Point

In other words: think mobile-first!

And by “mobile” I do mean “smartphones” — the smaller the screen size, the better. 

This way, you'll be adjusting your content so that it makes the most of the smallest interface. Starting “small” is the best way to stick to the “keep it simple” approach:

Thinking through every content-related decision in the light of the viewport size challenge will constrain you to keep the truly essential content elements only.

Hence, this “spartan” way of eliminating the unnecessary will reflect on your site's desktop design, as well: 

It will turn out cleaner and lighter.
 

2. Use Visual Content Wisely: Weigh Your Choices of Images 

The golden rule when it comes to the imagery that you'll use on your responsive website is:

If an image doesn't enhance and complement your content, then you're better off without it!

And I know what you must be thinking:

“But people remember what they see far more easily than what they read.”

True, you need to keep in mind that visuals do come at a cost, though:

Those stunning, visually-arresting images on your website risk to divert your users' attention from the message itself.

And still, probably the most heavy-weighing reason why you should use images wisely when you develop a mobile-first content strategy is: weigh.

Visuals risk to take up valuable screen space and thus:
 

  • outshine your calls to action themselves
  • impact your site's overall performance (leading to frustration)
     

Now that doesn't mean that you should strip your content off ALL the visuals! Absolutely not!

Just to be cautious and weigh your every choice, think through your every decision involving the usage of an image. 

Once you've selected the truly essential ones, keep in mind:
 

  1. not to no resize them (or optimize them in any other way) before uploading them to your CMS: let Drupal do the heavy-lifting here 
  2. to leverage the Responsive Image module's (Drupal 8) capabilities for resizing them to fit the given screen sizes
     

3. Content Before Design

This is the right sequence to follow when you're designing (or re-designing) your Drupal site with mobile users in mind:

First, you create and strategically organize your content and upload it to your Drupal 8 CMS. It's only then that you focus on styling and developing a responsive and visually-striking web design.

If it's legacy content that you're dealing with, trying to convert it to mobile, the very first step to take when you develop a mobile-first content strategy is:

Removing all the design elements from your written content.
 

4. Create a Hierarchy of Your Calls to Action

Making the most of a small interface means also setting your priorities in terms of calls to action:

Pair each one with a corresponding objective, evaluate them all wisely, then select THE call to action that's most critical for you and place it — and it alone — above the fold.
 

5. Organize and Optimize Your Content for Mobile Devices

I'll briefly list all the key requirements that mobile-friendly content should meet — aspects to pay attention to when writing content for mobile devices — for I'm sure they're nothing new to you:

  • the phrases should be kept short and concise, thus eliminating the burden of “never-ending-scrolling”
  • the content should be, sharp, targeted and skimmable, so users can easily “digest” it and modular, so that users can swiftly browse through it
  • “modular” meaning made either of multiple clear paragraphs — each one standing for one thought — or chunks of 3 paragraphs at most 
     

6. Optimize Media, too, When You Develop a Mobile-First Content Strategy

And there are a couple of essential steps that you mustn't overlook when it comes to mobile-optimizing your media:
 

  • always go for thumbnails instead of video players that your users would have to load and thus strain on your site's valuable resources
  • don't ever use autoplay on your audio and video content 
  • optimize your sound, image and video files both for large and small devices
     

7. Trim Down Your Navigation Menu

In other words: when you develop a mobile-first content strategy, consider simplifying your navigation to its truly essential links.

No user would gladly scan through a “beefy” navigation menu taking his device's entire screen:
 

  • flatten your navigation: stay away from the technique of piling up submenus, layers and navigation points
  • feel free to place the links that you'll remove on other places on your website (or even to turn them into calls to action)
     

8. Convert Your Legacy Content to Mobile-Friendly Content 

If it's a legacy Drupal website that you need to restructure and to adapt to your mobile users' specific patterns for browsing through and consuming content on their smartphones, then it's time you:
 

  • dug into your static HTML
  • … and cleaned it up
     

And by “cleaning it up” I do mean:
 

  • removing inline media
  • removing the fixed-width tables
  • eliminating floats with content 
  • breaking it down into skimmable chunks of content
     

… that can be easily structured into content fields.

The END! These are the 8 main aspects to focus on when you develop a mobile-first content strategy. 

Now time to test the “saying” that:

“Creativity strives under constraints.”

… and to make the most of those small interfaces.

Jun 11 2018
Jun 11

I volunteered to carry out the migration for the new ComputerMinds site as migration was one of the very few areas of Drupal that I hadn’t delved into thus far. With Drupal 8 becoming more and more popular, now was a great opportunity to learn the migration ropes. Luckily, Drupal 8’s migration has greatly improved since Drupal 7 so my life was made somewhat a little “easier”!

This article will be aimed at some of my finds and processes, rather than a “How to do a D8 migration”.

Since our new site was very different to our old one in terms of content, we had to be quite choosey in exactly what was needed. We decided that we only really needed the articles; pretty much everything else was a fresh start. We would be manually carrying over users; as that would be too little work to warrant writing a migration for.

In order for us to get our articles over from the old site, we would need to migrate the current taxonomy terms, URL aliases (this would come back to bite me hard!), files and last but not least, the article nodes themselves. Migrating just a node seemed simple enough, but you quickly forget that it is more than just a node. All the stuff attached to the node has to be carried over.

Modules like Migrate plus and Migrate tools are great additions to the migration family and I can highly recommend them; they make life so much easier! Migrate plus “basically” writes the migration for you :)

With Migrate plus doing the bulk of the work for me, the only PHP code I needed to write was to map our old User ID’s to the new ones, so original authors would be retained. Otherwise I could take all the credit for every single article ComputerMinds has ever written in the past (mwahah!). This can be easily achieved using a simple process plugin.

/**
 * This plugin will tie a piece of content with an existing user.
 *
 * @migrateProcessPlugin(
 *   id = "user_id_mapper"
 * )
 */
class UserIdMapper extends ProcessPluginBase {
  
  /**
   * {@inheritdoc}
   */
  public function transform($value, MigrateExecutableInterface $migrate_executable, Row $row, $destination_property) {
    
    $mapping = [
      'oldID' => 'newID',
    ];
    
    if (!empty($value)) {
      $value = $mapping[$value];
    }
    
    return $value;
  }
}

We had some term reference fields, and like Drupal 7, Drupal 8 will reduce your potential workload - it creates taxonomy terms for you if those terms are missing from your new site. Nice and easy.

The biggest remaining hitch was extracting the three components from a body field. These are value, summary and format. Summary and format were fairly straight forward, but attaining the value component was a real pain (the code below will show you otherwise). Straight away you’ll notice inconsistencies with the “keys”. I would have expected the format to have been body/value, body/summary and body/format, but alas this was not the case.

body: body
body/summary:
  source: teaser
body/0/format:
  plugin: static_map
  source: body/0/format
  map:
    markdown: markdown
    full_html: basic_html
    filtered_html: restricted_html

This took a few painful hours to debug and figure out, to this day I still do not know why! At least this being documented here can save others some pain and time.

With all migration finished and the site ready to be shipped out, what came apparent is that (as mentioned very briefly earlier) I had not accounted for some URL aliases (I had used a process plugin to pinch only the aliases we needed). I’d assumed, yes assumed (naughty developer), that ALL articles had the SAME URL path auto pattern. Big, big boo boo. What I didn’t know was that some articles on our old side had been migrated from an even older site and these article URLs came in all shapes and sizes; shapes and sizes that do not match our current path auto pattern. I’ve been fixing redirects and 404’s since :)

Lesson of the day

Do not ASSUME everything is the same. Do go check everything is how you expect it to be before migrating content.

Jun 11 2018
Jun 11

Three months ago I wrote an article on how to Create Image Styles and Effects programmatically and today we're following up on that article but introducing on how we can do that dynamically.

So, essentially what we would like to do is that we display an image, where we can adjust the way the image is outputted, given a height, width or aspect ratio etc.

Please bear in mind that all code provided in this article are experimental and does not yet cover things like access control, etc in this part.

Let's take a look at the service Unsplash.com. Its basically a free image bank with high quality images submitted by awesome freelancers and professionals that you can use for free.

Lake Tahio

Image by Eric Ward

The URL for the image above is the following:

https://images.unsplash.com/photo-1499365094259-713ae26508c5?ixlib=rb-0.3.5&ixid=eyJhcHBfaWQiOjEyMDd9&s=26d4766855746c603e3d42aaec633144&auto=format&fit=crop&w=500&q=60

The parts we're actually interested in are: &auto=format&fit=crop&w=500&q=60 we can adjust them as we like and the image is displayed differently, i.e. changing the width of the earlier image to a smaller one:

Lake Tahio smaller

Alright, that's what we would like to do in Drupal 8. This article will be very iteratively, we'll rewrite the same code over and over until we get what we want. We'll notice issues and problems that we will deal with through out the article.

Prepare an environment to work in

We'll use a fresh Drupal 8.6.x installation.

To quickly scaffold some boilerplate code I'm going to use Drupal Console.

First let's create a custom module where we can put our code and logic in:

$ vendor/bin/drupal generate:module

I'll name the module dynamic_image_viewer

dynamic_image_viewer.info.yml

name: 'Dynamic Image Viewer'
type: module
description: 'View an image dynamically'
core: 8.x
package: 'Custom'

Next we need some images to work with, we'll use the core Media module for that. So let's enable that module:

vendor/bin/drupal module:install media

Now we can add some images. Go to Content >> Media >> Add media.

Media content

Implementing a Controller to display the image

The first step is to create a controller that will render the Media image to the browser. Again we'll use Drupal Console for a controller scaffold: vendor/bin/drupal generate:controller

We'll create a route on /image/{media} where Media will accept an media ID that due to Drupals parameter upcasting will give us a media instance in the controller method arguments. Doing this, if a invalid media ID is passed in the URL a 404 page is shown for us. Neat!

So we'll modify the generated controller slightly to this:

src/Controller/ImageController.php

<?php

namespace Drupal\dynamic_image_viewer\Controller;

use Drupal\Core\Controller\ControllerBase;
use Drupal\media\MediaInterface;

/**
 * Class ImageController.
 */
class ImageController extends ControllerBase {

  /**
   * Show an image.
   *
   * @param MediaInterface $media
   *
   * @return array
   */
  public function show(MediaInterface $media) {
    return [
      '#type' => 'markup',
      '#markup' => $media->id(),
    ];
  }

}


And the routing file looks like this: dynamic_image_viewer.routing.yml

dynamic_image_viewer.image_controller_show:
  path: '/image/{media}'
  defaults:
    _controller: '\Drupal\dynamic_image_viewer\Controller\ImageController::show'
    _title: 'show'
  requirements:
    _permission: 'access content'

If we install the module, vendor/bin/drupal module:install dynamic_image_viewer and hit the URL /image/1 we should see a page with the ID being outputted.

Render the original image

Ok. Currently nothing is rendered, so what we'll do is that we render the uploaded original image first.

To serve the file we'll use BinaryFileResponse. So let's update the ImageController::show method.

We'll also import the class in the top of the file:

use Symfony\Component\HttpFoundation\BinaryFileResponse;

  /**
   * Show an image.
   *
   * @param MediaInterface $media
   *
   * @return BinaryFileResponse
   */
  public function show(MediaInterface $media) {
    $file = $media->field_media_image->entity;

    $uri = $file->getFileUri();
    $headers = file_get_content_headers($file);

    $response = new BinaryFileResponse($uri, 200, $headers);

    return $response;
  }

So what we do here is that we grab the File entity from the field_media_image field on the Media image bundle. We get the URI and, using the file_get_content_headers we get the proper headers. Finally we serve the file back with the proper headers to the viewer.

And if we hit the URL again:

original-image-rendered

Before we continue, we should note some things that we'll get back to later:

  • What if the media ID is not a Media image?
  • The user can still access the media even if its unpublished.
  • What about cache?

Let's make a hard-coded image derivative

To modify the image, we'll create a new instance of ImageStyle and add an image effect.

Let's update the ImageController::show method again:

  /**
   * Show an image.
   *
   * @param MediaInterface $media
   *
   * @return BinaryFileResponse
   */
  public function show(MediaInterface $media) {
    $file = $media->field_media_image->entity;

    $image_uri = $file->getFileUri();

    $image_style = ImageStyle::create([
      'name' => uniqid(), // @TODO This will create a new image derivative on each request.
    ]);
    $image_style->addImageEffect([
      'id' => 'image_scale_and_crop',
      'weight' => 0,
      'data' => [
        'width' => 600,
        'height' => 500,
      ],
    ]);

    $derivative_uri = $image_style->buildUri($image_uri);

    $success = file_exists($derivative_uri) || $image_style->createDerivative($image_uri, $derivative_uri);

    $response = new BinaryFileResponse($derivative_uri, 200);

    return $response;
  }

So what we do here is that we create a new ImageStyle entity, but we don't save it. We give it a unique name (but we'll change that soon) and then add we add an image effect that scale and crops the image to a width of 600 and height 500.
And then we build the derivate uri and if the file exists already, we'll serve it and if not we'll create a derivative of it.

There is one big problem here. Since we use a unique id as name of the image style we'll generate a new derivative on each request which means that the same image will be re-generated over and over. To solve it for now, we could just change the

 $image_style = ImageStyle::create([
      'name' => uniqid(), // @TODO This will create a new image derivative on each request.

to a constant value, but I left it for that reason intentionally. The reason is that I want to explicitily tell us that we need to do something about that and here is how:

If we look back at the URI from Unsplash earlier &auto=format&fit=crop&w=500&q=60, these different keys are telling the code to derive the image in a certain way.

We'll use the provided keys and combine them some how in to a fitting name for the image style. For instance, we could just take the values and join them with a underscore.

Like so:

format_crop_500_60 and we'll have a unique string. If the user enters the same URL with the same parameters we'll be able to find the already existing derivative or if its another image, we'll create a derivative for it.

You'll also notice that I removed the $headers = file_get_content_headers($file); it is because those headers are not the correct ones for ur derivatives, we'll add them back soon.

Dynamic width and height values

On our second iteration of the code we'll now add the width and height parameters, and we'll also change the name of the image style to be dynamic.

Again, we'll update ImageController::show

We'll also import a class by adding use Symfony\Component\HttpFoundation\Request; in the top of the file.

  /**
   * Show an image.
   *
   * @param Request $request
   * @param MediaInterface $media
   *
   * @return BinaryFileResponse
   */
  public function show(Request $request, MediaInterface $media) {

    $query = $request->query;

    $width = (int) $query->get('width', 500);
    $height = (int) $query->get('height', 500);

    // We'll create the image style name from the provided values.
    $image_style_id = sprintf('%d_%d', $width, $height);

    $file = $media->field_media_image->entity;

    $image_uri = $file->getFileUri();

    $image_style = ImageStyle::create([
      'name' => $image_style_id,
    ]);
    $image_style->addImageEffect([
      'id' => 'image_scale_and_crop',
      'weight' => 0,
      'data' => [
        'width' => $width,
        'height' => $height,
      ],
    ]);
    
    // ... Rest of code

First we updated the method signature and injected the current request. Next, we'll get the width and height parameters if they exist and if not we fallback to something. We'll build an image style name of these dynamic values. With this we updated the name of the ImageStyle instance we create which makes sure that we can load the same derivative if the user hits the same URL. Finally we updated the width and height in the image effect.

Here is the updated ImageController::show and current file:

src/Controller/ImageController.php

<?php

namespace Drupal\dynamic_image_viewer\Controller;

use Drupal\Core\Controller\ControllerBase;
use Drupal\media\MediaInterface;
use Symfony\Component\HttpFoundation\BinaryFileResponse;
use Drupal\image\Entity\ImageStyle;
use Symfony\Component\HttpFoundation\Request;
use Drupal\Core\Image\ImageFactory;
use Symfony\Component\DependencyInjection\ContainerInterface;

/**
 * Class ImageController.
 */
class ImageController extends ControllerBase {

  /**
   * The image factory.
   *
   * @var \Drupal\Core\Image\ImageFactory
   */
  protected $imageFactory;

  /**
   * Constructs a ImageController object.
   *
   * @param \Drupal\Core\Image\ImageFactory $image_factory
   *   The image factory.
   */
  public function __construct(ImageFactory $image_factory) {
    $this->imageFactory = $image_factory;
  }

  /**
   * {@inheritdoc}
   */
  public static function create(ContainerInterface $container) {
    return new static(
      $container->get('image.factory')
    );
  }
  /**
   * Show an image.
   *
   * @param Request $request
   * @param MediaInterface $media
   *
   * @return BinaryFileResponse
   */
  public function show(Request $request, MediaInterface $media) {

    $query = $request->query;

    $width = (int) $query->get('width', 500);
    $height = (int) $query->get('height', 500);

    $image_style_id = sprintf('%d_%d', $width, $height);

    $file = $media->field_media_image->entity;

    $image_uri = $file->getFileUri();

    $image_style = ImageStyle::create([
      'name' => $image_style_id,
    ]);
    $image_style->addImageEffect([
      'id' => 'image_scale_and_crop',
      'weight' => 0,
      'data' => [
        'width' => $width,
        'height' => $height,
      ],
    ]);

    $derivative_uri = $image_style->buildUri($image_uri);

    $success = file_exists($derivative_uri) || $image_style->createDerivative($image_uri, $derivative_uri);

    $headers = [];

    $image = $this->imageFactory->get($derivative_uri);
    $uri = $image->getSource();
    $headers += [
      'Content-Type' => $image->getMimeType(),
      'Content-Length' => $image->getFileSize(),
    ];

    $response = new BinaryFileResponse($uri, 200, $headers);

    return $response;
  }

}

First we added a new dependency to our controller \Drupal\Core\Image\ImageFactory which allows us to construct an Image instance, where we can get meta data from the image, but also gives us a unified interface to apply things to our image. For instance, we could desaturate the image by doing $image->desaturate(); and then resave the file. Fow now we're only using it to retrieve the meta data. We'll take advantage of that in the next part, when we refactor some of the written code and add more flexibility to what we can dynamically output.

If we hit the url and add both the width and height parameters we'll get something like this:

generated-image

In the up coming article we'll take a better look at what we have, what we miss (access control, what if a user hits the same URL at the same time), adding more effects, and exploring the use of the Image and toolkit APIs more in depth.

We'll most likely remove adding image effects through ImageStyles and only use the image style for creating derivates that we can we can later apply changes with the toolkit API.

If you want to continue on your own, take a look at ImageStyleDownloadController.php file in core which contains a lot of code that we can re-use.

Jun 11 2018
Jun 11

Even though security remains one of the major concerns for an organization, the implication of new technologies has at the same time broadened and complicated the understanding of the term. 

Security is no more about working in isolation. 

Recent events such as Drupalgeddon 2 in March and other subsequent security releases in April – marked critical – have once again brought the question ‘Is Drupal Secure?’ to the center-table. Drupal is among those few open source projects popular for their security with a dedicated team working on to improve it. However, there are still sometimes when the security of your Drupal website is under the impression of threat. 

anonymous mask on a black background with a cctv on top left corner

Security is a vast area of expertise and it is quickly changing with time. No more is it about one person working in isolation or an expert who can understand all the aspects. 

While the list of do’s and don'ts is extensive and exhaustive to keep up with the threats, vulnerabilities and mitigation strategies, here are the top seven Drupal security practices to follow in order to keep up the health of your website. 

And Aristotle once said...

The aim of the wise is not to secure pleasure but, to avoid pain.

Seven Drupal 8 Security Practices

Securing the Server-side Hosting Environment

Before starting off with the general security hacks and tips, you need to secure your server-side hosting environment. Here are some points to keep in mind before moving to securing your core. 

  1. Protect the server: Only a limited number of users must be allowed to access your server. One of the key points is to add a basic layer by restricting the access to server login details. Once the authentication is set up, it is easier to monitor server access and restricting file access usage. This can help you detect unusual activities.
     
  2. Hide the server signature: Server Signature needs to be hidden as it reveals an important piece of information about the server and operating system. It can let a hacker know if you are using Apache or Linux - information which can be utilized as a vulnerability used to hack the server. In order to keep the server secure from possible vulnerabilities, you need to hide the server signature. 
     
  3. Enable port wise security - Since the applications use the port numbers, it is important to keep certain port numbers hidden from general access. 

Securing the Drupal Core

  • Keep your Core Updated
    A key practice, keeping the core updated will always be the first when listing healthy security practices. And this was the first lesson we learned from the Drupalgeddon2. Always look out for core updates (include the minor releases as well) unless security is not on your agenda. In all of its advisories, the Drupal Security Team asks for updating the core version of the system. 

    If you fall a long ways behind the latest update, you are opening yourself to vulnerabilities. Since history tells us that hackers target the older versions.

    Look out for core updates. Follow the Drupal security team @drupalsecurity on Twitter. Get quick updates and announcements from the team through the emails and security newsletter. You can also follow Security Group in order to contribute and stay part of the security discussions. 

    Another important point to note here is when updating the core - ALWAYS keep a backup of your site's database and codebase. We will discuss this security practice later in the article. 
     

  • Security by Design
    As a matter of fact, every stakeholder wants security to be a simple concept, sadly it isn’t. One of the biggest misconceptions here would be that investing a hefty sum post development would ensure a secure system. However, it is never the case. 

    The best practice to follow is at the architectural level when the website is being designed. 

    Security by Design ensures that designing the software up by the ground to be secured in order to minimize the impact of a vulnerability when discovered. Pacing up your security from the foundation - is the key. It implies following the best security practices at the architectural level instead after building the website. 

    When the foundation of the design remains secure regardless of a reasonable approach adopted later, you can tackle the issues easily. A uniform methodology needs to be adopted to protect the assets from the threats. 

    Once the requirements have been collected, the architecture can be laid out and other elements can be discussed later like trusted execution environment, secure boot, secure software update among others.

"The key to security is eternal vigilance"
  • But Use only Security Team Approved Modules 
    Your site probably uses a number of contributed modules, although that’s not an issue. Using the stable and approved modules is where the key lies. This is especially worth noting for contrib modules which are more susceptible to vulnerability. 

    Always look out for the green batch when downloading a contrib module. Rest, as the advisory reads, Use it at your own risk! module covered by security team with the green batchAn example of security team approved module with a green batch module not covered by security advisory with an orange batchAn example of a vulnerable module

Backing Up - In Case of a Mishappening

  • Keep Up your Backup
    Catastrophes never come invited. While all seems perfect, you might wake up to find out that your website has been taken down by some psychotic hacker. Although it is an unforeseen event, you can definitely arm up yourself.

    As an administrator, you have to be prepared for all of such uninvited events. They can be controlled and the damage minimized by strengthening security, frequent backups, installing updates in a timely manner.  

    We cannot stop disasters but we can arm ourselves with better security and backups. Hosting by Acquia cloud or Pantheon provide automated daily backups of your site’s database, files, and code plus single-click restoration if something goes wrong. 

    You can also use the Backup and Migrate Module or Demo Module because unlike life your Drupal website has the option to go back for some changes. 

User-Side Security

  • Follow a Standard Practice with a Strong Password Policy
    Passwords are used at both admin and user level, therefore strong and secure passwords are important for your website. When I say strong password should be used I have nothing against short and easy passwords. Easy should never imply less efficient. 

     A string like Mypassword123 will prove acceptable but is obviously weak and can easily be brute-forced.

    The best practice? Your password should provide realistic strength in terms of measurement and complexity. A password must only be allowed as long as it proves to be of high enough entropy with a combination of characters, alphabets - uppercase and lowercase, symbols, and numbers.

    Start checking passwords on explicit rules and amount of varying character types to be used (symbols, numbers, uppercase letters, etc). 

    Password Strength - a Drupal module - classifies the expected brute-force time for the summed entropy of common underlying patterns in the password. Patterns that can be detected in passwords include words that are found in a dictionary of common words, common first and last names or common passwords. 

Your password can make the difference between a vulnerable and a hard-to-hack Drupal site.

While there will always be some new thing to add to the list, you can be sure that this list comprises of the core practices which need to follow. The protocol for communication needs to be clear and well documented. Properly documented procedures are important, as third-party services can often be manipulated.

In need of a security update or services? Drop a mail at [email protected] and let us help you out. 

Site builders and developers need to keep an eye open for the possible when security releases are announced and apply them quickly, to ensure the site is not compromised. It is good to be consistent and have your reasoning documented so that it is clearly understood.

Jun 11 2018
Jun 11

In Search API, there is a field for a search excerpt that you can use on field views to highlight search results. In this article, I’m going to show you how to enable excerpt and set it using views. Here I’m assuming that you have already set the Search API module and has a Search API Solr view.

Follow the steps:

Go to Manage -> Configuration -> Search and Metadata -> Search API.

In your search API index ‘processors’ tab, enable Highlight Processor as shown below.

search API index ‘processors’ tab

In the processor settings tab, check “Create excerpt” field. You can also set the fields to generate excerpt.

Create excerpt field

Save the configurations and re-index all the data so that the added configuration will take effect.

Edit your Search API Solr view. You can display highlighted results only if your view is displaying fields. However, if you need to build a custom view based search_api search that renders entities instead of using fields, the excerpt info stays hidden in the view result array.

custom view based search_api

Click on Add fields and select the excerpt field

Excerpt field

You can add other fields along with Excerpt field as per your requirements. Save the view and check the search results, You will be able to see highlighted output!! 

Hope now you know how to highlight search results in Search API Solr View for Drupal 8 website. If you have any suggestions or queries please comment below let me try to answer.

Jun 10 2018
Roy
Jun 10

Laying the foundations for POSSE

This is my version of the steps you need to take to make your site part of the indie web community. Swentel helped me getting it all setup on this here Drupal site using his indieweb module. It’s all a bit complicated still, so this is mostly me trying to retroactively understand what’s going on.

As it says on the site, the IndieWeb is a people-focused alternative to the corporate web. Its main tenets:

  1. Ownership – your content is yours, it should not belong to a corporation.
  2. Connection – starting from your own site you can share your content to all other services.
  3. Control – post what you want, in the format you prefer, using your own URLs that you keep permanent.

While 1 and 3 are essential and relatively easy to achieve (use your own domain and post your content there), it’s number 2 that is the most alluring.

Owning your stuff and being able to share it across multiple platforms combines ownershop with reach. This is what “POSSE” is all about: Publish (on your) Own Site, Syndicate Elsewhere. Drupal lead Dries Buytaert has written several posts outlining his POSSE plan.

Getting started

This “Connection” part of indieweb publishing is also the most complicated. There are quite a few moving parts to getting it all up and running.

For Drupal sites, the setup for the community/sharing/syndication parts of indieweb publishing has gotten much more accessible with the release of the IndieWeb module created by swentel. It doesn’t necessarily reduce the number of things to set up, but it provides a centralized UI for all of them: Webmentions, Microformats, Feeds, Micropub, IndieAuth and Microsub.

Before going over the details of configuring the indieweb module itself, we have to take care of some basics first.

Introduce yourself (right on)

To own your content on the web, you have to establish that you are in fact, you. That’s why IndieWeb starts with having your own domain and posting some initial content there. Important part of this initial content is a specific bit of HTML that establishes you as the author and owner of things published on this particular domain:

<a class="h-card" href="http://www.yoroy.com"><img src="http://www.yoroy.com/photo.png" alt="This is me" /> Roy Scholten</a>

The specific part here is that “h-card” class added to the anchor tag. This “h-card” is one of a collection of so-called microformats. With microformats you give more structure and semantics to information presented in HTML. In this case, h-card is the microformat to use for publishing information about people or organisations. We’ll need to add other microformats to (blog) posts you publish on the site, but that’s for later.

To do in Drupal

The indieweb module does not (yet?) handle adding this information to your site. Add your version of the HTML snippet above to a (new or existing) Drupal block. Place that block to be visible on your homepage. The site footer or maybe a sidebar are obvious places you can put it. Mine’s in the footer below.

You can check if all is fine with https://indiewebify.me/validate-h-card/. Enter your domain name there and it will report back with what it found and suggest additional elements you could add to enhance your h-card.

Even without posting any other content to your own site, you now have your own space on the indie web and setup your identity in a way that you own and control.

Next: add links to your existing social media accounts

You’ve seen those signup forms that let you create an account by using your existing Google, Facebook or Twitter account details. In this step, you configure your own domain to be your IndieAuth identity. This lets you use your own domain to sign in to other sites and services.

There are not many sites outside the indieweb circles itself that offer this, I think. It’s still useful to do this though. You’ll likely want to use some of these indieweb services, especially to automatically share (links to) your content on other platforms like Twitter or Facebook.

To do in Drupal

Detailed instructions are here. In short:

Add links to your other profiles and add the rel="me" attribute. Might as well add this to that h-card block you created in the first step. For example:

<a href-"https://www.twitter.com/royscholten" rel="me">@royscholten on Twitter</a>

If you have a Github account, that’s also a good one to add.

To do on the external sites you link to

Link back to your homepage from your profile page on these services. The indieweb wiki has direct links to edit your Twitter and Github profile.

Then, try logging in to indieweb.org to see if it all works.

So far, so good,

So what? By establishing your identity on your own domain you stake out your own spot on the internet that you control. With this set up, you have created an environment for publishing on your own site and syndicating elsewhere.

Next time: configuring the indieweb module to start sending and receiving webmentions, the indieweb catch-all term for comments, likes, reposts and the like.

Jun 09 2018
Jun 09

I'm a big fan of Piwik, an open source analytics suite. Think Google Analytics, StatCounter, Sitemeter, etc. … only self-hosted an open source. There are many benefits of using it:

  • It's self-hosted, so you have all the analytics data you collect.
  • This helps your privacy policy, as it's one less 3rd party company that has data on your website visitors.
  • Because it's open source and free, you don't have to pay to have access to data over 30 days ago, or to use it on an https site, or anything like that. (There are some paid plugins).
  • There's an extensive plugin system that lets you extend what it can do, but you only add the complexity if you need the specific extra features.

Only it's not Piwik anymore. It's Matomo.

On January 9th 2018, they announced they were changing the name:

After an epic 10 year journey creating and perfecting the best open digital analytics solution, we felt it was a good time to refresh our brand to reflect how far we have come and to reaffirm our vision: To create, as a community, the leading international open source digital analytics platform, that gives every user full control of their data.

If I'm honest, I don't understand what that means. I'm unclear how "Piwik" does this less effectively than "Matomo". In fact, having taken 10 years to build brand-awareness, they were beginning to be a recognised name. They've just reset that. Now, when you talk about Matomo, you have to add by way of explanation "which used to be called Piwik".

Their announcement hints there was potential for some trademark conflict over the Piwik name, whereas nobody else currently has anything called "Matomo" so they can protect their brand by getting in first and registering it. Apparently, another factor is that "Matomo" means honesty in Japanese. Unless you're Japanese, (in my opinion) that's a hipster argument not a real reason to rename.

Like it or hate it, the name has changed, and it's here to stay.

The change pushes some work downstream to other people who integrated with Piwik Matomo.

Drupal Module

Happily, for those of us who use Drupal, there is / was a Drupal module named Piwik. It's actively maintained by Drupal member hass, Alexander Hass, who also maintains the Google Analytics module. This is a good thing, because lots of the logic is similar. It means that any security-level fixes that affect both can be fixed together. (See SA-CONTRIB-2016-042 and SA-CONTRIB-2016-043.) It also means that the Piwik module does everything that the Google Analytics module does, in terms of features like controlling which user roles / pages have the tracking code and so on.

Migrating Drupal from Piwik to Matomo

It's one thing to release a new version of the module that changes the name strings from Piwik to Matomo.

But ideally, the Drupal module needs renaming. Renaming a module is not an easy thing to do, but hass has done it brilliantly. You just have to follow the instructions very carefully, and it will all work perfectly.

The instructions below are for Drupal 7, but the process for Drupal 8 is very similar.

In summary, what he did was create a new project named "matomo". There's then a new release to the piwik project that will migrate everything in your site over to the matomo project. So, the steps are as follows:

  1. Download the Matomo project to your site. Either use "drush dl", or download the tarball and extract it into your modules directory.
  2. Download the new version of the Piwik project (7.x-2.12 or 8.x-1.4). Either use "drush dl", or download the tarball and extract it into your modules directory. (You could use "drush up", to do this and the next step in a single move. Personally, I prefer to download as one step, then run database updates as a conscious next step).
  3. Run the database updates. Either use "drush updatedb", or go to /update.php on your site.

This step will do the following: It will enable the matomo module, migrate all your settings and configuration from piwik to matomo, disable piwik, uninstall piwik so that your configuration settings are longer there, and block you from re-installing piwik.

That's pretty impressive. And it works.

There's one last step you need to do manually:

  • Remove the piwik directory from your modules directory, so you don't have old and unused code sitting around.

This is another example of something I wrote about a couple of days ago: It's very important to remove modules that you're no longer using.

Thank you

A big thank you to hass for doing such a complete and easy-to-use job on this.

And a big thank you to the team who maintain and develop Matomo. I still don't quite understand why you had to cause us all this additional work, but I'm sure there's a good reason somewhere. It's a great project, and I commend it to all my readers.

Jun 08 2018
Jun 08

Ashday Interactive Systems logo and React logo

Decoupled Deschmupled

Here at Ashday, we’ve been following the Decoupled Drupal conversation over the past few years. Until recently, we had found that it was in its infancy and a lot of tough questions were still on the table about whether it was even a good idea. The SEO implications have not been entirely clear, the impact on estimation has also been very hard to nail down, which decoupled framework to go with has not at all been a consensus, and what Drupal’s exact role is in the decoupled site has not been clear either. And hey, we already know how to theme a Drupal site after doing a ton of them, so why complicate our lives?

Choosing a JavaScript Framework: React vs Angular vs Ember

So like Stryder shuffling through the grass and reading the signs of what had happened to two of his favorite hobbits, we started to sense in the past year that maybe Decoupled Drupal was becoming suddenly not an odd-ball proposal but possibly a truly beneficial solution with a backbone. A key component for us? React. Heard of it? Probably. It’s been around for a few years now. The critical difference for us with this was momentum. After all, if you want to train up your staff on a whole new technology you better be certain it’s not dead in 12 months.

Let’s take a look at some Google Trends.

This is the last two quarters of 2017 Google Trends for the terms Angular, React and Ember, which were the three most talked about decoupled js libraries/frameworks at DrupalCon Baltimore last year.

Graph showing interest in Angular, React, and Ember in 2018.(blue = Angular, red = React, orange=Ember)

Result? Angular is solidly in first, React is reasonably behind in second, and Ember is a distant third. Hard to know where things are headed exactly, and coupling that with the fact that the theme in Baltimore was that Angular has the most attention, but people seemed divided about whether it was the long-term solution because React and Ember (and others) were growing trends. 3 distinct trending choices? Not sure which is best? And many were unsure this was even a good move, as were we. Better hold off a bit.

Now let’s look at the trends for 2018.

Google Trends graph demonstrating increased interest in React in 2018. (blue = Angular, red = React, orange=Ember)

Notice a difference? Look at that little red bar now. That’s React. So even though just a year ago Angular held a reasonably strong lead, it definitely held true that some newer frameworks were gaining momentum, and React has already caught up with Angular. And further, Ember has fallen further behind. When you factor in how much of Google searching is people looking for support for something they’ve already built, which heavily favors the 5-years older Angular, that makes the React climb even more impressive. Does it mean Angular is dead? Far from it. But React is exploding.

Then there’s this: https://dri.es/drupal-looking-to-adopt-react. Yep, those chiefly interested in and responsible for Drupal are favoring React as well. Further, the general feel on the interwebs was that across all web technologies, decoupling was growing as a plausible solution in leaps and bounds. Great ideas were being kicked around about specific solutions to the hard decoupling problems. And above all, we’ve been looking for an excuse to give it a whirl. Well that just about solves it. If we’re going taking the plunge on this decoupling adventure, let’s just roll up our sleeves, install React, aggregate and distill our two years of thoughts on the matter, and cannonball into the deep end of Decoupled Drupal.

Brainstorm your next development project with  an Ashday expert!  Request your free session today. 

React and SEO

When you decide to decouple - even if you’ve already picked a js foundation to build it on - you quickly realize that the solutions are as varied and complex as they are on the back-end of sites. If you’re going with React like we did, then that fortunately becomes much simpler still requires a lot of investigation, learning, experimenting and decision making. In order to not be plagued with decision paralysis, we decided our top priority was ensuring that none of what we were about to do was going to hurt our SEO. The flare and flash could come later. This was probably the one real deal-breaker for us in this endeavor.

SEO these days is rather complex and somewhat arbitrary, but there are some easy-to-overlook SEO principles when it comes to page rendering that must be addressed in a decoupled architecture. No one wants to tweak the heck out of their site and push on content editors to make sure everything is SEO friendly only to implement an architecture that keeps people from finding you. While a bit oversimplified, let’s look at three key principles that are to be followed when delivering page content if you don’t want to be punished.

  1. The content needs to be delivered to search engines and users even without JavaScript.
  2. The content needs to be delivered to search engines that do run JavaScript (i.e., Google), but won’t wait for asynchronous APIs to load.
  3. The content delivered to search engines needs to match closely what site visitors receive so that we don’t get punished for cloaking.

There are a few approaches to this problem. And while “I quit” was certainly on the table for us, we pushed through and are glad we did. So let’s take a look at our more courageous options.

Client-side Rendering

This is effectively the coolest part of React, but you have to be careful of the implications, especially when content is dynamic. So for example, you can load your whole front end “shell” in React nearly instantly and then let things like dynamic header menus, page content, footer content, etc all load asynchronously as soon as it’s available. This creates some neat opportunities to improve user experience. The problem is the SEO implications. As stated above, you really can’t do asynchronous rendering and have it delivered that way to search engines, so now you’ve got a problem. For us, this meant choosing to use client-side rendering approaches where it benefitted actual user interaction and leave the rest to the server.

Pre-rendering

In this approach, your site is rendered statically on a Node.js server somewhere and the pages are served to the end user with no JavaScript required for initial page load. This leads to blazing fast pages as it’s just raw HTML/CSS/JS and no API calls on the fly, but it also leads to some significant downsides depending on your requirements. For example, in pre-rendering you are caching entire pages so if you have thousands of them, perhaps with varied caching control on various pieces of the pages to optimize performance, you now have a very heavy pre-rendering load. This means the task of updating your pre-rendered pages whenever any element of that page might change can become substantial and also complicate your CMS. For us, this wasn’t an option because even in building Ashday.com, we wanted to work with an approach that we felt could be adapted to our biggest clients.

New Call-to-action

Server-side Rendering

This is ultimately where we landed for ashday.com and we’ve been quite happy with it (so far). With server-side rendering, your pages are still “live”, but they are generated on the Node.js server when requested so that search engines and users get the same experience. It also allows us to handle the caching of various API calls separately so that we can get great performance. It’s not going to be quite as fast as pre-rendered, but then again we also don’t have to tackle the complex task of figuring out how any element of the site might affect a rendered page and be sure to appropriately - and in timely fashion - re-render all of those pages. So on a site with 50,000 articles, a change to a menu link in the header would mean re-rendering every page when using pre-rendering, but with server-side rendering, it just means a cache reset on a single API call to get menu links. It’s a fair trade off, we think.

So with all of that, we decided to build our first React app using Next.js. It’s not all that different from straight React, but it offers a few bells and whistles, notably the added synchronous getInitialProps lifecycle method, that make server-side rendering a snap. Other approaches, such as using the default Facebook React app, seem much more suited for static non-API-based websites because you really end up needing to implement your own server-side solution where you separate your server configuration from your client configuration. Given that there are already so many new problems to solve and new concepts to learn, we settled on Next.js for now so that we could move forward and get our hands dirty without killing our Google juice.

As a side note: We’re pretty stubborn about wanting the best experience here though so we’re actually hoping that either the upcoming version of Next.js that includes React Router or else another evolving React-based solution will make it much easier out-of-the-box to build a React-solution that both renders server-side for initial page loads and lets the client run the show after that. As of yet, it’s a bumpy road to get there with existing tech and you have to evaluate the cost and overhead of trying to make that work.

Jun 08 2018
Jun 08

Background

I am the sysadmin and developer for Art & Object, a Drupal 8 website built with the Drupal Composer project. The version pin in composer for Drupal was 8, which in hindsight was too broad for our usage. Meaning Drupal point releases (8.3 to 8.4) require study to ensure you understand all the implications, which wasn't something I did. I just blindly did a composer update, thinking everything would be handled automatically.

This really bit me when 8.4 came out because my server was running Debian Jessie, which runs PHP 5.6 and my composer didn't have a platform PHP configuration, so a lot of the underlying Symfony code updated to PHP 7. So I ended up doing a backgrade until I figured it out.

Then there were the critical security Drupal updates (SA-CORE-2018-002 and SA-CORE-2018-004) earlier this year that would not be released for 8.3, so I had to upgrade (or at least, at the time, I felt I had to, though I see now they have a patch for older 8.x releases). By that time, 8.5 was released, so I updated the composer to 8.5 and ran update and after some basic testing, moved on.

Then a few months later, I noticed the status error messages about running the contrib media module alongside the core and I knew I missed something and there was a problem.

I then started down a wicked rabbit hole of getting a local copy running and following the upgrade instructions, running into problem and going back to getting a local copy running fresh again and trying again. Lots of trail and error (mostly errors) and head-banging-on-the-desk. I looked for help on the #media IRC channel, but the best advice came from posting on Stack Overflow, where @sonfd pointed out that the media module needs to be uninstalled first. I thought I had tried that and ran into an error message that mentioned you can't uninstall the media module with media items already created.

The Fix

So after lots and lots (and lots) of local refreshes and trials and errors, here's the list I finally followed when it came time to upgrade production:
  1. First, put the site in maintenance mode. Then take a database backup and make a tarball of your project directory. Don't skip over this.
  2. drush pmu media crop_media_entity: pmu = pm-uninstall. Remove the media module (and crop_media_entity, if you have that, too). This was the tip from @sonfd that opened the rest of this process for me.
  3. composer remove drupal/media: Remove the contrib media module from the filesystem. I should add that I prefixed all my composer commands with /usr/bin/php -d memory_limit=-1 /usr/local/bin/ because I often ran into memory limits when running composer.
  4. composer require drupal/inline_entity_form drupal/crop:1.x-dev drupal/media_entity_instagram:2.x-dev drupal/media_entity:2.x-dev drupal/media_entity_slideshow:2.x-dev drupal/media_entity_twitter:2.x-dev drupal/slick_media:2.x-dev drupal/media_entity_actions: These modules are temporary to help upgrade the database records.
  5. composer remove drupal/video_embed_field: For some reason, I couldn't require video_embed_field:2.x-dev, so I removed it and then...
  6. composer update: When I ran this, it updated video_embed_field to 2.x-dev.
  7. composer require drupal/media_entity_image drupal/media_entity_document drupal/image_widget_crop: More temporary modules to help the upgrade process.
  8. drush cr: Clear cache to make sure Drupal picks up new modules and paths.
  9. drush updb: Run the database updates.
  10. drush pmu entity media_entity: Uninstall these modules (these were the old contrib modules)
  11. composer remove drupal/media_entity drupal/media_entity_image drupal/media_entity_document drupal/crop drupal/image_widget_crop
    /usr/bin/php -d memory_limit=-1 /usr/local/bin/composer require drupal/crop:2.x-dev drupal/image_widget_crop drupal/empty_page:2
    : Clean out the temporary modules from the filesystem.
  12. drush cr: Clear caches
  13. drush updb: Run database updates
  14. drush cex: Export the configuration (so you can commit it later).
  15. The blazy module had an error with the core media and hasn't been updated (as of this writing), but there is a patch to fix that. So I learned how to add patches to a composer file - turned out pretty simple. Add this to composer.json in the extra section:
            "patches": {
                "drupal/blazy": {
                    "Gets Blazy to work with Drupal Core Media": "https://www.drupal.org/files/issues/2881849-8.patch"
                }
            }
  16. composer update: This was odd, but I had to do an update, which picked up the patch, but didn't really install it. I can't remember exactly now, but I believe this actually deleted the blazy folder.
  17. composer remove drupal/blazy: So removing this actually installed it. Who knew? Whatever ... it's still in my composer.json and now the filesystem has the module and the patch.
  18. drush cr: Clear caches!
  19. For some reason, this upgrade created a new field called field_media_image_1 and assigned that as the source for the image media type, which broke some of the images on the site. So I edited media.type.image.yml file to revert source_field back to my original field_image.
  20. drush cim: Import my hack to get my media image type to work.
  21. I had a custom field formatter that I had to edit to change the namespace from media_entity to media.
  22. drush cr: Final cache clear!
  23. Test and make sure all is well. If so, take the site out of maintenance mode and commit your repo changes.

Advice / Conclusion

A lot of this pain could be negated by studying the release notes better. I own that and this counts as one of my many scars of lessons learned. I hope others can learn from my lesson, too. Someone may end up writing a meta post about this post to point out the high cost of maintaining a Drupal site and I don't think they'd be wrong about that, but that's the price you pay for running servers that are publicly accessible.
Jun 08 2018
Jun 08


I sat down to speak with the amazing women of Axelerant, and they each shared their unique perspectives about what it's like being professionals in their field. In this chapter, Swati, Hetal, Priyasha, and Aliya expound on this—and in their own words.

 

Swati-Kharbanda-QA

 

It was while studying engineering that Swati found that she didn’t actually enjoy software development. She wanted to explore other options. This is what led her to quality assurance. Soon, she was placed at a leading multinational, where she trained in testing and developed an interest in it.

While she enjoyed the work, the new job took her to Bangalore, and after two years of working there, she wanted to come back to her family in Delhi. That was when she was referred to Axelerant and joined the team as a QA professional.

Initially, she and everyone around her had their misgivings about remote work. But she decided to try it out. Over time she found that remote work offered her a lot of liberty. “I can take care of my house as well as work towards my career,” she says.

The work can get hectic though, and family life is impacted occasionally. On projects that have challenging deadlines, team members sometimes have to work long hours, and it can be hard for her to find any time for herself. In her family, she does the cooking and really enjoys it, and loves sharing her daily creations with those she loves. “I may have to work late into the night, which means that when my husband gets home, I won’t have anything prepared.” So sometimes she says, “you do feel a certain amount of guilt.” But that’s the great thing about finding the right partner: balance and mutual support. Swati's husband is extremely supportive, but not everyone is as willing to understand that in a marriage, both people’s careers hold equal importance.

“People have this expectation that girls should do less work in the office, and boys should do more work. But ultimately, we both work in the same industry, so it should not matter… everyone on my team works just as hard. If I step back from my role, the project would fail. My team members know and appreciate that,” she says.

She advises young women to give their careers same the importance that they give to their responsibilities towards their families. "Being a girl doesn't mean that you can't focus on your career," she says.

 

Hetal-Mistry-Project-Manager


“I did my MBA in Finance—I don’t know why,” begins Hetal, with disarming frankness.

She joined a bank, quickly realized it wasn’t for her and began exploring project management instead. Then, her husband decided to move to Mumbai, and she changed jobs again, joining her first remote workplace. When her baby was born, she made the choice to dedicate a year to his care.

After a year, she wanted to go back to work and was supported by her husband to do so, unconditionally. Meanwhile, her employer had been acquired by a company that did not support remote work—but made an exception for Hetal. The next few months were a struggle. “When people don’t trust that the remote model works, you have to keep trying to prove yourself every day, and working from home soon becomes working 24/7,” she says.

Hetal decided to leave. And that’s when she found out about Axelerant.

“Now, it’s easy because I know my team members trust me. If I need to pick up my son, I can leave early without feeling guilty,” she says.

Hetal has also had her skills questioned occasionally in the workplace. “If you are asking too many questions and you are a woman, you will probably be told that you won’t get it,” says Hetal.

Her advice to women who might be facing similar criticism: “Don’t take it too seriously. If we pay too much attention to the noise, sometimes we stop paying enough attention to the job,” she says.

Hetal believes that workplaces like Axelerant that encourage flexible work will have a positive impact on women, particularly those who are re-entering the workforce. She observes a stark difference between full-time working moms and stay-at-home moms in terms of how fulfilled and enthusiastic they seem in general. She says: “Stay-at-home moms often tend to look bored or resigned. Working moms—even though we are always tired—exude a sense of satisfaction. And I don’t think the children of working moms are at any disadvantage. That is, if you do it the right way.”

 

Priyasha-A-Graphic-Designer


Ever since she was old enough to dream, Priyasha dreamt of being an architect. You can read her story here.

But once she’d completed her degree in architecture, she realized her interests lean more towards designing for users, and she wanted to explore that direction. Why? “Because good design makes things simpler for everyone,” she says.

By then, she had also begun making graphics, logos and illustrations. So when she found a job opening at a company that was engaged in “graphic, web and space design”, her heart leapt, and she applied.

What followed? Many years of learning and getting used to the new work environment and the challenges it presented. Priyasha found that architecture and graphic design were not very different after all. She had her doubts occasionally about changing directions. Ultimately though, she’s glad she made the move. If she hadn’t, she says, she might never have gotten out of her comfort zone.

Today, Priyasha is a graphic designer at Axelerant, helping to transform the company’s brand experience. She loves music, and in her time off, she attends as many concerts as possible. When she manages to find some free time, she sketches. And she loves travel, so whenever possible, she plans a trip. She’s still learning and growing, challenging herself everyday. “I believe in learning by making mistakes, so if there's something new that I'm not aware of, I try to learn about it and give it my best,” she says.

She’s quite comfortable with the idea that people need to explore different sides of themselves through their careers, and therefore she may not always stick to one predetermined path. “I do know that I'll always be a designer, but the directions will definitely change with time because I feel it's really important to grow on a daily basis,” she says.  

Her advice to young women: “Always take risks, get out of your comfort zone and move towards growth.”

 

Aliya-Khanam-Front-end-Engineer

 

“I wanted to be back home again. Staying away from my family was getting harder by the day.”

By 2012, Aliya had spent several years in Delhi working for a Drupal development company. She wanted to be closer to home in Srinagar but she wasn’t sure how this could work. She wasn’t aware and certainly not convinced that remote work was really possible.

But after floods affected our office in Srinagar, she started working for Axelerant from home. Aliya never came back to the office (and the office didn’t come back either).

Now it’s 2018, and she’s convinced that more remote opportunities in her home region of Kashmir would be good for many—and not just because being close to home is a nicety.

Aliya believes that this change could foster independence, particularly for women, who face cultural challenges which sadly keep so many subjugated, unequal, and unsafe.

“In 2012, I was the only female Drupaler in my region. I feel so proud to say that’s no longer the case,” she says. She’s a firm believer that women everywhere can do more than what they think is possible; that independence begins with learning, by opening up the mind to new opportunities. She hopes to teach this to others, and to learn more about what’s possible for her and her peers.

Besides being her title as Front-end Engineer, she’s also wife and new mother. When she’s away from her desk, she loves to cook for her husband and spend time with her 3-month-old baby girl, Baheej.

Aliya’s learning every day how challenging and rewarding being a mom can be. “This all seems very challenging,” she says, “and I’m sure there will be a lot to give and take.”

Madhura-Birdi-Marketing-Associate

 

I've thought about the questions I've been asking others, trying to answer these myself. I’ve been fortunate enough to have had a lot of support—from men and women—throughout my career. I have never experienced many of the challenges that a lot of women face in the workplace. So as the author of this piece, I've found there's a lot to learn from each of the women I've spoken to.

But the biggest lesson I will be taking away is probably that each individual is strikingly, beautifully different.

And perhaps this is fitting, because in my career as a writer and creative professional, the biggest challenge I have faced has been accepting how different I am from the people around me. Everyone is different and works differently, regardless of their gender. What has helped me the most is to not judge myself by anyone else’s standards, to turn inward instead and try to find my process, trust it, stay with it, and adapt it to meet each new challenge.

So that is what I would offer: Whoever you are, whatever your gender, don't let anyone else tell you that your difference is a flaw. Own your process, your challenges, your solutions, and their outcomes.

And when you start to do that, you might find that you have strengths that are special and powerful, and that you can use them to achieve things you'd never thought possible.

Also check out Chapter One and Chapter Two of the Women at Axelerant series.

Jun 08 2018
Jun 08

Content is the fulcrum of any enterprise that gives them the tensile strength to build a robust online presence. Having the right approach towards delivering astounding content involves plenty of effectual content strategies in place. Drupal 8 is your one-stop destination for building an efficacious content strategy with its out-of-the-box capabilities.

An illustration showing a crown placed on a palm with premium content in itSource: Getty Images

According to a research by LinkedIn, 72 percent of the digital marketers have a content strategy in place of which 30 percent are the documented and the rest non-documented.

Before we look at the ways of forming a blueprint for content distribution, let’s see what are the various models of disseminating content.

Content dissemination

Every organisation has a different need for content distribution plan and requires different kind of content dissemination. An organisation may have a primary global site that contains the most of the content. This might have to be distributed to different secondary sites if it is a large organisation with a global presence. Even some external sites might be receiving the content from the primary site. It is also possible that these secondary sites would be sharing the content with each other through a peer-to-peer network.

Primarily, organisations adopt either of the top content distribution models namely, centralized and decentralized models.

Centralization

This involves a primary site that acts as the main activity hub when it comes to content production. Large enterprises would have the dire need of such a website which would pass on the content to its global sites or product sites. Thus, this helps in maintaining the brand consistency during cross-channel marketing campaigns.

A flowchart showing the centralized content flowSource: Acquia

It is possible that one of the secondary sites may have a relevant information on the subject. Primary site may need to import important information from its sub-sites so that it can then distribute it to the other secondary sites. In any case, in the centralized model of content dissemination, content is propagated through a primary site to the global sites.

For instance, the website of United Nations is powered by Drupal. It has a global presence with member nations from across the globe. To meet their needs, it has dedicated country sites that comprises of unique digital marketing teams. So, if a new agreement has been signed on by influential nations on combating climate change, a digital marketer can push the information out to the secondary sites via a primary site thereby publishing the content to both primary site and its secondary sites spread across the nations.

Another very good example is the Planet Drupal, which displays the aggregated list of feeds about Drupal posted around the globe. Drupal.org, Groups.Drupal.org and several other sub-sites may find several absorbing contents fit into its topical sections. Planet Drupal provides the platform to share interesting, relevant and highly useful Drupal-related informative blogs.

Decentralization

It is not always the case where a primary site would be distributing content to additional sites. What if there is no such main site to propagate the information to the secondary sites? Independently run sites can share content with each other through a peer-to-peer model of content dissemination.

Flowchart showing decentralized model of content flowSource: Acquia

For instance, an organisation from media and publishing industry can have several regional sites. So, in a country like India, with a diverse and multi-linguistic culture, a digital media might have independently run regional sites. If a regional site in Chennai, a metropolitan city in India, is running a cover story of the citywide celebration of a festival, their national television channel can reuse that coverage of festival to be posted on its site.

It is doubly important to choose the right model of content distribution for your organisation’s needs and its success. It is also significant to have the best content strategies in place in addition to the continuous flow of wonderful content.

Constructing effectual content strategies

Infographic showing the state of content strategy, describing the percentage of businesses with a content strategySource: Contently

A question on Quora reads, “How do I develop content strategy?”. It involves identification of roles and workflow to find out who does what, formulation of standard guidelines to be followed by content producers, repurposing available content on your site, and using the best tools and technology available.

Infographic showing the importance of documented content strategy with percentages and piecharts.Source: Contently

Hammer out the finer details of your objectives

Before you commence with the proceedings involving content production, you need to be smart and have the right set of goals and plans for the creation of superabundance of content.

  • Being succinct: Make sure that what you plan is precise, specific and succinct.
  • Relevancy: Your objectives should be relevant to your business. So, if you are a Drupal agency, in addition to Drupal related content, you can explore many other technologies that can work together with Drupal.
  • Being realistic: Setting goals that are attainable would serve you the purpose better. If your Drupal agency has been churning out 30 blogs per month, setting 100 blogs per month would be too drastic.
  • Trackable: Your objectives should be measurable. So, if you want to boost your social media presence, formulate a goal that focuses on increasing it by X percentage so that you can measure your achievement rate.
  • Time constraints: You should have a goal that is time-bound. You should be able to adhere to the timeline set for the particular task.

Define your target audience

A proper persona research would help immensely to build content that is ideal for your users. For the creation of optimal content, you should know who your customers and prospects are, what are their interests and concerns, and what sort of content do they want to consume.

Graphic describing what buyer persona is and why it is important.Source: Online Marketing Institute

Start off by developing the persona research for existing user base. Pen down user profiles like their name, job role, industry information and demographic details. Once you do so, try to gauge what information are they searching for, their needs and challenges.

Assess your content

Performing a content audit would help you in re-organising your existing content. Always review your existing content to see what can be repurposed or reused.

Instead of spending a lot of your time in creating or recreating something, content assessment can help in identifying gaps in the existing ones.

Choose the right Content Management System

Selecting the best CMS to power your website can pay dividends. Drupal 8 should be your goto CMS when it comes to choosing the best content-friendly framework.

Infographics showing the features of a CMSSource: Bluehost

Its amazing themes offer the best UX to the content editors. A plethora of custom and contributed modules assist in customization of your site as per your needs and help hugely in content publication. It can of great use for content analytics. For instance, Real-time SEO for Drupal recommends automatic alterations that can boost the SEO of the content that is going to be published.

Prepare a super list of topic buckets

Brainstorming on content ideas can be effectively done through tools like Buzzsumo, Feedly, Semrush and many more. Once done, start preparing a topic cluster to construct a super list of relevant content based on the parameters like search volume and long tail keywords.

Rummage through the content types

A plenitude of content types can be derived, after the super list has been prepared, to work upon. Determining the sort of content you should be using would depend on different stages of buying cycle of the prospects.

  • Brand awareness: The prospects would rummage through your products and services, understand your brand value and try to gauge whether they have the need for your product.
  • Identification of problem: Prospect might figure out the problems and start researching about the possible solutions thereby coming across your products.
  • Comparing available options: Prospect can compile the list of vendors and validates these options.
  • Decision-making: After the comparison of different options, the prospect can start deciding which one to choose from.

Once the different stages of buying cycle are figured out, it is time for mapping what sort of content type would suit best for each of the stages. An illustration below shows the types of content that can be identified with different stages.

Flowchart showing different stages of buying cycleSource: Hubspot

Drupal can be of great use to build these content formats. Let’s see some of them.

Posting blogs: Posting blogs on your website on a regular basis is of utmost importance. Blog posts should provide valuable information to your readers ranging from long form to short form blog types. Drupal provides options for posting different types of content on your website. Whether it is business-centric article or an interview of a CEO from a renowned company, Drupal has the provision for posting different sorts of content.

Administrator view of opensenselabs.com with drop down menu of content.

Developing infographics: Another great way of producing content is the infographics that provide graphical information to convey an information clearly and quickly. Drupal offers a lot of modules that can help in embedding images with infographics in your blog posts. For instance, colorbox, a Drupal module, can help in displaying an image by overlaying it above the current page.Graphic describing the importance of infographics with a laptop and thumb on the left side.

Embedding videos:  A research by Hubspot, as can be seen in the stats below, shows that video is increasingly becoming the most influential and preferred medium of content. Drupal has plenty of modules that can be used for producing videos and embedding them in the blog posts. For instance, CKeditor Media embed module can help in embedding videos, images, tweets that are hosted by other services.Statistics showing percentage of different forms of content that people want to consume in future

Creating Podcasts: Edison research, in one of their studies, reports that 57 million people listen to podcasts every month.  If you have interesting presentations, want to share the latest information on your products and services, or have some amazing conversation with industry leaders, podcasts are the way to go. Drupal 8 module, RSS SimplePodcast, lets you create simple podcast RSS.

Content Governance

Governing the publishing of content is one of the foremost things that content editors need to take care. Having the provision for publishing the content should be hassle-free. You should not only be able to publish your blogs posts but also be able to schedule it as per your organisation’s workflow and your convenience. Scheduler, Drupal 8 module, helps in publishing or unpublishing a content at a particular date and time.

Content editors should also have to administer the publishing of content other than their own sites. Creating original content for an online content portal like Medium would be really helpful in spreading the content to bigger and relevant audience. Also, publishing the content on social media sites like Twitter, LinkedIn etc. can help in targeting more eyeballs.

Conquering challenges

Strategizing the content flow can be rewarding but it does have its fair share of hurdles.

  • Construction of right content for the audience can be hassling.
  • Churning out the right amount of content can be tricky.
  • Looking up for a specific content from the wealth of content on website can be strenuous.
Pie chart on the challenges faced with different content marketing strategiesSource: Hubspot

Drupal 8: Ultimate choice for content strategy

It is of paramount importance that you choose the right CMS for your business when it comes to producing a great content efficaciously. Drupal offers the belligerent support needed for content-heavy websites.

APIs as a core feature

Business enterprises can choose Drupal as the central content repository getting the best out of its rich content structuring, content creation, and administration provisions. Drupal provides the best way to curate, build, and publish content through APIs as its core feature. It makes multi-channel content distribution much easier.

Web personalization

Drupal has the means for enabling web personalization that helps in understanding the interests of the users, tailoring the website to accommodate their profile and, offer them the best content that is relevant to them.

infographic on importance of web personalisationSource: WhiskData

Acquia Lift Connector, Drupal module, helps in the unification of content and the insight collected from several sources about the customers for delivering in-context and personalized experiences across multiple platforms.

Intelligent content tool module, supported by Opensense Labs, helps in auto-tagging, text summarization and finding content duplication.

Multilingual capabilities

Drupal 8 has out-of-the-box multilingual capabilities that help in building websites in more than 90 languages. With in-built modules for language handling, interface translation, configuration management, content translation, Drupal 8 can of great help in building multilingual sites easily. This helps in tailoring user experiences by translating the content in their own language.

Mobile-first approach

Drupal 8 is responsive out-of-the-box. That means the mobile-first approach is a core part of the Drupal framework. It comes with a plethora of fully responsive themes that enables it to work efficiently across platforms. Your content would look exactly the way you want on computers, tablets, and smartphones.

Content strategy project for Drupal.org

Drupal.org Content Working Group met for a two-day workshop in 2014 to get the team from Forum One, content strategists and user experience designers, to build a content strategy for the official Drupal website.

Why is content strategy formulation needed?

Drupal.org is the hub of Drupal and its community. It is the main source of code, Drupal-related information and collaboration among the community members. From project managers to web developers, everyone contributes towards its development and betterment. Organisations from a wide array of industries like governments, nonprofits, and Fortune 500 companies have been using Drupal for their business needs.

What were the objectives of this initiative?

One of the first things that they wanted to improve was the quality and the relevancy of the content available on the Drupal.org website. They also planned to reframe it around all the user roles and proficiencies to address all the audiences. Moreover, their objective was to develop a content governance for the site and improve user engagement within the Drupal community.

What were the steps taken to improve content strategy?

Content Working Group and Documentation Working Group of Drupal identified some gaps and put forth some fixes as part of their content strategy for the site.

  • With over a dozen content types, more than a million pieces of content, much more taxonomy terms and views that represent displays of data, thousands of forum topics, projects (including modules, themes and distributions) and issues associated with these projects, Drupal.org had a lot of content.
  • They took steps to break down these content types into more meaningful content types. For instance, a book page content type can be anything ranging from documentation to resource guides. Thus, this had to be broken down into relevant content types so that the new users can find information more easily.
  • Moreover, a dearth of marketing materials was noticed. They pledged to create content to promote Drupal 8 among the likes of CIOs, CTOs, managers, and business decision-makers.
  • A content audit was needed to be performed regularly. They zeroed in on what sort of content could be archived, what can be removed, and what can be updated. Content mapping was done as well to figure what content they have on the site and what sort of content would they need that would assist in building better information architecture for the new users.
  • They analysed and tested the user experience for creating and maintaining the content on the site.

Tools and technology for content strategy

Understanding the significance of formulating a master plan for producing content on your website can have dramatic metamorphosis for your business. Now, that we have understood the importance, we need to look for the right technology stack that can help out attain our goals.

Integration of CMS and DAM

Content Management System (CMS) like Drupal is primarily designed to build, publish and handle the content on your website. A Digital Asset Management (DAM), in contrast, is highly useful for governing the digital rights and the storage of media content like photos and videos. Integrating DAM capabilities into the CMS can be a big boost for your content endeavours. For instance, integration of Drupal with Acquia DAM, a cloud-based DAM, cam improve brand consistency with the usage of rich media content.

Project management

Usage of project management tools like JIRA, Workbench or InMotionNow can help in imbibing an agile approach to your content workflow, incorporate editorial calendar for effective content management and also help in the proper planning of content production.

Content analysis

Integrating business intelligence and analytics tools like Tableau and Google Analytics would help in compiling reports on your content marketing efforts and assist in the assessment and measurement of your website content.

Future of content strategy

With an enormous presence of disrupting technologies promising to streamline the way existing technologies manage our workflow, curating and distributing content on your website can benefit from some of the future technological advancements.

Virtual reality

A Statista report states that by the year of 2022, the market size of virtual reality would amount to 209.2 billion US dollars. Virtual reality can be a great option to produce immersive content for your content marketing campaigns. For instance, IKEA introduced their customers a way of virtually exploring the living room rather than just looking at their products at the store.

A fictional site of Massachusetts State University was built on Drupal 8 that would help students to take a virtual tour of the University from their website.

[embedded content]

 

Artificial intelligence

To make your content production more predictive, personalised and relevant, AI can be of great help. For instance, Amazon Rekognition helps in integrating photo and video analysis in your application and lets you identify which influencers are generating more user engagement vis-à-vis various product categories.

Native advertising

You might have noticed some form of paid advertisement while reading e-newspaper where the content seems similar to the native content of the platform. Native advertising can play a big role in the content marketing tactics in the future. Almost 60 percent of US digital display ad spending would be done through native advertising.

Live streaming

Another form of content dissemination is the live streaming which will grow immensely in the coming years. It is more like a real-life conversation where audience can pose questions and get responses in real-time thereby increasing user engagement. Viewers spend 8 times longer on a live streaming video content than the on-demand videos.

Conclusion

Creating cornucopia of content is a great deal of work. Producing content smartly by devising right strategy to disseminate content across channels is the way to go. Drupal has been pioneering in the effective distribution of content and can be a great option to embed your website with the best of content.

Ping us at [email protected] to implement the best content strategies for your Drupal site.

Jun 07 2018
Jun 07

Yesterday, the Drupal Security team issued a Security Advisory for the Mollom module, SA-CONTRIB-2018-038. The module is now marked as "unsupported".

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer.

This serves to illustrate a key principle with any CMS (content management system) website: When you're not using a plugin, module, theme or library, remove it.

First, a bit of background.

Mollom

From their own website:

Mollom launched in 2008 to make it easy for people to ensure the quality of content posted to their online applications. Mollom was used widely in the Drupal community and blocked more than 13.5 billion spam comments since its inception. Mollom has helped grow many web applications, but the online comment and SPAM blocking ecosystems have evolved over the years.

What Mollom was particularly good at doing was triaging comments / emails sent from Drupal sites.

Before Mollom, site administrators had two choices: They could ask every poster to complete a CAPTCHA, or they could use heuristics to determine if a comment or email was spam. The problem was that skilled spammers learnt how to get around the latter, and the former was ineffective. (Spammers can crack CAPTCHAs by using actual, low-paid, humans to do their work; real people get annoyed when they can't successively identify every street sign in a photo).

Along came Mollom, and used automated processes to put posts into one of three categories: spam, ham and not sure. Comments that were clearly spam were blocked; comments that were clearly ham were let through; only the "unsure" ones got a CAPTCHA to solve. They had a huge database based on their vast daily workload that let them learn spam characteristics in real time. Spammers never got to have their human pawns crack the CAPTCHA, because their spam comments got blocked first; real people never got the CAPTCHA, provided their comments looked genuine enough.

It was genius, and it worked very effectively.

But then they shut down on 2nd April 2018. The community of end-users had a year's warning of this, but it was still a sad day. I don't know why they closed. Was it impending GDPR? Was it that there weren't enough paying users to keep the service running? We'll never know.

There are lots of Drupal sites that once ran Mollom, and now no longer do.

Which brings me to my point:

Remove that Module

You no longer need the Mollom module files for your Drupal site. So have you removed them?

This is important from a performance point of view. Even if the module is not enabled, Drupal still has to identify that the files are there, and parse them, in case something of relevance lurks within.

It's important from a security point of view. Some vulnerabilities don't require a module to be enabled for the exploit to work.

Also, once a module is disabled, you'll no longer receive updates from the update notification process. I've found sites of mine where I once tried out a module, years ago. I still have the code for 7.x-2.1 in my site directory, and they're now on 7.x-3.15.

Uninstall First (D7)

A special note to Drupal 7 users.

In Drupal 8, you disable a module by uninstalling it.

In Drupal 7, those are two steps. First, you disable it, but the module's configuration remains stored in the site database. Then, if you know you'll no longer need the module, you can do the second step of "uninstall", which clears any variables / tables that the module may have used.

To uninstall, you need the project's files still in the directory tree. So, if you remove the files before uninstalling, you'll have no easy way to uninstall in the future. So uninstall first, then remove the files. (It's not the end of the world, from a security or performance point of view, to have old module variables and data tables lying around, but it is untidy, and you may regret it.)

Any Other Modules or Themes?

Mollom was extremely popular and widely used, and then totally discontinued. That means there will be a lot of sites that need to remove the mollom directory, if they haven't already.

But whilst Mollom is the prompt to write this, it's not the only culprit. It's easy to try out a module and then stop using it. It's easy to build a site using one module for a particular task, and then switch when a more suitable alternative is released.

Why not use this as a cue to review the modules and themes you have lying around, and get rid of the ones you don't need.

Wordpress too

This isn't just a Drupal issue. Anyone got a Wordpress site that still has the "Twenty Twelve" theme lying dormant?

Drupal - Highly Secure

Drupal has a well-resourced security team, who ensure it remains one of the most secure CMS out there, if not the most secure. They work hard to handle vulnerabilities in a timely and professional manner, ensuring issues are patched before they're exploited, and that this is all communicated to the community.

But we can all do our bit, too. Removing old, redundant code is one part of that. And the site may perform a whisker better as a result.

Jun 07 2018
Jun 07

The situation: I'm the primary maintainer of the Commerce Point of Sale module and have been building a customer facing display feature for the Commerce 2 version. So, I have two separate pages, one is a cashier interface where a cashier enters products, the second is a customer facing screen where the customer can watch what products have been scanned, review pricing, and make sure everything is correct.

The problem: Since products can be scanned through quite quickly, it was imperative that the customer facing display update very quickly. The display needs to match wha's happening in near real-time so that there is no lag. Unfortunately, AJAX is just too slow and so I needed a new solution.

The solution: WebSockets seem like a great fit.

Design

AJAX - Too slow!

WebSocket - Fast!

The socket server can either not bootstrap Drupal at all, or bootstrap it only once upon load, making it able to relay traffic very quickly.

Dependencies

I only needed one dependency for this, Ratchet, which is a PHP library for handling WebSockets and is easily installed via Composer.

Setup

The WebSocket server is actually very simple, it finds and loads up the autoload script for Drupal, similar to how Drush does it.

We bootstrap Drupal, just so we can load a few config settings.

We terminate the Drupal kernel, since we don’t need it just for ferrying traffic back and forth and it will probably leak memory or something over a long time if we use it a bunch, since Drupal isn’t really meant to run for ages. I did try it with Drupal running the whole time and it did work fine, although this wasn’t under any real load and only for a couple days.

Now all that we have to do is setup the service.

All the details of our service come from the class we pass in, which basically hooks in the different server events. I’ll leave the details of that outside of this article as none of it is Drupal specific and there are lots of tutorials on Rachet’s site: http://socketo.me/docs/hello-world

Javascript

On the JavaScript end, we connect to the WebSocket using the standard interface.

I used a few mutation observers to monitor for changes and then passed the changes to the WebSocket to relay. You could do this however you want and probably some nicely integrated JS or even a React frontend would be a lot cleaner.

Resources

Related module issue: https://www.drupal.org/project/commerce_pos/issues/2950980
Ratchet PHP Library: http://socketo.me/

Contact us and learn more about our custom ecommerce solutions

Jun 07 2018
Jun 07

Various media outlets are reporting that a large number of Drupal sites are still vulnerable to the recent highly critical core vulnerabilities SA-CORE-2018-002 and SA-CORE-2018-004.

Those reports are all based on the same source. The source investigated the contents of CHANGELOG.txt of a large number of sites and assumed all sites reporting a version lower than 7.58 to be vulnerable.

Checking the contents of CHANGELOG.txt is not a valid way to determine whether a site is vulnerable to any given attack vector. Patches distributed by the Drupal security team to fix the issues were widely used, but did not touch CHANGELOG.txt or any version strings defined elsewhere. There are also other mitigations that vendors have provided which would also not affect CHANGELOG.txt but would protect the site.

We believe the presented numbers to be inaccurate. We consider it to be misleading to draw conclusions from this sparse information. The Drupal project has a long history of a reliable coordinated disclosure security program. For the past 4 years, the Drupal Security Team has provided support to journalists covering our releases and policies and is available for further enquiries.

If you are a member of the press and want the Drupal Security Team to comment, please contact [email protected].

Jun 07 2018
Jun 07

Various media outlets are reporting that a large number of Drupal sites are still vulnerable to the recent highly critical core vulnerabilities SA-CORE-2018-002 and SA-CORE-2018-004.

Those reports are all based on the same source. The source investigated the contents of CHANGELOG.txt of a large number of sites and assumed all sites reporting a version lower than 7.58 to be vulnerable.

Checking the contents of CHANGELOG.txt is not a valid way to determine whether a site is vulnerable to any given attack vector. Patches distributed by the Drupal security team to fix the issues were widely used, but did not touch CHANGELOG.txt or any version strings defined elsewhere. There are also other mitigations that vendors have provided which would also not affect CHANGELOG.txt but would protect the site.

We believe the presented numbers to be inaccurate. We consider it to be misleading to draw conclusions from this sparse information. The Drupal project has a long history of a reliable coordinated disclosure security program. For the past 4 years, the Drupal Security Team has provided support to journalists covering our releases and policies and is available for further enquiries.

If you are a member of the press and want the Drupal Security Team to comment, please contact [email protected].

Jun 07 2018
Jun 07

If you search “why choose Drupal”, many compelling reasons for adopting one of the world’s most powerful CMS solutions pop to the surface: robust and innovative functionality, high extensibility, API-driven flexibility, built-in web services, speed and performance, multilingual support, rich content authoring experiences, 3rd-party integrations, mobile-first responsiveness, and all the other perks that come with using an open source, highly customizable, scalable, secure, and community supported platform like Drupal.

One of the most compelling reasons we think everyone should consider Drupal as the robust enterprise content management framework of choice remains the ease and swiftness with which content can be migrated whether it’s from a legacy database, some other platform, or from an older version of Drupal itself. Along with the host of other great functionality you get out-of-the-box, making content migrations relatively painless lowers the bar immeasurably in making the switch to a platform like Drupal. Depending on the complexity of translating a legacy data model into one that works for a modern web application, the Migrate modules that now ship with Drupal core can make that process a virtual breeze.

On a recent project, we migrated a client’s Drupal 7 site to Drupal 8. With Migrate in core, it was surprisingly straightforward and dare I say easy to move content, massage the data, and populate an empty shell of a site with years of accumulated articles, files, and media. What blew my mind (and our clients’ minds as well) in working with the migration scripts we wrote, is the administrative user interface that works out-of-the-box to allow monitoring of the status of their custom migrations as well as even enable non-technical folks to execute the running of scripts.

A screenshot of the migrations user interface. A screenshot of the migrations user interface.

This feature came in extremely handy when we had to solve a workflow/editorial problem wherein our client wanted the ability to manually import content from an RSS feed. Migrate to the rescue!

Some context: there are a number of contributed modules still catching up to the version leap to Drupal 8. Feeds is one of them. In Drupal 7, Feeds is a powerful and popular solution for aggregating content from external sources. While the open source community is hard at work porting that module’s features to Drupal 8, we happily discovered that Migrate in Drupal 8 core can handle the task with surprising ease.

To give proper attribution, this post by Campbell Vertesi was the first inkling that we could use Migrate to do the heavy lifting. With just a few mapping of fields in a simple yaml file, our client was thrilled to see the admin UI that empowered them to import content from an external RSS feed. Once the configuration was exported, they could navigate to the migration interface, click a button, and all their content from the feed showed up as content on their site. It was a win for everyone.

Here's the yaml file for the above migration:

id: rss_community
label: 'RSS feed for Community'
status: true
migration_tags:
  - RSS
migration_group: rss

source:
  plugin: url
  data_fetcher_plugin: http
  urls: 'https://rssfeedurl'
  data_parser_plugin: simple_xml

  item_selector: /rss/channel/item
  fields:
    -
      name: guid
      label: GUID
      selector: guid
    -
      name: title
      label: Title
      selector: title
    -
      name: pub_date
      label: 'Publication date'
      selector: pubDate
    -
      name: link
      label: 'Link'
      selector: link
    -
      name: description
      label: 'Description'
      selector: description
    -
      name: tag
      label: 'Tag'
      selector: category

  ids:
    link:
      type: string

destination:
  plugin: entity:node
  bundle: story

process:
  title: title
  'body/format':
    plugin: default_value
    default_value: full_html
  'body/value': description
  'body/summary': link
  field_tags: category
  created:
    plugin: format_date
    from_format: 'D, d M Y H:i:s O'
    to_format: 'U'
    source: pub_date
  status:
    plugin: default_value
    default_value: 0
  type:
    plugin: default_value
    default_value: story
  uid:
    plugin: default_value
    default_value: 1

Ultimately choosing the right CMS for your application depends on a lot of factors. Here at Chromatic, Drupal remains one of our favorite enterprise solutions and it’s easier than ever to make the switch (or upgrade your existing Drupal site) with the help of Migrate in core.

Let us know why you love Drupal @ChromaticHQ !

Jun 06 2018
Jun 06

Today I encountered a problem I did not think about earlier. After I pushed a fix to a project I am working on, the CI builds started showing errors. And the problem was coming from a message like this:

The service "mymodule.attachments_manager" has a dependency on a non-existent service "metatag.manager".

In many cases when you see that, it probably means your module was installed before a module it depends on. For example, in this case, it would seem that this module depends on metatag, and so declaring it as a dependency would fix the issue. And for sure, it would. But sometimes dependencies are not black and white.

This particular service does some handling of the attachments when used together with metatag. It does so, because it is a module we use across projects, and we can not be sure metatag is used in any given project. So it's only used in a way that is something like this:

/**
 * Implements hook_page_attachments().
 */
function mymodule_page_attachments(array &$attachments) {
  if (!\Drupal::moduleHandler()->moduleExists('metatag')) {
    return;
  }
  \Drupal::service('mymodule.attachments_manager')->handlePageAttachments($attachments);
}

Now, what this means, is that for the attachments manager to be useful, we need metatag. If we do not have metatag, we do not even need this service. So basically, the service depends on metatag (as it uses the service metatag.manager), but the module does not (as it does not even need its own service if metatag is not installed).

Now, there are several ways you could go about fixing this for a given project. Creating a new module that depends on metatag could be one way. But today, let's look at how we can make this service have an optional dependency on another service.

At first the service definition looked like this:

mymodule.attachments_manager:
  class: Drupal\mymodule\MyModuleAttachmentsManager
  arguments: ['@current_route_match', '@module_handler', '@metatag.manager', '@entity.repository']


This would contruct a class instance of MyModuleAttachmentsManager with the following function signature:

public function __construct(RouteMatchInterface $route_match, 
  ModuleHandlerInterface $module_handler, 
  MetatagManager $metatag_manager, 
  EntityRepositoryInterface $entity_repo) {
}

Now, this could never work if this module was installed before metatag (which it very well could, since it does not depend on it). A solution then would be to make the metatag.manager service optional. Which is something we can do by removing it from the constructor and create a setter for it.

public function __construct(RouteMatchInterface $route_match, 
  ModuleHandlerInterface $module_handler, 
  EntityRepositoryInterface $entity_repo) {
  // Constructor code.
}

/**
 * Set meta tag manager.
 *
 * @param \Drupal\metatag\MetatagManager $metatagManager
 *   Meta tag manager.
 */
public function setMetatagManager(MetatagManager $metatagManager) {
  $this->metatagManager = $metatagManager;
}

OK, so far so good. It can now be constructed without having a MetaTagManager. But how do we communicate this in the service definition? Turns out the documentation for Symfony service container has the answer.

When you define a service, you can specify calls to be made when creating the service, which would be ignored if the service does not exist. Like so:

mymodule.attachments_manager:
  class: Drupal\mymodule\MyModuleAttachmentsManager
  arguments: ['@current_route_match', '@module_handler', '@entity.repository']
  calls:
    - [setMetatagManager, ['@?metatag.manager']]

So there we have it! The service can be instantiated without relying on the metatag.manager service. And if it is available in the service container, the method setMetatagManager will be called with the service, and our service will have it available in the cases where we need it.

Now let's finish off with an animated gif related to "service container".

Jun 06 2018
Jun 06

If your business has been around for a while, there’s a fair chance that your site is running on a Legacy CMS. These outdated frameworks were a step above hardcoding (literally writing the entire site using, say, HTML), but don’t do the modern business any favors in the way of swift and cost-effective site design.

The challenge for enterprises still running on a Legacy framework is clear: “Which modern CMS will help us make things easier for ourselves?”

This article will cover what seems to us like the clear contender for the best of today’s CMS solutions --Drupal 8. We’ll cover the ease with which companies can migrate their content to Drupal 8, the thriving community around it, and other reasons why leading companies across various industries trust the platform to power their websites.

 

Top Organizations Run with Drupal 8

Top Organizations Run with Drupal 8

Drupal 8 is the preferred framework for a significant number of the world’s most influential brands. Pinterest, The Economist, Tesla, Al Jazeera --and countless other industry leaders prefer Drupal 8 for its agility and scalability.

If belonging to a wide group of peers isn’t enough to prove the platform’s reliability, then trust in the fact that the open market is more than happy to throw its weight behind the product-of-choice for its biggest spenders. Thanks to its prominence among elite organizations and businesses, over a million developers have flocked to Drupal --making Drupal-based designs highly accessible for those with a relatively smaller pool of resources.

 

Drupal 8 is Supported by a Thriving Community

Drupal 8 Community and Support

Thanks to the framework’s prominence among big businesses, migrating to Drupal 8 means gaining access to a wide network of developers and innovators building additions to a single product. As a result, the options available to a business are staggering: e-commerce sites can choose from thousands of templates for their online storefronts, news sites can integrate chatbots, and services can manage volumes of content across multiple channels.

Since its foundation, Vardot has been an active member of this community. We can say with confidence that the platform has been crucial in our mission: to help the world’s most influential companies accomplish their own missions.

 

Drupal 8 Offers Risk-Free Migration

Drupal 8 Migration

A major concern for people and organizations looking to modernize their digital assets is the fear of losing content while switching to a new CMS. The process is supposed to reduce cost and boost convenience --so it’s only natural to worry about having to restructure an entire network of websites or reproduce existing content.

This concern is a thing of the past for Drupal users since the platform was designed for high flexibility. Essentially, it allows users to import vast and complex site architecture from legacy systems, removing the need to play around with a sales funnel that already works for you, or rebuild your site’s blog from scratch.

If anything, making the move might actually increase the performance of your website. It takes the liberty of mapping out your existing URLs and updating them to meet the standards of the best SEO practices --meaning users will have a much easier time discovering your content and, hopefully, develop into sales-ready leads. Likewise, it eliminates redundant modules left over from your initial infrastructure and offers a clean database system right out of the box, meaning your site load times will be faster than ever (great for SEO, and great for generating conversions!)

 

Drupal 8 Offers Easy-to-Use Solutions

Drupal 8 Solutions

Legacy CMS platforms often demand much from users looking to update their websites. Since most new tools don’t bother aiming for compatibility with legacy systems, organizations looking to take advantage of AI, voice search, and other top-of-the-line innovations will have to build them up from scratch.

Drupal 8, on the other hand, offers plenty of valuable features right out of the box. These core features allow businesses and organizations of all kinds design powerful and functional websites suited to achieve whatever goals they’ve set. Even better, Drupal is open to 3rd party integrations like Salesforce, chatbots, and tools for both social media and customer support.

Businesses shouldn’t have to fall behind in an age when software is growing exponentially. With all the technology available to grow your sales and revenue, you don’t want to lag behind for a second.

 

Drupal is Perfect for Your Non-Technical Staff

Drupal 8 CMS

We’ve mentioned that Drupal is scalable --meaning it can grow as big as your company needs it to grow in as fast of a time as your company needs. The developers you’ve hired are guaranteed a simple time with it, and so are the people responsible for populating your site: your marketers, writers, and designers.

The best websites are mentally and visually stimulating, which is why people pay so much to keep them looking pretty. Migrating to Drupal 8 allows you to scale back on training hours (no more need for your new hires to learn clunky, outdated systems) and put your I.T. team to more productive use.

 

Case Study - American University of Cairo (AUC)

AUC Case Study | Vardot

The AUC website was first to build using the iAPPS CMS: a Sharepoint content hub for microsites OpenAm, and other features. The result was a confusing hodgepodge of unnecessary applications that clashed to produce a fractured website. AUC, as you can imagine, didn’t thrive in the digital world under these conditions.

When Vardot helped AUC migrate from Sharepoint to Drupal, the institution felt the changes instantly. Their website had a much stronger impact from that point forward and stopped being a headache for the university’s administrators to update. In short, migrating to Drupal helped AUC run a much better website.

 

Conclusion

Drupal 8 is, by all accounts, vastly superior to legacy CMS platforms. It’s arguably superior to CMS platforms that came much later --and the thriving community behind it is unlikely to stop broadening the limits of what the framework is capable of any time soon.

For a good investment in your organization’s future, make the move away from your legacy system and switch to Drupal. You’ll find it highly secure, cost-effective, and easy to set up.

Jun 06 2018
Jun 06

The Drupal Community Working Group (CWG), with support from the Drupal Association, organized and held the first-ever Teamwork and Leadership Workshop at DrupalCon Nashville on April 10, 2018. The goal of the three-hour workshop was to explore teamwork, leadership, and followership in the context of the Drupal community as well as to help provide support and resources for people in the Drupal community who work alongside others in teams and/or may find themselves in positions of responsibility or leadership. Additionally, we hoped to expand the base of people who can step into leadership positions in the Drupal community, and to help those who may already be in those positions be more effective.

The workshop was led by Drupal Association board chair Adam Goodman, who generously donated his time. Adam is the head of Northwestern University’s Center for Leadership, and he works as an executive coach and advisor to senior executives and boards of directors at dozens of companies and organizations around the world. 

As part of the planning for the workshop, Adam asked us to enlist a number of facilitators to help with the various workshop exercises. In addition to three CWG members (Jordana Fung, George Demet, and Mike Anello), the following community members also facilitated: Donna Benjamin, Shyamala Rajaram, Gábor Hojtsy, Angie Byron, and Tiffany Farriss. The facilitators met with Adam prior to the workshop to understand what would be expected of them. 

We wanted to make sure that we invited a diverse range of people to the workshop who are doing awesome work with Drupal around the world, including those whose efforts may not be as well-known or recognized (yet).  We set an internal goal of at least 50% of attendees to be from populations historically underrepresented at DrupalCon, including those who self-identify as women, non-gender binary, people of color, and/or people who are not from Europe, the United States, or Canada.. To this end, prior to the public registration period, we sent out invitations to 64 community members, 75% of whom were from an under-represented cohort. We invited people who are involved in all aspects of the community including (but not limited to) event organizers, sprint organizers, project maintainers, as well as past and current Aaron Winborn Award nominees. At the workshop, there were a total of 50 attendees (there were a total of 60 seats available), with approximately 64% from underrepresented cohorts. 

Attendees were seated at round tables of approximately 10 people per table. The first half of the workshop was focused on large group exercises that focused on helping attendees think about what it meant to be a leader and a team member. We talked about keeping perspective as team members and not jumping to conclusions about each other's behaviors based on an often (extremely) limited set of data. The second half of the workshop focused on smaller group exercises in which individuals responded to various prompts and then discussed them as a small (table-sized) group. 

A few days after the workshop, we asked the attendees to complete an 11-question follow-up survey. Of the 50 attendees, we had 17 responses for a 33% response rate. We asked what their expectations were for the workshop; representative responses included:

I thought it would be a workshop on leadership, but I was surprised by the approach to the Drupal community.

Didn't know what to expect. So...none

The fact that we had multiple responses indicating that the expectations were not clear tells us that we need to do a better job in communicating exactly what the goals and activities of the workshop will be in the future. 

On a scale of 1-5, 73% of respondents indicated that the workshop met their expectations (via a rating of 4 or 5). 

We also asked respondents to share an insight from the workshop. Responses included:

Transition planning for responsibilities you take on and having a plan in place before even taking on the responsibility.

The need to know why each person on the team is present (their motivation) and the importance of unified movement toward a goal.

I hadn't written out what leadership looked like to me before, so I found that part of the exercise to be quite helpful.

The survey also found that the attendees found more value in the smaller group exercises than the large group exercises (81.3% vs. 60%), with 81.3% indicated they'd be interested in attending future similar workshops.

Many of the open ended responses indicated that some attendees were hoping for more practical, hands-on advice for specific situations. In addition, several of the responses felt that parts of the exercises felt rushed, and wished there was more time. Finally, several attendees commented on the appropriateness of some of the imagery used in one of the workshop exercises, for which the CWG made a public apology following the event. We have gone through all of the comments relating to aspects of the event that were considered negative or unhelpful and will take this into consideration on how we can improve the workshop for the future.

Overall, we feel the workshop was a success, and something that has been long overdue for the Drupal community. We've been discussing how we can make similar content available to everyone in the community, not just DrupalCon attendees. We're open to ideas for future workshops on these topics (and format), let us know if you have any ideas.
 

Pages

About Drupal Sun

Drupal Sun is an Evolving Web project. It allows you to:

  • Do full-text search on all the articles in Drupal Planet (thanks to Apache Solr)
  • Facet based on tags, author, or feed
  • Flip through articles quickly (with j/k or arrow keys) to find what you're interested in
  • View the entire article text inline, or in the context of the site where it was created

See the blog post at Evolving Web

Evolving Web