Jan 18 2019
6
Jan 18

This article was originally written on 2017-04-12 but has been updated with current information and SEO best practices.

Drupal is phenomenal for SEO. When you use Drupal 8 for your content management system, you have a powerful tool to rock search engine optimization. I’ve worked in Drupal for 12 years and I’ve experienced firsthand how quickly search engines respond to a well-optimized Drupal website. I’ve seen customers triple their traffic in weeks after upgrading from another platform. I’ve seen competitive advantages from site-wide optimizations like RDF or AMP that put my clients on the cutting edge of SEO because they use Drupal. The benefits are a faster website, higher rankings and more traffic.

One of the main reasons Drupal is the content management system of choice for complex enterprise websites is the fact that it has been built from square one with the functionality and flexibility needed to optimize every node, every view, and every snippet of code for search engines.

Now, Drupal 8, the latest version of Drupal, has brought many new additions for ease-of-use, functionality, and robustness. Drupal 8 is the superior method for creating and marketing your website to the world. For all its improvements, Drupal 8 still feels like Drupal. Faster, cleaner, more refined, and certainly more up-to-date, but still Drupal nonetheless.

With the introduction of Drupal 8, I saw a need for helping marketers using Drupal make the most of the features available to optimize their website. With that in mind, I created Drupal 8 SEO. This book, written for marketers, provides the step-by-step details you need to rock Drupal 8 SEO. If you follow the steps in the book, the rewards will be great: increased Google ranking, higher website traffic, more customers and greater revenue. In fact, we based our Drupal SEO Kickstart service on this book.

Drupal 8 SEO is over 200 pages of detailed instructions for making the most of Drupal 8’s core features and optional modules to optimize your website. While there is much to share, I have chosen six tips you can use to get started on the road to rocking Drupal 8 SEO.

1.     Download the Drupal SEO Checklist Module

I may be biased because I’m the author, but I believe the most important thing you can do is download the Drupal SEO Checklist module at Drupal.org. Robert Shea of IBM says that “Drupal SEO Checklist is the most powerful Drupal module that ‘does nothing.’” This module just tells you what to do.

Following the Drupal SEO Checklist, you can implement the best modules and tasks that are needed to optimize your website. By giving you a complete list of best practices, it makes on-page Drupal SEO hassle-free. When you have completed the to-do list, you will have a fully optimized website.

The module’s tasks are segmented by functional needs like Title Tags, Paths, Content and more. Next to each task is a link to download the module and a link to the proper admin screen of your website so that you can configure the settings perfectly. Drupal SEO Checklist also keeps track of what has already been done by placing a date and time stamp next to each item.

The SEO Checklist Module tells you what to do, but it doesn’t tell you how to do it. For that, check out my book, Drupal 8 SEO. This book has been written to explain how to implement the suggestions in the SEO Checklist. You can even turn on Drupal 8 SEO Checklist Book page numbers so that you can quickly find the corresponding page in the book.

2.     Clean up your URLs

In order to make Drupal 8 as effective as it can be at optimizing your website, you need to be sure your URLs are clean, your site shows the right content, and link value is maintained even when your content changes.

Drupal 8 installs clean URLs by default and it can’t be turned off, but you can do even more with the Redirect module. In Drupal 8, using the Redirect module allows you to redirect from old URLs to new URLs. This is great when you’ve moved a piece of content to another section of your site or inadvertently changed the URL.

The Redirect module creates 301 redirects from old URLs to new URLs on your website. This helps your SEO by making sure that any URL that ranks in Google will still resolve when a visitor arrives. This module automates what used to be an arduous and ongoing SEO chore – fixing broken links. Now you can turn on this module and forget about it.

Have you ever moved content, put the wrong URL on printed advertising, or migrated content from another website? Then you know the problems this can create. With the Redirect module you can also create your own manual redirects.

Another great module for SEO is the Pathauto module. Using the Pathauto module, Drupal 8 automatically generates URLs for your content that are great for SEO. This means that you don’t need to manually create every single content URL on your website.

3.     Implement meta tags

Meta tags are an important step to making Drupal 8 as effective as it can be. Meta tags are snippets of text that are used to tell Google, other search engines and social media sites about the content on each page of your website. This helps your SEO by communicating clearly what you think each page on your website is about and how you want it described on their sites. If you don’t do this, you will have to rely on the search engines to make up their own minds about your content. While they’re pretty good at this, it’s important enough that you don’t want to leave it to chance.

The Metatag module allows you to automatically provide title tags and structured metadata to each page of your website. This module places both the HTML title tag and meta tags in the header of a web page. This means less code and faster rendering of your web pages which also helps with your SEO.

The Alternate Hreflang Module automatically adds hreflang tags to all or your website pages. Search engines reference the alternative hreflang tag to serve the correct language or regional URL in the search results. This is very important for multilingual websites.

4.     Communicate directly with search engines

Search engines want to help you help them crawl and index your website. In order to do this, they provide tools and reports to help you communicate with them and better understand what’s going on with your website. The marketers who do this well will receive better search results and get a lot of traffic.

The XML Sitemap module creates an XML sitemap of your content that you can submit to the search engines. An XML sitemap is a specially formatted summary of each piece of content on your website. The module creates a properly formatted XML sitemap that can be submitted to Google, other search engines and other sites. Having an XML sitemap helps your SEO by giving Google a list of all your pages that you wish them to crawl. While Google can crawl your site without an XML sitemap, the bigger and more complex your site becomes, the higher the chance that their crawler will get confused and miss pages or even whole sections of the site.

Cron is a system that maintains and cleans up your Drupal site. It does things like checking for updates, indexing content, and rebuilding XML sitemaps. Now your XML sitemap will stay up to date with all the new content that you add to your website.

The Google Analytics module adds the Google Analytics code snippet to your website and allows you to control how and when it is used. Google Analytics is an incredibly important tool for any web marketer. It allows you to find valuable insights into your visitors including demographics, behavior on your site, where they found you online, what keywords they used to find you and more. However, Google Analytics isn’t perfect. For example, it tracks all visitors by default—even Admins. The Google Analytics module can fix that by only showing the Google Analytics code snipped when a non-admin is using the site. This keeps your data clean and your reports more useful.

5.     Download the best Drupal 8 modules for SEO

No one thing is so powerful that Google is going to suddenly fall in love with your website and boost you in the SERPs (Search Engine Results Pages). Rather, all the tools work together to produce an outcome that is significantly better than the parts alone ever could. The Drupal modules I’ve mentioned above are just a few of the very best. I’ve listed others in the book and in the Drupal SEO Checklist including:

While Drupal 8 now includes RDF (Resource Description Framework) in its core, the RDF UI module goes a step further by allowing site builders to integrate Schema.org seamlessly during or after the site building process on Drupal 8. This is important because, as Schema.org describes it, “On-page markup helps search engines understand the information on web pages and provide richer search results.”

The Linkit Module provides an easy interface for creating links in your WYSIWYG content editor by using an autocomplete field. It makes sure that all the links that you add to your content are well-formed, up to date and automatically use the proper path. Properly formed and placed links are a powerful strategy for any SEO campaign.

The D8 Editor Advanced Link Module helps your SEO by placing additional text information about each link on your website.

6.     Speed up and secure your website

Two important attributes of your website are security and speed. Google rewards websites that are secure and quick to render. All the great SEO in the world won’t make your site great if you get hacked. There are bad people on the internet who want to break your website, infest your visitors, steal your data, and/or blackmail you. From the Panama Papers fiasco (yes, Drupal was involved) to your garden-variety script kiddie, you’ve got to protect yourself and your Drupal website.

Speed became a ranking factor for Google searches in April of 2010. In other words, all else being equal, the faster site will rank higher. Therefore, it makes great sense to ensure that your site is as fast as you can reasonably make it within your budget.

Drupal 8 has responsive web design as its default methodology. That’s good because Google specifically states that they prefer this method to serving mobile devices. In this setup, the server sends the same HTML code to all devices and CSS is used to change the way the page looks for each mobile device. It allows a single URL for the same content and that’s great for sharing and for offering up pages to all visitors. One way to speed up your website and be mobile-responsive is by downloading and implementing the Google AMP module.

Learn More with Drupal 8 SEO

Search engine optimization is a game of inches. A title tag that’s missing a keyword, a body that doesn’t talk about the topic, metadata that isn’t quite right. Together, that’s enough to kick you off the front page of Google. Using just the tips above will help you down the path toward a rockin’ Drupal website. Of course, there is much more to learn. If you want to optimize your website yourself, you can find all the details in my book, Drupal 8 SEO.

If you don’t have the time to optimize your Drupal website yourself, sign up for our Drupal SEO Kickstart program -- we'll get these items (and a lot more) installed and optimized in short order. Volacci can implement the best of Drupal SEO whether you are creating a new website, you are migrating from one platform to another, or you just need to fix what you have.

Jan 18 2019
Jan 18
To kick off 2019 properly, the Experience Express is taking a break from Drupal and web development to consider an oft-forgotten component of new digital experiences in the conversational space. Though many organizations, some of Acquia's customers included, have leapt headlong into building conversational interfaces, sometimes it can be difficult in such a newfangled paradigm to consider all possible angles where things can go awry.
Jan 18 2019
Jan 18

March 2019 sees the return of Drupal Mountain Camp, in the picturesque town of Davos in Switzerland. The call for sessions closes at midnight CET on Monday, 21 January, so be sure to submit your talk today.

We’re proud to be part of the organising team as well as a Gold sponsor for this awesome community run event. We’ve submitted several talks and hope you do the same.

About Mountain Camp

The camp is designed to combine the beauty of the snow-covered Swiss Alps, with the warmth of the Drupal community. It's a perfect combination of fresh tracks for those who ski or snowboard, with inspirational talks by amazing people. This will, of course, be accompanied by some world famous Swiss cheese and chocolate.
 
The camp takes place from 7 - 10 March 2019, at the Davos Congress Centre.

Davos Congress Centre

Final call for sessions

Call for sessions close on Monday, 21 January, so don’t delay, be sure to submit yours today! 

Along with the great sessions, there will be 2 confirmed keynotes. The first on Friday, entitled "The Future Of Drupal Communities", by Drupal community leaders Nick Veenhofand and Imre Gmelig Meijling, and the second on Saturday by Matthew Grill, about the "Drupal Admin UI & Javascript Modernisation Initiative."

If that sounds interesting and you want to know more about the topic submission process, read on:

How can I submit a session?

  1. So you've got something you'd like to talk about, awesome, here's how you can submit a session:
  2. Head on over to the submit a session link.

  3. Think of a catchy title and fill in the Session Title.

  4. What is your talk about? Try to write 4-5 lines about what you'd like to talk about in the Description textbox.
    Note: you can add images if it helps to portray your talk.

  5. Select what kind of Session Type (how much time) you'd like.

  6. Input the appropriate Tracks - you may select multiple if your talk covers various topics.

  7. Select the Level of Expertise - is it more of a beginner talk or does it become quite advanced with technical terms?

  8. Don't forget to add your Speaker Name and Contact Email.


Session Talk

Why should I submit a session?

Preparing and then presenting helps to entrench your knowledge on the topic. You'll also learn from your peers who attend your talk, through feedback and questions.

Be sure to take note of the following, when considering your topic and submission:

  • Giving a talk will require a lot of work and preparation, but don't let that put you off. It will pay off in the end.

  • People who attend your talk are generally looking for help in your specific topic, so this will be a great time for networking.

  • You'll be noticed and people will tell you that you're cool.
 
  • Ok, maybe you don't want to be noticed, and maybe you're fine with not being called cool, but you'll definitely have fun talking.

  • You'll feel way more confident afterwards, which might be a good enough boost for you to jump on a snowboard and hit the slopes on the weekend.


Check out some of these great proposed sessions for inspiration:

I hope this has inspired you! Now go ahead and submit your talk and we'll see you in March in Davos, Switzerland. Till then, follow the Camp on Twitter.
 

Swiss Alps
 

Jan 18 2019
Jan 18

By Eduardo GarcíaCTO | January 18, 2019

By Eduardo GarcíaCTO | January 18, 2019

Last month I attended my second Drupal South in Canberra, the capital of Australia. Yep! the capital is Canberra, not Sydney.

In my first Drupal South in 2016 I was invited to present a keynote. I also did a Drupal 8 training and a regular session.

This time my experience was completely different, since I am a local resident in Australia now. I had the opportunity of presenting too, and enjoyed the conference from a different perspective.  I definitely learned a lot from Australian colleagues whom now I can call my peers (plus, this time I get to understand the local jokes). Finding someone who knows Drupal in Australia is not that easy, and even more difficult in Tasmania. Events like this help train developers interested in adopting this technology.

What I Shared during Drupal South

The last few months in our company (weKnow) we have been working in projects involving what I call “Offline Headless Drupal”, where we use Gatsby to create a React Application using Drupal 8 as the source of content.

My session was “How to keep Drupal relevant in the API-driven and git-based CMS era”.

In this architecture, Gatsby blends all content into React and puts it into a CDN, which not only improves UX and accelerates performance but also serves as the starting point for new integrations with modern tools of third-party providers.

You can see my session slides here.

What caught my eye

This year I was very interested in sessions related to GovCMS. Here are a few I enjoyed:

GovCMS distribution and platform hosting is getting to the next level, especially with thei latest updates in their infrastructure and the incorporation of Drupal 8 to the distro.

The future looks brilliant for Drupal in Australian Government and the number of Drupal sites in the next 24 months will increase significantly without a doubt. The new version supports Drupal 8 which has more features that make it possible to make better sites. Perhaps the biggest challenge for the community at this moment is to be able to find the talent to work on those new projects.

Hosting more events like this will definitely help local Australians with valuable training that will enable them to participate in projects both in Australia and overseas. Remote work is a solution that can benefit programmers all over the world, and we could take great advantage from it too.

Things are going south!

 

In Australia, this expression doesn’t necessarily have a negative connotation; after all, we are in the extreme south!

If you thought we could not go further down; yes we can and we will. I’m glad to be part of the team that will be hosting Drupal South 2019 in Hobart, Tasmania, the place that I call home nowadays.

We will put in all the effort to organize the best event we can. Come and enjoy Drupal, walk through the fantastic trails that Tasmania has to offer, and of course don’t miss the opportunity to meet the Iconic Tasmanian devil! See you there!

Jan 17 2019
Jan 17
Drupal 7 core, together with Drupal contrib, has the ability to ship a powerful platform for our digital requirements in the enterprise world. The multilingual feature is one of the prime reasons that Drupal is a distinguished and a preferred solution to achieve business goals. Drupal 8 includes the multilingual package in the core itself, but Drupal 7 requires some extra amount of effort to build this package as a whole to make Drupal multilingual ready.
Jan 17 2019
Jan 17

If your library hosts community programs and events, you should check out Intercept: a new product for helping libraries run better events. Intercept makes it easy to create and manage events. Even better, it provides actionable reports to help measure success and recommend strategic improvements for your programs in the future.

Intercept Features

Intercept provides valuable features for event management, equipment reservations, room reservations and customer tracking.

Event Management

  • Easily add and edit events.
  • Book rooms at the time of event creation.
  • Host events at outside venues.
  • Make custom templates for quickly creating future events.
  • Create recurring events.
  • Set up registration for events, including waitlists.
  • Browse events as a list or grid-style calendar.
  • Filter events by type, audience, location, date and keyword.
  • Save and register for events.
  • See similar events based on type and location.
  • Receive recommendations for other events based on your preferences, events you’ve attended and/or saved.
  • Analysis for events.

Equipment Reservations

  • Browse and reserve available equipment.
  • Set reservation periods by item.
  • Manage and approve requests.
  • Report on equipment usage.

Room Reservations

  • Customize rooms and locations.
  • Browse rooms by type, capacity and timeframe.
  • Reserve rooms with validation to ensure rooms are not double-booked.
  • Deny or approve reservation requests, with email notifications.
  • Staff reservations are automatically approved.

Customer Tracking

  • Ability to integrate with popular Integrated Library Systems (ILS).
  • Integrates with Polaris ILS.
  • Single sign-on with website and ILS.
  • Allow attendees to scan into events with their library cards.
  • Gather and analyze feedback from customers.
  • Analyze event attendance numbers with population segmentation
  • Download a CSV report on attendance.

Built By Libraries, For Libraries

Intercept was built as one part of a large redesign and redevelopment project with Richland Library. From the beginning, Richland’s vision was to both create a product to help measure the effectiveness of its own events, and to release that product to the wider community of public libraries. More than five years of user research, planning and beta testing have gone into this product to date. Intercept was designed and developed by a team intimately familiar with the problems that it solves.

Open Source

Intercept was architected as a suite of modules for Drupal 8, is open source, and is freely available to all. You can download an early version of the code from Drupal.org at https://drupal.org/project/intercept, and the most recent version will available there soon. If you’re interested in learning more about using Intercept to help make your library’s events even better, we’d love to help! Just drop us a line on our contact page and we’ll be in touch right away.

Jan 17 2019
Jan 17

The internet can be a dangerous place, what with so many hackers and people potentially looking to make a quick profit off bad practices. In such an environment, it becomes increasingly important to make your Drupal site as secure as possible. Fortunately, Drupal is well-known for being a pretty secure CMS out of the box. However, it is by no means perfect, and, owing to its flexibility and support for various modules, there are a number of modules you can install to make it a lot more secure. So, in this, post let’s take a look at some of the best security modules that you can download and install on your Drupal site to make it as foolproof as possible.

Login Security

The login page to your site is like the gate to your house. It only makes sense, then, that the first thing to strengthen would be the login process. An excellent module for this purpose is the Login Security Module. It allows you to set a limited number of login attempts, failing which the account will be automatically blocked. In addition to that, it also allows you to block IP addresses as well as sends you alerts via email if there’s a potential brute force attack on your site.

Link

Captcha Module

Quick question: what’s the easiest and most widely used method of keeping spammers away? It is, of course, captcha. With the captcha module, you can integrate captcha on your Drupal site in a couple of minutes and keep those pesky spammers and bots at bay.

Link

Security Kit

A module that’s going to become your best friend on your journey to make you site foolproof, Security Kit is an all-in-one module for your site that allows your to configure, tweak and set up various options in order to minimize the chances of any attacks on your site. On top of that, it also gives you helpful directions such as setting up http headers etc. to make your site as resistant to malicious attacks as possible. A module which is very much worth its weight in any secure Drupal site’s arsenal.

Link 

Password Policy

Setting up a password policy for your site is a good idea, as it not only keeps bots away, but also helps to ensure that users keep a strong password and not just the ‘password123’ type. A strong password helps prevent breaches on your site, making it a lot more secure in the process. The password policy module allows you to do just that by giving you options to define a set of constraints which need to be met by the user before their password is accepted. While the Drupal 8 version is currently in the alpha stage, it works perfectly well, so go ahead and enable it on your site.

Link

Session Limit

As the name implies, this module allows you to configure the maximum number of sessions allowed per user. The number of sessions is the number of browsers a user is logged in at. Using this module, you can also configure various other options such as prompting the user to log out of another session before logging into a new one etc.

Link

Conclusion

Using these modules, you can ensure your Drupal site stays a lot more secure. Since these are modules that anyone can grab for their site, there’s really no excuse not to use them. While there are additional techniques which can be implemented on a Drupal site to secure it, they are advanced techniques. To get started, these modules will do the job nicely. Another thing to note is that with Drupal 8, a lot of security measures have been implemented out-of-the-box, hence it currently sports a smaller amount of additional security modules than Drupal 7.


Are you confused about how to set up security measures for you site? Worried about whether your site isn’t safe enough? Contact us at Agiledrop and let our extensive Drupal experience help you with this!
 

Jan 17 2019
Jan 17

Beauty saves the world, and Drupal helps it in this mission. There are awesome beauty product websites built with Drupal, which are not only beautiful but feature-rich and powerful. This is another proof of Drupal’s versatility for websites in any sphere — e-commerce, real estate, law firm, or any other. Our Drupal development team knows it firsthand because it builds cool websites for customers. So let’s now plunge into the world of beauty, and enjoy examples of beauty product website designs on Drupal.

Great examples of beauty product websites on Drupal

  • Lush website built with Drupal

Drupal powers the website of the world-famous British handmade cosmetics manufacturer — Lush. The front page engages visitors with full-length video slideshows and offers them to watch the “Lush Player” with stories.

If users choose to continue with the website, they are invited to their country’s specific version, since lush.com is a multisite with multiple languages that provides tailored experiences to users. The country is autodetected but users can select another.

Lush.com is an e-commerce website with an extensive catalog of products that features user reviews, star ratings, product videos, related content, and more. Users can also shop by price or by popular scent. There also are product guide, charity pot, wishlist, shopping cart, and integration with famous payment gateways.

The site also promotes offline sales, so it offers the search for brick-and-mortar shops and shows their detailed contacts including a map.

Lush website built with Drupal
  • Benefit Cosmetics website built with Drupal

The next in our examples of great beauty website designs on Drupal is the site of Benefit Cosmetics LLC  — a manufacturer of cosmetics from San-Francisco. They sell their beauty products to more than 30 countries. Their multisite Drupal website using multiple languages is an awesome assistant in that. By the way, these features are among famous Drupal strengths.

The content is presented in a very user-friendly, cheery, and encouraging way — for example, the search bar asks “What are you looking for gorgeous?”.

The Benefit Cosmetics website showcases beauty products and services in many ways — in handy menu categories, special offers, as well as interesting content types like “Dilemma solvers” that offer solutions to customers’ “beauty dilemmas”.

When users get interested in a product, they are shown the available offline shops. They can also make an online reservation for a beauty service in their area.

Benefit Cosmetics website built with Drupal
  • Miss Sporty website built with Drupal

Among great examples of beauty product websites built with Drupal, we should also mention the Miss Sporty. It is presented in three languages: English, Czech, and Polish.

The site features a handy catalog of beauty products with reviews and star ratings. When cosmetics are presented in a variety of colors, users can instantly “try” these colors on the main product image. The search feature helps products be quickly found.

The Miss Sporty website has strong community features. In addition to the handy social sharing options, it features a whole big section called “Community”, which displays photos shared by users via Instagram.

Miss Sporty website built with Drupal
  • Natura website built with Drupal

You could also enjoy the design of the Natura website — a Peruvian beauty product resource. It immediately attracts users with a colorful front-page slider, and invites to view the beauty content.

Users can browse the products from the catalog and, if they are interested, contact a beauty consultant. The consultant search feature is very precise. Consultants can be found by province, by area, and even by street, or you can use the map. Users also have the option to become consultants themselves, and are directed to the website’s chat for the discussion. 

The website features the digital beauty magazine, as well as beauty product videos. It has a newsletter subscription and a search feature.

Natura website built with Drupal
  • Clinique website built with Drupal

Another pearl among examples of beauty product websites built with Drupal is the site for Clinique Laboratories, LLC. It offers advanced e-commerce features and lets users shop by product category, by price, by most wanted items, by ready holiday looks, and more.

When users have added products to cart, they can check out via Paypal or via a regular checkout. It is possible to sign in via Facebook for shopping.

In addition to online shopping, users can send e-gift cards to anyone they wish right from the website. They specify the recipient, the sum, the date of delivery, and other details.

There is also a promotional feature that gives points to users, which mean various awards and benefits. Points are calculated for shopping, reviews, social sharing, and so on.

Clinique website built with Drupal
  • MAC Cosmetics website built with Drupal

MAC Cosmetics is another famous beauty product manufacturer that trusts Drupal. Their website lets users view products in various categories and by them online.

Each product description is accompanied with reviews, star ratings, as well as related products that go with the current one. Various colors are applied instantly to the product image.

For those who want to shop offline, there is a search feature for stores. Users also can check the in-store availability of a particular product in the catalog by entering their zip code and distance within which they want to shop.

It is also possible to send gift cards online by specifying the recipient, the gift value, the delivery date, and more.

MAC Cosmetics website built with Drupal
  • “Be Beautiful” website built with Drupal

A whole world of beauty advice can be found on the Be Beautiful website that is also powered by Drupal. This multilingual website has as many as 10 languages.

Users are presented with useful articles, news, and videos from beauty experts. All beauty topics are conveniently categorized. The search bar offers an additional help in finding the right content. The site also features an Instagram feed for more interactivity.

The website’s content includes links to beauty products with the directions to find them on Amazon or other online retailers.

Be Beautiful website built with Drupal

Love these examples of beauty website designs? Get one for you!

Our collection of examples of beauty product websites built with Drupal is not complete. First of all, it is missing your future website — but we can fix this! ;)

Contact us, and let’s add some beauty to this world together. Your beauty products and our developers’ talent could unite in an amazing Drupal site!

Jan 16 2019
Jan 16

This blog has been re-posted and edited with permission from Dries Buytaert's blog.

Eighteen years ago today, I released Drupal 1.0.0. What started from humble beginnings has grown into one of the largest Open Source communities in the world. Today, Drupal exists because of its people and the collective effort of thousands of community members. Thank you to everyone who has been and continues to contribute to Drupal.

Eighteen years is also the voting age in the US, and the legal drinking age in Europe. I'm not sure which one is better. :) Joking aside, welcome to adulthood, Drupal. May your day be bug free and filled with fresh patches!

Jan 16 2019
Jan 16

by David Snopek on January 16, 2019 - 12:47pm

As you may know, Drupal 6 has reached End-of-Life (EOL) which means the Drupal Security Team is no longer doing Security Advisories or working on security patches for Drupal 6 core or contrib modules - but the Drupal 6 LTS vendors are and we're one of them!

Today, there is a Critical security release for Drupal core to fix a Remote Code Execution (RCE) vulnerability. You can learn more in the security advisory:

Drupal core - Critical - Multiple Vulnerabilities - SA-CORE-2019-002

Here you can download the Drupal 6 patch to fix, or a full release ZIP or TAR.GZ.

If you have a Drupal 6 site, we recommend you update immediately! We have already deployed the patch for all of our Drupal 6 Long-Term Support clients. :-)

FYI, there was another Drupal core security release made today (SA-CORE-2019-001) but that one doesn't affect Drupal 6, because Drupal 6 doesn't bundle the Archive_Tar library. However, that vulnerability may affect custom or contrib modules on your site.

If you'd like all your Drupal 6 modules to receive security updates and have the fixes deployed the same day they're released, please check out our D6LTS plans.

Note: if you use the myDropWizard module (totally free!), you'll be alerted to these and any future security updates, and will be able to use drush to install them (even though they won't necessarily have a release on Drupal.org).

Jan 16 2019
Jan 16
Project: Drupal coreDate: 2019-January-16Security risk: Critical 16∕25 AC:Complex/A:Admin/CI:All/II:All/E:Theoretical/TD:AllVulnerability: Arbitrary PHP code executionDescription: 

A remote code execution vulnerability exists in PHP's built-in phar stream wrapper when performing file operations on an untrusted phar:// URI.

Some Drupal code (core, contrib, and custom) may be performing file operations on insufficiently validated user input, thereby being exposed to this vulnerability.

This vulnerability is mitigated by the fact that such code paths typically require access to an administrative permission or an atypical configuration.

Solution: 
  • If you are using Drupal 8.6.x, upgrade to Drupal 8.6.6.
  • If you are using Drupal 8.5.x or earlier, upgrade to Drupal 8.5.9.
  • If you are using Drupal 7.x, upgrade to Drupal 7.62.

Versions of Drupal 8 prior to 8.5.x are end-of-life and do not receive security coverage.

Known issues

This fix introduced a fatal error for some Drush installatiosn when updating a site with Drush. New releases (8.6.7, 8.5.10, and 7.63) have been issued to resolve this regression. See the release notes for additional details.

Update information

.phar added to dangerous extensions list

The .phar file extension has been added to Drupal's dangerous extensions list, which means that any such file uploaded to a Drupal file field will automatically be converted to a text file (with the .txt extension) to prevent it from being executed. This is similar to how Drupal handles file uploads with a .php extension.

phar:// stream wrapper disabled by default for Drupal 7 sites on PHP 5.3.2 and earlier

The replacement stream wrapper is not compatible with PHP versions lower than 5.3.3. Drupal 8 requires a higher PHP version than that, but for Drupal 7 sites using lower PHP versions, the built-in phar stream wrapper has been disabled rather than replaced. Drupal 7 sites using PHP 5.2 (or PHP 5.3.0-5.3.2) that require phar support will need to re-enable the stream wrapper for it; however, note that re-enabling the stream wrapper will re-enable the insecure PHP behavior on those PHP versions.

It is very uncommon to both be running a PHP version lower than 5.3.3 and to need phar support. If you're in that situation, consider upgrading your PHP version instead of restoring insecure phar support.

Reported By: Fixed By: 

Additional information

Note: Going forward, Drupal core will issue individual security advisories for separate vulnerabilities included in the release, rather than lumping "multiple vulnerabilities" into a single advisory. All advisories released today:

Updating to the latest Drupal core release will apply the fixes for all the above advisories.

Jan 16 2019
Jan 16
Project: Drupal coreDate: 2019-January-16Security risk: Critical 16∕25 AC:Complex/A:User/CI:All/II:All/E:Proof/TD:UncommonVulnerability: Third Party Libraries Description: 

Drupal core uses the third-party PEAR Archive_Tar library. This library has released a security update which impacts some Drupal configurations. Refer to CVE-2018-1000888 for details.

Solution: 
  • If you are using Drupal 8.6.x, upgrade to Drupal 8.6.6.
  • If you are using Drupal 8.5.x or earlier, upgrade to Drupal 8.5.9.
  • If you are using Drupal 7.x, upgrade to Drupal 7.62.

Versions of Drupal 8 prior to 8.5.x are end-of-life and do not receive security coverage.

Reported By: Fixed By: 

Known issues

Users are reporting seeing a fatal error when updating their sites with Drush. Site owners may be able to run drush updb and either drush cc all or drush cr depending on the version to complete the update. Check the status report afterward to confirm that Drupal has been updated. See https://www.drupal.org/project/drupal/issues/3026386 for details.

Additional information

Note: Going forward, Drupal core will issue individual security advisories for separate vulnerabilities included in the release, rather than lumping "multiple vulnerabilities" into a single advisory. All advisories released today:

Updating to the latest Drupal core release will apply the fixes for all the above advisories.

Jan 16 2019
Jan 16

Accidentally creating duplicate content in Drupal is like... catching a cold: 

It's as easy as falling off a log.

All it takes is to:
 

  • further submit your valuable content on other websites, as well, and thus challenging Google with 2 or more identical pieces of content
  • move your website from HTTP to HTTPs, but skip some key steps in the process, so that the HTTP version of your Drupal is still there, “lurking in the dark”
  • have printer-friendly versions of your Drupal site and thus dare Google to face another duplicate content “dilemma”
     

So, what are the “lifebelts” or prevention tools that Drupal “arms” you with for handling this thorny issue?

Here are the 4 modules to use for boosting your site's immunity system against duplicate content.

And for getting it fixed, once the harm has already been made:
 

1. But How Does It Crawl into Your Site? Main Sources of Duplicate Content 

Let's get down to the nitty-gritty of how Drupal 8 duplicate content “infiltrates” into your website.

But first, here are the 2 major categories that these sources fall into:
 

  • malicious
  • non-malicious
     

The first ones include all those scenarios where spammers post content from your website without your consent.

The non-malicious duplicate content can come from:
 

  • discussion forums that create both standard and stripped-down pages (for mobile devices)
  • printer-only web page versions, as already mentioned
  • items displayed on multiple pages of the same e-commerce site
     

Also, duplicate content in Drupal can be either:
 

  • identical
  • or similar

And since it comes in “many stripes and colors”, here are the 7 most common types of duplicate content:
 

1.1. Scraped Content

Has someone copied content from your website and further published it? Do not expect Google to distinguish the copy from its source.

That said, it's your job and yours only to stay diligent and protect the content on your Drupal site from scrapers.
 

1.2. WWW and non-WWW Versions of Your Website

Are there 2 identical version of your Drupal website available? A www and a non-www one?

Now, that's enough to ring Google's “duplicate content in Drupal” alarm.
 

1.3. Widely Syndicated Content 

So, you've painstakingly put together a list of article submission sites to give your valuable content (blog post, video, article etc.) more exposure. Now what?

Should you just cancel promoting it?

Not at all! Widely syndicated content risks to get on Google's “Drupal 8 duplicate content” radar only if you set no guidelines for those third-party websites.

That is, when these publishers don't place any canonical tags in your submitted content pointing out to its original source.

What happens when you overlook such a content syndication agreement? You leave it entirely to Google to track down the source.To scan through all those websites and blogs that your piece of content gets republished on.

And often times it fails to tell the original from its copy.
 

1.4. Printed-Friendly Versions

This is probably one of the sources of duplicate content in Drupal that seems most... harmless to you, right?

And yet, for search engines multiple printer-friendly versions of the same content translates as: duplicate pages.
 

1.5. HTTP and HTTPs Pages

Have you made the switch from HTTP to HTTPs?

Entirely?

Or are there:
 

  • backlinks from other websites still leading to the HTTP version of your website?
  • internal links on your current HTTPs website still carrying the old protocol?
     

Make sure you detect all these less obvious sources of identical URLs on your Drupal website.
 

1.6. Appreciably Similar Content 

Your site's vulnerable to this type of duplicate content “threat” particularly if it's an e-commerce one.

Just think of all those too common scenarios where you display highly similar product descriptions on several different pages on your eStore. 
 

1.7. User Session IDs 

Users themselves can non-deliberately generate duplicate content on your Drupal site. 
How? They might have different session IDs that generate new and new URLs.


2. 4 Modules at Hand to Identify and Fix Duplicate Content in Drupal

What are the tools that Drupal puts at your disposal to detect and eliminate all duplicate content?
 

2.1. Redirect Module

Imagine all the functionality of the former Global Redirect module (Drupal 7) “injected” into this Drupal 8 module!

In fact, you can still define your Global Redirect features by just:
 

  1. accessing the Redirect module's configuration page
  2. clicking on “URL redirects” 
     

How to Deal with Duplicate Content in Drupal: Global Redirect features
Image Source: WEBWASH.net

What this SEO-friendly module does is provide you with a user-friendly interface for managing your URL path redirects:
 

  • create new redirects
  • identify broken URL paths (you'll need to enable the “Redirect 4040” sub-module for that)
  • set up domain level redirects (use the “Redirect Domain” sub-module)
  • import redirects
     

Summing up: when it comes to handling duplicate content in Drupal, this module helps you redirect all your URLs to the new paths that you will have set up.

This way, you avoid the risk of having the very same content displayed on multiple URL paths.
 

2.2. Taxonomy Unique Module  

How about “fighting” duplicate content on your website at a vocabulary level?

In this respect, this Drupal 8 module:
 

  • prevents you from saving a taxonomy term that already exists in that vocabulary
  • is configurable for every vocabulary on your Drupal site
  • allows you to set custom error messages that would pop up whenever a duplicate taxonomy term is detected in the same vocabulary
     

2.3. PathAuto Module  

Just admit it now:

How much do you hate the /node125 type of URL path aliases?

They're anything but user-friendly.

And this is precisely the role that Pathauto's been invested with:

To automatically generate content friendly path aliases (e.g. /blog/my-node-title) for a whole variety of content.

Let's say that you want to modify the current “path scheme” on your website with no impact on the URLs (you don't want the change to affect user's bookmarks or to “intrigue” the search engines).

The Pathauto module will automatically redirect those URLs to the new paths using any HTTP redirect status.
 

2.4. Intelligent Content Tools      

Personalization is key when you strive to prevent duplicate content in Drupal, right? 

And this is precisely what this module here does: it helps you personalize content on your website.

How? Through its 3 main functionalities delivered to you as sub-modules:
 

  • auto tagging
  • text summarizing 
  • detecting plagiarized content 
     

Leveraging Natural Language Processing, this last sub-module scans content on your website and alerts you of any signs of duplicity detected.

Word of caution: keep in mind that the module is not yet covered by Drupal's security advisory policy!
 

3. To Sum Up

Setting a goal to ensure 100% unique content on your website is as realistic as... learning a new language in a week. 

Instead, you should consider setting up a solid  strategy ”fueled” by (at least) these 4 modules “exposed” here. One that would help you avoid specific scenarios where entire pages or clusters of pages get duplicated.

Now, that's a far less utopian goal to set, don't you think?

Jan 16 2019
Jan 16

We’re all engrossed in the mode of celebration and the festive fly game was on point. In fact, everyone else was too painted in that mood, cheering and celebrating the spirit of flying. But our zest for celebration was a notch hire, for our reason for celebration was doubled. 15th January is not merely a date when the kite-flying festival falls but that’s the very day when our dearest of all - Drupal came into existence!

Eighteen years before this very day, the very first version of Drupal - 1.0.0 was released by its founder - Dries Buytaert. And just as it happens with all other path-breaking changes world, this one too came with a lot of faith but a humble approach towards its future. And look, how proficiently has it grown in all these years. Today, it’s one of the largest and most-trusted open-source community and the future looks even brighter.  

In the age of data-threats, Drupal is trusted for its security, worldwide. Constantly moving towards strengthening the open-source community, Drupal has never compromised on the security, content, and scope. Drupal is also known for its power of personalisation and flexibility. Drupal Commerce is also the preferred one when it comes to building an easy-looking e-commerce platform with complex functionalities. And if that was not enough, the launch of Decoupled Drupal has blown the tech world like a boss!

We might sound a little biased here, but we’re speaking nothing but the truth. Everyone from ‘The Beatles’ to ‘Estee Lauder’, ‘Columbia University’, ‘NBC Universal’, ‘NBA’, ‘Paramount’ and many more have trusted and adapted Drupal for years now. Dries has rightly quoted about it in his birthday note for Drupal and let us also conclude, our birthday note for Drupal, on the very same note -

         “What do the biggest brands in the world have in common?” - ‘Powered by Drupal!’

 

                               Happy 18th birthday to Drupal!

Jan 16 2019
Jan 16

It is not uncommon for a Drupal 8 project, because it has structured content, to develop many content types, each with many fields, which are themselves rendered in a different way through no less than many display modes. One of the consequences is that the design phase known as site building can then become extremely time-consuming, or even a source of many small and even more time-consuming omissions to correct / adjust (use of the same fields, associated help text, configuration of the form mode, display modes, etc.). And this can make this design phase appear to be the least motivating, although essential, phase.

For those who have already produced an ambitious Drupal 8 project, this must certainly bring back some memories.

Fortunately, with Drupal 8 we have two modules that allow us to significantly simplify and accelerate this phase. These are the Entity Clone and Field Tools modules. Let us briefly present these two modules to be consumed without moderation.

Entity clone

Entity Clone is a module that allows you to clone any content entity (or almost), including node, taxonomy terms, etc., but also some entity types and therefore content types. Thus, duplicating a complex content type, with many fields, can be done with a simple click, in a few seconds, then allowing to customize on a common and identical basis the different fields of a new type of content.

Its use is very simple. One click on the Clone operation and that's it.

Entity clone operation

In addition to the usual case of accelerating the site building phase of an ambitious project, this module can also be particularly useful in the context of a native multi-site architecture to provide semantically different but extremely similar content types in terms of configuration. And also in the context of a Drupal web Factory based on the Micro Site module, where this module can help us this time to clone the Site content entity, allowing us to create a new site, pre-configured and with existing content, with a simple click.

Its dual use both on content entities (which can save considerable time in terms of initial content production when it is relatively structured and rich, especially with paragraphs) and on entity types makes it particularly useful from all points of view. And to complete the table it should be mentioned that the Entity Clone module (in its dev version to date) is able to clone (or not, depending on the configuration of the module) any entity referenced by the cloned source entity. This is particularly effective for any content using paragraphs. Note the existence of a module, Entity Type Clone, with a more limited functional scope, focused on entity types, which I have not had the opportunity to test yet.

Field tools

The Field Tools module plays in another register. It allows you to duplicate fields, their display configurations, as well as display modes from one content type (or entity type in general) to one or more other bundles. This is particularly useful if you already have the different content types (and therefore cannot clone them) and you want to duplicate a field, a display mode, very quickly to other bundles. 

Its use is also rather intuitive. You can access the configuration page for each entity type from the Clone fields link in the list of available operations (as for the Entity Clone module) or from the Tools tab of the entity type.

Field tools usage

We can select the field(s) to duplicate, then select the different bundles to duplicate these fields to. A dreadful efficiency for anyone who has forgotten to add a field on the fifteen content types of a project.

By way of conclusion

These two modules can be added to your base module list for any Drupal 8 project. They can save you a multitude of clicks, many hours and most certainly also some omissions and errors for those who want to optimize the use of fields by a maximum transversal use through the different entity types of a Drupal 8 project. Whether it is in terms of initial design, or in terms of project maintenance, or even the subsequent exploitation of these fields through a business module. In any case, they have already saved me a lot of time, and certainly also kept the motivation of a Drupal developer intact. 

Jan 15 2019
Jan 15

[embedded content]

Eighteen years ago today, I released Drupal 1.0.0. What started from humble beginnings has grown into one of the largest Open Source communities in the world. Today, Drupal exists because of its people and the collective effort of thousands of community members. Thank you to everyone who has been and continues to contribute to Drupal.

Eighteen years is also the voting age in the US, and the legal drinking age in Europe. I'm not sure which one is better. :) Joking aside, welcome to adulthood, Drupal. May your day be bug free and filled with fresh patches!

January 15, 2019

23 sec read time

db db
Jan 15 2019
Jan 15

Open Source

Open source and me

For the past two years, I have been blogging about my experience building and maintaining the Webform module for Drupal 8 and have had some lively discussions about them all. As the Webform module moved from beta or release candidates, I shared my experience in two posts titled Webform 8.x-5.x: Where Do We Come From? What Are We? Where Are We Going? and Webform, Drupal, and Open Source...Where are we going?. Throughout my blog posts, the question persists…

How is open source sustainable?

Open source and organizations

In 2018, open source has become a success story, particularly for large organizations. As someone who has been building websites since Microsoft Internet Explorer 4.0 (1997), I see the fact that Microsoft is going to use the open source Chromium rendering engine as an amazing achievement for open source and even Microsoft. Microsoft has transformed from calling Linux a cancer to fully embracing open source collaboration.

Open source allows organizations to make a collaborative investment that provides them with a large technical return.

Organizations sponsor open source, however, the work is done by individual developers who may work for an organization or independently within the open source community.

What about individual software developers who contribute to open source? At what point do we recognize their part?

Open source and individuals

I recently wrote about Why I am one of the top contributors to Drupal? which explains my motives for my contribution to Drupal and my commitment to maintaining the Webform Module for Drupal 8 for the foreseeable future. One key reason behind my contribution is…

Open source allows individuals to share their passion with a collaborative community which improves their professional profile/resume.

The lone software developer has become a thing of the past. Modern software is a collective and collaborative process. Many software developers’ first experience with software collaboration is when using or contributing to an open source project. Ideally, the lone software developer becomes a member of the open source software community.

That said, building, maintaining, and sustaining collaborative communities where organizations and individuals work together is challenging.

Open Source and community

Growing, nurturing and building anything comes with a set of challenges and difficulties - open source projects are no exception. And this is where structure comes in. Structure, a system, a framework - whatever you want to call it - helps us gauge where we’ve been, where we’re going and where we want to be. Communities need to have some system of governance and sustainability. Open source projects are built by a loosely knit community of developers working together and making decisions.

The most common decision making roles in open source is the 'maintainer' because they help make sure a project continues to grow and work.

Maintainers need to be able to maintain their projects. Projects need to be maintained.

Open source and sustainability

The discussion around open source sustainability is ongoing. Danny Crichton at TechCrunch recently wrote a comprehensive essay about the current state of open source sustainability. It is a worthwhile read with useful background information and references.

There are several approaches to funding/supporting open source developers. To me, the most appealing approach is Open Collective because it is exploring how to collect and distribute funds for an open source project in a completely transparent way.

Open source software is typically created using full transparency. The problem of open source sustainability may be best solved using full transparency.

Open Collective

Open source and Open Collective

Open Collective is a platform for global collaborations to transparently collect and distribute funds.

Open Collective is trying to solve the much larger issue of global collaboration, and open source is one type of collaboration. Besides an open source project, an Open Collective can be set up for a meetup, a political group, or even a Drupal Camp.

Persuading people to contribute funds to an Open Collective requires a mix of marketing, messaging and incentives.

Open Collective and incentives

The strongest incentive to get anyone to do something is to provide a tangible result. Tangible results can be elusive when fixing a bug or upgrading some code. Finding the right messaging and incentives requires experimentation. Incentives should help people get the most out of the software. Incentives could be bug fixes, feature requests, support requests, documentation. If these experiments are successful with organizations and individuals backing and funding an Open Collective; the Open Collective will face its next challenge which is spending the money.

Once a project has money, it is up to the maintainers of that community to decide how to spend it.

-- https://techcrunch.com/2018/06/23/open-source-sustainability/ 

Open Collective and money

It is doubtful that most open source maintainers and contributors can be fully compensated for their late night hours and weekends contributing code, design, documentation, project management, and other expertise to an open source project.

We need to figure how to best spend the money in ways that provide a high return.

In the Drupal, we like to say “Come for the code, stay for the community.” Communities require infrastructure to work and grow. Reinvesting an Open Collective's funds to grow a project's community could give everyone involved some incentive. For example, we could use Open Collective funds to make it more financially feasible for a project's maintainers to speak at events. Another concrete reinvestment of funds is paying for code sprints.

Open Collective is providing a tool which helps improves open source sustainability. It is up to each project's maintainer to determine how to use this tool and collected funds.

How can Open Collective directly benefit the Webform module and the Drupal community?

Webform

Open Collective and Webform

The goal of this blog post is to initiate the conversation around leveraging Open Collection within the Drupal community. Developing and refining the marketing and messaging for the Webform module's Open Collective is going to be an interactive process with some experimentation.

Webform and marketing

The success of the Webforms' Open Collective is going to hinge on the Webform module's project page on Drupal.org, the Webform module's page on Open Collective, and some callouts in the documentation, videos and maybe in the Webform module's user interface

Webform and messaging

After three years of working heavily on an open source project, I strongly feel that the most important message to new and even old people in the open source community is…

Everyone is welcome and we are here to help.

Gradually within the Webform module's Open Collective, we need to figure out how to talk to the consumer of the software by…

Communicating the value of contributing and providing incentives for people to contribute.

Webform and incentives

Support is the most immediate incentive to get people to pay for open source software. WordPress' plugin ecosystem openly asks and sometimes requires people to pay for support licenses. I never want to force or trick a user to pay for support. The Drupal community is passionately against paid modules. Nevertheless, it’s important to communicate to people that supporting an Open Collective will help support the Webform module and the Drupal community. There is no doubt they go hand in hand.

Frankly, I already escalate issue queue tickets created by people and organizations who are active contributors or sponsors in the Drupal community, especially if they are members of the Drupal Association. BTW, I also welcome and escalate tickets created by new members of the Drupal community. I have not publicly documented this policy, but it is worth asking "Should we be providing free software with free support?"

Webform and money

How the funds in Webform module's Open Collective are being distributed is tricky but not impossible. Initially focusing on reinvesting any funds back into the Webform and Drupal community and the software is a fair and reasonable approach. The collected funds should only be spent on event/speaking related costs and direct improvements to the Webform module's user experience, accessibility, and marketing.

Reinvesting funds for marketing might be the only controversial expense. I am going to tread lightly with spending money on marketing, but the Webform module needs a logo, maybe a better slide deck, and some SEO to compete with the 100's of other form builders on the market. BTW, Drupal's community is so awesome I would not be surprised if someone contributed a logo to the Webform module.

Webform and me

I am not going to get rich from the Webform module. I am incredibly fortunate to have steady consulting work, which allows me to contribute my time to the Webform module. The Webform module is a professional and intellectual challenge for me. The sustainability of the Webform module is part of this challenge.

What fascinates me most about the challenge of open source sustainability is the scale that our open source projects are benefiting everyone including large organizations. Large organizations have realized that they can tap in the power of open source software and its communities.

Open source needs to push back on organizations and ask them to give back.

Us and open source

“The culture of our community should be one that gives back and supports community projects with all that they can: whether with employee time or funding. Instead of just embracing the consumption of open source and ignoring the cost, we should take responsibility for its sustainability."

-- Henry Zhu of Babel
https://techcrunch.com/2018/06/23/open-source-sustainability

Open source is about us. Us is anyone that uses open source projects. Sometimes, we forget that even the individual or organization that uses the software without contributing back to open source are still peripheral members of our community. We need to explore how we are marketing open source projects, think about our messaging and provide some incentives to welcome and encourage everyone to get involved.

Join the Webform module's Open Collective

Almost done…

We just sent you an email. Please click the link in the email to confirm your subscription!

OKSubscriptions powered by Strikingly

Jan 15 2019
Jan 15

Every city has its ways — and we invite you to an imaginary city that follows the Drupal Way! ;) Just with the names of real Drupal modules, themes, and distributions, we at WishDesk team created the Drupal City map. Today that we celebrate Drupal’s 18th birthday, it’s a great chance to invite you there!

The idea and mission of Drupal City map

The world of Drupal modules is incredibly interesting, and we decided to show this to everyone. Our Drupal Map is much more than entertainment. It is meant to promote Drupal and give inspiration to developers, users, and customers.

And, of course, a special purpose of Drupal City is to let anyone learn Drupal modules in a cheery and engaging way. By clicking on the module images, you can see their brief descriptions and visit their pages on drupal.org. Here and there, we also left little hints to how these modules work. So the Drupal City map contributes to Drupal education.

Drupal City map

Welcome to Drupal City!

Just look around the Drupal City — it has everything you can imagine. You could walk along the Commerce CCAvenue, turn to the Beale Street, pass the Simple Columns and reach the Beach and the Sea, from which flows a mighty River of Tweets leading to the Waterfall Views.

It is possible to have a chat at the sociable Sticky Sharrre Bar, take a ride on the Owl Carousel, get some calories for Drupal ideas at the local Restaurant or Bakery, and lose extra calories in YG Fitness Gym.

You could also admire the Christmas Lights at the Commerce Square, visit the Open Church, and replenish your skills at the Library. And this is just the beginning!

The choice of modules for Drupal City

It was amazing to see how all these modules, themes, and distributions were fitting into the Drupal map like in a puzzle.

Some module names matched their map objects exactly, while for others we used a little wordplay. For example, the Commerce Square module does integration with the Square payment service — and it is a beautiful city square on the Drupal map. But this makes the map even more interesting!

Drupal has so many fabulous modules that at some moments it was hard to choose between them. There were multiple awesome modules for particular objects — for example, carousels or fields. With real torments of choice, we chose the modules whose names just better fitted the map concept.

If you would like to see other Drupal modules, themes, or distributions on the Drupal City map, welcome to share your ideas — and we will consider adding them. Drupal City is truly welcoming, and it belongs to the Drupal world.

See you in Drupal City! It’s just an awesome little place on the Drupal Planet ;)

Created with love for Drupal by WishDesk team.

Jan 14 2019
Jan 14

We’ve compiled all the blog posts we wrote in the final month of 2018. Besides continuing with our Community Interviews series, we also introduced a brand new series of posts - the Story of Agiledrop, in which we discuss our work practices and give you a glimpse into what it’s like to work as a member of our A-team. Have a look and stay tuned!

How to Create a Node in Drupal 8 using REST

The first blog post we wrote in December was a short tutorial on creating a node in Drupal 8 using RESTful web services. RESTful web services are the underlying principles that enable the concept of “headless Drupal”, and they bring about a plethora of possibilities for the customization of a Drupal site. This post takes you through the basic function of creating a node using these services and serves as a kind of demo of the feature.

Read more

The Story of Agiledrop: Introduction

Our next post was the first chapter of our new series, the Story of Agiledrop. Here we explained our workflow and the advantages it has had, both for our dedicated team and for our clients. Thanks to such a well-defined workflow, our A-team can keep improving and growing, professionally as well as personally. But, of course, we also encountered some obstacles when defining our workflow and putting it into effect - we discussed these in the series’ second chapter.

Read more

Interview with Kevin Kaland, aka wizonesolutions: Towards a more and more decoupled Drupal

The third post was part of our Community Interviews series. We talked with the digital wizard Kevin Kaland of WizOne Solutions, who revealed to us his thoughts on Drupal’s future as well as some more personal, non-Drupal related bits of information. Besides being actively involved in the community as the maintainer of the FillPDF module among other things, he’s also an avid traveler, hiker and language enthusiast. Take a look at what we talked about.

Read more

The Story of Agiledrop: Our Training Program

Finally, just before the holiday season, we wrote a blog post on our effective training program, the second chapter in Agiledrop’s story. While the first chapter concentrated on our workflow and its advantages, this second one dove into the challenges we faced when setting up such a unique workflow. We deal with the first of these challenges - providing a number of clients with proven and experienced developers - more thoroughly, and reveal how we succeeded in finding a very beneficial solution for it. 

Read more

That’s that for our blog posts from December. We hope 2018 was a successful year and the transition into 2019 a pleasant one for everyone. Check back later this month or keep following our blog for any new content!
 

Jan 13 2019
Jan 13

the Twig file

In the previous section we created the file that defines the widget formatter used to pre-format the data before passing it on to a twig file. In this part we will create the twig file that provides the markup for the viewed content.

name_field_type.html.twig

The file should be placed in the path <my module>/templates and be given the name used for #theme in the previous section with a .twig suffix.


{{ name }}

That's all the pieces. The complete tree for your module should look like this:


name_field_type/
├── name_field_type.info.yml
├── name_field_type.module
├── src
│   └── Plugin
│       └── Field
│           ├── FieldFormatter
│           │   └── NameFormatter.php
│           ├── FieldType
│           │   └── NameItem.php
│           └── FieldWidget
│               └── NameWidget.php
└── templates
    └── name_field_type.html.twig

Enable the module either through the Extensions (/admin/modules) page of the UI or using drush

drush en name_field_type

Select a content type to add the new field type. It should appear in the field type list 

Field type list with the new field type added

When creating a new piece of content for the content type, all of the sub-fields will appear for the new field

sub fields on node form

And finally, the rendering of the parts of our field:

Rendered name

The magic is that this widget can be used on any content type, and is easily moved from site to site, since it's wrapped in a module.

Jan 11 2019
Jan 11

Drupal has everything to do with Community, the embodiment of vibrancy imbuing this Open Source project... so much so that the Community is justly touted as a factor differentiating it within the field of CMSs, and contribution to it is often used to measure a candidate's suitability for employment (a practice that makes sense on the surface but can be inherently biased).

Community is based on volunteerism, and while volunteerism is a great and noble thing with demonstrable successes, especially within the Drupal Community, there is a flip side to it: there is no accountability or surety, and that can be a large issue to the user community.

Let us consider the migration from D7 to D8. On the surface the process has come a long way, with the migration of fairly vanilla sites often being push-button. I posit that the problems, large costly and sometimes insurmountable problems, arise below that surface. One current glaring example is the Rules module, a top favorite in D7. It is still in alpha.

So, what about the multitude of sites that have a heavy investment in Rules, often as a result of their business needs being fulfilled by its use. There seems to be only a few choices for them of what to do, none of them pleasant or defensible, when looking in from the outside:

  • Remain on D7
  • Eliminate the need for the rule(s)
  • Absorb the cost of converting the rules to custom code

Certainly the fact that there is no production D8 rules module, yet, is not a matter of fault. Module migration is like the tripod of any project: it comes down to resources, time and scope. That said, in a volunteer network the availability of resources is indeterminate. 

We are now at the point of scheduling the arrival of D9 and the end-of-life of both D7 and D8, and still, there is a plethora of sites, enterprise sites, that make heavy use of Rules, or some other module not yet migrated, with a brick wall approaching and no brakes on the car.

At a minimum, I feel that mission-critical contributed modules and their migration need to be part of the release planning of a new version, rising to the level of blockers. We owe it to the clients whose use of Drupal means its success. After all, you can have "open source" music, but it means nothing if no one listens to it.

Jan 11 2019
Jan 11

Values & Principles Committee Update - November 2018

The first post we would like to highlight is Rachel Lawson’s update on the Drupal community’s Values & Principals Committee. Here, Rachel covers the basics of the committee: why it has been put together, how it will function and who its members are. She finishes with a powerful CTA to members of the community to contribute their own stories about Principle 8.

Read more

Drupal's Commitment to Accessibility

Next up, we have a post by Dries on Drupal's commitment to accessibility. He has made the realization that accessibility is not something that benefits only a small group of people and should as such be shrugged off and/or postponed, but rather something that promotes inclusion and can benefit everybody involved. So, the community as a whole should put more effort in making Drupal accessible, consequently benefiting each and every member.

Read more

A Visual Prototype of Drupal.org's Integration with GitLab

Early last month, Tim Lehnen, executive director of the Drupal Association, wrote a piece on Drupal.org's integration with GitLab. In this post, he goes through all the things needed to get the integration working and even includes a video outlining the migration phases for the project.

Read more

A Framework for Progressively Decoupled Drupal

When discussing the future of Drupal, a lot of talk revolves around “decoupled Drupal” or “headless CMS”. Malcolm Young of Capgemini offers his insights on what Dries describes as “progressively decoupled Drupal”, and introduces the so-called SPALP module together with the benefits of using this module.

Read more

The New Layout Builder’s Impact on Drupal’s Evolving Learning Curve

Ashraf Abed and Jack Garratt discuss Drupal’s new layout builder in this blog post by Debug Academy. They compare different ways of creating content and show how site building can be greatly facilitated when using the layout builder. Consequently, it makes Drupal more accessible to content editors and less experienced developers, giving them more reign in creating a website.

Read more

How to Automate Testing whether Your Drupal 8 Module Is Incompatible with Drupal 9?

In this blog post, Gábor Hojtsy takes us through how to automate testing the incompatibility of a Drupal 8 module with Drupal 9. With the release of Drupal 9 only about a year and a half away, it’s wise to check whether your module is compatible with Drupal 9 (or, at the very least, if it’s incompatible).

Read more

Improving Drupal and Gatsby Integration - Part 1 and Part 2

Jesus Manuel Olivas, Head of Product at weKnow, has started a series on improving Drupal and Gatsby integration. In December, he published the first two chapters of the series: part 1 focuses on two contributed Drupal modules that facilitate the usage of Drupal when working with Gatsby, while part 2 explains how you can really take advantage of the two modules using weKnow’s very own Gatsby plugin. 

Part 1

Part 2

Plan for Drupal 9

Last but not least comes a major post from Dries’ blog. He finally announces the release date for Drupal 9, which is planned for June 2020. This gives site owners more than enough time for a smooth and uncomplicated upgrade from Drupal 8 to Drupal 9. According to Dries, the upgrade will be easy and should as such not be considered a big deal.

Read more

This concludes our selection of the top blog posts from December 2018. We’re very excited to see what the new year will bring for Drupal; we’ll make sure to keep you informed of all the most important goings-on.
 

Jan 11 2019
Jan 11

Automate actions on your Drupal-based website. This will enable it to run even more independently from your input.

Automated mailing, publishing new content at a specified time and redirects after meeting certain conditions are only some of the functionalities featured in the Rules module.

Rules is a tool that enables you to define automatic, conditionally executed actions, triggered by various types of events.

What are some examples of such automated actions? For example:

  • redirecting the user after logging in;
  • sending an e-mail after adding content;
  • publishing content at a specific time.

At the foundation of the module lies the Event – Condition – Action rule, with one caveat – the CONDITION does not have to be a part of this scheme.
An example scheme could be as follows:

  1. A user adds an entry – that’s the event.
  2. The type of the added entry is “Article” – that’s the condition.
  3. Notify the admin about somebody adding an entry via e-mail – that’s the action.

Installing and setting up the Rules module

Currently (January 2019), the module is still available in alpha4 version only, which means that some of its functionalities and features might not work properly, there might also still be some errors and bugs.
For the purposes of this article, we used the DEV version of the module.

The below example works and was tested on the configuration outlined below:
Drupal : 8.6.5
Rules : 8.x-3.x-dev
Typed Data : 8.x-1.0-alpha2

Download the modules and unpack them in the /modules/contrib directory.
Rules – https://www.drupal.org/project/rules
Typed Data – https://www.drupal.org/project/typed_data

If you are going to create rules with user roles in the conditions, for example, if you want to redirect users with an “administrator” role who log in to a specific site, you will need to add a patch: https://www.drupal.org/files/issues/2816157-10.patch. It will probably not be needed in the future, but as it stands, it is still required for the user role condition to work properly.

How to apply patches? – https://www.drupal.org/patch/apply.

Creating and testing your rules

We are now going to show you how to add a new rule, step by step: Redirecting to the /admin/people page after a user with the administrator role logs in to the website.

Add a new rule - /admin/confg/workflow/rules.
Add new rule

Fill in the fields:

  • Name your rule using the label field.
  • From the drop-down menu, select the event that will trigger your rule. In our case it is going to be “User has logged in”.

Add a condition.
Select the appropriate value, in our case, it is going to be "User has role(s)”.

Select the right condition

Now, you are going to deal with the hardest part of creating a rule, namely selecting the appropriate objects that the condition will work on. You have to be really careful here, because despite this field being validated, sometimes you might set erroneous values that will cause problems down the road.
In the USER section, switch the field from the automatic filling mode to the selection mode. Switch to the data selection.

This condition concerns users, since it is their role that you have to check, so you need to type “account” in the field.

In the ROLES section, put in the roles that will fulfil the condition. You need to put in the machine name. You can view it at /admin/people/roles page by editing a selected role. In our case, it is going to be “administrator”. You can add more roles, just keep in mind to add just one role per line.

In the MATCH ROLES section, if you have selected more than one role, you can set whether the user must have each of these roles (AND) or any of them (OR).

In the NEGATE section, you can select whether this condition should be met when the above settings are NOT MET – in this case, the action will be executed when each user logs in, except for those who have an administrator role.

Rules module conditions

Add an action.

+Add action button of module shown

Select Page redirect from the System section.

"Page redirect"action selected

Enter the address (internal or external) to which the user should be redirected after logging in.

redirection address (internal)

Save and test the rule.

In order to ensure that the rule works, clear Drupal’s cache.

Now log in and check if the redirection is working.

My redirection for the admin role does not work. What do I do?!

PHP throws an error:

  • make sure you have applied the patch mentioned above;
  • make sure that you used the “account” object in the USER section of the rule condition.

Redirection does not work after logging in:

  • make sure that the rule is saved correctly;
  • clear Drupal’s cache;
  • make sure that the role name in the condition is correct.

Discover the many possibilities of the Rules module.

The Rules module is a really powerful tool which enables you to build complex rules that will automate your website.

If you have an idea for using this tool in your project, but you need help, do not hesitate to contact us.

Jan 10 2019
Jan 10

Amongst ambitious brands and serious digital operators; Drupal adoption rate on the rise.

Governments and major brands across the globe are already testifying to the positive impact that Drupal has made on their digital business.

As a developer, you might be approached by a client that insists on developing their digital platform and/or experience using Drupal.

Here are 3 key reasons why Drupal distributions will make your life much easier:

1. Time

“How long do you need to complete the project? That long?!?”

Dealing with continuous amendments and changes to the project requirements is the bane of all developers.

Distributions feature tons of tried and tested best-in-class features, modules and components that are already integrated and tested together. This allows developers to successfully complete project tasks that normally consume a scary amount of time to build.

For example; should you be required to build a Media Entity Browser for a certain project may consume up to 6 to 8 hours from your time.

Varbase Media Entity Browser

Source: Varbase

Imagine it took you that long for project A... now you have to repeat the same process for project B.

However; with Drupal distributions such as Varbase, the Media Entity Browser is already built-in, optimized and integrated with other modules you might require.

Total time consumed on Media Entity Browser development: Zero.

Thanks to DRY (Don’t-Repeat-Yourself); Drupal distributions will shorten the project development time by hundreds of hours. You won’t ever have to repeat the same development process for any other project.

LEARN MORE ABOUT VARBASE

2. Efficiency

Not all programmers and web developers are equal in skill and expertise. But, we all face challenges and issues that might arise during the project development process.

Drupal distributions offer a wealth of solutions that fix issues you might not even realize you had. Why? Open-source.

For example; you are currently developing an e-commerce platform for a client and face an issue with a particular component.

The fact is that you weren’t the first developer to encounter this issue.

When using Drupal distributions, you will find almost all challenges and issues related to components or modules you may need have been solved and addressed by someone before you.

Working on almost ready-built websites not only saves time but also affords you the opportunity to personalize any ready-made component or feature based on your project requirements.

Take the aforementioned example; you already have a Media Entity Browser ready, but you wish to match it to your clients’ requirements. In no time at all, you can build upon the ready-made feature via customization or integration. Simples.

3. Standards

At Vardot, we refer to “websites” as digital experiences. The difference between them?

Standards.

Drupal has built a name for itself due to the focus on building the best user-friendly digital experiences possible and the fact that Drupal is open-source has enabled its evolution based on actual feedback from various practical perspectives.

Your ability to develop a website (e.g.) the best online equestrian market; depends entirely on the standards you apply throughout the development process.

For example; Varbase is an ideal distribution to develop platforms that rely on rich multi-media content such as Al Jazeera and Georgetown University. On the other hand, Drupal distributions such as Commerce Kickstart feature every possible component needed by a developer to build an e-commerce digital experience.

Of course, when we speak of standards; we are not referring solely to quality standards. You will be able to develop the best possible digital experience for any industry using Drupal distributions whilst maintaining all W3C standards and accessibility standards.

Bonus: Drupal Distributions Maintenance

Drupal distributions are rich in features that are all integrated with each other.

You will never have to scour for individual updates for each module you need. All you’ll ever possibly need is to update the distribution itself.

Since all modules and features are integrated. All would be updated and tested together.

If you are considering starting a Drupal project or to build a Drupal-based digital experience, let us know. We'd love to help.  Contact Us.

Jan 10 2019
Jan 10

Website owners are often trapped inside an imaginary bubble where they make conclusions like “There are more valuable sites in the web world, why would mine be targeted by the hackers?” 

And Alas the bubble is busted when they observe that hackers have attacked their site because let's face it- they would never discriminate between any choice they are getting. They want a website to attack, and they have it.

For opensource CMS like Drupal, WordPress, and Joomla, the scenario is the same. As popular as these platforms are, they are the targets of all sorts of attacks. Cybercriminals discover the security loopholes and hack your website in no time.

A picture of a head of a man which is black in color who is wearing a grey hat which is on red background


Which leaves us with the assumption that these platforms ( which together conquer 68.5% of the CMS market) must be providing some form of protection. 

And yes, the assumptions are true.  

Birth of SIWECOS 

SIWECOS project or the “Secure Websites and Content Management Systems” project is the security project which is funded by the German ministry of Economics that desires to improve the security of the CMS based websites ( which of course includes Drupal, WordPress, Joomla, and many others)  

 Image of the logo of SIWECOS with an illustration showing a magnifying glass superimposed over concentric semicircles

The project was designed to help small and medium-sized enterprises (SMEs) identify and correct the security loopholes that they witness on their websites. It focused on concrete recommendations of action in the event of damage and also taking care of sensitizing SMEs to cybersecurity.

The utilization of the vulnerability scanner in the project helped SMEs to regularly check the server system and made them acquaint well with the vulnerability that might occur in a web application. Not only this but a service for web hosts were also presented which actively communicated with acute security vulnerabilities and offered filtering capabilities to prevent cyber attacks. 

The end users were also protected with potential data losses as well as financial losses. 

Initiative-S 

The aim of SIWECOS in longer run was to increase web security and raise a proper awareness of the relevance of IT security for SMEs. Thus, Initiative-S came out as a ray of hope for the support of the small and medium-sized enterprise. It was a government-funded project which was built by the initiative, the association of the German internet industry echo. 

The association built a web interface called “clamavi”. This was done for the users to grant them with the ability to enter their domain and conduct a malware scan of the source code once per day. Thus the website check of Initiative-S was integrated into the new project of SIWECOS. The proven Initiative-S technology now supplements the portfolio of the new SIWECOS service with a check for possible malware infestation.

logo of initiative-s where an arrow is pointing towards the magnifying glass of SIWECOS logo that is superimposed over concentric semicircles

Importance of the Project 

As mentioned, the whole project revolved around the security of the CMS platform, Since the time it was started, the project took 2 years to complete. The mission was to introduce the end users with:

  • Importance of security in cooperation and provided the end users with individual notifications and recommendation on security issue of a website.
  • Increase in web security for a longer period and to identify and address security vulnerabilities of their website.
  •  The project helped ordinary users patch more quickly. Patching is the application of updates (patches) to existing code that either increase the functionality or correct patch vulnerabilities.
  • It also scanned registered user websites. If any security vulnerabilities were found then the person in the field of IT security was contacted directly.
Screenshot of the homepage of SIWECOS website which shows the features of the security maintained in a table


What does SIWECOS have in General?

SIWECOS, in general, had three things 

Awareness Building

It is the detailed version of the introduction and the process on how to subscribe it. They reached out to the end users that not only included the site owners but also the ones that have to maintain it later. The major purpose of the awareness campaign was to influence the behavior of the users since improvements cannot take place without changes in their attitudes and perceptions.

Skinning Service

The whole scanning system in Skinning Service is based on an API which is an open source that is embedded inside. It gave the end users with score count between zero and hundred to give them an idea on how secure or insecure the setup is.

Behind the score, there were five scanners which were used to check malware in the HTML code. Scanners like:

  • HTTP Header Scanner

Ensures that your server conveys the browser to enable security features.

  • Info leak Scanner

Verifies if the site exposes security-relevant information.

  • TLS scanner

Checks the HTTPs encryption for known issues, outdated certificates, chain of trust etc

  • Initiative S Scanner 

This scanner checks the website for viruses or looks for third-party content such as phishing.

  • DOMXSS Scanner

This scanner verifies that the website is protected against DOMXSS attacks. 

Web Host

The companies that power the service behind the website are likely to be called as web hosts. Web hosts team generally should have all the basic technical knowledge, security awareness and should have an active communication of filter rules to defend against attacks.

The need for Filter rules - to limit the circle of recipients. 

Firewall rules made it easy for experienced attackers to build and exploit the website as they want. Thus, by filtering incoming and outgoing network traffic (based on the set of user-defined rules) there was a reduction in unwanted network communication.

Another reason to use web host was server-side protection. The server- side was protected against all these attacks on the web pages that were installed in the web hoster. This was done to protect web page operators.

Partner in the Project

SIWECOS project included four partners mainly that contributed highly to the project. The four partners were:

Eco

Eco or electronic commerce is the largest association of the internet industry in Europe. The association sees itself as the representation of the interests of the internet economy and has set itself with the goal of promoting technologies, shaping framework conditions and representing the interests of its members. The Eco group includes all the internet industry and promotes current and future internet topics. 

The awareness building section was mainly done by eco association because of the fact that they were really good at marketing and networking. 
 

Image of a square that is divided into two parts where the upper part has eco written on it and the below section has a red background where words are written in the German language

RUB 

The Ruhr-University Bochum, located on the southern hills of central Ruhr area Bochum, is one of the partners in the whole project. It has one of the greatest and most proven track records in the general IT security industry. They were included in the project with the agenda of building a scanning engine that gave the business owners feedback about potential security problems on their site such as SSL misconfiguration or vulnerability to cross-site scripting attacks.

Image of a square which is divided into two parts the left side is white in color where RUHR university is written in German and the right side is blue in color with RUB written in white

HACKMANIT

Hackmanit GmbH was founded by IT security experts that were from Ruhr University Bochum. They have an international publication of XML security, SSL/TLS, single sign-on, cross-site scripting, and UI redressing. The priorities of the company were designed by high-quality penetration testing, hands-on training, and tailor-made expertise. The organization has in-depth knowledge about the security of web application, web services, and applied cryptography. The team offers a white box and black box tests which protects the application from the effects of all sorts of hackers attack.

Image having HACKMANIT with an underline as it’s text. HACK is written in red color MANIT in black

CMS Graden 

The CMS garden is the umbrella organization of the most relevant and active open source content management system. In other words, the security team started with CMS planning in 2013 by making a shoutout to the CMS community to join the team. Surprisingly, there were CMS platforms which were interested. Thus, by 2013, there were 12 open source CMS systems in one place. 

CMS garden also contributes to a series of plugins for different open source CMSes that provides feedbacks from within the CMS management interface so that the site owners have the ability to act immediately when they encounter with any security vulnerability. 
 

 A stick image of a flower with 5 buds on it besides which CMS garden is written in black. The E in the garden is drawn in stick letter in green color

In the End 

Website attacks and cyber attacks are rapidly growing. These attacks cost the organizations millions of dollars, subject them to the lawsuit and ruin their lives. 

SIWECOS is like a shield for all the websites and the CMS platforms, it protects them against cyber attacks and hackers of all sort, helping in keeping up with the security and protection against vulnerabilities. 

We know how important web security is to protect your online identity and personal information. If you’re concerned about your web security for your business, or other network issues, our services can help. Contact us on [email protected] the professionals would guide you with all your queries and questions and help you leverage security for your website.

Jan 10 2019
Jan 10
Drupal. It’s been the foundation of our solutions for a few years now and it powers some of the top sites around the world in fields ranging from commerce to government. If you’ve ever been interested in getting your feet wet with the CMS, or…
Jan 10 2019
Jan 10

Preview

Introduction

Drupal Mountain Camp brings together experts and newcomers in web development to share their knowledge in creating interactive websites using Drupal and related web technologies. We are committed to unite a diverse crowd from different disciplines such as developers, designers, project managers as well as agency and community leaders.

Drupal Mountain Camp Group Picture

Keynotes

The future of Drupal communities

For the first keynote, Drupal community leaders such as Nick Veenhof and Imre Gmelig Meijling will discuss about successful models to create sustainable open source communities and how we can improve collaboration in the future to ensure even more success for the open web. This keynote panel talk will be moderated by Rachel Lawson.

Drupal Admin UI & JavaScript Modernisation initiative

In the second keynote Matthew Grill, one of the Drupal 8 JavaScript subsystem maintainers, will present about the importance and significance of the Admin UI & JavaScript Modernisation initiative and Drupal’s JavaScript future.

Drupal Mountain Camp Attendee

Sessions

In sessions, we will share the latest and greatest in Drupal web development as well learn from real world implementation case studies. Workshops will enable you to grow your web development skills in a hands-on setting. Sprints will teach you how contributing to Drupal can teach you a lot while improving the system for everyone.

Swiss Splash Awards

As a highlight, the Swiss Splash Awards will determine the best Swiss Drupal web projects selected by an independent jury in 9 different categories. These projects will also participate in the global Splash Awards at DrupalCon Europe 2019.

Splash Awards 2019

Location

Drupal Mountain Camp takes place at Davos Congress. As tested by various other prominent conferences and by ourselves in 2017, this venue ensures providing a great space for meeting each other. We are glad to be able to offer conference attendees high quality equipment and flawless internet access all in an inspiring setting. Davos is located high up in the Swiss alps, reachable from Zurich airport within a beautiful 2 hours train ride up the mountains.

The camp

The Drupal Mountain Camp is all about creating a unique experience, so prepare for some social fun activities. We’ll make sure you can test the slopes by ski and snowboard or join us for the evening activities available to any skill level such as sledding or ice skating.

Drupal Mountain Camp Davos

Tickets

Drupal Mountain Camp is committed to be a non-profit event with early bird tickets available for just CHF 80,- covering the 3 day conference including food for attendees. This wouldn't be possible without the generous support of our sponsors. Packages are still available, the following are already confirmed: Gold Sponsors: MD Systems, platform.sh, Amazee Labs. Silver: soul.media, Gridonic, Hostpoint AG, Wondrous, Happy Coding, Previon+. Hosting partner: amazee.io.

Key dates

  • Early bird tickets for CHF 80,- are available until Monday January 14th, 2019

  • Call for sessions and workshops is open until January 21st, 2019

  • Selected program is announced on January 28th, 2019

  • Splash Award submissions is open until February 4th, 2019

  • Regular tickets for CHF 120,- end on February 28th, 2019 after that late bird tickets cost CHF 140,-

  • Drupal Mountain Camp takes place in Davos Switzerland from March 7-10th, 2019

Join us in Davos!

Visit https://drupalmountaincamp.ch or check our promotion slides to find out more about the conference, secure your ticket and join us to create a unique Drupal Mountain Camp 2019 - Open Source on top of the World in Davos, Switzerland March 7-10th, 2019.

Drupal Mountain Camp is brought to you by Drupal Events, the Swiss Drupal Association formed striving to promote and cultivate the Drupal in Switzerland.

Jan 09 2019
Jan 09

This blog has been re-posted and edited with permission from Dries Buytaert's blog.

Last year, I talked to nearly one hundred Drupal agency owners to understand what is preventing them from selling Drupal. One of the most common responses raised is that Drupal's administration UI looks outdated.

This critique is not wrong. Drupal's current administration UI was originally designed almost ten years ago when we were working on Drupal 7. In the last ten years, the world did not stand still; design trends changed, user interfaces became more dynamic and end-user expectations have changed with that.

To be fair, Drupal's administration UI has received numerous improvements in the past ten years; Drupal 8 shipped with a new toolbar, an updated content creation experience, more WYSIWYG functionality, and even some design updates.

A visual comparison of Drupal 7 and Drupal 8's administration UI

A comparison of the Drupal 7 and Drupal 8 content creation screen to highlight some of the improvements in Drupal 8.

While we made important improvements between Drupal 7 and Drupal 8, the feedback from the Drupal agency owners doesn't lie: we have not done enough to keep Drupal's administration UI modern and up-to-date.

This is something we need to address.

We are introducing a new design system that defines a complete set of principles, patterns, and tools for updating Drupal's administration UI.

In the short term, we plan on updating the existing administration UI with the new design system. Longer term, we are working on creating a completely new JavaScript-based administration UI.

A screenshot of the content administration using Drupal 8's Carlo theme

The content administration screen with the new design system.

As you can see on Drupal.org, community feedback on the proposal is overwhelmingly positive with comments like Wow! Such an improvement! and Well done! High contrast and modern look..

A screenshot of the spacing guidelines of Drupal 8's Carlo theme

Sample space sizing guidelines from the new design system.

I also ran the new design system by a few people who spend their days selling Drupal and they described it as "clean" with "good use of space" and a design they would be confident showing to prospective customers.

Whether you are a Drupal end-user, or in the business of selling Drupal, I recommend you check out the new design system and provide your feedback on Drupal.org.

Special thanks to Cristina ChumillasSascha EggenbergerRoy ScholtenArchita AroraDennis CohnRicardo MarcelinoBalazs KantorLewis Nyman,and Antonella Severo for all the work on the new design system so far!

We have started implementing the new design system as a contributed theme with the name Claro. We are aiming to release a beta version for testing in the spring of 2019 and to include it in Drupal core as an experimental theme by Drupal 8.8.0 in December 2019. With more help, we might be able to get it done faster.

Throughout the development of the refreshed administration theme, we will run usability studies to ensure that the new theme indeed is an improvement over the current experience, and we can iteratively improve it along the way.

Acquia has committed to being an early adopter of the theme through the Acquia Lightning distribution, broadening the potential base of projects that can test and provide feedback on the refresh. Hopefully other organizations and projects will do the same.

How can I help?

The team is looking for more designers and frontend developers to get involved. You can attend the weekly meetings on #javascript on Drupal Slack Mondays at 16:30 UTC and on #admin-ui on Drupal Slack Wednesdays at 14:30 UTC.

Thanks to Lauri EskolaGábor Hojtsy and Jeff Beeman for their help with this post.

File attachments:  drupal-7-vs-drupal-8-administration-ui-1280w.png carlo-content-administration-1280w.png carlo-spacing-1280w.png
Jan 09 2019
Jan 09

Drupal 9 is coming. Even if it feels like you only just upgraded to Drupal 8, soon it’ll be time to make the switch to the next version. Fortunately, the shift from Drupal 8 to Drupal 9 should be relatively painless for most organizations. Here’s why.

A little background

Though tools were built in to make the upgrade from Drupal 6 or 7 to Drupal 8 run as smoothly as possible, it could still be a difficult or dramatic process. Drupal 8 marked a major shift for the Drupal world: it introduced major new dependencies, such as Symfony, and a host of new features in Core. The new structure of the software made it tricky to upgrade sites in the first place, which was complicated by the fact that it took a long time for a number of modules to be properly optimized and secured for the new version.

Drupal 9: A natural extension of Drupal 8

Fortunately, the large number of changes made to the Drupal platform in Drupal 8 have made it relatively simple to build, expand, and upgrade for the future. The new software has been designed specifically to make it simple to transition between Drupal 8 and Drupal 9, so that making the migration requires little more work than upgrading between minor version of Drupal 8.

In fact, as Dries Buytaert (the founder and project lead of Drupal) wrote recently in a blog on Drupal.org:

Instead of working on Drupal 9 in a separate codebase, we are building Drupal 9 in Drupal 8. This means that we are adding new functionality as backwards-compatible code and experimental features. Once the code becomes stable, we deprecate any old functionality.

Planning for Drupal 9

As more information is released about the new features and updates in Drupal 9, organizations should consider their digital roadmaps and how the new platform will affect them. And regardless of what your plans are feature-wise, your organization should begin planning to upgrade to Drupal 9 no later than summer of 2021. The reason for that is because the projected end-of-life for the Drupal 8 software is November of 2021, when Symfony 3 (Drupal 8’s largest major dependency) will no longer be supported by its own community.

In the meantime, the best thing your organization can do to prepare for the launch of Drupal 9 is to make sure that you keep your Drupal 8 site fully up to date.

For help planning out your Drupal roadmap, and to make sure that you’ll be ready for a smooth upgrade to Drupal 9 when it releases, contact FFW. We’re here to help you plan out your long-term Drupal strategy and make sure that your team can make the most of your site today, tomorrow, and after Drupal 9 is released.

Jan 09 2019
Jan 09

Everyone loves attractive layouts for web pages. Luckily, Drupal has plenty of awesome page building tools. You will hear such tool names as Panels, Panelizer, Paragraphs, Display Suite, Page Manager, Twig, and more. Our Drupal team loves to take the best of them from our arsenal, combine them when needed, to achieve amazing results for our customers. But today we would like to focus on a wonderful new tool, Layout Builder, that appeared in Drupal 8.5. We will take a closer look at creating layouts in Drupal 8 with its help.

Layout Builder in Drupal 8: let’s get acquainted

The Layout Builder module has already been compared to the Panelizer, Panels, or Display Suite modules in its capacities. And that’s right, because according to the Layout Initiative, it is meant to become the number one tool for creating layouts in Drupal 8 core. The module is currently experimental but expected to reach stability in Drupal 8.7 in the spring of 2019.

The Layout Builder lets you define the layout of any fieldable entity — content type, user, and so on. You just select from the predefined sections and add blocks and fields to them as you wish.

The module’s UI is simple and intuitively understandable for administrators, as well as equipped with the drag-and-drop feature to swap the blocks and shape your page. Developers, in their turn, will appreciate that layouts can be defined in a module or theme and have Twig templates.

Creating layouts in Drupal 8 with the Layout Builder

Let’s take a look at Layout Builder in action. We will see how it works on the example of creating a layout for articles. We will begin with enabling the Layout Builder module in core, as well as the Field Layout and Layout Discovery.

Creating a layout for a content type

We go to our Article content type in Structure and select “Manage Display.” Instead of the traditional fields, we see “Manage Layout” button. We also make sure the “Use Layout Builder” option is checked in the “Layout Options.”

The “Manage Layout” button takes us to the page where we configure the article content type layout.

By clicking “Add Section”, we can select from the ready layouts with a different number of columns. The unnecessary sections can be removed.

By clicking “Add Block”, we can add standard Drupal blocks and content type fields (like “Authored by”, “Body”, “Image” etc.) from the list on the right, as well as create custom blocks. The blocks can be dragged anywhere you wish throughout the layout.

Every block has a “Configure” and “Remove” tabs in the right-hand corner next to it. Blocks can also be configured when clicked on the list to the right of the page. For example, we have just configured the article image by attaching a custom image style of 500x500 to it.

So here goes our simple two-column layout with the image and the author on the left and body on the right.

When everything is ready, we click “Save Layout.” After that, all articles will be created according to this pattern.

Creating a layout for an individual node

In many cases, you do not need the same layout for all content type items. Layout Builder lets you make every content item layout customizable by checking the appropriate option on the “Manage Display” tab.

The Layout Builder offers the handy “Layout” button near each node that leads you to its individual layout customization page. The procedure is the same as in creating a layout for a content type.

Creating different layouts within the same content type

We see how Layout Builder can build articles pages, but let’s now complicate things a little and review a special case. What if you are using the same content type for several actual types of content, and want your website to generate different layouts for them?

That was exactly the case with one of our customers. They wished different layouts to be generated for every content type on the homepage and on the content listing page. A select list menu was used to switch between the actual types of content within the same content type, which was based on the “list” field. According to this field value, specific types of content were filtered out in Views for homepage and content listing page.

The Layout Builder could be helpful here. If the Views is based on ‘Content”, it can choose a specific view mode. And it is awesome that the Layout Builder module can create layouts for particular view modes within the same content type!

View modes can be registered in the “Manage Display” tab of the content type, and each of them needs to have the “Use Layout Builder” option enabled, and each will have its own “Manage Layout” button.

At the time of our working with this customer, the Layout Builder was in alpha, and we successfully used a different solution, which involved Display Suite and Twig templates. Every case is unique, and deserves a special approach.

Let’s build the perfect layout for your website pages!

We have made a little overview of creating layouts in Drupal 8 with the Layout Builder. Let your website have beautiful and properly arranged layouts that work exactly according to your wishes. Just contact our Drupal development team, and we will select the optimal tools from Drupal’s “treasury”, as well as apply customization when needed, to build you the layouts that you will love!

Jan 09 2019
Jan 09

It's no secret that I find Composer a very troublesome piece of software to work with.

I have issues with Composer on two fronts. First, its output is extremely user-unfriendly, such as the long lists of impenetrable statements about dependencies that it produces when it tells you why it can't make a change you request. Second, many Composer commands have unwanted side-effects, and these work against the practice that changes to your codebase should be as simple as possible for the sake of developer sanity, testing, and user acceptance.

I recently discovered that removing packages is one such task where Composer has ideas of its own. A command such as remove drupal/foo will take it on itself to also update some apparently unrelated packages, meaning that you either have to manage the deployment of these updates as part of your uninstallation of a module, or roll up your sleeves and hack into the mess Composer has made of your codebase.

Guess which option I went for.

Step 1: Remove the module you actually want to remove

Let's suppose we want to remove the Drupal module 'foo' from the codebase because we're no longer using it:

$ composer remove drupal/foo

This will have two side effects, one of which you might want, and one of which you definitely don't.

Side effect 1: dependent packages are removed

This is fine, in theory. You probably don't need the modules that are dependencies of foo. Except... Composer knows about dependencies declared in composer.json, which for Drupal modules might be different from the dependencies declared in module info.yml files (if maintainers haven't been careful to ensure they match).

Furthermore, Composer doesn't know about Drupal configuration dependencies. You could have the situation where you installed module Foo, which had a dependency on Bar, so you installed that too. But then you found Bar was quite useful in itself, and you've created content and configuration on your site that depends on Bar. Ideally, at that point, you should have declared Bar explicitly in your project's root composer.json, but most likely, you haven't.

So at this point, you should go through Composer's output of what it's removed, and check your site doesn't have any of the Drupal modules enabled.

I recommend taking the list of Drupal modules that Composer has just told you it's removed in addition to the requested one, and checking its status on your live site:

$ drush pml | ag MODULE

If you find that any modules are still enabled, then revert the changes you've just made with the remove command, and declare the modules in your root composer.json, copying the declaration from the composer.json file of the module you are removing. Then start step 1 again.

Side effect 2: unrelated packages are updated

This is undesirable basically because any package update is something that has to be evaluated and tested before it's deployed. Having that happen as part of a package removal turns what should be a straight-forward task into something complex and unpredictable. It's forcing the developer to handle two operations that should be separate as one.

(It turns out that the maintainers of Composer don't even consider this to be a problem, and as I have unfortunately come to expect, the issue on github is a fine example of bad maintainership (for the nadir, see the issue on the use of JSON as a format for the main composer file) -- dismissing the problems that users explain they have, claiming the problems are by design, and so on.)

So to revert this, you need to pick apart the changes Composer has made, and reverse some of them.

Before you go any further, commit everything that Composer changed with the remove command. In my preferred method of operation, that means all the files, including the modules folder and the vendor folder. I know that Composer recommends you don't do that, but frankly I think trusting Composer not to damage your codebase on a whim is folly: you need to be able to back out of any mess it may make.

Step 2: Repair composer.lock

The composer.lock file is the record of how the packages currently are, so to undo some of the changes Composer made, we undo some of the changes made to this file, then get Composer to update based on the lock.

First, restore version of composer.lock to how it was before you started:

$ git checkout HEAD^ composer.lock

Unstage it. I prefer a GUI for git staging and unstaging operations, but on the command line it's:

$ git reset composer.lock

Your composer lock file now looks as it did before you started.

Use either git add -p or your favourite git GUI to pick out the right bits. Understanding which bits are the 'right bits' takes a bit of mental gymnastics: overall, we want to keep the changes in the last commit that removed packages completely, but we want to discard the changes that upgrade packages.

But here we've got a reverted diff. So in terms of what we have here, we want to discard changes that re-add a package, and stage and commit the changes that downgrade packages.

When you're done staging you should have:

  • the change to the content hash should be unstaged.
  • chunks that are a whole package should be unstaged
  • chunks that change version should be staged (be sure to get all the bits that relate to a package)

Then commit what is staged, and discard the rest.

Then do a git diff of composer.lock against your starting point: you should see only complete package removals.

Step 3: Restore packages with unrelated changes

Finally, do:

$ composer update --lock

This will restore the packages that Composer updated against your will in step 1 to their original state.

If you are committing Composer-managed packages to your repository, commit them now.

As a final sanity check, do a git diff against your starting point, like this:

$ git df --name-status master

You should see mostly deleted files. To verify there's nothing that shouldn't be there in the changed files, do:

$ git df --name-status master | ag '^[^D]'

You should see only composer.json, composer.lock, and the autoloader's files.

PS. If I am wrong and there IS a way to get Compose to remove a package without side-effects, please tell me.

I feel I have exhausted all the options of the remove command:

  • --no-update only changes composer.json, and makes no changes to package files at all. I'm not sure what the point of this is.
  • --no-update-with-dependencies only removes the one package, and doesn't remove any dependencies that are not required anywhere else. This leaves you having to pick through composer.json files yourself and remove dependencies individually, and completely obviates the purpose of a package manager!

Why is something as simple as a package removal turned into a complex operation by Composer? Honestly, I'm baffled. I've tried reasoning with the maintainers, and it's a brick wall.

Jan 08 2019
Jan 08

It’s always hard to pick up the most useful Drupal 8 modules because it depends on the site you will create or manage. But there are some really helpful modules you can use in almost every situation.

In this post, I will share some modules that I use almost all the time in my Drupal 8 projects, they are not related to a particular type of site but they are always helpful, both in development or production environment.

1. Admin Toolbar

(D8) - https://www.drupal.org/project/admin_toolbar

drupal-admin-toolbar

The Admin Toolbar module will greatly save your time. By having a drop-down menu and extending the original Drupal menu, it helps to perform various admin actions faster and easier.

The module works on the top of the default toolbar core module, therefore it is a very light module and keeps all the toolbar functionalities (shortcut / media responsive).

The module also provides a submodule called "Admin Toolbar Extra Tools" adding extra links similar to Admin Menu module for Drupal 7 (flush caches, run cron, etc...).

2. Module Filter

(D7/D8) - https://www.drupal.org/project/module_filter

drupal-module-filter

The modules list page can become quite big when dealing with a fairly large site. To simplify your modules administration, you can install the Module Filter. This module provides you a tab for each package, giving you two alternative ways (with the default filter textfield) to quickly find and re-configure your modules.

3. Shield

(D7/D8) - https://www.drupal.org/project/shield

drupal-module-shield

This module helps you protect your development or staging site with HTTP authentication. Anonymous visitors and search engines won’t be able to reach your test environment, but we and our customers will.

4. Content Lock

(D7/D8) - https://www.drupal.org/project/content_lock

drupal-module-content-lock

This module prevents users from editing the same node. If another user is trying to edit the same node, he will be notified that the content is already being edited.

The other great feature of this module is that it prevents users from leaving an edit form page without first saving it, they will be notified when attempting to close the browser window/tab, clicking on a link, etc. If the user confirms that he wants to leave without saving the node, the edit lock gets automatically removed.

5. Environment Indicator

(D7/D8) - https://www.drupal.org/project/environment_indicator

drupal-module-environment-indicator

This module will help you stay sane while working on your different environments by adding a configurable color bar to each one of your environments.

The Environment Indicator module adds a colored bar on the site, informing you which environment you're currently in (Development, Staging, Production, etc.). This is incredibly useful if you have multiple environments for each of your sites, and are prone to forgetting which version of the site you are currently looking at.

6. reCAPTCHA

(D7/D8) - https://www.drupal.org/project/recaptcha

drupal-module-recaptcha

reCaptcha is a module built on top of the captcha module that implements the google captcha service to protect your site from spam. This web service shows a checkbox “I’m not a robot” at the bottom of your form. The service gives a challenge based on choosing images related to a subject.

Another option for protecting your site from spam is the Honeypot module.

7. Block Class

(D7/D8)  - https://www.drupal.org/project/block_class

drupal-module-block-class

This module allows users to add CSS classes to any block through the block configuration interface. So we don’t have to add classes to our twig templates. We just need to add our new classes to our CSS file.

8. Configuration Split

(D8) - https://www.drupal.org/project/config_split

drupal-module-config-split

This module filters the import/export of the configuration. It allows to define sets of configurations that will get exported to separate directories when exporting from different environments.  The canonical example for this is to have the devel module enabled or having a few block placements or views in the development environment and then not export them into the set of configurations to be deployed, yet still being able to share the development configuration with colleagues.

9. RoleAssign

(D7/D8) -  https://www.drupal.org/project/roleassign

drupal-rol-asign

This module allows you, as a site administrator, to delegate the assignment of roles to another user without giving him the Administer permissions permission.

The module creates a new permission called Assign roles. Users with this permission are able to assign selected roles to other users. On the other hand, users with the Administer permissions permission may select which roles are available for assignment through this module.

For larger sites with multiple levels of administrators or whenever you need finer-grained control over which role can assign which other role, check out Role Delegation.

10. Delete all

(D7/D8) - https://www.drupal.org/project/delete_all

drupal-module-delete-all

This is the module that I always install on local or dev environment in conjunction with the Devel Generate module. It allows to delete all content and/or users from a site with just one click.

This particularly handy on a test site the client was using for a period of time, and he must clean it up before starting with real data or when we test import or migration with thousand of nodes. Really helpful.

Usage statistics of these modules.

Here you can find the usage statistics for those modules across all versions.

drupal-usage-statistics

Which Drupal 8 modules do you consider helpful?

I wish to hear about which Drupal 8 modules you consider helpful for your projects. Leave a comment and share it with the community !

Jan 08 2019
Jan 08

There's a module for that. There is, it's called, obviously, addtocalendar. It works very well, if you:

If you don't want to use an external service for something as simple as adding an event to a calendar, then it looks like you'll need a custom solution. Their smallest plan only allows 2 events per month.

The PatternLab Part

Here's the custom solution I came up with (in the future, I'll look at creating a module for this with a settings/UI page for site builders). Note, it's a PatternLab implementation; if you don't use PatternLab and just want to work directly in your Drupal theme, it would be even easier.

Here's the code for the 'Add to Calendar' pattern in PatternLab (some classes and things are removed to make it easier to read):

What does the above code do?

  • Creates a Google Calendar variable and creates an iCal variable. Outlook will also use iCal.
  • Uses these variables as links to add the event to their respective calendars.

Within the variables, we have some more variables (start date, end date, etc), which we should probably wrap in conditional statements so that their clauses don't print unless they are present in Drupal (some fields might be optional on your event content type, such as end time).

These variables are:

  • atc_start_date: Start Date and time
  • atc_end_date: End Date and time
  • atc_title: the name of the event
  • atc_details: description for the event
  • atc_location: place of event

In our Event pattern in PatternLab, we then have a variable called 'add_to_calendar' so that events have the option to have this widget or not. In event.twig, we simply print:

The Drupal Part

In Drupal we create a boolean field on our event content type field_event_add_to_calendar, if this is ticked, we will display the Add to Calendar widget.

Here's the code from node--event--full.html.twig

To explain:

If the 'Add to Calendar' boolean is on, we set the add to calendar variable as true

This in turn tells patternlab to render the Add to Calendar component.

We then check if each field we might use has a value in it - such as a start date and end date

If so, we map the values from each of those fields to variables in our Add to Calendar component (such as atc_start, atc_title, etc)

Now, when you view a node, you will see your Add to Calendar widget on any nodes that the editors choose to put it. You can see a sample of the Add to Calendar widget in my PatternLab.

Simple, once I figured it out.

Got an improvement for this? The comments are open.

Jan 08 2019
Jan 08

A modern and fresh look is coming to the Drupal administration interface soon. Take a look!

Last year, I talked to nearly one hundred Drupal agency owners to understand what is preventing them from selling Drupal. One of the most common responses raised is that Drupal's administration UI looks outdated.

This critique is not wrong. Drupal's current administration UI was originally designed almost ten years ago when we were working on Drupal 7. In the last ten years, the world did not stand still; design trends changed, user interfaces became more dynamic and end-user expectations have changed with that.

To be fair, Drupal's administration UI has received numerous improvements in the past ten years; Drupal 8 shipped with a new toolbar, an updated content creation experience, more WYSIWYG functionality, and even some design updates.

A visual comparison of Drupal 7 and Drupal 8's administration UIA comparison of the Drupal 7 and Drupal 8 content creation screen to highlight some of the improvements in Drupal 8.

While we made important improvements between Drupal 7 and Drupal 8, the feedback from the Drupal agency owners doesn't lie: we have not done enough to keep Drupal's administration UI modern and up-to-date.

This is something we need to address.

We are introducing a new design system that defines a complete set of principles, patterns, and tools for updating Drupal's administration UI.

In the short term, we plan on updating the existing administration UI with the new design system. Longer term, we are working on creating a completely new JavaScript-based administration UI.

A screenshot of the content administration using Drupal 8's Carlo themeThe content administration screen with the new design system.

As you can see on Drupal.org, community feedback on the proposal is overwhelmingly positive with comments like Wow! Such an improvement! and Well done! High contrast and modern look..

A screenshot of the spacing guidelines of Drupal 8's Carlo themeSample space sizing guidelines from the new design system.

I also ran the new design system by a few people who spend their days selling Drupal and they described it as "clean" with "good use of space" and a design they would be confident showing to prospective customers.

Whether you are a Drupal end-user, or in the business of selling Drupal, I recommend you check out the new design system and provide your feedback on Drupal.org.

Special thanks to Cristina Chumillas, Sascha Eggenberger, Roy Scholten, Archita Arora, Dennis Cohn, Ricardo Marcelino, Balazs Kantor, Lewis Nyman,and Antonella Severo for all the work on the new design system so far!

We have started implementing the new design system as a contributed theme with the name Claro. We are aiming to release a beta version for testing in the spring of 2019 and to include it in Drupal core as an experimental theme by Drupal 8.8.0 in December 2019. With more help, we might be able to get it done faster.

Throughout the development of the refreshed administration theme, we will run usability studies to ensure that the new theme indeed is an improvement over the current experience, and we can iteratively improve it along the way.

Acquia has committed to being an early adopter of the theme through the Acquia Lightning distribution, broadening the potential base of projects that can test and provide feedback on the refresh. Hopefully other organizations and projects will do the same.

How can I help?

The team is looking for more designers and frontend developers to get involved. You can attend the weekly meetings on #javascript on Drupal Slack Mondays at 16:30 UTC and on #admin-ui on Drupal Slack Wednesdays at 14:30 UTC.

Thanks to Lauri Eskola, Gábor Hojtsy and Jeff Beeman for their help with this post.

January 08, 2019

2 min read time

Jan 08 2019
Jan 08

Agiledrop is highlighting active Drupal community members through a series of interviews. Now you get a chance to learn more about the people behind Drupal projects. 

This time we had a chat with none other than Shawn McCabe, the CTO of Acro Media. In our interview, the avid Drupal contributor talked about his most memorable Drupal moments, his love for open source and his reasons to opt for a more sustainable lifestyle. Have a read!

1. Please tell us a little about yourself. How do you participate in the Drupal community and what do you do professionally?

I am the CTO at Acro Media, so I run our product development and R&D, which puts me pretty heavily into contributing to Drupal and working in the community. I do actually get to do a respectful amount of programming myself, which is nice and not something I always got to do as Acro was growing as a company. 

Thankfully now we have a head of operations for development who handles most of the day to day runnings and I get to run wild with awesome new tech while he does most of the actual work.

I also do architectural consulting and sales work for larger clients, a lot of which involves proselytizing about our lord and savior Drupal to anyone I get pointed in the general direction of.

2. When did you first come across Drupal? What convinced you to stay, the software or the community, and why?

I was aware Drupal existed, but my first actual work with it was when I was assigned to do a large Drupal/Ubercart site, back when Ubercart was still just in alpha. At the time we’d just started transitioning from our own proprietary stuff to Drupal. I’ve been an open source advocate pretty much since I got the internet, so I was all for the move in general.

Drupal ended up matching fairly well with my own preferences, it was open source, fairly developer focused and not controlled by a single company. I found it fairly similar to Linux in philosophy and that sat well with me. That whole “come for the code, stay for the community” thing that Drupal has never resonated with me, I keep working on Drupal because I like the direction and philosophy behind it.

Lots of Drupal events seem to focus on non-coding related activities as a big selling point, but I have little interest in doing non-Drupal activities as part of the community. I am not an isolated freelancer, so this isn’t one of my few times to hang out with other developers. I know other people in the community feel differently and we chatted about it on Slack and Drupal was literally the first time a lot of developers had a single other friend who was also a developer.

That’s a really rambly way of saying that I stay for the code, all the core developers are honestly working towards the best decisions for the project and even having larger corporate backers like Acquia I don’t think has affected that. People like Wim Leers, Gabor, Fabianx, Berdir, Daniel Wehner and Bojanz have done a lot of architectural work that I admire. Working with something like Magento I don’t get quite the same experience, they care primarily about only their own use cases and contribution efforts always feel like you’re the little brother tagging along.

3. What impact has Drupal made on you? Is there a particular moment you remember?

Haha, I remember meeting Dries for the first time and basically just getting all starry eyed and basically stammering at him. In person I swear he’s like 7 feet tall.

On a less embarrassing note, I was very proud to be on the list of the top 100 Drupal contributors at this year’s Drupalcon, as well as 4 other Acro employees. It’s been my goal to push Acro’s community involvement heavily over the last few years, so to see those efforts pay off was really great. As a company we’re also consistently in the Top 3, which I’d like to think I had a large part in. If anyone from Acquia is reading this, we’re coming for your #1 spot.

4. How do you explain what Drupal is to other, non-Drupal people?

Ha! Explaining it to people not in the industry is nearly impossible, usually I resort to “I make websites”. Even then people seem to get confused, it’s like “you know websites? You use them every day? Someone has to make those”. Drupal runs like 10% of the sites you go to, even if you don’t know it.

If they know web development I just say it is like wordpress with more flexibility and fewer security holes.

On a more serious note, I tend to pitch the philosophy of open source a lot when I talk about Drupal. I find most people grasp that fairly well and can see the advantages of having control over their own stuff. Somewhat ironically, I find developers who come from the proprietary side of things have the hardest time grasping open source, the concept of opening up the code is strange and terrifying. I’ve had calls with some very large companies who shall remain nameless who had to be given the ‘Explain it like I’m 5’ version of open source, which I found baffling.

5. How did you see Drupal evolving over the years? What do you think the future will bring?

I am a big fan of the direction of Drupal 8, I love the integration with the community and the adoption of many modern development practices. I think anyone still wishing for Drupal 7 to stay around is doing themselves a disservice instead of growing as a developer along with Drupal. I’ve been working with Drupal since late in the 4.7/early in the 5.x era and I think every version has been a clear improvement over the previous. 

6. What are some of the contributions to open source code or to the community that you are most proud of?

I’ve contributed around performance a lot at various times, I like to think those ones are the most useful since they help everyone. Drupal gets this bad rap for performance that I think is totally unjustified, install one bad module or make a poor caching choice and suddenly it seems like Drupal sucks, but it’s just a side effect of how much flexibility it gives you.

I always feel I’m 10 blog articles or videos behind though in sharing information, any time anyone else has to fix something I’ve already solved, I feel like I’ve wasted their time and they could have solved something new instead of the same thing twice. I’m mostly a “self taught” developer, which really means I’ve been taught by every kind soul who wrote a blog article or open sourced a project, which is a debt it doesn’t seem I can ever sufficiently pay back. So I’d guess I’d say I’m also proud of any content I’ve been able to give back, especially completely original work, then I’ve done my tiny bit to push society forward.

7. Is there an initiative or a project in Drupal space that you would like to promote or highlight?

We’ve done a ton of work on the Commerce POS module that I don’t think gets as much exposure as it should. It provides a wealth of functionality that integrates completely with commerce, providing a fully integrated setup that is usually only an option for expensive or enterprise setups. It even works with hardware you can build yourself like a Raspberry Pi, of which we’ve built some samples of already.

8. Is there anything else that excites you beyond Drupal? Either a new technology or a personal endeavorment. 

I am obsessed with renewable energy stuff lately, I built my own ebike last year and converted a Jeep Cherokee to full electric this year as well. Shameless plug for my youtube channel and blog, except they don’t have near as much content as they should. Our head office is in an area that has suffered from increasingly bad forest fires similar to California, so I’ve tried to take my reduction in greenhouse gases seriously.

I am a fanboy of Tesla for all the work they’ve done pushing the industry forward, but they’re not really my kind of cars as they’re very locked down against customization and filled with unnecessary gadgets, which as you can’t tell from my open source rantings, is pretty important to me. 

I’ve also converted to a vegan diet (aside from the occasional screw up, you wouldn’t believe how much stuff has milk powder in it!) for the same reason. Less for the cute little animals and more so I don’t die in a fire.

I also get super excited about OpenAI’s efforts to build DOTA bots, which seems like a real advancement from comparatively simple games like chess or go. 
 

Jan 07 2019
Jan 07

We recently published a blog post introducing our solution to Google Search Appliance being discontinued—an open source application we built and named Federated Search. If you haven’t already, we recommend checking out that first blog post to get the basics on how we built the application and why. Read on here to learn how you can see for yourself what the application does.

Search API Federated Solr is a complex application, and the best way to understand what's going on is to see it in action! Since the application requires a Solr instance in addition to a number of Drupal modules, we're not able to use Simplytest.me for demos. Instead, we've bundled all of the pieces together with Palantir's open source dev tools — the-vagrant and the-build — for a seamless demo experience that runs in a local virtual machine (VM) running on Vagrant. Head to GitHub to review the requirements, and then clone the repo and get started.

Setting up the environment

The-vagrant is a customizable vagrant environment that can be built into a project from scratch or easily retrofit an existing project (such as a new support client). On first setup, a handy install wizard takes users through a configuration process to choose hostnames, enable optional services like Solr, and enable further customization through Ansible tasks. The-vagrant is capable of handling single site, multi-site, or multiple-site (many docroot) setups in a single box, so it was a perfect match for our Federated Search environment.

The-build is a set of reusable phing targets for building Drupal projects. Once our VM is up and running, we use a standard set of these tasks to automate a number of complex tasks, such as:

  • Copying settings and services files into Drupal sites directories
  • Installing Drupal using an install profile and any existing config
  • Running post-install tasks like migrations
  • Running test suites
  • Importing databases from hosting environments
  • Deploying code to hosting environments

We have a shared set of phing targets that provide the foundation for many of these tasks, and each project extends them to meet their specific needs.

Building the demo

The Federated Search Demo repo builds a simulated multiple site environment, with a Solr server to boot, in the comfort of your own VM. Our demo site is expressly designed for both testing and development.

Because the application supports multisite, Domain Access, and standalone sites, we wanted to be able to demo (and develop for) all possible scenarios. To this end, the demo contains four docroots: Drupal 7 standalone, Drupal 7 Domain Access (coming soon), Drupal 8 standalone, Drupal 8 Domain Access. The D8 sites use the amazing core Umami profile to demo with real content, while the D7 site uses Devel Generate for some lorem ipsum-based content.

As of this writing, Domain Access is supported in the Drupal 7 module code, but not installed in the demo profile. The reverse is true for Drupal 8, and making the Drupal 8 version of Federated Search support Domain Access is under active development. We literally had to build the VM in order to finish those features!

There are a lot of dependencies involved, so let’s go to an application diagram:

Repo diagram

There’s a lot going on there, but we suggest grabbing the repo and seeing for yourself.

What to expect

Once you clone the demo repo, there are full instructions on getting the VM and Drupal up and running. After installing all of the sites, you can start by visiting http://d8.fs-demo.local and use the search box to test a search (maybe try mushrooms, yum). You should see the React-powered search page with your results and a number of filters on the left side which you can experiment with.

Search results page for mushrooms

Once you see the search results, you can dig in to how it works. In the Search App Settings (found at admin/config/search-api-federated-solr/search-app/settings) you can control a number of pieces of how the search page is displayed including it’s route and title. We set the page to default to ‘/search-app’ so as not to conflict with the default core configuration. Any changes made on this page should clear the cache for the search application and immediately be reflected on refresh.

Drupal interface

Next, you may want to see how data is indexed. The search index field config page (found at admin/config/search/search-api/index/federated_search_index/fields) will show a list of all of the mapped fields the site is sending to the index. Clicking on Edit will show you the details of each, showing each bundle in the site and how it’s being sent to the index. The Edit modal includes a token picker, showing the true power of this tool—the ability to use tokens or text at the bundle level to send data to our index.

Manage fields for search index

Edit field Federated Image

From this screen, try editing the config for a field, adding a token or changing a format. Once you do that, Search API will prompt you to re-index your data.

You can do so, then refresh the search results to see the changes. You might also want to inspect the raw data being sent to Solr. To do that, visit the Solr dashboard (at http://federated-search-demo.local:8983/solr/#/drupal8/query) and execute the default query. There you can see all of the fields being sent to the index.

Solr index

Coming back to the search page, inspecting the results with the React Dev Tools will help you understand how the application is handling data. Once you install the browser extension, you can inspect the app, view the React components, see props being passed through the stack, and more. For an even deeper dive into the React application, you can clone that project and build it locally.

Inspecting results

Contributing

In addition to providing a full demo environment, this repo also serves as a development environment for Search API Federated Solr and Search API Field Map. While those modules are installed by composer, the repo also links them into the ‘/src/’ directory for easy access. From there, you can add a GitHub remote or create patches for Drupal.org.

Issues for the demo can be raised on GitHub, and issues for the modules can be on either GitHub or Drupal.org. Be sure to read the handbook on Drupal.org for even more detail on how the system works.

Learn more about Federated Search in this presentation from Decoupled Days (or just view the slides).

Jan 07 2019
Jan 07

Last year, Google announced Google Search Appliance would be discontinued. This announcement means that enterprise clients needing a simple yet customizable search application for their internal properties will be left without a solution some time in 2019.

As the request of an existing client, Palantir has worked for the past year to produce a replacement for the GSA and other federated search applications using open-source tools. We abstracted this project into a reusable product to index and serve data across disparate data sources, Drupal and otherwise, and we’re now happy to share it with the community.

What is Federated Search?

We have created an application that allows you to index multiple Drupal (or other) sites to a single search application, and then serve the results out in a consistent manner with a drop-in application that will work on any site where you’re able to add a little CSS and JavaScript.

Federated Search is being released publicly as an open source solution to a common problem. It works out-of-the-box, and can also be customized. There are three main parts to the product:

  • Content indexing via Drupal integration (provided)
  • Result serving via React application (provided)
  • Data storage in a Solr backend (required; we can recommend SearchStax as an option.)

How was Federated Search built?

Every search application, no matter what the implementation, has three main parts: the source, the index, and the results.

Working from the results backward, we began with identifying a schema in which all of our source data would be stored. A basic review of search pages across the internet reveals a fairly common set of features. A title, some descriptive text, and a link are the absolute minimum for displaying search results. Some extra metadata like an image, date, and type are also useful to give the user a richer experience and some filter criteria. Finally, since we’re searching across sites, we’ll need some data about where the item comes from.

sitewide search results page from prototype

With that schema in mind, and knowing Drupal would be our data source, we identified a need to get data from some unknown structure in Drupal (because every site might have vastly different content types) into a fixed set of buckets. Since much of the terminology is the same, the Metatag module quickly came to mind — Metatag allows users to take data from Drupal fields using Tokens and output it into specific meta-tags on the site. With that same pattern in mind, we built Search API Field Map. This module allows us to use tokens to set bundle-level patterns, which all get indexed into the same field in our index.

At Palantir, search is part of every project. We’ve implemented numerous custom and complex search configurations, and almost every time we lean on Apache Solr for our backend. Solr is a CMS-agnostic search index that has a well-supported and robust existing toolchain for Drupal. Search API and Search API Solr provided a solid groundwork from which to build our source plugins, so then the last step was getting our data out. Solr comes out of the box with “Response Writers” that cover almost every known data format, so our options were wide open.

We knew we wanted to provide our client with a CMS-agnostic drop-in interface and that we had a data source that’s fluent in JSON, so that immediately pointed us in the direction of a Javascript framework. The JS space is incredibly dense at the moment, but after some investigation, we settled on React to provide us the robust data management and user interface for our search application.

We started with an existing framework to provide the query handlers and basic front-end components, then extended it with our own set of component packs to build out the user interface. Search API Federated Solr provides the React application as a Drupal library, adds a search block, and surfaces some custom per-site configuration for the search application.

A Flexible, Open Source Search Solution

With Drupal, Solr, and React working together, we’re able to index data from completely arbitrary sources, standardize it, and then output it in an easily consumable way. This approach means more flexibility for site administrators and a cleaner experience for users.

A number of commercial applications exist to provide this functionality, but our solution provides a number of benefits:

  • Keeping the data source tightly coupled with Drupal allows for maximum customization and access to the source content.
  • Providing a decoupled front-end allows us to surface results anywhere, even outside of Drupal.
  • Being built on 100% open-source code allows for community improvement and sharing.

How can you use this or download the code?

Between the Drupal modules and React code, there’s a lot going on to make this application work, and even with those, you’ll still need to bring your own Solr backend to index the data. Luckily, we’ve put all those pieces together into a fully functional demo box using Palantir’s open source Vagrant environment and build tasks.

If you’d like to inspect the pieces individually, here they are:

Palantir plans to maintain these projects as a cohesive unit moving forward, and pull requests or D.o issues on the projects above are always welcome.

Does it have to be a Drupal site?

No! While we provide everything needed to index a Drupal 8 or Drupal 7 site, there’s no reason you can’t configure an additional data source to send content to the same Solr index, as long as it conforms to the required schema. The front-end is also CMS-agnostic, so you could search Drupal sites from Wordpress, another CMS, or even from a statically generated site.

You can read how to see Federated Search in action in our Demo blog post or learn more about Federated Search in this presentation from Decoupled Days (or just view the slides).

Jan 07 2019
Jan 07

Pega Community Documentation Page

Book navigation is nested several levels

The import project is not yet complete, so I cannot give a live link, but here is a screenshot of the navigation. Notice that most of the navigation is collapsed, but enough of it is open to show the path to the current page.

,

Significant Numbers

  • 4472 pages in the book
  • 2.7 MB rendered (twice) for each page
  • 40-50 sec initial load
  • 6-9 sec load after caching

The navigation is rendered twice on every page: once for desktop and once for mobile. We should dos something about that, but not today.

After we did this work, the cached page loads in 2-3 sec. Normally, I would not brag about times like that, but it is a lot better than it was. (Also, the 6-9 seconds relied on some earlier caching work.)

I think that Emily Dickinson would understand how I feel about these load times:

The Heart asks Pleasure—first—
And then—Excuse from Pain—

,

Strategy

Cache the navigation once per book

If we cache each page of the book, that means about 10 GB of cache. It also means that we spend a lot more time generating the navigation menu than if we generate it once per book.

Set active trail with javascript

The problem with caching the navigation once per book is that we need to customize it for each page, opening up the path to the current page. So let’s customize it per page with javascript (client side).

,

Implementation

Here is a simplified version of the Twig Template that creates the navigation block:

{% if tree %} {{ top_book_title }} {{ tree }} {% endif %}

The important part is the Twig variable at the end: {{ tree }} is the part we have to compute and cache. Also notice that we already have some CSS classes that we can target with jQuery.

Hook Node View

From the screenshot above, you might think that the navigation is in a block, placed in the sidebar region. In fact, the caching would be a little simpler if that were the case. The way the site is built, it is actually in the main page array.

Here is the code that adds a render array for the book navigation. After a few checks to make sure that it should be added, it creates a simple render array with a custom #theme and a single parameter. That is, it depends on the current book ('#book_id' => $book_id) but not on the current page.

function pdn_book_node_view(array &$build, NodeInterface $node, EntityViewDisplayInterface $display, $view_mode) { if ($view_mode != 'full') { return; } if (empty($node->book['bid']) || !empty($node->in_preview)) { return; } $book_id = $node->book['bid']; $book_node = Node::load($book_id); if (!$book_node->access()) { return; } // Cache the navigation block once for the entire book. // We will set the active trail client-side. $build['book_nav'] = [ '#theme' => 'book_nav', '#book_id' => $book_id, '#weight' => 100, '#cache' => [ 'keys' => ['pdn_book_nav', $book_id], 'contexts' => ['languages'], 'tags' => ["node:$book_id"], 'max-age' => Cache::PERMANENT, ], ]; }

I will explain the #cache parameters below. (If you want, you can skip to the section “Tell Drupal how to cache the navigation”.)

Hook Theme

This is pretty standard, but for completeness here is the definition of the custom theme function. Again, there is only one parameter, the book ID. The Twig template is the one I showed above, book_nav.html.twig.

function pdn_book_theme($existing, $type, $theme, $path) { return [ 'book_nav' => [ 'variables' => [ 'book_id' => 0, ], ], ]; }

Preprocess Function

This function takes the single book_id parameter provided to the theme function and adds the other variables used in the Twig template, including $variables['tree']. This function was already in the code before we started working on it. It is based on some code already in the core Book module.

function template_preprocess_book_nav(&$variables) { /** @var \Drupal\book\BookManager **/ $book_manager = \Drupal::service('book.manager'); // Get the nested array (tree) of menu links. $book_tree = $book_manager ->bookTreeAllData($variables['book_id']); // Generate a render array from the tree of links. $tree_output = $book_manager ->bookTreeOutput(array_shift($book_tree)['below']); $variables['tree'] = $tree_output; $variables['book_url'] = \Drupal::url( 'entity.node.canonical', ['node' => $variables['book_id']] ); $book_node = Node::load($variables['book_id']); $variables['top_book_title'] = $book_node->getTitle(); $variables['top_book_empty'] = !$book_node->hasField('field_body') || $book_node->get('field_body')->isEmpty(); }

Javascript

Here is the javascript that opens up the path to the current page. Since jQuery is very good at traversing the DOM, this ends up being a lot simpler than the PHP code we used previously.

The second half of this snippet was already there. We just added the part that finds the , looks inside it for a link to the current page, and then adds class="active" to that link and its parents and class="c-book-nav--list-expanded" to the parent

  • elements.
  • Drupal.behaviors.bookNavExpand = { attach: function attach(context) { var bookNav = $('.c-book-nav', context); $('a[href="https://www.isovera.com/caching-large-navigation-menus-drupal/' + context.location.pathname + '"]', bookNav) .addClass('active') .parentsUntil(bookNav, '.c-book-nav--list-expandable') .addClass('c-book-nav--list-expanded') .children('a') .addClass('active'); $('.c-book-nav--list-expanded > .c-book-nav--list', context) .once('bookNavExpandInit') .css('display', 'block'); $('.c-book-nav--expand-arrow', context) .once('bookNavExpandClick') .on('click', function() { $(this).parent().toggleClass('c-book-nav--list-expanded'); $(this).siblings('.c-book-nav--list').slideToggle(); }); } };

    There is room for improvement here. It is a little inefficient to traverse the DOM twice (once to set class="c-book-nav--list-expanded" and a second time to set display="block" on those elements). We decided to KISS for now: just add our 7 lines of javascript and not touch what was already there.

    ,

    Tell Drupal how to cache the navigation

    Here again is the render element we added to the page.

    $build['book_nav'] = [ '#theme' => 'book_nav', '#book_id' => $book_id, '#weight' => 100, '#cache' => [ 'keys' => ['pdn_book_nav', $book_id], 'contexts' => ['languages'], 'tags' => ["node:$book_id"], 'max-age' => Cache::PERMANENT, ], ];

    Now let’s look at the four entries in the #cache sub-array.

    Cache Keys

    'keys' => ['pdn_book_nav', $book_id],

    We provide two cache keys:

    • A unique string to identify “our” cache entries.
    • The book ID.

    This is how we cache once per book.

    Without cache keys, any other cache data will bubble up to the page render array, but our render array will not be cached by itself, which is what we want. If the book navigation were in a block, then the block would be cached and we would not have to supply cache keys.

    Cache Contexts

    'contexts' => ['languages'],

    If the book is viewed in another language, then the link text will change, so we need to tell Drupal to store a separate copy for each language. Maybe the link URLs will also change, depending on how we manage languages.

    In fact, this site is not (yet) multilingual, so we are trying to be a little proactive.

    A drawback to the once-per-book strategy is that the navigation menu will not update if any individual page is updated, say with a new title. This is not a problem for books imported from an external system, but the site has other books as well. We may decide to add the 'route.book_navigation' cache context, if this does not affect performance badly. See Cache contexts in Drupal’s Cache API documentation.

    Cache Tags

    'tags' => ["node:$book_id"],

    This tells Drupal that when node/$book_id is updated, it should delete the entry from the cache. This is related to how many different variants should be cached. For example, we might want to cache once per book but invalidate it if any page in the book is updated. Then we would include the book ID in the cache keys and we would add cache tags for each node in the book.

    On my local copy of the site, the cache tags are stored in the database, where I can examine them. (See below.) On production, they might be handled by memcache. At the page level, cache tags are sent in HTTP headers, so that Varnish or a CDN can invalidate pages based on cache tags.

    Cache Max Age

    'max-age' => Cache::PERMANENT,

    This tells Drupal to keep the cached version until we say to clear it.

    ,

    Peek At the Database

    On my local copy of the site, the render cache is stored in the database, so we can see the results of these settings with a few queries. On production, this cache is handled by memcache.

    The cache_render Table

    Here is the relevant database table:

    mysql> DESCRIBE cache_render; +------------+---------------+------+-----+---------+-------+ | Field | Type | Null | Key | Default | Extra | +------------+---------------+------+-----+---------+-------+ | cid | varchar(255) | NO | PRI | | | | data | longblob | YES | | NULL | | | expire | int(11) | NO | MUL | 0 | | | created | decimal(14,3) | NO | MUL | 0.000 | | | serialized | smallint(6) | NO | | 0 | | | tags | longtext | YES | | NULL | | | checksum | varchar(255) | NO | | NULL | | +------------+---------------+------+-----+---------+-------+ 7 rows in set (0.01 sec)

    Query

    After clearing caches and viewing one page, there is just one entry matching the unique string we supplied as a cache key. I have added some whitespace to make this easier to read. I did not include the data column, since that would have been overwhelming. I skipped serialized: it is a boolean that says whether the data is a simple string or a serialized PHP variable.

    mysql> SELECT cid, expire, created, tags, checksum FROM cache_render WHERE cid LIKE 'pdn_book%' LIMIT 0,1\G ********************** 1. row ********************** cid: pdn_book_nav: 704369: [languages]=en: [theme]=pegawww_theme: [user.permissions]=4f64d6e20026c96e963d91bab0192f9824e8cb2e9352eb4c1ca18d78478abfdb expire: -1 created: 1543638198.782 tags: config:system.book.704369 node:704369 rendered checksum: 12 1 row in set (0.00 sec)

    Cache ID (cid)

    This identifies the cached item.

    • We specified pdn_book_nav in the cache keys.
    • The book ID (704369) also comes from cache keys.
    • languages comes from cache contexts.
    • theme and permissions are default contexts: see below.

    Cache Max Age (expire and created)

    Since we specified 'max-age' => Cache::PERMANENT, in the cache settings, the expire column is set to -1. If we had specified 86400 (one day) then the expire value would have been 86400 more than the created value. (I should check this.)

    Cache Tags

    Again the cache tags describe when this entry should be purged. I am happy to see node:704369 (the book ID), but I am not sure where the other tags are generated.

    Permissions Hash

    I am punting on some of the cache tags, but I promised to explain where two parts of the cache ID come from. See sites/default/services.yml:

    parameters: renderer.config: # Renderer required cache contexts: # # The Renderer will automatically associate these cache # contexts with every render array, hence varying every # render array by these cache contexts. # # @default ['languages:language_interface', 'theme', 'user.permissions'] required_cache_contexts: - 'languages:language_interface' - 'theme' - 'user.permissions'

    This shows that we did not have to specify 'languages' in the cache contexts: it is already added by default. It also explains why the theme and the user permissions appear in the cache ID.

    ,

    Conclusion

    Our main goal was to improve page-load times: they started out terrible and now they are merely bad, maybe even fair. As a bonus, I learned a little about how the cache system works in Drupal 8. Comparing the settings we provided in the render array to what gets stored in the database helped to de-mystify the system for me.

    Try it yourself! In order to experiment with the cache settings, you can skip the theme function and the Twig template; just build your render array directly. Try setting a different max age, or adding cache contexts, and see how it affects what is saved in the database.

    ,

    References

    I already mentioned one reference:

    • Cache contexts

    That is part of the Cache API guide on drupal.org.

    The other reference I found most helpful for explaining the importance of cache keys is

    • Render API overview: Caching

    in the API documentation.

    These two pages in the Render API guide are also useful:

    • Cacheability of render arrays
    • Render arrays
    Jan 07 2019
    Jan 07
    What we can learn from day one of legal online cannabis sales in Canada


    On October 17, 2018, Canada took a progressive step forward as the sale of recreational cannabis became legal for the entire country. It was the end of a prohibition, sparking a wave of new business opportunity. It’s hard to find official numbers for Canada as a whole, but it’s estimated that there were about 212,000 first-day sales across the country worth approximately $28 million! We thought it would be a good opportunity to show some of the benefits of open source vs. SaaS solutions for online cannabis.

    First off, It’s hard to say exactly how many transactions occurred online for Canada as a whole. It’s up to each province and territory to decide how they want sales to proceed and stats are quite limited at this point. We do, however, have solid information for a couple smaller provinces that we can start with. Then we can expand with speculation after that.

    What we know

    Cannabis Yukon

    Cannabis Yukon, the Yukon government run retail outlet, had a combined online and in-store sales totalling about $59,900 (source). About 25% of that number, roughly $15,000, was transacted online. The online retail outlet uses the open source platform Drupal.

    PEI Cannabis

    PEI Cannabis, the Prince Edward Island government run retail outlet, had a combined online and in-store sales totalling about $152,000 (source). About 7% of that number, roughly $21,000, was transacted online. The online retail outlet uses the SaaS platform Shopify. It’s interesting to note that Shopify also runs the provincial online pot shops for Ontario, British Columbia and Newfoundland.

    Functionality is the same

    All ecommerce cannabis outlets in Canada, government or private, are going to have the same features. They need to block access to minors, they need to sell products based on weight and they need to restrict the maximum amount of cannabis an individual can purchase at one time. All other functionality required is standard ecommerce. Functionality-wise, Cannabis Yukon and PEI Cannabis do the same thing. Whether it’s open source or SaaS, there isn’t an edge either way there.

    Where open source has the advantage

    Where it gets interesting, and where the Yukon Government is in a great position to succeed, is commerce architecture and service fees. These are a couple of big reasons why open source is really catching fire in the ecommerce marketplace.

    Commerce architecture

    Yukon Cannabis is built on the Drupal platform. It’s open source software meaning there are no service fees to use and anyone who uses it can customize and innovate the software however they like. Development can be done in-house or with any 3rd party development agency familiar with the underlying code, mainly PHP.

    An advantage to using a platform like Drupal is that it can integrate and talk to other services your operation may use for accounting, marketing, inventory, customer management, etc. Integrations and automation eliminate swivel chair processes that restrict business growth.

    PEI Cannabis, on the other hand, is somewhat vendor locked using the Shopify platform. Shopify does have a rich ecosystem of integrations, but if there’s ever a need to develop a new integration, PEI Cannabis is restricted to dealing with only Shopify or their small group of partners. That usually means high cost.

    Service fees

    When a sale is made using a SaaS platform, a certain percentage of the sale is lost to taxes and additional platform specific transaction fees. In the case of Shopify Plus, the enterprise fee structure is $2,000 per month + 0.25% per transaction, capping at a maximum of $42,000 per month (source). You can optionally use ‘Shopify Payments’ instead which carries a transaction fee of 1.6% + 30 cents per transaction. This would be a better way to go only if you don’t require any other payment gateways, but in our experience that isn’t the case. Finally, in addition to Shopify’s fees, the platform has an extension library to extend the functionality to your store. Most of these extensions carry their own monthly fee and there’s a very good chance you would need some of them.

    With SaaS ecommerce platforms like Shopify, year after year the cost of ownership increases. At minimum, the yearly fees paid to Shopify amount to $24,000 and can rise as high as $480,000. That doesn’t include any additional extensions that you use or any payment gateway fees. PEI Cannabis must pay these fees (and so do the governments of BC, Ontario and Newfoundland who also use Shopify).

    Open source ecommerce platforms, on the other hand, don’t necessarily have any of these additional fees. Aside from the standard payment gateway fees and hosting fees, Yukon Cannabis pays no additional monthly or yearly licensing fee to use their ecommerce platform. Whether they sell $15,000 or $15 million, the investment that they’ve made into the development of their website should pay for itself quite quickly, potentially within a year.

    Furthermore, provincial government cannabis retailers are essentially public companies. A large portion of the profit made is to be distributed at the provincial and federal levels to support various public services and initiatives. By utilizing open source technology and therefore avoiding platform-specific fees, the Yukon government will have more capital available for their public services and initiatives. Yukon constituents should be quite happy about that!

    By utilizing open source technology and therefore avoiding platform-specific fees, the Yukon government will have more capital available for their public services and initiatives. Yukon constituents should be quite happy about that!

    Service fee breakdown

    Here’s a rough breakdown of potential monthly and annual platform service fees based on some of the numbers we know. We know the combined (online and in-store) sales from day one were elevated due to the hype of legalization, and we know that BC sales dropped by 70% on day two. For our fee breakdown, we’ll take the 70% reduced amount from the combined total numbers we know and use that to calculate a 30 day monthly sales estimate. We’ll use the combined total because most ecommerce platforms also support an official in-store point of sale component. This is all speculation of course, but it still shows realistic ecommerce sales numbers and how service fees accumulate based on them.

    While the numbers shown below may appear to be quite large at first, Statistics Canada, the national statistics government agency, predicted back in September that legal cannabis sales for the first 3 months will be between $816 million and $1 billion nationwide. If that ends up being true, the numbers below would actually be grossly underestimated!

    Est. Monthly Sales
    Based on 30% of day one total x 30 days (XX/100 x 30) x 30 Open source
    Annual and Monthly Fee: 0% Shopify Plus
    Monthly including transaction fee
    (calculator) Shopify Plus
    Annual 
    (monthly x 12)Yukon Cannabis
    30 day est: $539,100
    Day one: $59,900$0$2,994.31$35,931.72PEI Cannabis
    30 day est: $1,368,000
    Day one: $152,000$0$4523.13$54,277.56Nova Scotia
    30 day est: $5,940,000
    Day one: $660,000$0$12,955.69$155,468.28Alberta
    30 day est: $6,870,000
    Day one: $730,000$0$14,670.97$176,051.64All of Canada *
    30 day est: $252,000,000
    Day one: $28,000,000$0$40,000 (cap)  $480,000 (cap)

    * The government agency Statistics Canada predicts that legal cannabis sales in Canada will be between $816 million and $1 billion (source).

    Where SaaS has the advantage

    The biggest advantage that SaaS such as Shopify has over open source is the speed at which you can get your product to market and the simplicity of use.

    If you’re just starting out and need to get an ecommerce site up and running quick, these services are turn-key and can get your product to market fast. The website management interface is clean and easy to use, and most people can do what they need to do with little to no training.

    There is a reason why companies like Shopify are quite dominant and it’s largely because of the simplicity. While we strongly believe that you shouldn’t choose your platform based on features, many people are willing to pay extra to be able to do it all themselves.

    Takeaways

    Watching a new industry unfold in Canada has been fun. It’s interesting to see that both open source and SaaS has found its way into the legal cannabis marketplace. Clearly both open source and SaaS work for this industry, it’s more about what you’re willing to pay and what ecommerce ecosystem you think is best for your business and its future growth.

    If you’re thinking about online cannabis retail (or any other online retail for that matter), Acro Media has the expertise and processes in place to help guide you to online commerce success. Try our Digital Commerce Assessment Tool to uncover problematic areas within your digital commerce operations.

    Complete Your Digital Commerce Accessment

    Jan 07 2019
    Jan 07
    The home automation system is a combination of software and hardware devices which handles home routine such as lights, temperature/humidity (microclimate) and entertainment systems (TV, audio etc.) automatically based on some scenarios. This post is about building such system based on Domoticz server, Xiaomi and Broadlink devices. I'll try to cover some topics such as system set up and useful scenarios. Agenda:
    1. Hardware
      1. Gateway
      2. Signaling sensors
      3. Data provider sensors
      4. Controlling sensors
      5. Smart lamps
      6. Server and wifi router
    2. Software
      1. Domoticz
      2. Mini DLNA
    3. Adding devices to Domoticz
      1. Gateway
      2. ZigBee devices
      3. Yeelight Smart bulbs
      4. Broadlink RM 3 mini and RM Pro+ remote controls
      5. Naming convention, groups, and scenes
    4. Network
    5. Scenarios
      1. Network devices state
        1. Are you at home?
      2. Notifications
        1. Motion activity detected
        2. Doors/windows activity detected
        3. Fire detected (high temperature)
        4. ZigBee devices batteries level report
      3. Room occupation
        1. Motion trigger
        2. Windows and doors trigger
      4. Room presence detection
        1. TV
        2. Laptop
        3. Room locking
      5. Light
        1. Room occupation trigger
        2. Button trigger
      6. Microclimate
      7. Alarm clock
    6. Remote access to your Domoticz
    7. Monitoring
      1. Service uptime
      2. Containers state
    8. Conclusion

    Hardware


    Let's overview hardware which will be used in the system. I distinguish 5 types of devices/sensors for building home automation systems: gateways, signaling sensors, data providers, controlling sensors and "smart" light. Most of Xiaomi/Aqara devices are working over ZigBee protocol, but there are some which are working over wifi like lamps. In a nutshell, a gateway is a central place of a smart home which receives all the data from other sensors/devices which are connected to it. Signaling sensors tell about some event. Data sensors provide environment information. Controlling sensors send commands to home devices. Smart lamps can be controlled over wifi in order to switch light.
    There are a lot more devices and sensors on the market for different purposes but in this post, I'll cover only that which are used for my basic scenarios.

    Gateway

    • Gateway (Xiaomi, WiFi/ZigBee) - a central point of ZigBee network. Receives events from other sensors. A system can run scenarios based on provided information.

    Signaling sensors

    • Motions sensor (Xiaomi or Aqara, ZigBee) - emits a signal when motion is detected.
    • Door/window state sensor (Xiaomi or Aqara, ZigBee) - emits a signal when door/window is being opened or closed.

    Data provider sensors

    • Temperature and humidity sensor (Xiaomi or Aqara, ZigBee) - provides current temperature and humidity.
    • Lux sensor (Aqara, ZigBee) - provides current luminosity. Usually, this sensor combined with a motion sensor (Aqara).

    Controlling sensors

    • Button (Xiaomi, ZigBee) - sends commands (single click, double click and long click).
    • Socket (Xiaomi or Aqara, ZigBee) - power control.
    • Remote control RM Pro + (Broadlink, WiFi) - sends commands to IR and RF controlled devices such as conditioner, TV etc.
    • Remote control RM Mini (Broadlink, WiFi) - sends commands only to IR controlled devices.

    Pages

    About Drupal Sun

    Drupal Sun is an Evolving Web project. It allows you to:

    • Do full-text search on all the articles in Drupal Planet (thanks to Apache Solr)
    • Facet based on tags, author, or feed
    • Flip through articles quickly (with j/k or arrow keys) to find what you're interested in
    • View the entire article text inline, or in the context of the site where it was created

    See the blog post at Evolving Web

    Evolving Web