Jan 21 2019
Jan 21

As promised 3 months ago, Gabe, Mateu and I shipped support for revisions and file uploads today!

What happened since last month? In a nutshell:


JSON:API 2.1 follows two weeks after 2.0.

Work-arounds for two very common use cases are no longer necessary: decoupled UIs that are capable of previews and image uploads.

  • File uploads work similarly to Drupal core’s file uploads in the REST module, with the exception that a simpler developer experience is available when uploading files to an entity that already exists.
  • Revision support is for now limited to retrieving the working copy of an entity using ?resourceVersion=rel:working-copy. This enables the use case we hear about the most: previewing draft Nodes. Browsing all revisions is not yet possible due to missing infrastructure in Drupal core. With this, JSON:API leaps ahead of core’s REST API.

Please share your experience with using the JSON:API module!

Jan 21 2019
Jan 21

As any developer working with Drupal 8 knows, working with Composer has become an integral part of working with Drupal. This can be daunting for those without previous experience working with command line, and can still be a confusing experience for those who do.

This is the fourth post in an explorative series of blog posts on Drupal and Composer, hopefully clearing up some of the confusion. The four blog posts on this topic will be as follows:

If you have not yet read part 1 and part 2, then before reading through this post, it is probably best to ensure you understand the concepts outlined in the summaries of those articles before moving forward.

Composer for Drupal Developers

The final section in this series addresses how Drupal developers can integrate profiles, modules and themes with Composer, to manage 3rd party libraries and/or other Drupal modules used by their code. To understand when and why a developer would wish to do this, let's have a look at a use case.

Use Case 1: Instagram Integration

Imagine a developer building a module to integrate with Instagram, pulling the most recent images from an Instagram account and displaying them on the Drupal site. Instagram provides an API for retrieving this information, but before Instagram provides this data, the Drupal site is required to authenticate itself to Instagram, using the OAuth2 protocol. After authenticating, various API calls can be made to retrieve data from the API using the the OAuth2 authentication token.

Up to Drupal 7, the Drupal way to do this would be to write a custom OAuth 2 integration (or use the OAuth2 Client module), then write custom functions that made the API calls to Instagram, retrieving the data.

Drupal 8 however, using Composer, acts like a hub, allowing for the inclusion of 3rd party libraries. This saves developers from having to re-create code within Drupal (aka rebuilding the wheel). For example, Instagram integration can be handled with the Instagram-PHP-API library. This library provides OAuth2 integration specific to Instagram, as well as various PHP wrappers that interact with Instagram's API to handle the retrieval of data from the API. Using Composer, our developer can integrate this 3rd party library into Drupal, and use it in their Drupal code. This saves our developer the time and effort of creating and testing the code that integrates with Instagram, as these tasks are handled by the library maintainers. If the library is well maintained, it will be updated in line with updates to Instagram's API, saving developer time (and therefore client money) in maintenance as well. And finally, as the library is open source, it will have the benefit of having eyes on it by PHP developers from various walks, rather than just Drupal developers, making for a stronger, more secure library.

Use Case 2: Drupal Module Dependency

Imagine that it is a requirement that the images retrieved from Instagram be shown in a popup (aka modal or lightbox). This can be handled using the Drupal Colorbox module. As such, the Colorbox module will be set as a dependency in the Instagram module's .info.yml file. When a site builder managing their Drupal project with Composer downloads/manages our developer's Instagram module with Composer, then tries to enable the Instagram module in Drupal, they will get an error from Drupal that the Colorbox module is missing. The problem here is that Drupal is being told the Colorbox module is a dependency, but we are not managing that dependency with Composer, and therefore the code has not been downloaded and does not exist.

At this point, it is easy to think that site builders could just add the Colorbox module to Composer with a require command. This would work, and after doing so, they would be able to enable the Instagram module, since the Colorbox module now exists. This opens up a problem however; imagine the site builder later decides to remove our developer's Instagram module. They disable/uninstall it in Drupal, then use composer remove to remove it. Everything looks good - the module has been uninstalled from Drupal, and the code has been removed from the codebase. However, there is one more step to return the system to its original state; disabling/uninstalling the now unnecessary Colorbox module from Drupal and removing the code using Composer. The necessity of this additional step opens up situations where the module will be left on the system due to forgetfulness, a lack of documentation, or changing site builders, creating site bloat due to unnecessary code existing and being executed.

The solution to this is to also manage Drupal profile/module/theme dependencies with Composer. In our use case, our developer will list the Colorbox module as a dependency of the Instagram module not just in the Instagram module's .info.yml file, but also as a Composer dependency in composer.json. This way, when the Instagram module is added to a project using Composer, Composer will also download and manage the Colorbox module. And when the site builder removes the Instagram module, Composer will remove the Colorbox module as well (if no other libraries list it as a dependency).

Integrating Drupal Code with Composer

Step 1: Create a composer.json file

Integrating with Composer requires that a composer.json file be created in the root of the profile/module/theme (from here on out referred to as the Drupal library) folder. This is explained in detail on the Drupal.org documentation page Add a composer.json file. Once this file has been added to the Drupal Library, it should be validated. This can be done by running composer validate on the command line in the same directory that the composer.json file lives in.

Note that Drupal.org automatically adds a composer.json file to projects that do not have one. This is so that Composer is able to manage all projects on Drupal.org, not just projects to which maintainers have explicitly added a composer.json file.

Step 2: Declare your dependencies to Composer

All library dependencies, whether 3rd party libraries, or contributed Drupal libraries (modules etc), need to be declared as dependencies to Composer. This is done by calling composer require [LIBRARY NAME], from within the folder of the Drupal library. This means that if you are adding dependencies for a module, you will navigate to the module folder, and add your dependencies. If you are adding dependencies for a theme, navigate to that folder, and add the dependencies there. The key point here is to not add your dependencies from the wrong folder, as they will be be added to the composer.json file of the wrong package.

Adding Remote Library Dependencies

In the use case example for this article, the Instagram-PHP-API library was suggested for integration with Instagram. This library has the Composer key cosenary/instagram. To set this library as a dependency of a module, navigate to the root of the module, and run the following:

composer require cosenary/instagram

Running this code results in the following:

  1. The cosenary/instagram library is added as a dependency to the composer.json file, so that Composer knows the package is managed by Composer. The composer.json file will contain something like the following:

    "require": {
      "cosenary/instagram": "^2.3",

    Note that composer.json is committed to Git.

  2. The [MODULE ROOT]/vendor folder is created, and the Instagram-PHP-API library is downloaded into this folder. Composer by default creates the vendor folder in the same directory as the composer.json file. 

    Note that once the Drupal library has been pushed to a repository where it can be managed by Composer, installing the Drupal library with Composer will install the Instagram-PHP-API library to the project's vendor folder. As such, it's a good idea to delete the vendor folder in the module after the new composer.json and composer.lock files have been committed to the remote repository, before requiring the module with Composer.

    As a best practice, it is a good idea to create a .gitignore file in the module root, and include the vendor directory to ensure that it is never accidentally committed. 

  3. The composer.lock file is created, locking the installed version of the Instagram-PHP-API library to the Instagram module. This ensures that users of the Instagram library are working with a compatible version of the Instagram-PHP-API library. Note that this file is also committed to Git.

  4. Any dependencies of the Instagram-PHP-API library, declared in its own composer.json file, are downloaded.

  5. All libraries and dependencies are checked for version conflicts.

Adding Drupal Library Dependencies

In the use case example for the article, the Drupal Colorbox module (aka library) was mentioned to be a dependency of the Instagram module, and therefore is to be managed with Composer. Adding Drupal modules as dependencies requires an additional step, due to their being hosted on a non-default repository. To add a Drupal library as a dependency:

  1. Edit the composer.json file and add the Drupal repository to it, so that Composer knows where to look for the Drupal libraries, including the Colorbox module:

    "repositories": [
        "type": "composer",
        "url": "https://packages.drupal.org/8"

    Now Composer knows where to look for the Colorbox module when the Instagram module is installed.  If developers try to declare Colorbox module as a dependency before this step, they will get an error that Composer cannot find the drupal/colorbox library.

  2. Add the module with composer require:

    composer require drupal/colorbox

    Note that this will download the Colorbox module to [MODULE ROOT]/vendor/drupal/colorbox. This is NOT a good thing, for while Drupal will be able to find the module in this location, it is not the standard location, and if another copy of the module ends up in other directories that Drupal scans when looking for modules this will create hard to debug issues. So either delete the Colorbox module in the vendor folder right away, or immediately move it to the location where the rest of your contributed modules are located, so it's very clear where it is at.

After this, both the composer.json file and the the composer.lock file should be committed to Git. The module now has its dependencies declared on both the Instagram-PHP-API library and the Drupal Colorbox module. When site builders install the module to their Drupal project using Composer, the Instagram library will be downloaded to the project (site) vendor folder, and the Drupal Colorbox module will be installed to the web/modules/contrib folder.

Developing With Composer-Managed Drupal Libraries

Now that the module has been integrated with Composer, Composer can be used to manage the module during development. Let's imagine that the Instagram module being developed has the key drupal/insta, and is on Version 8.x-1.x. Downloading the -dev version of the module can be done by appending :1.x-dev when requiring the module:

composer require drupal/insta:1.x-dev

This will download the 8.x-1.x-dev version of module to the web/modules/contrib folder, where it can be worked with. A .git folder will be included in the module root, so that changes can be committed to Git. Sounds great, but when our developer tries to push their commits, they will get an error, as the remote URL of the repository is not the repository for maintainers of the module and does not allow commits. As such, we need to change the Git repository's remote URL to the URL of the repository for maintainers, allowing for code to be pushed, and releases to be made.

To find the correct Git repository URL, first go to the module's download page on Drupal.org. Make sure you are logged in as a maintainer of the module. If you are a maintainer and have the correct permissions, you will see a tab called version control. Click this tab. Next, copy the Git URL on the page. It will look something like this:

[email protected]:project/[MODULE NAME].git

Next, navigate to your module folder, and run the following commands:

git remote rm origin
git remote add [email protected]:project/

The first line of this code removes the incorrect remote Git URL for non-maintainers, and the second line adds the correct Git remote URL for maintainers. After this, you will be able to push changes, including tags (releases).

You can also then easily switch between your development and release versions of the module by alternating the following:

composer require drupal/insta

composer require drupal/insta:1.x-dev

Note however that when doing any commits, you will need to switch up the remote URL each time you switch to the dev version of the module.


In this final part of the series on using Composer with Drupal, we have looked at how Drupal developers can integrate their custom code with Composer, to ensure that dependencies of the module are correctly managed. We have also looked at how to develop modules that are being managed with Composer. Using these techniques will allow site builders to keep a clean codebase that manages library conflicts.

And this concludes my four-part series on Drupal and Composer. I hope you have enjoyed it, and that it shows just how powerful Composer is, and how it can be effectively used to manage Drupal 8 sites. Happy Composing and Happy Drupaling!

Jan 21 2019
Jan 21

Tom Sliker started Broadstreet Consulting more than a decade ago, and has made Drupal a family affair. We dragged Tom out of the South Carolina swamps and into DrupalCamp Atlanta to get the scoop.  How does Tom service more than 30 clients on a monthly basis with just a staff of five people?  His turn-key Aegir platform, that's how!

Jan 21 2019
Jan 21

You’ve been living in a house for a while now and you are still fond of that place. But its no longer exactly what you need, and you are dreading for a change. 

You think of rearranging and modifying a few things. Maybe paint the room walls in vibrant colors or set up brand new furniture. And voila, it feels like home once again. 

A similar situation can be analyzed with the websites also. 

Websites are redesigned to keep up with the online trends. Sometimes it is done merely because the owners learn over time that the site design is not ideal for their purpose.

A lady standing on the left side of the room, thinking, where 5 big white sheets have furniture drawn on it and clipped to the background

Coming back to the redesigning, people face scenarios where their house gets really old and is on the verge of collapsing. These type of situations demands them to move on to the next one exactly like the way a website owner does when he/she witnesses an end of its life cycle.

So what are these things? Is there a term for it? Is it a process? and what are the methods involved in it? 

Let’s see what exactly the terms are.

Introducing Upcycling and Upgrading 

It is true that a full rebuilt of a website is time-consuming and an expensive task just like a full rebuilt of the house is. In such situations you are only left with two options - either modify it to necessary changes or hop onto a completely new site.

If you choose the option which simply involves a refreshing appearance of the site or modifications in some parts then Upcycling is the hero for you.

To reuse the existing materials and create a product of higher value or quality than the original object or materials is termed as upcycling. 

In technical terms, Upcycling is an incremental approach to relaunch an existing website that is done to keep up with online trends, or maybe because of technical debt, or the reason where you have a well-established website and you have no plans of reconstructing it as a whole.  

Another option is to bring a website to cutting edge technology that is done for optimal results and an increase in revenues and profits. In other words Upgrading. 

Comparing Upgrading and Upcycling 

  Upgrading Upcycling When to do it? Can be performed when you start witnessing the end of a life cycle. Can be performed at any stage of an existing project Why to do it? Because the website contains bugs and is prone to hackers. To give the website a new appearance and improve the user experience. Rate of Investment You can see your investment as quickly as possible  The ongoing maintenance and upkeep are where you start to see your investment.  Performance Performance measurement takes several months and can be achieved with the help of different metrics Can be measured with the help of conversion rate and other metrics.  How to do it? Add more content, create multiple landing pages, go mobile friendly Allow to innovate and bring newer design versions for the relaunch of the whole site.

When to do it?


If you have low cash but have time and some creativity in your mind you can reclaim almost anything and repurpose it. In other words, any website can be repurposed or redesigned at any stage of an existing project with existing website infrastructure. 

For a well-established web system that has been operational for several years, and doesn’t want to spend time and money to do a full rebuild, upcycling is for you. This brings improvement in editorial experience, user experience, front-end etc. 

Upcycling is also adopted due to the reason of investments. Implementation of investments is quick and easy.
An image of a laptop where 7 different homepages are placed in vertical order on the screen


Computers and other electronics cannot be upcycled after they have come to an end of their life cycle, they must be upgraded to keep up with the technological advancements. Similar is the case with the websites. Websites are upgraded when it lacks functionality and speed, search engine fails to detect it or when it fails to meet lasting impressions. Upgrading a website is like a do-over of your brand.

Upgrading a brand new websites kills an enormous amount of time and leaves an organization with immense cost.

The reason why it faces such issues is evident, it is started from scratch and therefore requires deep research and analytics.

Why to do it?


Websites owner have plenty of reasons to transform their website. It might be due to the reason where they want a fresh appearance of their website, or because of the technical debt, or simply because they want to improve their user experience. 

Upcycling is the answer for all.

Though upcycling might de-prioritize the motto of “Big Bang Launch”, it meets one primary goal which is to reduce time to market for big website improvement.


Is your website prone to hackers and bugs? Is it preventing website visitors to find their way to your website’s content? - then it is time for you to upgrade it. Upgrading your website includes four main factors: Design, Marketing, Usability and Time. 

Design: It is the appearance of your website that reflects the business message which you are trying to portray. The design represents the collection of things like mobile responsiveness, compatibility with the browser, image resolutions

Marketing: Once the website design is done and the content is established, it is the time to promote it. Marketing involves all the SEO updates, measurement of effectiveness and a call-to-action (A button or link that is placed on a website to drive prospective customers to become leads by completing action on your landing page)

Usability: It is the term which describes the ease with which a particular website or a project is used. Usability helps in decreasing bounce rates and contributes to the performance. 

Time: A fresh website is a perfect way to save the admin’s time. This directly affects the customer service also. 

Rate Of Investment (ROI)


ROI or rate of investment in Upcycling depends on the two factors sequentially:

  • The cost and
  • The results of a website. 

Cost is termed as the price of the website, which varies widely depending upon the budget and funds of the organization. Generally, the price of the website relates to the total time taken to create it. Factors such as project management, design, programming, team, content, CMS etc determines the cost of a website. 

Whereas the result also contributes to being an important factor in the whole journey of ROI. The website ROI may literally be negative if the site doesn’t produce the desired results which in return gives a loss in the cost. Factors affecting ROI are the cost of creating and maintaining the website, traffic, conversion rate, website lifespan etc.

When both these things, cost, and the result going overboard (and done right) it can generate so much demand that you would witness a steep increase in the website conversions. The ongoing maintenance and upkeep are where you would start to see your investment. 


Once you have taken a leap and invested in the reconstruction of your organization’s website it’s time to begin the calculation concerning ROI. While it is difficult to predict the precise ROI for a brand new website, it would definitely result in a host of benefits.

Benefits that might include an uptick in search engine ranking and a steady generation in the interest of potential buyers and customers. Though there are no dry methods to measure the ROI, there are different ways to track the success and determine whether you are meeting your goals or not.

Tracking the web activities, Monitoring search engines and calculating cost are some of the unique ways to do it. 

Image of a computer screen where a crane is placing a square block on its screen. On the left side there is an image of a truck and a mobile phone, on right there is an image of a cup and a mouse



Website owners who walk down the path of redesigning a website would agree with the fact that there’s a single most important metric that determines the success of a website: i.e Conversion Rate 

A conversion rate is the percentage of visitors to a website that completes the desired goal for the total number of visitors.

A high conversion rate is an indication of successful marketing and web design. It means people want what you are offering and that they are able to understand it. The whole point of redesigning a website is to improve the performance of it. 

Apart from conversion rate, there are certain other metrics which when optimized well would lead to better conversions and performance of your site. Metrics like:

  • Number of session per user
  • Pages per session 
  • Less bounce rate 
  • Per clicks around your website 


Let's assume that your organization has a great unique idea, you also proved that the demand of this must have “new product” you are selling is going to rock the market. You launched a beautiful website, and you wait for the rise in the performance graph.

Crickets. No traffic.

No traffic means no money and now you are in a dilemma that how would you mend it? Thus to improve it 4 important factors are required.

Backlinks: Backlinks are the incoming hyperlinks from one web page to another website that transfer equity to a website. Backlinks are the most significant factor that determines a site’s search ranking. The link-building strategy should be started as early as possible because it can take months for Google to update a rank. 

Content is the king: Google wants to see that your website should be dynamic and active for it to rank. Having a blog section on your website would do the task. You have to publish content frequently to give your customer a reason to return back.

Keywords: New websites have a hard time competing for top keywords, thus it is best to start with long-tail keywords. Keywords would allow you to attract the targeted audience who are looking for exactly that thing which you might be selling. 

How to do it using Drupal?


The Auraria Library main website is a great example of how upcycling can be achieved with the help of Drupal. The website was powered by Drupal 6, and it was beginning to see its end life. They needed an infrastructural upgrade with the highest priority. In 2016 a project team was established to kick off the journey of revamping the website. 6 months later the website was redesigned with a cloud-based, mobile friendly and localized ready content management system - Drupal 8.

Drupal 8 was chosen due to the fact that the organization enjoyed its scalability, flexibility and rapid availability with impressive community-driven service. Therefore, when a decision was to be made to select the CMS platform, they chose Drupal as their own. 

Thus by keeping longevity in mind, a swift change from Drupal 6 to Drupal 8 ( skipping Drupal 7) was made. 

Due to urgent migration, the project team implemented 80/20 law to break down the development objective into multiple releases. By doing so it not only enabled the possibility of a short first development cycle and helped in launching the website within six months but also bought them with the time to wait for highly contributed D8 modules to mature. 

User experience, increase in ROI, responsive designs, brand engagement, infrastructure improvement, and on-time delivery were the key objectives of the whole project. 

An image of a hot air balloon with a Drupal 8 logo on the head. Two girls are pulling the balloon from the left as well as right respectively. Another girl is trying to climb it


Upgrading a website using Drupal involves several steps. First, you need to define the source site (make sure core modules like Migrate, Migrate Drupal, Migrate Drupal UI are enabled), then you need to review the pre-upgrade analysis. The upgrade of Drupal 7 to Drupal 8 should be done so that Drupal 8 site is empty. There might be a chance that conflicting IDs are detected, a warning about the conflicting IDs will be shown.

This warning can be dealt with two ways. One is where you ignore it and lose your data and the other one is where you abort it and take an alternative approach.

Now is the time for the upgrade. Depending upon the size and type of content the upgrade accordingly takes the time. 

A cylindrical image having D6/D7 as the text. An arrow points towards another cylinder which says empty D8 site. The arrow has to Migrate content and configuration as its text

Why Choose Upcycling Over Upgrading?

Now that you have read all the points and came to this section, a slight idea would be twirling around your mind on what is best for your website.

To give you a clear vision, let’s put it in simpler and accurate words.

To upgrade is to break something down and create a new product from the base material. This might sound great for consumer goods and other relatable things, but not always great for a website. Upgrading is a good choice for organizations that have the time and the money to invest in the whole construction, and also if they are starting to witness its end. For the well-established websites: not a good choice. 

The goal of upcycling is to add value without degrading the product. It is the concept of creating something new out of something old with as little effort as possible. Upcycling is the right choice for all the Drupal-based websites as it uses the features of Drupal 8 in a way that increases the conversions of the website. 

Upcycling and Decoupling 

If a website has a couple of complex backends logic that the website owner doesn't wish to rebuild but is eager to relaunch the frontend, upcycling is the solution. Relaunching the frontend as a decoupled site with Drupal themes and then integrate it with the backend makes more sense. 

Whereas if the backend really needs a major push, but you want to keep the existing frontend without the need of reconstructing it, upcycling could work for that too, after the backend is decoupled. 

Decoupling your entire architecture will enable the website to upcycle individual parts and bring great value to all the end users. It would highly contribute to things like

Infrastructure: Gets the most out of the existing content and website composition. 

User Experience: Improves user experience, design, and front-end without the need of waiting for any launch.

Investment: You are able to witness your investment as soon as possible. 

In the Nutshell

At the end of the day, we want our website to flourish in terms of performance and make improvements to reach the desired bars. 

Upcycling is like a blessing for all the website owners. At Opensense Labs, we help our clients with the transition of their website. Our services not only provides with splendid modifications but also takes care of all your needs and demands. Ping us at [email protected] 

Jan 20 2019
Jan 20
drupal 8 voting intro image

One of OSTraining’s customers asked how to implement content voting on their site.

There are a few alpha releases of voting modules based on the Voting API.

In this tutorial, you will learn how to use the Votingapi Widgets for Drupal 8.

It makes use of a “Rating” field, which you can customize and insert into your content.

Let’s start!

Step #1 - Install the Voting System Module

  • If your Drupal installation is not based on Composer, then download the jQuery Bar Rating Plugin.
  • Uncompress it.
  • Place it in the /libraries folder in the root of your installation.
  • After that download the module from its project page and enable it as usual.

If your Drupal installation is based on Composer, follow this procedure:

  • Place the yaml code available in the projects page into the composer.json file inside the root folder of your installation (not the composer.json file inside the core folder)

Place the yaml code

  • Download with Composer the library and the module

Download with Composer the library and the module

  • Enable the Voting API and Votingapi Widgets modules through the User Interface and click Install

Enable the Voting API and Votingapi Widgets

Step #2 - The Voting API Settings

  • Click Configuration > Voting API Settings

Click Configuration

These are default settings when a user (anonymous or authenticated) gives their vote.

  • Choose the options that fit your site most
  • Click Save Configuration

Choose the options that fit your site most

Step #3 - The Widgets

  • Click Structure > Content types
  • Click Manage fields on the Article row
  • Add a field from type Voting api field
  • Click Save and continue

Click Save and continue

  • Choose Fivestar rating and click Save field settings

Choose Fivestar rating

  • Repeat this process and add another field of type Useful rating

Repeat the process

  • Click the Manage display tab and rearrange the order of the Voting widgets
  • Click the cogwheel on the right the Fivestar widget in order to select its style
  • Click Update and then Save at the bottom of the screen

Click Update

Step #4 - Test the Voting Widgets

  • Click Content > Add content > Article
  • Make sure both votes fields are marked as open in the Article Form and click

Click Content

  • You should now see the published node with the voting widgets just before the Comments section, click them to verify they work properly

Test the voting widgets

Step #5 - Configure Access Permissions

  • Click People > Permissions and scroll down to the Votingapi Widgets section at the bottom of the page
  • Check the relevant permissions for Anonymous and Authenticated Users
  • Click Save permissions

Click Save permissions

Everyone can vote on your site from now on.

Step #6 - The Voting Results

To display the results, we’ll make a simple view:

  • Click Structure > Views > Add view
  • Show Content of type Article in a page and display an Unformatted list of fields
  • Click Save and Edit

Click Save and edit

  • Click the Add button in the FIELDS section of Views UI
  • Look for the Voting Widget fields, select them and click Add and configure fields

Look for the Voting Widget fields

  • Click the Show results checkbox and Apply twice

Apply twice

  • Save the View
  • The View page will show a summary of all votes per article with their average

The View page will show a summary of all votes per article


The Votingapi Widgets module allows you to implement a basic voting system for your content and other fieldable entities.

The module works properly, although it is still in alpha stage.

Please, give this module a try and share with us your experience in the comments below.

I hope you liked this tutorial. Thanks for reading it!

About the author

Jorge lived in Ecuador and Germany. Now he is back to his homeland Colombia. He spends his time translating from English and German to Spanish. He enjoys playing with Drupal and other Open Source Content Management Systems and technologies.
Jan 20 2019
Jan 20

There are multiple JavaScript and CSS libraries on the internet. They allow you to animate certain parts of your site and make them look more attractive.

The Animations module in Drupal makes use of the three useful libraries:

  • animate.css
  • typed.js
  • WOW.js

They give the elements inside your site some extra cool features and make it more appealing.

In this tutorial, you will learn how to install the required libraries and the module and take a look at its basic usage.

Let’s start!

Step #1 - Download the libraries

  • Create the /libraries folder inside the root of your installation (the root is where the /core folder is located)
  • Create three more folders inside the libraries directory. Pay attention to the letter case in each directory:
    • animateCSS
    • typedJS
    • wowJS

The Animation Module in Drupal 8

  • Download the animate.css library from its GitHub page
  • Place the zip file inside the animateCSS folder and extract it there
  • Leave the default folder name of animate.css-master and make sure it contains the animate.min.css file:

  • Download the typed.js library
  • Place the zip file inside the /typedJS folder
  • Uncompress and leave this directory with the default name of /typed.js-master
  • Create the /js directory inside the /typed.js-master
  • Copy the file named typed.js located in the /src directory and paste it inside the new /js directory:

  • Download the wowJS library
  • Place the zip file inside the /wowJS directory
  • Uncompress and leave this directory with the default name of /WOW-master
  • Make sure the file wow.min.js is located inside the /dist folder:

  • Remove/delete all zip files.

Step #2 - Download and enable the module

  • Use your preferred method to download the Animations module. I’m using Composer:

composer require drupal/animations

  • Click Extend, enable the module and then click Install:

Step #3 - Configure the module

Once the module has been enabled and all libraries have been put in place, it’s time to configure the module.

  • Click Configuration, Configure Animations (DEVELOPMENT section):

If everything is ok with the folder structure of the libraries, you’ll see the settings page of the Animations module.

If something went wrong, the system will prompt you to fix it.

The idea behind these settings is simple.

You choose one of the available animation effects and then you assign a page element to that particular effect through its corresponding css selector.

  • Click RUBBERBAND EFFECT and type h1 in the text area:

  • Choose another effect and add another selector. I created a custom block and placed it in one of the regions in this example, and after that I added the selector (id) of the whole block:

  • Click Save changes.
  • Now go to the front page of your site and you should see both animations at work.


The Animations module for Drupal 8 provides an easy way to animate certain elements on a website. You can do that without the need of JS or CSS coding

With some coding you gain even more control of your animations behaviour, for example, their speed, delay, and other parameters.

I hope you liked this tutorial. Thanks for reading!

About the author

Jorge lived in Ecuador and Germany. Now he is back to his homeland Colombia. He spends his time translating from English and German to Spanish. He enjoys playing with Drupal and other Open Source Content Management Systems and technologies.
Jan 20 2019
Jan 20
Drupal Web Form

One of OSTraining’s members asked how to create a following web form with the Webform module:

  • The site has four regions to be contacted: NE, SE, NW, and SW.
  • Each region will have their own contact person/team.
  • The user must be able to select one or more of the regions to contact at the same time, using checkboxes.
  • All the submittions must be BCC-ed to the main administrator.
  • If needed, the site owner should be able to add one or more email recipients for each region.

In this tutorial, you will learn how to meet these user requirements using the Webform module.

The Webfrom module supports conditional emails. You can send an email to a particular email address, based on the value of the webform element.

Let’s start!

Step #1 - Install the Webform module

  • Type following command in your terminal inside the root directory of your Drupal installation.

composer require drupal/webform


  • The webform module has many submodules, for the purpose of this tutorial, you’ll only need to check the Webform and the Webform UI checkboxes.
  • Click Install.


Step #2 - Create the Form

We are going to create an easy form requesting the user to input their name, email address, the region (or regions) the user can select and a submit button.

  • Click Structure > Webforms > Add webform.


  • Give the webform a proper name.
  • Click Save.


  • Click the Add element button to add the desired elements.
  • Click Add Element next to the Text field option.


  • Give it the label of Name.
  • Scroll down and click Save.


  • Repeat the process, add an email element.
  • Click Save.


  • Your screen should look like this:


Step #3 - The checkboxes

We need 4 checkboxes each with one of these regions: NE, SE, NW, SW.

  • Click Add element.
  • Look for the checkbox and click Add element next to it.


  • Give this checkbox the NE title.
  • Scroll down.
  • Click Save.


  • Repeat the process with the other three checkboxes.


  • Click Add element once again.
  • Select Fieldset under the CONTAINERS section.


  • Give it a proper title.
  • Scroll down.
  • Click Save.


  • Rearrange the checkbox elements, so that they’re contained inside the fieldset (notice the “indentation”).
  • Click Save elements.


Step #4 - The Conditional Emails

We need now to add the logic to send an email, depending on the checkbox the user checks.

  • Click Structure > Webforms.
  • Next to the form you just created, click the arrow next to the button.
  • Select Settings from the drop-down menu.


  • Click the Emails/Handlers tab.
  • Click the Add email button.
  • Give this email a proper title according to the assigned supervisor (depending on the marked checkbox).
  • In the SEND TO area select Custom To email address.
  • Enter the email address for this particular supervisor.


  • Do the same with the BCC email. This is the global address which will be getting all the form submission from all the four regions.


  • Click the Conditions tab.
  • Build the condition for this email.
  • Click Save.


  • You should now see how the system added the email with its corresponding condition.


  • You have to create 3 more emails now to cover all the checkboxes.
  • When you’re done, click Save handler.


Step #5 - Testing the Webform

  • I’m working locally for this tutorial. There’s no problem if I test the webform a couple of times. You have to have a little more caution if you’re on a live server.


  • Click Reports > Recent log messages. You should see the sent emails to their corresponding recipients.


The webform module allows you to send emails based on conditions related to the value of the form elements in your Drupal site.

This is an easy way to add basic logic to your forms. I hope you enjoyed reading this tutorial. Leave us your comments below.

Additional Reading

What's Next

Join OSTraining Everything Club now for only $59 (saving of $85) and start learning how to build great websites with Drupal!

You'll get access to the large library of our Drupal training videos plus the best-selling "Drupal 7 Explained" and "Drupal 8 Explained" books.

About the author

Jorge lived in Ecuador and Germany. Now he is back to his homeland Colombia. He spends his time translating from English and German to Spanish. He enjoys playing with Drupal and other Open Source Content Management Systems and technologies.
Jan 20 2019
Jan 20
Videos to Get you Started with Drupal Development

How do I get started with Drupal development?

That's a common question we get from people who join OSTraining for the first time. They want to know about the skills they will need, and what kind of classes they should take.

In this guide, I'll give you an overview to help you get started with Drupal development.

The Skills You Need

Clients are often surprised when we recommend that new Drupal developers sit through our beginner and site-building training. 

Unfortuantely, it is very common to find Drupal websites that were built by talented developers who had no Drupal knowledge. A good understanding of Drupal's user interface and key concepts is absolutely critical. Being a good developer is not enough.

Here are the skills that will be useful for you as a new Drupal developer. An in-depth knowledge of Drupal is at least as important as any other skill:

drupal 8 skills

Learn Drupal 8 Theming

Unlike Drupal 7, the latest version of Drupal relies on the Twig template engine. Get started by watching the How to Use Twig class.

Then move on to the How to Design Drupal 8 Themes videos. These 52 lessons will take you deep inside the Drupal 8 theming system.

I'd also recommend checking out How to Use the Drupal Paragraphs Module because the majority of sites I come across are now using Paragraphs for design and layout work.

Learn Drupal 8 Module Development

How to Develop Drupal 8 Modules is the place to start here. You'll develop two modules using step-by-step instructions to hook into Drupal's existing functionality.

Next, check out the videos on Drush. Although Drush has slightly fallen out-of-favor lately, it's still an invaluable tool in many Drupal situations.

Finally, try Drupal 8 Composer and Configuration Management. This is an introduction to many of the tools that Drupal professionals use in the work.

About the author

Steve is the founder of OSTraining. Originally from the UK, he now lives in Sarasota in the USA. Steve's work straddles the line between teaching and web development.
Jan 18 2019
Jan 18

This article was originally written on 2017-04-12 but has been updated with current information and SEO best practices.

Drupal is phenomenal for SEO. When you use Drupal 8 for your content management system, you have a powerful tool to rock search engine optimization. I’ve worked in Drupal for 12 years and I’ve experienced firsthand how quickly search engines respond to a well-optimized Drupal website. I’ve seen customers triple their traffic in weeks after upgrading from another platform. I’ve seen competitive advantages from site-wide optimizations like RDF or AMP that put my clients on the cutting edge of SEO because they use Drupal. The benefits are a faster website, higher rankings and more traffic.

One of the main reasons Drupal is the content management system of choice for complex enterprise websites is the fact that it has been built from square one with the functionality and flexibility needed to optimize every node, every view, and every snippet of code for search engines.

Now, Drupal 8, the latest version of Drupal, has brought many new additions for ease-of-use, functionality, and robustness. Drupal 8 is the superior method for creating and marketing your website to the world. For all its improvements, Drupal 8 still feels like Drupal. Faster, cleaner, more refined, and certainly more up-to-date, but still Drupal nonetheless.

With the introduction of Drupal 8, I saw a need for helping marketers using Drupal make the most of the features available to optimize their website. With that in mind, I created Drupal 8 SEO. This book, written for marketers, provides the step-by-step details you need to rock Drupal 8 SEO. If you follow the steps in the book, the rewards will be great: increased Google ranking, higher website traffic, more customers and greater revenue. In fact, we based our Drupal SEO Kickstart service on this book.

Drupal 8 SEO is over 200 pages of detailed instructions for making the most of Drupal 8’s core features and optional modules to optimize your website. While there is much to share, I have chosen six tips you can use to get started on the road to rocking Drupal 8 SEO.

1.     Download the Drupal SEO Checklist Module

I may be biased because I’m the author, but I believe the most important thing you can do is download the Drupal SEO Checklist module at Drupal.org. Robert Shea of IBM says that “Drupal SEO Checklist is the most powerful Drupal module that ‘does nothing.’” This module just tells you what to do.

Following the Drupal SEO Checklist, you can implement the best modules and tasks that are needed to optimize your website. By giving you a complete list of best practices, it makes on-page Drupal SEO hassle-free. When you have completed the to-do list, you will have a fully optimized website.

The module’s tasks are segmented by functional needs like Title Tags, Paths, Content and more. Next to each task is a link to download the module and a link to the proper admin screen of your website so that you can configure the settings perfectly. Drupal SEO Checklist also keeps track of what has already been done by placing a date and time stamp next to each item.

The SEO Checklist Module tells you what to do, but it doesn’t tell you how to do it. For that, check out my book, Drupal 8 SEO. This book has been written to explain how to implement the suggestions in the SEO Checklist. You can even turn on Drupal 8 SEO Checklist Book page numbers so that you can quickly find the corresponding page in the book.

2.     Clean up your URLs

In order to make Drupal 8 as effective as it can be at optimizing your website, you need to be sure your URLs are clean, your site shows the right content, and link value is maintained even when your content changes.

Drupal 8 installs clean URLs by default and it can’t be turned off, but you can do even more with the Redirect module. In Drupal 8, using the Redirect module allows you to redirect from old URLs to new URLs. This is great when you’ve moved a piece of content to another section of your site or inadvertently changed the URL.

The Redirect module creates 301 redirects from old URLs to new URLs on your website. This helps your SEO by making sure that any URL that ranks in Google will still resolve when a visitor arrives. This module automates what used to be an arduous and ongoing SEO chore – fixing broken links. Now you can turn on this module and forget about it.

Have you ever moved content, put the wrong URL on printed advertising, or migrated content from another website? Then you know the problems this can create. With the Redirect module you can also create your own manual redirects.

Another great module for SEO is the Pathauto module. Using the Pathauto module, Drupal 8 automatically generates URLs for your content that are great for SEO. This means that you don’t need to manually create every single content URL on your website.

3.     Implement meta tags

Meta tags are an important step to making Drupal 8 as effective as it can be. Meta tags are snippets of text that are used to tell Google, other search engines and social media sites about the content on each page of your website. This helps your SEO by communicating clearly what you think each page on your website is about and how you want it described on their sites. If you don’t do this, you will have to rely on the search engines to make up their own minds about your content. While they’re pretty good at this, it’s important enough that you don’t want to leave it to chance.

The Metatag module allows you to automatically provide title tags and structured metadata to each page of your website. This module places both the HTML title tag and meta tags in the header of a web page. This means less code and faster rendering of your web pages which also helps with your SEO.

The Alternate Hreflang Module automatically adds hreflang tags to all or your website pages. Search engines reference the alternative hreflang tag to serve the correct language or regional URL in the search results. This is very important for multilingual websites.

4.     Communicate directly with search engines

Search engines want to help you help them crawl and index your website. In order to do this, they provide tools and reports to help you communicate with them and better understand what’s going on with your website. The marketers who do this well will receive better search results and get a lot of traffic.

The XML Sitemap module creates an XML sitemap of your content that you can submit to the search engines. An XML sitemap is a specially formatted summary of each piece of content on your website. The module creates a properly formatted XML sitemap that can be submitted to Google, other search engines and other sites. Having an XML sitemap helps your SEO by giving Google a list of all your pages that you wish them to crawl. While Google can crawl your site without an XML sitemap, the bigger and more complex your site becomes, the higher the chance that their crawler will get confused and miss pages or even whole sections of the site.

Cron is a system that maintains and cleans up your Drupal site. It does things like checking for updates, indexing content, and rebuilding XML sitemaps. Now your XML sitemap will stay up to date with all the new content that you add to your website.

The Google Analytics module adds the Google Analytics code snippet to your website and allows you to control how and when it is used. Google Analytics is an incredibly important tool for any web marketer. It allows you to find valuable insights into your visitors including demographics, behavior on your site, where they found you online, what keywords they used to find you and more. However, Google Analytics isn’t perfect. For example, it tracks all visitors by default—even Admins. The Google Analytics module can fix that by only showing the Google Analytics code snipped when a non-admin is using the site. This keeps your data clean and your reports more useful.

5.     Download the best Drupal 8 modules for SEO

No one thing is so powerful that Google is going to suddenly fall in love with your website and boost you in the SERPs (Search Engine Results Pages). Rather, all the tools work together to produce an outcome that is significantly better than the parts alone ever could. The Drupal modules I’ve mentioned above are just a few of the very best. I’ve listed others in the book and in the Drupal SEO Checklist including:

While Drupal 8 now includes RDF (Resource Description Framework) in its core, the RDF UI module goes a step further by allowing site builders to integrate Schema.org seamlessly during or after the site building process on Drupal 8. This is important because, as Schema.org describes it, “On-page markup helps search engines understand the information on web pages and provide richer search results.”

The Linkit Module provides an easy interface for creating links in your WYSIWYG content editor by using an autocomplete field. It makes sure that all the links that you add to your content are well-formed, up to date and automatically use the proper path. Properly formed and placed links are a powerful strategy for any SEO campaign.

The D8 Editor Advanced Link Module helps your SEO by placing additional text information about each link on your website.

6.     Speed up and secure your website

Two important attributes of your website are security and speed. Google rewards websites that are secure and quick to render. All the great SEO in the world won’t make your site great if you get hacked. There are bad people on the internet who want to break your website, infest your visitors, steal your data, and/or blackmail you. From the Panama Papers fiasco (yes, Drupal was involved) to your garden-variety script kiddie, you’ve got to protect yourself and your Drupal website.

Speed became a ranking factor for Google searches in April of 2010. In other words, all else being equal, the faster site will rank higher. Therefore, it makes great sense to ensure that your site is as fast as you can reasonably make it within your budget.

Drupal 8 has responsive web design as its default methodology. That’s good because Google specifically states that they prefer this method to serving mobile devices. In this setup, the server sends the same HTML code to all devices and CSS is used to change the way the page looks for each mobile device. It allows a single URL for the same content and that’s great for sharing and for offering up pages to all visitors. One way to speed up your website and be mobile-responsive is by downloading and implementing the Google AMP module.

Learn More with Drupal 8 SEO

Search engine optimization is a game of inches. A title tag that’s missing a keyword, a body that doesn’t talk about the topic, metadata that isn’t quite right. Together, that’s enough to kick you off the front page of Google. Using just the tips above will help you down the path toward a rockin’ Drupal website. Of course, there is much more to learn. If you want to optimize your website yourself, you can find all the details in my book, Drupal 8 SEO.

If you don’t have the time to optimize your Drupal website yourself, sign up for our Drupal SEO Kickstart program -- we'll get these items (and a lot more) installed and optimized in short order. Volacci can implement the best of Drupal SEO whether you are creating a new website, you are migrating from one platform to another, or you just need to fix what you have.

Jan 18 2019
Jan 18
To kick off 2019 properly, the Experience Express is taking a break from Drupal and web development to consider an oft-forgotten component of new digital experiences in the conversational space. Though many organizations, some of Acquia's customers included, have leapt headlong into building conversational interfaces, sometimes it can be difficult in such a newfangled paradigm to consider all possible angles where things can go awry.
Jan 18 2019
Jan 18

March 2019 sees the return of Drupal Mountain Camp, in the picturesque town of Davos in Switzerland. The call for sessions closes at midnight CET on Monday, 21 January, so be sure to submit your talk today.

We’re proud to be part of the organising team as well as a Gold sponsor for this awesome community run event. We’ve submitted several talks and hope you do the same.

About Mountain Camp

The camp is designed to combine the beauty of the snow-covered Swiss Alps, with the warmth of the Drupal community. It's a perfect combination of fresh tracks for those who ski or snowboard, with inspirational talks by amazing people. This will, of course, be accompanied by some world famous Swiss cheese and chocolate.
The camp takes place from 7 - 10 March 2019, at the Davos Congress Centre.

Davos Congress Centre

Final call for sessions

Call for sessions close on Monday, 21 January, so don’t delay, be sure to submit yours today! 

Along with the great sessions, there will be 2 confirmed keynotes. The first on Friday, entitled "The Future Of Drupal Communities", by Drupal community leaders Nick Veenhofand and Imre Gmelig Meijling, and the second on Saturday by Matthew Grill, about the "Drupal Admin UI & Javascript Modernisation Initiative."

If that sounds interesting and you want to know more about the topic submission process, read on:

How can I submit a session?

  1. So you've got something you'd like to talk about, awesome, here's how you can submit a session:
  2. Head on over to the submit a session link.

  3. Think of a catchy title and fill in the Session Title.

  4. What is your talk about? Try to write 4-5 lines about what you'd like to talk about in the Description textbox.
    Note: you can add images if it helps to portray your talk.

  5. Select what kind of Session Type (how much time) you'd like.

  6. Input the appropriate Tracks - you may select multiple if your talk covers various topics.

  7. Select the Level of Expertise - is it more of a beginner talk or does it become quite advanced with technical terms?

  8. Don't forget to add your Speaker Name and Contact Email.

Session Talk

Why should I submit a session?

Preparing and then presenting helps to entrench your knowledge on the topic. You'll also learn from your peers who attend your talk, through feedback and questions.

Be sure to take note of the following, when considering your topic and submission:

  • Giving a talk will require a lot of work and preparation, but don't let that put you off. It will pay off in the end.

  • People who attend your talk are generally looking for help in your specific topic, so this will be a great time for networking.

  • You'll be noticed and people will tell you that you're cool.
  • Ok, maybe you don't want to be noticed, and maybe you're fine with not being called cool, but you'll definitely have fun talking.

  • You'll feel way more confident afterwards, which might be a good enough boost for you to jump on a snowboard and hit the slopes on the weekend.

Check out some of these great proposed sessions for inspiration:

I hope this has inspired you! Now go ahead and submit your talk and we'll see you in March in Davos, Switzerland. Till then, follow the Camp on Twitter.

Swiss Alps

Jan 18 2019
Jan 18

By Eduardo GarcíaCTO | January 18, 2019

By Eduardo GarcíaCTO | January 18, 2019

Last month I attended my second Drupal South in Canberra, the capital of Australia. Yep! the capital is Canberra, not Sydney.

In my first Drupal South in 2016 I was invited to present a keynote. I also did a Drupal 8 training and a regular session.

This time my experience was completely different, since I am a local resident in Australia now. I had the opportunity of presenting too, and enjoyed the conference from a different perspective.  I definitely learned a lot from Australian colleagues whom now I can call my peers (plus, this time I get to understand the local jokes). Finding someone who knows Drupal in Australia is not that easy, and even more difficult in Tasmania. Events like this help train developers interested in adopting this technology.

What I Shared during Drupal South

The last few months in our company (weKnow) we have been working in projects involving what I call “Offline Headless Drupal”, where we use Gatsby to create a React Application using Drupal 8 as the source of content.

My session was “How to keep Drupal relevant in the API-driven and git-based CMS era”.

In this architecture, Gatsby blends all content into React and puts it into a CDN, which not only improves UX and accelerates performance but also serves as the starting point for new integrations with modern tools of third-party providers.

You can see my session slides here.

What caught my eye

This year I was very interested in sessions related to GovCMS. Here are a few I enjoyed:

GovCMS distribution and platform hosting is getting to the next level, especially with thei latest updates in their infrastructure and the incorporation of Drupal 8 to the distro.

The future looks brilliant for Drupal in Australian Government and the number of Drupal sites in the next 24 months will increase significantly without a doubt. The new version supports Drupal 8 which has more features that make it possible to make better sites. Perhaps the biggest challenge for the community at this moment is to be able to find the talent to work on those new projects.

Hosting more events like this will definitely help local Australians with valuable training that will enable them to participate in projects both in Australia and overseas. Remote work is a solution that can benefit programmers all over the world, and we could take great advantage from it too.

Things are going south!


In Australia, this expression doesn’t necessarily have a negative connotation; after all, we are in the extreme south!

If you thought we could not go further down; yes we can and we will. I’m glad to be part of the team that will be hosting Drupal South 2019 in Hobart, Tasmania, the place that I call home nowadays.

We will put in all the effort to organize the best event we can. Come and enjoy Drupal, walk through the fantastic trails that Tasmania has to offer, and of course don’t miss the opportunity to meet the Iconic Tasmanian devil! See you there!

Jan 18 2019
Jan 18
Mega menu in Drupal 8

One of our customers asked how to build a mega menu in Drupal 8.

Mega menus are menus with multi-column navigation. They are fastly becoming a trend in web design.

The Ultimenu module allows you to insert Drupal blocks into a menu. You can easily use it to build fairly complex menu layouts.

In this tutorial, you will learn how to build a simple mega menu using the Ultimenu module and Bootstrap.

The customer was aiming at building a mega menu similar to the one on the image below:


The mega menu drop-downs should have 100% width. Their content must be Drupal blocks.

Let’s get started!

The Ultimenu Approach

The Ultimenu module generates a block for each menu you add in the menus page of your Drupal installation (admin/structure/menu).

You can place this block in the Block layout screen like any other block. The module turns menu items into dynamic regions in the block layout page.

That way you can insert blocks (custom blocks, views, etc) into these regions.

A block containing regions containing blocks:


Step #1 - Install the Module

  • Install the module with composer:

composer require drupal/ultimenu

  • After downloading, click Extend and enable the module. No further dependencies are required:


Step #2 - Create the menu

  • Click Structure > Menus.
  • Look for the Main Navigation and click Edit menu.


  • Click the Add link button and add the first level menu items:


  • The Travel link points to route:<nolink>. This parent element is only there to contain other elements:


Step #3 - Configure the Ultimenu block

  • Click Structure > Ultimenu.
  • In the vertical Ultimenu blocks tab select Main navigation.
  • Click Save configuration:


  • Click Ultimenu regions.
  • Select Ultimenu:main: Travel. Ultimenu will create this region dynamically in the Block Layout page so that you can place blocks in it.
  • Click Save Configuration:


  • The Ultimenu goodies tab has additional configuration options. I’m not going to check any of these options. Please, read the module’s documentation to understand how these options work, particularly if you’re building a multilingual site.

Step #4 - The Image Block

In order to place an image in a block, you need to create a custom block type with the Image field.

  • Click Structure > Block layout > Custom block library > Block types.
  • Click the Add custom block type button:


  • Give the block type a proper name.
  • Click Save:


  • Click Manage fields.
  • Delete the Body field.
  • Click Add field.
  • Add the Image field.
  • Save it with the defaults.
  • Click Manage display.
  • Hide the Block label:


  • Click Structure > Block layout > Custom block library > Add custom block:


  • Click Block with Image:


  • Upload an image.
  • Click Save:


Step #5 - The links block

There are many ways to obtain a block with links in four columns, for example with Views.

I’m working with a Bootstrap subtheme in this tutorial. I’m going to use a basic block with Bootstrap markup and classes.

Check out this tutorial in order to learn how to create a Bootstrap subtheme in Drupal.

  • Click Add custom block once again.
  • Select Basic block this time.
  • Give the block a proper name.
  • Select Full HTML as text format in the editor.
  • Click the Source button.
  • Paste following code in the editor window:
<div class="row">
<div class="col-sm-3">
<h3>Top destinations</h3>
<li><a href="#">North America</a></li>
<li><a href="#">Latin America</a></li>
<li><a href="#">Middle East</a></li>
<li><a href="#">Europe</a></li>
<li><a href="#">Africa</a></li>
<div class="col-sm-3">
<h3>Editor's choice</h3>
<li><a href="#">Best Hotel Deals</a></li>
<li><a href="#">Cruise Deals</a></li>
<li><a href="#">City Breaks</a></li>
<li><a href="#">Activities</a></li>
<li><a href="#">Culture</a></li>
<div class="col-sm-3">
<h3>City breaks</h3>
<li><a href="#">Paris</a></li>
<li><a href="#">Hong Kong</a></li>
<li><a href="#">Rome</a></li>
<li><a href="#">London</a></li>
<li><a href="#">Tokyo</a></li>
<div class="col-sm-3">
<h3>Custom menu</h3>
<li><a href="#">Disclaimer</a></li>
<li><a href="#">Privacy</a></li>
<li><a href="#">Advertisement</a></li>
<li><a href="#">Contact us</a></li> </ul>

  • Click Save.


Step #6 - Place the Ultimenu block

  • Click Structure > Block layout.
  • Disable the default Main Navigation block.
  • Place the Ultimenu: Main navigation in the Navigation (collapsible) region.
  • Uncheck Display title.
  • Click Save block.


Step #7 - Place the blocks in the “Travel” region

  • Scroll down to the bottom of the page.

You’ll see the dynamically generated region you assigned when configuring your Ultimenu.

  • Click Place block:


  • Place the image custom block in this region.
  • Uncheck Display title.
  • Click Save block.
  • Repeat the process with the Bootstrap markup block:


  • Rearrange the order of the blocks if needed.
  • Click Save blocks:


Now go to the front page of your site and take a look at the menu. A couple of CSS tweaks are required.

Step #8 - The CSS

By default, the libraries file of your subtheme points to the style.css file inside the css/ folder within your Bootstrap subtheme.

  • Add the following code to that file:
/* Google fonts */ 
@import url('https://fonts.googleapis.com/css?family=Roboto:400,700');

/* Menu Links */

.ultimenu__link {
text-transform: uppercase;
font-family: 'Roboto', sans-serif;
color: #000;
font-size: 1.1em;
display: inline-block;
font-weight: 700;
padding: 0.8em; 

.has-ultimenu:hover {
background-color: #FFF;

/* Image Block */

#block-megamenuimage {
width: 100%;

#block-megamenuimage img {
width: 100%;

/* Links block */

#block-multicolumnblock {
width: 100%;

#block-multicolumnblock h3 {
text-transform: uppercase;
font-family: 'Roboto', sans-serif;
background: #000;
color: beige;
font-size: 1em;
display: inline-block;
font-weight: 700;
padding: 0.8em;
border-radius: 10px;

#block-multicolumnblock li {
list-style: none;
border-top: 0.5px dashed #333;

#block-multicolumnblock li:last-child {
border-bottom: 0.5px dashed #333;

#block-multicolumnblock li a {
text-decoration: none;
color: #333;
display: block;
line-height: 2.5em;

By now you should already have noticed how to tweak the menu by yourself:



You just learned how to build megamenus in Drupal using the Ultimenu module, Bootstrap and an easy to understand “Drupal block” approach.

Thanks for reading!

About the author

Jorge lived in Ecuador and Germany. Now he is back to his homeland Colombia. He spends his time translating from English and German to Spanish. He enjoys playing with Drupal and other Open Source Content Management Systems and technologies.
Jan 17 2019
Jan 17
Drupal 7 core, together with Drupal contrib, has the ability to ship a powerful platform for our digital requirements in the enterprise world. The multilingual feature is one of the prime reasons that Drupal is a distinguished and a preferred solution to achieve business goals. Drupal 8 includes the multilingual package in the core itself, but Drupal 7 requires some extra amount of effort to build this package as a whole to make Drupal multilingual ready.
Jan 17 2019
Jan 17
How to Manage User and Role Permissions in Drupal 8

This tutorial is all about managing users on your Drupal 8 site.

I'll show you how to control who can do what on your site:

  • Who can create, delete, and edit content?
  • Who can upload modules and themes?
  • Who can modify menus and blocks?

You also see how to make user accounts more interesting. You do this by allowing users to add more information about them. 

Drupal Roles and Permissions Explained

Drupal users are defined by their role. Roles are defined by the permissions you assign the role. Drupal has three default roles:

  • Anonymous: Visitors to your site who are not logged into your site.
  • Authenticated: Anyone who has an account on your site and logs in is authenticated. The Authenticated role also serves as the minimum set of permissions that is given to all logged in users. Drupal sets some default permissions but you can change them.
  • Administrator: Users assigned the administrator role can do everything on the site.

You might be thinking that this is enough for your site, but just in case you have bigger plans, let's take a look at how you fine tune access to your account via three examples.

Creating an Article Writer

Start with the example of an Article writer. Such a person will be a role to which you can assign users. If users are in this role, all they can do is write articles. There are four steps to make sure a user account is set up correctly:

  1. Add a role.
  2. Set the role permissions.
  3. Create a user.
  4. Test the user to make sure it has the correct permissions.

Following are those four steps.

  • Click "People" on the admin menu bar and then on the "Roles" tab.

drupal roles

  • Click "Add role".
  • Type Article writer for the new role name.
  • Click "Save".

Now that the Article writer role has been created, you need to decide what user in that role can and can’t do.

  • Click the Permissions tab to see the permissions available:

drupal permissions tab

On the left side of the list, you can see the modules that have permissions settings. The modules are ordered alphabetically. Across the top of the list, you see the four roles that you have set up.

drupal permissions tab

The permissions for the three default roles are already set. You can also see that some permissions for the Article writer role are already set. This is because those permissions have been giving to the Authenticated User role. By default, if you grant permission to the Authenticated role, all subsequent roles (except for anonymous) inherit said permission. That is why the check marks for comments are grayed out and can't be deselected.   

drupal permissions boxes

Your article writer is going to need more permissions than those granted by default to the Authenticated role, so let's get started.

  • Scroll down until you find the header Node. Remember that Node is Drupal’s geeky word for content.
  • At the top of the Node area, you see some admin-type permissions, as shown below:

drupal node permissions

Scroll a little further to find the Article permission set. To keep things simple in this example, check all of the Article permission boxes:

  • Create new content
  • Delete any content
  • Delete own content
  • Delete revisions
  • Edit any content
  • Edit own content
  • Revert revisions
  • View revisions

drupal article permissions

  • To ensure the Article writer can "Add Content", check the permissions box for "Use the administration toolbar".

drupal admin toolbar permisisons

  • Click "Save permissions" at the bottom of the page.

Now let's set up an actual user account for an Article writer.

  • Click the "List" tab at the top of the screen.
  • Click the "Add user" button.

As you can see by the absence of the red asterisk, an email address is not required. However, the email is necessary for the user to receive messages, such as password reset. If you have an email address, other than the one you used when creating your first account, enter it now, so that you can see the emails users will receive. Otherwise, leave it blank.

  • Username: articlewriter
  • Password: articlewriter
  • Roles: Check the "Article writer" box.
  • If you included an email address, check the box to "Notify user of new account".
  • Click "Create new account".

drupal create article writer

The fourth and final step is crucial. Permissions are a vital part of your site’s security, and if you don’t test your permissions, you could easily allow some users to do things that can compromise your site.

Following is a basic method for testing. You can use the following steps:

  • Open a browser where you are not already logged in.
  • Log in by going to http://[your_web_address]/user/login.
  • Observe that the menu bar to which you have grown accustomed is lacking in options. That is good. First test passed.

drupal low permissions

  • Click "Shortcuts" and then "Add content".
  • The "Create Article" form appears immediately, with no other content types available. Test passed again!

drupal create article

There are limitations to this testing. Because you created the account and the password, you were able to log in as that person and test.

However, on a real site, it is neither feasible nor safe to know what your users’ passwords are. Instead, you can use a module called Masquerade to easily test any user account. Here’s how it works:

  • Make sure you are logged in using your main admin account.
  • Install the Masquerade module.
  • Go to "Structure" and then "Block layout".
  • Place the Masquerade block at the top of the Secondary region.
  • Go to your homepage and you'll find the Masquerade block and its search box.
  • Type in the name of the user you want to test and click "Switch".

drupal masquerade

The Masquerade block disappears and an "Unmasquerade" link appears in the black menu bar at the top of the screen. Don’t worry: by default, this link appears only for administrators.

drupal user masquerade module

You can now browse the site and see exactly what an Article writer can see. Simply click the Unmasquerade link, and you’ll be back at the administrator account.

Creating a Moderator

Now see one more example of user permissions. Let's set up a role called Moderator. People in this role can moderate comments and forum posts. These people help to make sure that your site is a pleasant and spam-free destination.

  • Go to "People", "Roles", and then "Add new role".
  • Type Moderator for the Role name.

Next, we'll set up the permissions:

  • Click the "Permissions" tab and scroll down until you find the Comment module.
  • Check the "Administer comments and comment settings" box in the Moderator column.

drupal create moderator

  • Scroll down until you find the Forum module and check the "Administer forums" box in the Moderator column. This allows the Moderator to rearrange the forum boards if needed.

drupal administer forums

  • Scroll down until you find the Node section.
  • Give Moderator permission to create, delete any, and edit any Forum nodes.

drupal forum permissions

  • To ensure the Moderator can add content, check the permissions box for "Use the administration toolbar".
  • Check the "View user information box" in the Moderator column. This can help the Moderator when advising the site administrator if an account needs to be blocked.
  • Click "Save permissions" at the bottom of the screen.

Now we can move on to the create the Moderator account:

  • Click the "List" tab at the top of the screen and click "Add user".
  • If you have yet another extra email account, enter it, otherwise, leave the email blank.
  • Username: moderator.
  • Password: moderator. You can set this to something more difficult if you want. Drupal warns you that this is a weak password.
  • Roles: Check the "Moderator" box.
  • Click "Create new account".

Now it's time to test the account:

  • Visit the front page of your site.
  • Use the Masquerade module to see the site as moderator.
  • Click "Forum" on the Main menu.
  • Access any forum topic, and you can edit or delete the topic.
  • If there is a comment on a topic, you can moderate it using the "Edit" and "Delete" links.

drupal edit delete links

  • Click any user’s account name. The easiest account to find will probably be your main administrator account.

drupal user name

  • You'll see the user profile. In the next part of the chapter, we're going to make this look more interesting!
  • If you think the user needs moderating, click the "Edit" tab. You change the user status from "Active" to "Blocked". Please do not try this with your own administrator account!

drupal edit user

You can grant your Moderator role permission to administer users (see the User section on the Permissions page). Note that this is a very powerful permission. If granted, any user with Moderator role can access any other user's account and change its settings. Grant with caution.

Video on Drupal Permissions

This video is taken from the class called "The Beginners Guide to Drupal 8":

[embedded content]

Want to Learn More Drupal 8?

After reading this tutorial, I'd recommend "How to Build User Profiles" which follows on directly from this point.

This tutorial was an extract from Drupal 8 Explained, the best-selling guide to Drupal 8. Grab a copy today to learn all the fundamentals of Drupal 8.

About the author

Steve is the founder of OSTraining. Originally from the UK, he now lives in Sarasota in the USA. Steve's work straddles the line between teaching and web development.
Jan 17 2019
Jan 17

If your library hosts community programs and events, you should check out Intercept: a new product for helping libraries run better events. Intercept makes it easy to create and manage events. Even better, it provides actionable reports to help measure success and recommend strategic improvements for your programs in the future.

Intercept Features

Intercept provides valuable features for event management, equipment reservations, room reservations and customer tracking.

Event Management

  • Easily add and edit events.
  • Book rooms at the time of event creation.
  • Host events at outside venues.
  • Make custom templates for quickly creating future events.
  • Create recurring events.
  • Set up registration for events, including waitlists.
  • Browse events as a list or grid-style calendar.
  • Filter events by type, audience, location, date and keyword.
  • Save and register for events.
  • See similar events based on type and location.
  • Receive recommendations for other events based on your preferences, events you’ve attended and/or saved.
  • Analysis for events.

Equipment Reservations

  • Browse and reserve available equipment.
  • Set reservation periods by item.
  • Manage and approve requests.
  • Report on equipment usage.

Room Reservations

  • Customize rooms and locations.
  • Browse rooms by type, capacity and timeframe.
  • Reserve rooms with validation to ensure rooms are not double-booked.
  • Deny or approve reservation requests, with email notifications.
  • Staff reservations are automatically approved.

Customer Tracking

  • Ability to integrate with popular Integrated Library Systems (ILS).
  • Integrates with Polaris ILS.
  • Single sign-on with website and ILS.
  • Allow attendees to scan into events with their library cards.
  • Gather and analyze feedback from customers.
  • Analyze event attendance numbers with population segmentation
  • Download a CSV report on attendance.

Built By Libraries, For Libraries

Intercept was built as one part of a large redesign and redevelopment project with Richland Library. From the beginning, Richland’s vision was to both create a product to help measure the effectiveness of its own events, and to release that product to the wider community of public libraries. More than five years of user research, planning and beta testing have gone into this product to date. Intercept was designed and developed by a team intimately familiar with the problems that it solves.

Open Source

Intercept was architected as a suite of modules for Drupal 8, is open source, and is freely available to all. You can download an early version of the code from Drupal.org at https://drupal.org/project/intercept, and the most recent version will available there soon. If you’re interested in learning more about using Intercept to help make your library’s events even better, we’d love to help! Just drop us a line on our contact page and we’ll be in touch right away.

Jan 17 2019
Jan 17

The internet can be a dangerous place, what with so many hackers and people potentially looking to make a quick profit off bad practices. In such an environment, it becomes increasingly important to make your Drupal site as secure as possible. Fortunately, Drupal is well-known for being a pretty secure CMS out of the box. However, it is by no means perfect, and, owing to its flexibility and support for various modules, there are a number of modules you can install to make it a lot more secure. So, in this, post let’s take a look at some of the best security modules that you can download and install on your Drupal site to make it as foolproof as possible.

Login Security

The login page to your site is like the gate to your house. It only makes sense, then, that the first thing to strengthen would be the login process. An excellent module for this purpose is the Login Security Module. It allows you to set a limited number of login attempts, failing which the account will be automatically blocked. In addition to that, it also allows you to block IP addresses as well as sends you alerts via email if there’s a potential brute force attack on your site.


Captcha Module

Quick question: what’s the easiest and most widely used method of keeping spammers away? It is, of course, captcha. With the captcha module, you can integrate captcha on your Drupal site in a couple of minutes and keep those pesky spammers and bots at bay.


Security Kit

A module that’s going to become your best friend on your journey to make you site foolproof, Security Kit is an all-in-one module for your site that allows your to configure, tweak and set up various options in order to minimize the chances of any attacks on your site. On top of that, it also gives you helpful directions such as setting up http headers etc. to make your site as resistant to malicious attacks as possible. A module which is very much worth its weight in any secure Drupal site’s arsenal.


Password Policy

Setting up a password policy for your site is a good idea, as it not only keeps bots away, but also helps to ensure that users keep a strong password and not just the ‘password123’ type. A strong password helps prevent breaches on your site, making it a lot more secure in the process. The password policy module allows you to do just that by giving you options to define a set of constraints which need to be met by the user before their password is accepted. While the Drupal 8 version is currently in the alpha stage, it works perfectly well, so go ahead and enable it on your site.


Session Limit

As the name implies, this module allows you to configure the maximum number of sessions allowed per user. The number of sessions is the number of browsers a user is logged in at. Using this module, you can also configure various other options such as prompting the user to log out of another session before logging into a new one etc.



Using these modules, you can ensure your Drupal site stays a lot more secure. Since these are modules that anyone can grab for their site, there’s really no excuse not to use them. While there are additional techniques which can be implemented on a Drupal site to secure it, they are advanced techniques. To get started, these modules will do the job nicely. Another thing to note is that with Drupal 8, a lot of security measures have been implemented out-of-the-box, hence it currently sports a smaller amount of additional security modules than Drupal 7.

Are you confused about how to set up security measures for you site? Worried about whether your site isn’t safe enough? Contact us at Agiledrop and let our extensive Drupal experience help you with this!

Jan 17 2019
Jan 17

Beauty saves the world, and Drupal helps it in this mission. There are awesome beauty product websites built with Drupal, which are not only beautiful but feature-rich and powerful. This is another proof of Drupal’s versatility for websites in any sphere — e-commerce, real estate, law firm, or any other. Our Drupal development team knows it firsthand because it builds cool websites for customers. So let’s now plunge into the world of beauty, and enjoy examples of beauty product website designs on Drupal.

Great examples of beauty product websites on Drupal

  • Lush website built with Drupal

Drupal powers the website of the world-famous British handmade cosmetics manufacturer — Lush. The front page engages visitors with full-length video slideshows and offers them to watch the “Lush Player” with stories.

If users choose to continue with the website, they are invited to their country’s specific version, since lush.com is a multisite with multiple languages that provides tailored experiences to users. The country is autodetected but users can select another.

Lush.com is an e-commerce website with an extensive catalog of products that features user reviews, star ratings, product videos, related content, and more. Users can also shop by price or by popular scent. There also are product guide, charity pot, wishlist, shopping cart, and integration with famous payment gateways.

The site also promotes offline sales, so it offers the search for brick-and-mortar shops and shows their detailed contacts including a map.

Lush website built with Drupal
  • Benefit Cosmetics website built with Drupal

The next in our examples of great beauty website designs on Drupal is the site of Benefit Cosmetics LLC  — a manufacturer of cosmetics from San-Francisco. They sell their beauty products to more than 30 countries. Their multisite Drupal website using multiple languages is an awesome assistant in that. By the way, these features are among famous Drupal strengths.

The content is presented in a very user-friendly, cheery, and encouraging way — for example, the search bar asks “What are you looking for gorgeous?”.

The Benefit Cosmetics website showcases beauty products and services in many ways — in handy menu categories, special offers, as well as interesting content types like “Dilemma solvers” that offer solutions to customers’ “beauty dilemmas”.

When users get interested in a product, they are shown the available offline shops. They can also make an online reservation for a beauty service in their area.

Benefit Cosmetics website built with Drupal
  • Miss Sporty website built with Drupal

Among great examples of beauty product websites built with Drupal, we should also mention the Miss Sporty. It is presented in three languages: English, Czech, and Polish.

The site features a handy catalog of beauty products with reviews and star ratings. When cosmetics are presented in a variety of colors, users can instantly “try” these colors on the main product image. The search feature helps products be quickly found.

The Miss Sporty website has strong community features. In addition to the handy social sharing options, it features a whole big section called “Community”, which displays photos shared by users via Instagram.

Miss Sporty website built with Drupal
  • Natura website built with Drupal

You could also enjoy the design of the Natura website — a Peruvian beauty product resource. It immediately attracts users with a colorful front-page slider, and invites to view the beauty content.

Users can browse the products from the catalog and, if they are interested, contact a beauty consultant. The consultant search feature is very precise. Consultants can be found by province, by area, and even by street, or you can use the map. Users also have the option to become consultants themselves, and are directed to the website’s chat for the discussion. 

The website features the digital beauty magazine, as well as beauty product videos. It has a newsletter subscription and a search feature.

Natura website built with Drupal
  • Clinique website built with Drupal

Another pearl among examples of beauty product websites built with Drupal is the site for Clinique Laboratories, LLC. It offers advanced e-commerce features and lets users shop by product category, by price, by most wanted items, by ready holiday looks, and more.

When users have added products to cart, they can check out via Paypal or via a regular checkout. It is possible to sign in via Facebook for shopping.

In addition to online shopping, users can send e-gift cards to anyone they wish right from the website. They specify the recipient, the sum, the date of delivery, and other details.

There is also a promotional feature that gives points to users, which mean various awards and benefits. Points are calculated for shopping, reviews, social sharing, and so on.

Clinique website built with Drupal
  • MAC Cosmetics website built with Drupal

MAC Cosmetics is another famous beauty product manufacturer that trusts Drupal. Their website lets users view products in various categories and by them online.

Each product description is accompanied with reviews, star ratings, as well as related products that go with the current one. Various colors are applied instantly to the product image.

For those who want to shop offline, there is a search feature for stores. Users also can check the in-store availability of a particular product in the catalog by entering their zip code and distance within which they want to shop.

It is also possible to send gift cards online by specifying the recipient, the gift value, the delivery date, and more.

MAC Cosmetics website built with Drupal
  • “Be Beautiful” website built with Drupal

A whole world of beauty advice can be found on the Be Beautiful website that is also powered by Drupal. This multilingual website has as many as 10 languages.

Users are presented with useful articles, news, and videos from beauty experts. All beauty topics are conveniently categorized. The search bar offers an additional help in finding the right content. The site also features an Instagram feed for more interactivity.

The website’s content includes links to beauty products with the directions to find them on Amazon or other online retailers.

Be Beautiful website built with Drupal

Love these examples of beauty website designs? Get one for you!

Our collection of examples of beauty product websites built with Drupal is not complete. First of all, it is missing your future website — but we can fix this! ;)

Contact us, and let’s add some beauty to this world together. Your beauty products and our developers’ talent could unite in an amazing Drupal site!

Jan 16 2019
Jan 16

This blog has been re-posted and edited with permission from Dries Buytaert's blog.

Eighteen years ago today, I released Drupal 1.0.0. What started from humble beginnings has grown into one of the largest Open Source communities in the world. Today, Drupal exists because of its people and the collective effort of thousands of community members. Thank you to everyone who has been and continues to contribute to Drupal.

Eighteen years is also the voting age in the US, and the legal drinking age in Europe. I'm not sure which one is better. :) Joking aside, welcome to adulthood, Drupal. May your day be bug free and filled with fresh patches!

Jan 16 2019
Jan 16

by David Snopek on January 16, 2019 - 12:47pm

As you may know, Drupal 6 has reached End-of-Life (EOL) which means the Drupal Security Team is no longer doing Security Advisories or working on security patches for Drupal 6 core or contrib modules - but the Drupal 6 LTS vendors are and we're one of them!

Today, there is a Critical security release for Drupal core to fix a Remote Code Execution (RCE) vulnerability. You can learn more in the security advisory:

Drupal core - Critical - Multiple Vulnerabilities - SA-CORE-2019-002

Here you can download the Drupal 6 patch to fix, or a full release ZIP or TAR.GZ.

If you have a Drupal 6 site, we recommend you update immediately! We have already deployed the patch for all of our Drupal 6 Long-Term Support clients. :-)

FYI, there was another Drupal core security release made today (SA-CORE-2019-001) but that one doesn't affect Drupal 6, because Drupal 6 doesn't bundle the Archive_Tar library. However, that vulnerability may affect custom or contrib modules on your site.

If you'd like all your Drupal 6 modules to receive security updates and have the fixes deployed the same day they're released, please check out our D6LTS plans.

Note: if you use the myDropWizard module (totally free!), you'll be alerted to these and any future security updates, and will be able to use drush to install them (even though they won't necessarily have a release on Drupal.org).

Jan 16 2019
Jan 16
Project: Drupal coreDate: 2019-January-16Security risk: Critical 16∕25 AC:Complex/A:Admin/CI:All/II:All/E:Theoretical/TD:AllVulnerability: Arbitrary PHP code executionCVE IDs: CVE-2019-6339Description: 

A remote code execution vulnerability exists in PHP's built-in phar stream wrapper when performing file operations on an untrusted phar:// URI.

Some Drupal code (core, contrib, and custom) may be performing file operations on insufficiently validated user input, thereby being exposed to this vulnerability.

This vulnerability is mitigated by the fact that such code paths typically require access to an administrative permission or an atypical configuration.

  • If you are using Drupal 8.6.x, upgrade to Drupal 8.6.6.
  • If you are using Drupal 8.5.x or earlier, upgrade to Drupal 8.5.9.
  • If you are using Drupal 7.x, upgrade to Drupal 7.62.

Versions of Drupal 8 prior to 8.5.x are end-of-life and do not receive security coverage.

Known issues

This fix introduced a fatal error for some Drush installations when updating a site with Drush. New releases (8.6.7, 8.5.10, and 7.63) have been issued to resolve this regression. See the release notes for additional details.

Update information

.phar added to dangerous extensions list

The .phar file extension has been added to Drupal's dangerous extensions list, which means that any such file uploaded to a Drupal file field will automatically be converted to a text file (with the .txt extension) to prevent it from being executed. This is similar to how Drupal handles file uploads with a .php extension.

phar:// stream wrapper disabled by default for Drupal 7 sites on PHP 5.3.2 and earlier

The replacement stream wrapper is not compatible with PHP versions lower than 5.3.3. Drupal 8 requires a higher PHP version than that, but for Drupal 7 sites using lower PHP versions, the built-in phar stream wrapper has been disabled rather than replaced. Drupal 7 sites using PHP 5.2 (or PHP 5.3.0-5.3.2) that require phar support will need to re-enable the stream wrapper for it; however, note that re-enabling the stream wrapper will re-enable the insecure PHP behavior on those PHP versions.

It is very uncommon to both be running a PHP version lower than 5.3.3 and to need phar support. If you're in that situation, consider upgrading your PHP version instead of restoring insecure phar support.

Reported By: Fixed By: 

Additional information

Note: Going forward, Drupal core will issue individual security advisories for separate vulnerabilities included in the release, rather than lumping "multiple vulnerabilities" into a single advisory. All advisories released today:

Updating to the latest Drupal core release will apply the fixes for all the above advisories.

Jan 16 2019
Jan 16
Project: Drupal coreDate: 2019-January-16Security risk: Critical 16∕25 AC:Complex/A:User/CI:All/II:All/E:Proof/TD:UncommonVulnerability: Third Party Libraries CVE IDs: CVE-2019-6338Description: 

Drupal core uses the third-party PEAR Archive_Tar library. This library has released a security update which impacts some Drupal configurations. Refer to CVE-2018-1000888 for details.

  • If you are using Drupal 8.6.x, upgrade to Drupal 8.6.6.
  • If you are using Drupal 8.5.x or earlier, upgrade to Drupal 8.5.9.
  • If you are using Drupal 7.x, upgrade to Drupal 7.62.

Versions of Drupal 8 prior to 8.5.x are end-of-life and do not receive security coverage.

Reported By: Fixed By: 

Known issues

Users are reporting seeing a fatal error when updating their sites with Drush. Site owners may be able to run drush updb and either drush cc all or drush cr depending on the version to complete the update. Check the status report afterward to confirm that Drupal has been updated. See https://www.drupal.org/project/drupal/issues/3026386 for details.

Additional information

Note: Going forward, Drupal core will issue individual security advisories for separate vulnerabilities included in the release, rather than lumping "multiple vulnerabilities" into a single advisory. All advisories released today:

Updating to the latest Drupal core release will apply the fixes for all the above advisories.

Jan 16 2019
Jan 16

Accidentally creating duplicate content in Drupal is like... catching a cold: 

It's as easy as falling off a log.

All it takes is to:

  • further submit your valuable content on other websites, as well, and thus challenging Google with 2 or more identical pieces of content
  • move your website from HTTP to HTTPs, but skip some key steps in the process, so that the HTTP version of your Drupal is still there, “lurking in the dark”
  • have printer-friendly versions of your Drupal site and thus dare Google to face another duplicate content “dilemma”

So, what are the “lifebelts” or prevention tools that Drupal “arms” you with for handling this thorny issue?

Here are the 4 modules to use for boosting your site's immunity system against duplicate content.

And for getting it fixed, once the harm has already been made:

1. But How Does It Crawl into Your Site? Main Sources of Duplicate Content 

Let's get down to the nitty-gritty of how Drupal 8 duplicate content “infiltrates” into your website.

But first, here are the 2 major categories that these sources fall into:

  • malicious
  • non-malicious

The first ones include all those scenarios where spammers post content from your website without your consent.

The non-malicious duplicate content can come from:

  • discussion forums that create both standard and stripped-down pages (for mobile devices)
  • printer-only web page versions, as already mentioned
  • items displayed on multiple pages of the same e-commerce site

Also, duplicate content in Drupal can be either:

  • identical
  • or similar

And since it comes in “many stripes and colors”, here are the 7 most common types of duplicate content:

1.1. Scraped Content

Has someone copied content from your website and further published it? Do not expect Google to distinguish the copy from its source.

That said, it's your job and yours only to stay diligent and protect the content on your Drupal site from scrapers.

1.2. WWW and non-WWW Versions of Your Website

Are there 2 identical version of your Drupal website available? A www and a non-www one?

Now, that's enough to ring Google's “duplicate content in Drupal” alarm.

1.3. Widely Syndicated Content 

So, you've painstakingly put together a list of article submission sites to give your valuable content (blog post, video, article etc.) more exposure. Now what?

Should you just cancel promoting it?

Not at all! Widely syndicated content risks to get on Google's “Drupal 8 duplicate content” radar only if you set no guidelines for those third-party websites.

That is, when these publishers don't place any canonical tags in your submitted content pointing out to its original source.

What happens when you overlook such a content syndication agreement? You leave it entirely to Google to track down the source.To scan through all those websites and blogs that your piece of content gets republished on.

And often times it fails to tell the original from its copy.

1.4. Printed-Friendly Versions

This is probably one of the sources of duplicate content in Drupal that seems most... harmless to you, right?

And yet, for search engines multiple printer-friendly versions of the same content translates as: duplicate pages.

1.5. HTTP and HTTPs Pages

Have you made the switch from HTTP to HTTPs?


Or are there:

  • backlinks from other websites still leading to the HTTP version of your website?
  • internal links on your current HTTPs website still carrying the old protocol?

Make sure you detect all these less obvious sources of identical URLs on your Drupal website.

1.6. Appreciably Similar Content 

Your site's vulnerable to this type of duplicate content “threat” particularly if it's an e-commerce one.

Just think of all those too common scenarios where you display highly similar product descriptions on several different pages on your eStore. 

1.7. User Session IDs 

Users themselves can non-deliberately generate duplicate content on your Drupal site. 
How? They might have different session IDs that generate new and new URLs.

2. 4 Modules at Hand to Identify and Fix Duplicate Content in Drupal

What are the tools that Drupal puts at your disposal to detect and eliminate all duplicate content?

2.1. Redirect Module

Imagine all the functionality of the former Global Redirect module (Drupal 7) “injected” into this Drupal 8 module!

In fact, you can still define your Global Redirect features by just:

  1. accessing the Redirect module's configuration page
  2. clicking on “URL redirects” 

How to Deal with Duplicate Content in Drupal: Global Redirect features
Image Source: WEBWASH.net

What this SEO-friendly module does is provide you with a user-friendly interface for managing your URL path redirects:

  • create new redirects
  • identify broken URL paths (you'll need to enable the “Redirect 4040” sub-module for that)
  • set up domain level redirects (use the “Redirect Domain” sub-module)
  • import redirects

Summing up: when it comes to handling duplicate content in Drupal, this module helps you redirect all your URLs to the new paths that you will have set up.

This way, you avoid the risk of having the very same content displayed on multiple URL paths.

2.2. Taxonomy Unique Module  

How about “fighting” duplicate content on your website at a vocabulary level?

In this respect, this Drupal 8 module:

  • prevents you from saving a taxonomy term that already exists in that vocabulary
  • is configurable for every vocabulary on your Drupal site
  • allows you to set custom error messages that would pop up whenever a duplicate taxonomy term is detected in the same vocabulary

2.3. PathAuto Module  

Just admit it now:

How much do you hate the /node125 type of URL path aliases?

They're anything but user-friendly.

And this is precisely the role that Pathauto's been invested with:

To automatically generate content friendly path aliases (e.g. /blog/my-node-title) for a whole variety of content.

Let's say that you want to modify the current “path scheme” on your website with no impact on the URLs (you don't want the change to affect user's bookmarks or to “intrigue” the search engines).

The Pathauto module will automatically redirect those URLs to the new paths using any HTTP redirect status.

2.4. Intelligent Content Tools      

Personalization is key when you strive to prevent duplicate content in Drupal, right? 

And this is precisely what this module here does: it helps you personalize content on your website.

How? Through its 3 main functionalities delivered to you as sub-modules:

  • auto tagging
  • text summarizing 
  • detecting plagiarized content 

Leveraging Natural Language Processing, this last sub-module scans content on your website and alerts you of any signs of duplicity detected.

Word of caution: keep in mind that the module is not yet covered by Drupal's security advisory policy!

3. To Sum Up

Setting a goal to ensure 100% unique content on your website is as realistic as... learning a new language in a week. 

Instead, you should consider setting up a solid  strategy ”fueled” by (at least) these 4 modules “exposed” here. One that would help you avoid specific scenarios where entire pages or clusters of pages get duplicated.

Now, that's a far less utopian goal to set, don't you think?

Jan 16 2019
Jan 16

We’re all engrossed in the mode of celebration and the festive fly game was on point. In fact, everyone else was too painted in that mood, cheering and celebrating the spirit of flying. But our zest for celebration was a notch hire, for our reason for celebration was doubled. 15th January is not merely a date when the kite-flying festival falls but that’s the very day when our dearest of all - Drupal came into existence!

Eighteen years before this very day, the very first version of Drupal - 1.0.0 was released by its founder - Dries Buytaert. And just as it happens with all other path-breaking changes world, this one too came with a lot of faith but a humble approach towards its future. And look, how proficiently has it grown in all these years. Today, it’s one of the largest and most-trusted open-source community and the future looks even brighter.  

In the age of data-threats, Drupal is trusted for its security, worldwide. Constantly moving towards strengthening the open-source community, Drupal has never compromised on the security, content, and scope. Drupal is also known for its power of personalisation and flexibility. Drupal Commerce is also the preferred one when it comes to building an easy-looking e-commerce platform with complex functionalities. And if that was not enough, the launch of Decoupled Drupal has blown the tech world like a boss!

We might sound a little biased here, but we’re speaking nothing but the truth. Everyone from ‘The Beatles’ to ‘Estee Lauder’, ‘Columbia University’, ‘NBC Universal’, ‘NBA’, ‘Paramount’ and many more have trusted and adapted Drupal for years now. Dries has rightly quoted about it in his birthday note for Drupal and let us also conclude, our birthday note for Drupal, on the very same note -

         “What do the biggest brands in the world have in common?” - ‘Powered by Drupal!’


                               Happy 18th birthday to Drupal!

Jan 16 2019
Jan 16

It is not uncommon for a Drupal 8 project, because it has structured content, to develop many content types, each with many fields, which are themselves rendered in a different way through no less than many display modes. One of the consequences is that the design phase known as site building can then become extremely time-consuming, or even a source of many small and even more time-consuming omissions to correct / adjust (use of the same fields, associated help text, configuration of the form mode, display modes, etc.). And this can make this design phase appear to be the least motivating, although essential, phase.

For those who have already produced an ambitious Drupal 8 project, this must certainly bring back some memories.

Fortunately, with Drupal 8 we have two modules that allow us to significantly simplify and accelerate this phase. These are the Entity Clone and Field Tools modules. Let us briefly present these two modules to be consumed without moderation.

Entity clone

Entity Clone is a module that allows you to clone any content entity (or almost), including node, taxonomy terms, etc., but also some entity types and therefore content types. Thus, duplicating a complex content type, with many fields, can be done with a simple click, in a few seconds, then allowing to customize on a common and identical basis the different fields of a new type of content.

Its use is very simple. One click on the Clone operation and that's it.

Entity clone operation

In addition to the usual case of accelerating the site building phase of an ambitious project, this module can also be particularly useful in the context of a native multi-site architecture to provide semantically different but extremely similar content types in terms of configuration. And also in the context of a Drupal web Factory based on the Micro Site module, where this module can help us this time to clone the Site content entity, allowing us to create a new site, pre-configured and with existing content, with a simple click.

Its dual use both on content entities (which can save considerable time in terms of initial content production when it is relatively structured and rich, especially with paragraphs) and on entity types makes it particularly useful from all points of view. And to complete the table it should be mentioned that the Entity Clone module (in its dev version to date) is able to clone (or not, depending on the configuration of the module) any entity referenced by the cloned source entity. This is particularly effective for any content using paragraphs. Note the existence of a module, Entity Type Clone, with a more limited functional scope, focused on entity types, which I have not had the opportunity to test yet.

Field tools

The Field Tools module plays in another register. It allows you to duplicate fields, their display configurations, as well as display modes from one content type (or entity type in general) to one or more other bundles. This is particularly useful if you already have the different content types (and therefore cannot clone them) and you want to duplicate a field, a display mode, very quickly to other bundles. 

Its use is also rather intuitive. You can access the configuration page for each entity type from the Clone fields link in the list of available operations (as for the Entity Clone module) or from the Tools tab of the entity type.

Field tools usage

We can select the field(s) to duplicate, then select the different bundles to duplicate these fields to. A dreadful efficiency for anyone who has forgotten to add a field on the fifteen content types of a project.

By way of conclusion

These two modules can be added to your base module list for any Drupal 8 project. They can save you a multitude of clicks, many hours and most certainly also some omissions and errors for those who want to optimize the use of fields by a maximum transversal use through the different entity types of a Drupal 8 project. Whether it is in terms of initial design, or in terms of project maintenance, or even the subsequent exploitation of these fields through a business module. In any case, they have already saved me a lot of time, and certainly also kept the motivation of a Drupal developer intact. 

Jan 15 2019
Jan 15

[embedded content]

Eighteen years ago today, I released Drupal 1.0.0. What started from humble beginnings has grown into one of the largest Open Source communities in the world. Today, Drupal exists because of its people and the collective effort of thousands of community members. Thank you to everyone who has been and continues to contribute to Drupal.

Eighteen years is also the voting age in the US, and the legal drinking age in Europe. I'm not sure which one is better. :) Joking aside, welcome to adulthood, Drupal. May your day be bug free and filled with fresh patches!

January 15, 2019

23 sec read time

db db
Jan 15 2019
Jan 15

Open Source

Open source and me

For the past two years, I have been blogging about my experience building and maintaining the Webform module for Drupal 8 and have had some lively discussions about them all. As the Webform module moved from beta or release candidates, I shared my experience in two posts titled Webform 8.x-5.x: Where Do We Come From? What Are We? Where Are We Going? and Webform, Drupal, and Open Source...Where are we going?. Throughout my blog posts, the question persists…

How is open source sustainable?

Open source and organizations

In 2018, open source has become a success story, particularly for large organizations. As someone who has been building websites since Microsoft Internet Explorer 4.0 (1997), I see the fact that Microsoft is going to use the open source Chromium rendering engine as an amazing achievement for open source and even Microsoft. Microsoft has transformed from calling Linux a cancer to fully embracing open source collaboration.

Open source allows organizations to make a collaborative investment that provides them with a large technical return.

Organizations sponsor open source, however, the work is done by individual developers who may work for an organization or independently within the open source community.

What about individual software developers who contribute to open source? At what point do we recognize their part?

Open source and individuals

I recently wrote about Why I am one of the top contributors to Drupal? which explains my motives for my contribution to Drupal and my commitment to maintaining the Webform Module for Drupal 8 for the foreseeable future. One key reason behind my contribution is…

Open source allows individuals to share their passion with a collaborative community which improves their professional profile/resume.

The lone software developer has become a thing of the past. Modern software is a collective and collaborative process. Many software developers’ first experience with software collaboration is when using or contributing to an open source project. Ideally, the lone software developer becomes a member of the open source software community.

That said, building, maintaining, and sustaining collaborative communities where organizations and individuals work together is challenging.

Open Source and community

Growing, nurturing and building anything comes with a set of challenges and difficulties - open source projects are no exception. And this is where structure comes in. Structure, a system, a framework - whatever you want to call it - helps us gauge where we’ve been, where we’re going and where we want to be. Communities need to have some system of governance and sustainability. Open source projects are built by a loosely knit community of developers working together and making decisions.

The most common decision making roles in open source is the 'maintainer' because they help make sure a project continues to grow and work.

Maintainers need to be able to maintain their projects. Projects need to be maintained.

Open source and sustainability

The discussion around open source sustainability is ongoing. Danny Crichton at TechCrunch recently wrote a comprehensive essay about the current state of open source sustainability. It is a worthwhile read with useful background information and references.

There are several approaches to funding/supporting open source developers. To me, the most appealing approach is Open Collective because it is exploring how to collect and distribute funds for an open source project in a completely transparent way.

Open source software is typically created using full transparency. The problem of open source sustainability may be best solved using full transparency.

Open Collective

Open source and Open Collective

Open Collective is a platform for global collaborations to transparently collect and distribute funds.

Open Collective is trying to solve the much larger issue of global collaboration, and open source is one type of collaboration. Besides an open source project, an Open Collective can be set up for a meetup, a political group, or even a Drupal Camp.

Persuading people to contribute funds to an Open Collective requires a mix of marketing, messaging and incentives.

Open Collective and incentives

The strongest incentive to get anyone to do something is to provide a tangible result. Tangible results can be elusive when fixing a bug or upgrading some code. Finding the right messaging and incentives requires experimentation. Incentives should help people get the most out of the software. Incentives could be bug fixes, feature requests, support requests, documentation. If these experiments are successful with organizations and individuals backing and funding an Open Collective; the Open Collective will face its next challenge which is spending the money.

Once a project has money, it is up to the maintainers of that community to decide how to spend it.

-- https://techcrunch.com/2018/06/23/open-source-sustainability/ 

Open Collective and money

It is doubtful that most open source maintainers and contributors can be fully compensated for their late night hours and weekends contributing code, design, documentation, project management, and other expertise to an open source project.

We need to figure how to best spend the money in ways that provide a high return.

In the Drupal, we like to say “Come for the code, stay for the community.” Communities require infrastructure to work and grow. Reinvesting an Open Collective's funds to grow a project's community could give everyone involved some incentive. For example, we could use Open Collective funds to make it more financially feasible for a project's maintainers to speak at events. Another concrete reinvestment of funds is paying for code sprints.

Open Collective is providing a tool which helps improves open source sustainability. It is up to each project's maintainer to determine how to use this tool and collected funds.

How can Open Collective directly benefit the Webform module and the Drupal community?


Open Collective and Webform

The goal of this blog post is to initiate the conversation around leveraging Open Collection within the Drupal community. Developing and refining the marketing and messaging for the Webform module's Open Collective is going to be an interactive process with some experimentation.

Webform and marketing

The success of the Webforms' Open Collective is going to hinge on the Webform module's project page on Drupal.org, the Webform module's page on Open Collective, and some callouts in the documentation, videos and maybe in the Webform module's user interface

Webform and messaging

After three years of working heavily on an open source project, I strongly feel that the most important message to new and even old people in the open source community is…

Everyone is welcome and we are here to help.

Gradually within the Webform module's Open Collective, we need to figure out how to talk to the consumer of the software by…

Communicating the value of contributing and providing incentives for people to contribute.

Webform and incentives

Support is the most immediate incentive to get people to pay for open source software. WordPress' plugin ecosystem openly asks and sometimes requires people to pay for support licenses. I never want to force or trick a user to pay for support. The Drupal community is passionately against paid modules. Nevertheless, it’s important to communicate to people that supporting an Open Collective will help support the Webform module and the Drupal community. There is no doubt they go hand in hand.

Frankly, I already escalate issue queue tickets created by people and organizations who are active contributors or sponsors in the Drupal community, especially if they are members of the Drupal Association. BTW, I also welcome and escalate tickets created by new members of the Drupal community. I have not publicly documented this policy, but it is worth asking "Should we be providing free software with free support?"

Webform and money

How the funds in Webform module's Open Collective are being distributed is tricky but not impossible. Initially focusing on reinvesting any funds back into the Webform and Drupal community and the software is a fair and reasonable approach. The collected funds should only be spent on event/speaking related costs and direct improvements to the Webform module's user experience, accessibility, and marketing.

Reinvesting funds for marketing might be the only controversial expense. I am going to tread lightly with spending money on marketing, but the Webform module needs a logo, maybe a better slide deck, and some SEO to compete with the 100's of other form builders on the market. BTW, Drupal's community is so awesome I would not be surprised if someone contributed a logo to the Webform module.

Webform and me

I am not going to get rich from the Webform module. I am incredibly fortunate to have steady consulting work, which allows me to contribute my time to the Webform module. The Webform module is a professional and intellectual challenge for me. The sustainability of the Webform module is part of this challenge.

What fascinates me most about the challenge of open source sustainability is the scale that our open source projects are benefiting everyone including large organizations. Large organizations have realized that they can tap in the power of open source software and its communities.

Open source needs to push back on organizations and ask them to give back.

Us and open source

“The culture of our community should be one that gives back and supports community projects with all that they can: whether with employee time or funding. Instead of just embracing the consumption of open source and ignoring the cost, we should take responsibility for its sustainability."

-- Henry Zhu of Babel

Open source is about us. Us is anyone that uses open source projects. Sometimes, we forget that even the individual or organization that uses the software without contributing back to open source are still peripheral members of our community. We need to explore how we are marketing open source projects, think about our messaging and provide some incentives to welcome and encourage everyone to get involved.

Join the Webform module's Open Collective

Almost done…

We just sent you an email. Please click the link in the email to confirm your subscription!

OKSubscriptions powered by Strikingly

Jan 15 2019
Jan 15

Every city has its ways — and we invite you to an imaginary city that follows the Drupal Way! ;) Just with the names of real Drupal modules, themes, and distributions, we at WishDesk team created the Drupal City map. Today that we celebrate Drupal’s 18th birthday, it’s a great chance to invite you there!

The idea and mission of Drupal City map

The world of Drupal modules is incredibly interesting, and we decided to show this to everyone. Our Drupal Map is much more than entertainment. It is meant to promote Drupal and give inspiration to developers, users, and customers.

And, of course, a special purpose of Drupal City is to let anyone learn Drupal modules in a cheery and engaging way. By clicking on the module images, you can see their brief descriptions and visit their pages on drupal.org. Here and there, we also left little hints to how these modules work. So the Drupal City map contributes to Drupal education.

Drupal City map

Welcome to Drupal City!

Just look around the Drupal City — it has everything you can imagine. You could walk along the Commerce CCAvenue, turn to the Beale Street, pass the Simple Columns and reach the Beach and the Sea, from which flows a mighty River of Tweets leading to the Waterfall Views.

It is possible to have a chat at the sociable Sticky Sharrre Bar, take a ride on the Owl Carousel, get some calories for Drupal ideas at the local Restaurant or Bakery, and lose extra calories in YG Fitness Gym.

You could also admire the Christmas Lights at the Commerce Square, visit the Open Church, and replenish your skills at the Library. And this is just the beginning!

The choice of modules for Drupal City

It was amazing to see how all these modules, themes, and distributions were fitting into the Drupal map like in a puzzle.

Some module names matched their map objects exactly, while for others we used a little wordplay. For example, the Commerce Square module does integration with the Square payment service — and it is a beautiful city square on the Drupal map. But this makes the map even more interesting!

Drupal has so many fabulous modules that at some moments it was hard to choose between them. There were multiple awesome modules for particular objects — for example, carousels or fields. With real torments of choice, we chose the modules whose names just better fitted the map concept.

If you would like to see other Drupal modules, themes, or distributions on the Drupal City map, welcome to share your ideas — and we will consider adding them. Drupal City is truly welcoming, and it belongs to the Drupal world.

See you in Drupal City! It’s just an awesome little place on the Drupal Planet ;)

Created with love for Drupal by WishDesk team.

Jan 14 2019
Jan 14

We’ve compiled all the blog posts we wrote in the final month of 2018. Besides continuing with our Community Interviews series, we also introduced a brand new series of posts - the Story of Agiledrop, in which we discuss our work practices and give you a glimpse into what it’s like to work as a member of our A-team. Have a look and stay tuned!

How to Create a Node in Drupal 8 using REST

The first blog post we wrote in December was a short tutorial on creating a node in Drupal 8 using RESTful web services. RESTful web services are the underlying principles that enable the concept of “headless Drupal”, and they bring about a plethora of possibilities for the customization of a Drupal site. This post takes you through the basic function of creating a node using these services and serves as a kind of demo of the feature.

Read more

The Story of Agiledrop: Introduction

Our next post was the first chapter of our new series, the Story of Agiledrop. Here we explained our workflow and the advantages it has had, both for our dedicated team and for our clients. Thanks to such a well-defined workflow, our A-team can keep improving and growing, professionally as well as personally. But, of course, we also encountered some obstacles when defining our workflow and putting it into effect - we discussed these in the series’ second chapter.

Read more

Interview with Kevin Kaland, aka wizonesolutions: Towards a more and more decoupled Drupal

The third post was part of our Community Interviews series. We talked with the digital wizard Kevin Kaland of WizOne Solutions, who revealed to us his thoughts on Drupal’s future as well as some more personal, non-Drupal related bits of information. Besides being actively involved in the community as the maintainer of the FillPDF module among other things, he’s also an avid traveler, hiker and language enthusiast. Take a look at what we talked about.

Read more

The Story of Agiledrop: Our Training Program

Finally, just before the holiday season, we wrote a blog post on our effective training program, the second chapter in Agiledrop’s story. While the first chapter concentrated on our workflow and its advantages, this second one dove into the challenges we faced when setting up such a unique workflow. We deal with the first of these challenges - providing a number of clients with proven and experienced developers - more thoroughly, and reveal how we succeeded in finding a very beneficial solution for it. 

Read more

That’s that for our blog posts from December. We hope 2018 was a successful year and the transition into 2019 a pleasant one for everyone. Check back later this month or keep following our blog for any new content!

Jan 13 2019
Jan 13

the Twig file

In the previous section we created the file that defines the widget formatter used to pre-format the data before passing it on to a twig file. In this part we will create the twig file that provides the markup for the viewed content.


The file should be placed in the path <my module>/templates and be given the name used for #theme in the previous section with a .twig suffix.

{{ name }}

That's all the pieces. The complete tree for your module should look like this:

├── name_field_type.info.yml
├── name_field_type.module
├── src
│   └── Plugin
│       └── Field
│           ├── FieldFormatter
│           │   └── NameFormatter.php
│           ├── FieldType
│           │   └── NameItem.php
│           └── FieldWidget
│               └── NameWidget.php
└── templates
    └── name_field_type.html.twig

Enable the module either through the Extensions (/admin/modules) page of the UI or using drush

drush en name_field_type

Select a content type to add the new field type. It should appear in the field type list 

Field type list with the new field type added

When creating a new piece of content for the content type, all of the sub-fields will appear for the new field

sub fields on node form

And finally, the rendering of the parts of our field:

Rendered name

The magic is that this widget can be used on any content type, and is easily moved from site to site, since it's wrapped in a module.

Jan 11 2019
Jan 11

Drupal has everything to do with Community, the embodiment of vibrancy imbuing this Open Source project... so much so that the Community is justly touted as a factor differentiating it within the field of CMSs, and contribution to it is often used to measure a candidate's suitability for employment (a practice that makes sense on the surface but can be inherently biased).

Community is based on volunteerism, and while volunteerism is a great and noble thing with demonstrable successes, especially within the Drupal Community, there is a flip side to it: there is no accountability or surety, and that can be a large issue to the user community.

Let us consider the migration from D7 to D8. On the surface the process has come a long way, with the migration of fairly vanilla sites often being push-button. I posit that the problems, large costly and sometimes insurmountable problems, arise below that surface. One current glaring example is the Rules module, a top favorite in D7. It is still in alpha.

So, what about the multitude of sites that have a heavy investment in Rules, often as a result of their business needs being fulfilled by its use. There seems to be only a few choices for them of what to do, none of them pleasant or defensible, when looking in from the outside:

  • Remain on D7
  • Eliminate the need for the rule(s)
  • Absorb the cost of converting the rules to custom code

Certainly the fact that there is no production D8 rules module, yet, is not a matter of fault. Module migration is like the tripod of any project: it comes down to resources, time and scope. That said, in a volunteer network the availability of resources is indeterminate. 

We are now at the point of scheduling the arrival of D9 and the end-of-life of both D7 and D8, and still, there is a plethora of sites, enterprise sites, that make heavy use of Rules, or some other module not yet migrated, with a brick wall approaching and no brakes on the car.

At a minimum, I feel that mission-critical contributed modules and their migration need to be part of the release planning of a new version, rising to the level of blockers. We owe it to the clients whose use of Drupal means its success. After all, you can have "open source" music, but it means nothing if no one listens to it.

Jan 11 2019
Jan 11

Values & Principles Committee Update - November 2018

The first post we would like to highlight is Rachel Lawson’s update on the Drupal community’s Values & Principals Committee. Here, Rachel covers the basics of the committee: why it has been put together, how it will function and who its members are. She finishes with a powerful CTA to members of the community to contribute their own stories about Principle 8.

Read more

Drupal's Commitment to Accessibility

Next up, we have a post by Dries on Drupal's commitment to accessibility. He has made the realization that accessibility is not something that benefits only a small group of people and should as such be shrugged off and/or postponed, but rather something that promotes inclusion and can benefit everybody involved. So, the community as a whole should put more effort in making Drupal accessible, consequently benefiting each and every member.

Read more

A Visual Prototype of Drupal.org's Integration with GitLab

Early last month, Tim Lehnen, executive director of the Drupal Association, wrote a piece on Drupal.org's integration with GitLab. In this post, he goes through all the things needed to get the integration working and even includes a video outlining the migration phases for the project.

Read more

A Framework for Progressively Decoupled Drupal

When discussing the future of Drupal, a lot of talk revolves around “decoupled Drupal” or “headless CMS”. Malcolm Young of Capgemini offers his insights on what Dries describes as “progressively decoupled Drupal”, and introduces the so-called SPALP module together with the benefits of using this module.

Read more

The New Layout Builder’s Impact on Drupal’s Evolving Learning Curve

Ashraf Abed and Jack Garratt discuss Drupal’s new layout builder in this blog post by Debug Academy. They compare different ways of creating content and show how site building can be greatly facilitated when using the layout builder. Consequently, it makes Drupal more accessible to content editors and less experienced developers, giving them more reign in creating a website.

Read more

How to Automate Testing whether Your Drupal 8 Module Is Incompatible with Drupal 9?

In this blog post, Gábor Hojtsy takes us through how to automate testing the incompatibility of a Drupal 8 module with Drupal 9. With the release of Drupal 9 only about a year and a half away, it’s wise to check whether your module is compatible with Drupal 9 (or, at the very least, if it’s incompatible).

Read more

Improving Drupal and Gatsby Integration - Part 1 and Part 2

Jesus Manuel Olivas, Head of Product at weKnow, has started a series on improving Drupal and Gatsby integration. In December, he published the first two chapters of the series: part 1 focuses on two contributed Drupal modules that facilitate the usage of Drupal when working with Gatsby, while part 2 explains how you can really take advantage of the two modules using weKnow’s very own Gatsby plugin. 

Part 1

Part 2

Plan for Drupal 9

Last but not least comes a major post from Dries’ blog. He finally announces the release date for Drupal 9, which is planned for June 2020. This gives site owners more than enough time for a smooth and uncomplicated upgrade from Drupal 8 to Drupal 9. According to Dries, the upgrade will be easy and should as such not be considered a big deal.

Read more

This concludes our selection of the top blog posts from December 2018. We’re very excited to see what the new year will bring for Drupal; we’ll make sure to keep you informed of all the most important goings-on.

Jan 11 2019
Jan 11

Automate actions on your Drupal-based website. This will enable it to run even more independently from your input.

Automated mailing, publishing new content at a specified time and redirects after meeting certain conditions are only some of the functionalities featured in the Rules module.

Rules is a tool that enables you to define automatic, conditionally executed actions, triggered by various types of events.

What are some examples of such automated actions? For example:

  • redirecting the user after logging in;
  • sending an e-mail after adding content;
  • publishing content at a specific time.

At the foundation of the module lies the Event – Condition – Action rule, with one caveat – the CONDITION does not have to be a part of this scheme.
An example scheme could be as follows:

  1. A user adds an entry – that’s the event.
  2. The type of the added entry is “Article” – that’s the condition.
  3. Notify the admin about somebody adding an entry via e-mail – that’s the action.

Installing and setting up the Rules module

Currently (January 2019), the module is still available in alpha4 version only, which means that some of its functionalities and features might not work properly, there might also still be some errors and bugs.
For the purposes of this article, we used the DEV version of the module.

The below example works and was tested on the configuration outlined below:
Drupal : 8.6.5
Rules : 8.x-3.x-dev
Typed Data : 8.x-1.0-alpha2

Download the modules and unpack them in the /modules/contrib directory.
Rules – https://www.drupal.org/project/rules
Typed Data – https://www.drupal.org/project/typed_data

If you are going to create rules with user roles in the conditions, for example, if you want to redirect users with an “administrator” role who log in to a specific site, you will need to add a patch: https://www.drupal.org/files/issues/2816157-10.patch. It will probably not be needed in the future, but as it stands, it is still required for the user role condition to work properly.

How to apply patches? – https://www.drupal.org/patch/apply.

Creating and testing your rules

We are now going to show you how to add a new rule, step by step: Redirecting to the /admin/people page after a user with the administrator role logs in to the website.

Add a new rule - /admin/confg/workflow/rules.
Add new rule

Fill in the fields:

  • Name your rule using the label field.
  • From the drop-down menu, select the event that will trigger your rule. In our case it is going to be “User has logged in”.

Add a condition.
Select the appropriate value, in our case, it is going to be "User has role(s)”.

Select the right condition

Now, you are going to deal with the hardest part of creating a rule, namely selecting the appropriate objects that the condition will work on. You have to be really careful here, because despite this field being validated, sometimes you might set erroneous values that will cause problems down the road.
In the USER section, switch the field from the automatic filling mode to the selection mode. Switch to the data selection.

This condition concerns users, since it is their role that you have to check, so you need to type “account” in the field.

In the ROLES section, put in the roles that will fulfil the condition. You need to put in the machine name. You can view it at /admin/people/roles page by editing a selected role. In our case, it is going to be “administrator”. You can add more roles, just keep in mind to add just one role per line.

In the MATCH ROLES section, if you have selected more than one role, you can set whether the user must have each of these roles (AND) or any of them (OR).

In the NEGATE section, you can select whether this condition should be met when the above settings are NOT MET – in this case, the action will be executed when each user logs in, except for those who have an administrator role.

Rules module conditions

Add an action.

+Add action button of module shown

Select Page redirect from the System section.

"Page redirect"action selected

Enter the address (internal or external) to which the user should be redirected after logging in.

redirection address (internal)

Save and test the rule.

In order to ensure that the rule works, clear Drupal’s cache.

Now log in and check if the redirection is working.

My redirection for the admin role does not work. What do I do?!

PHP throws an error:

  • make sure you have applied the patch mentioned above;
  • make sure that you used the “account” object in the USER section of the rule condition.

Redirection does not work after logging in:

  • make sure that the rule is saved correctly;
  • clear Drupal’s cache;
  • make sure that the role name in the condition is correct.

Discover the many possibilities of the Rules module.

The Rules module is a really powerful tool which enables you to build complex rules that will automate your website.

If you have an idea for using this tool in your project, but you need help, do not hesitate to contact us.

Jan 10 2019
Jan 10

Amongst ambitious brands and serious digital operators; Drupal adoption rate on the rise.

Governments and major brands across the globe are already testifying to the positive impact that Drupal has made on their digital business.

As a developer, you might be approached by a client that insists on developing their digital platform and/or experience using Drupal.

Here are 3 key reasons why Drupal distributions will make your life much easier:

1. Time

“How long do you need to complete the project? That long?!?”

Dealing with continuous amendments and changes to the project requirements is the bane of all developers.

Distributions feature tons of tried and tested best-in-class features, modules and components that are already integrated and tested together. This allows developers to successfully complete project tasks that normally consume a scary amount of time to build.

For example; should you be required to build a Media Entity Browser for a certain project may consume up to 6 to 8 hours from your time.

Varbase Media Entity Browser

Source: Varbase

Imagine it took you that long for project A... now you have to repeat the same process for project B.

However; with Drupal distributions such as Varbase, the Media Entity Browser is already built-in, optimized and integrated with other modules you might require.

Total time consumed on Media Entity Browser development: Zero.

Thanks to DRY (Don’t-Repeat-Yourself); Drupal distributions will shorten the project development time by hundreds of hours. You won’t ever have to repeat the same development process for any other project.


2. Efficiency

Not all programmers and web developers are equal in skill and expertise. But, we all face challenges and issues that might arise during the project development process.

Drupal distributions offer a wealth of solutions that fix issues you might not even realize you had. Why? Open-source.

For example; you are currently developing an e-commerce platform for a client and face an issue with a particular component.

The fact is that you weren’t the first developer to encounter this issue.

When using Drupal distributions, you will find almost all challenges and issues related to components or modules you may need have been solved and addressed by someone before you.

Working on almost ready-built websites not only saves time but also affords you the opportunity to personalize any ready-made component or feature based on your project requirements.

Take the aforementioned example; you already have a Media Entity Browser ready, but you wish to match it to your clients’ requirements. In no time at all, you can build upon the ready-made feature via customization or integration. Simples.

3. Standards

At Vardot, we refer to “websites” as digital experiences. The difference between them?


Drupal has built a name for itself due to the focus on building the best user-friendly digital experiences possible and the fact that Drupal is open-source has enabled its evolution based on actual feedback from various practical perspectives.

Your ability to develop a website (e.g.) the best online equestrian market; depends entirely on the standards you apply throughout the development process.

For example; Varbase is an ideal distribution to develop platforms that rely on rich multi-media content such as Al Jazeera and Georgetown University. On the other hand, Drupal distributions such as Commerce Kickstart feature every possible component needed by a developer to build an e-commerce digital experience.

Of course, when we speak of standards; we are not referring solely to quality standards. You will be able to develop the best possible digital experience for any industry using Drupal distributions whilst maintaining all W3C standards and accessibility standards.

Bonus: Drupal Distributions Maintenance

Drupal distributions are rich in features that are all integrated with each other.

You will never have to scour for individual updates for each module you need. All you’ll ever possibly need is to update the distribution itself.

Since all modules and features are integrated. All would be updated and tested together.

If you are considering starting a Drupal project or to build a Drupal-based digital experience, let us know. We'd love to help.  Contact Us.

Jan 10 2019
Jan 10

Website owners are often trapped inside an imaginary bubble where they make conclusions like “There are more valuable sites in the web world, why would mine be targeted by the hackers?” 

And Alas the bubble is busted when they observe that hackers have attacked their site because let's face it- they would never discriminate between any choice they are getting. They want a website to attack, and they have it.

For opensource CMS like Drupal, WordPress, and Joomla, the scenario is the same. As popular as these platforms are, they are the targets of all sorts of attacks. Cybercriminals discover the security loopholes and hack your website in no time.

A picture of a head of a man which is black in color who is wearing a grey hat which is on red background

Which leaves us with the assumption that these platforms ( which together conquer 68.5% of the CMS market) must be providing some form of protection. 

And yes, the assumptions are true.  

Birth of SIWECOS 

SIWECOS project or the “Secure Websites and Content Management Systems” project is the security project which is funded by the German ministry of Economics that desires to improve the security of the CMS based websites ( which of course includes Drupal, WordPress, Joomla, and many others)  

 Image of the logo of SIWECOS with an illustration showing a magnifying glass superimposed over concentric semicircles

The project was designed to help small and medium-sized enterprises (SMEs) identify and correct the security loopholes that they witness on their websites. It focused on concrete recommendations of action in the event of damage and also taking care of sensitizing SMEs to cybersecurity.

The utilization of the vulnerability scanner in the project helped SMEs to regularly check the server system and made them acquaint well with the vulnerability that might occur in a web application. Not only this but a service for web hosts were also presented which actively communicated with acute security vulnerabilities and offered filtering capabilities to prevent cyber attacks. 

The end users were also protected with potential data losses as well as financial losses. 


The aim of SIWECOS in longer run was to increase web security and raise a proper awareness of the relevance of IT security for SMEs. Thus, Initiative-S came out as a ray of hope for the support of the small and medium-sized enterprise. It was a government-funded project which was built by the initiative, the association of the German internet industry echo. 

The association built a web interface called “clamavi”. This was done for the users to grant them with the ability to enter their domain and conduct a malware scan of the source code once per day. Thus the website check of Initiative-S was integrated into the new project of SIWECOS. The proven Initiative-S technology now supplements the portfolio of the new SIWECOS service with a check for possible malware infestation.

logo of initiative-s where an arrow is pointing towards the magnifying glass of SIWECOS logo that is superimposed over concentric semicircles

Importance of the Project 

As mentioned, the whole project revolved around the security of the CMS platform, Since the time it was started, the project took 2 years to complete. The mission was to introduce the end users with:

  • Importance of security in cooperation and provided the end users with individual notifications and recommendation on security issue of a website.
  • Increase in web security for a longer period and to identify and address security vulnerabilities of their website.
  •  The project helped ordinary users patch more quickly. Patching is the application of updates (patches) to existing code that either increase the functionality or correct patch vulnerabilities.
  • It also scanned registered user websites. If any security vulnerabilities were found then the person in the field of IT security was contacted directly.
Screenshot of the homepage of SIWECOS website which shows the features of the security maintained in a table

What does SIWECOS have in General?

SIWECOS, in general, had three things 

Awareness Building

It is the detailed version of the introduction and the process on how to subscribe it. They reached out to the end users that not only included the site owners but also the ones that have to maintain it later. The major purpose of the awareness campaign was to influence the behavior of the users since improvements cannot take place without changes in their attitudes and perceptions.

Skinning Service

The whole scanning system in Skinning Service is based on an API which is an open source that is embedded inside. It gave the end users with score count between zero and hundred to give them an idea on how secure or insecure the setup is.

Behind the score, there were five scanners which were used to check malware in the HTML code. Scanners like:

  • HTTP Header Scanner

Ensures that your server conveys the browser to enable security features.

  • Info leak Scanner

Verifies if the site exposes security-relevant information.

  • TLS scanner

Checks the HTTPs encryption for known issues, outdated certificates, chain of trust etc

  • Initiative S Scanner 

This scanner checks the website for viruses or looks for third-party content such as phishing.

  • DOMXSS Scanner

This scanner verifies that the website is protected against DOMXSS attacks. 

Web Host

The companies that power the service behind the website are likely to be called as web hosts. Web hosts team generally should have all the basic technical knowledge, security awareness and should have an active communication of filter rules to defend against attacks.

The need for Filter rules - to limit the circle of recipients. 

Firewall rules made it easy for experienced attackers to build and exploit the website as they want. Thus, by filtering incoming and outgoing network traffic (based on the set of user-defined rules) there was a reduction in unwanted network communication.

Another reason to use web host was server-side protection. The server- side was protected against all these attacks on the web pages that were installed in the web hoster. This was done to protect web page operators.

Partner in the Project

SIWECOS project included four partners mainly that contributed highly to the project. The four partners were:


Eco or electronic commerce is the largest association of the internet industry in Europe. The association sees itself as the representation of the interests of the internet economy and has set itself with the goal of promoting technologies, shaping framework conditions and representing the interests of its members. The Eco group includes all the internet industry and promotes current and future internet topics. 

The awareness building section was mainly done by eco association because of the fact that they were really good at marketing and networking. 

Image of a square that is divided into two parts where the upper part has eco written on it and the below section has a red background where words are written in the German language


The Ruhr-University Bochum, located on the southern hills of central Ruhr area Bochum, is one of the partners in the whole project. It has one of the greatest and most proven track records in the general IT security industry. They were included in the project with the agenda of building a scanning engine that gave the business owners feedback about potential security problems on their site such as SSL misconfiguration or vulnerability to cross-site scripting attacks.

Image of a square which is divided into two parts the left side is white in color where RUHR university is written in German and the right side is blue in color with RUB written in white


Hackmanit GmbH was founded by IT security experts that were from Ruhr University Bochum. They have an international publication of XML security, SSL/TLS, single sign-on, cross-site scripting, and UI redressing. The priorities of the company were designed by high-quality penetration testing, hands-on training, and tailor-made expertise. The organization has in-depth knowledge about the security of web application, web services, and applied cryptography. The team offers a white box and black box tests which protects the application from the effects of all sorts of hackers attack.

Image having HACKMANIT with an underline as it’s text. HACK is written in red color MANIT in black

CMS Graden 

The CMS garden is the umbrella organization of the most relevant and active open source content management system. In other words, the security team started with CMS planning in 2013 by making a shoutout to the CMS community to join the team. Surprisingly, there were CMS platforms which were interested. Thus, by 2013, there were 12 open source CMS systems in one place. 

CMS garden also contributes to a series of plugins for different open source CMSes that provides feedbacks from within the CMS management interface so that the site owners have the ability to act immediately when they encounter with any security vulnerability. 

 A stick image of a flower with 5 buds on it besides which CMS garden is written in black. The E in the garden is drawn in stick letter in green color

In the End 

Website attacks and cyber attacks are rapidly growing. These attacks cost the organizations millions of dollars, subject them to the lawsuit and ruin their lives. 

SIWECOS is like a shield for all the websites and the CMS platforms, it protects them against cyber attacks and hackers of all sort, helping in keeping up with the security and protection against vulnerabilities. 

We know how important web security is to protect your online identity and personal information. If you’re concerned about your web security for your business, or other network issues, our services can help. Contact us on [email protected] the professionals would guide you with all your queries and questions and help you leverage security for your website.

Jan 10 2019
Jan 10
Drupal. It’s been the foundation of our solutions for a few years now and it powers some of the top sites around the world in fields ranging from commerce to government. If you’ve ever been interested in getting your feet wet with the CMS, or…
Jan 10 2019
Jan 10



Drupal Mountain Camp brings together experts and newcomers in web development to share their knowledge in creating interactive websites using Drupal and related web technologies. We are committed to unite a diverse crowd from different disciplines such as developers, designers, project managers as well as agency and community leaders.

Drupal Mountain Camp Group Picture


The future of Drupal communities

For the first keynote, Drupal community leaders such as Nick Veenhof and Imre Gmelig Meijling will discuss about successful models to create sustainable open source communities and how we can improve collaboration in the future to ensure even more success for the open web. This keynote panel talk will be moderated by Rachel Lawson.

Drupal Admin UI & JavaScript Modernisation initiative

In the second keynote Matthew Grill, one of the Drupal 8 JavaScript subsystem maintainers, will present about the importance and significance of the Admin UI & JavaScript Modernisation initiative and Drupal’s JavaScript future.

Drupal Mountain Camp Attendee


In sessions, we will share the latest and greatest in Drupal web development as well learn from real world implementation case studies. Workshops will enable you to grow your web development skills in a hands-on setting. Sprints will teach you how contributing to Drupal can teach you a lot while improving the system for everyone.

Swiss Splash Awards

As a highlight, the Swiss Splash Awards will determine the best Swiss Drupal web projects selected by an independent jury in 9 different categories. These projects will also participate in the global Splash Awards at DrupalCon Europe 2019.

Splash Awards 2019


Drupal Mountain Camp takes place at Davos Congress. As tested by various other prominent conferences and by ourselves in 2017, this venue ensures providing a great space for meeting each other. We are glad to be able to offer conference attendees high quality equipment and flawless internet access all in an inspiring setting. Davos is located high up in the Swiss alps, reachable from Zurich airport within a beautiful 2 hours train ride up the mountains.

The camp

The Drupal Mountain Camp is all about creating a unique experience, so prepare for some social fun activities. We’ll make sure you can test the slopes by ski and snowboard or join us for the evening activities available to any skill level such as sledding or ice skating.

Drupal Mountain Camp Davos


Drupal Mountain Camp is committed to be a non-profit event with early bird tickets available for just CHF 80,- covering the 3 day conference including food for attendees. This wouldn't be possible without the generous support of our sponsors. Packages are still available, the following are already confirmed: Gold Sponsors: MD Systems, platform.sh, Amazee Labs. Silver: soul.media, Gridonic, Hostpoint AG, Wondrous, Happy Coding, Previon+. Hosting partner: amazee.io.

Key dates

  • Early bird tickets for CHF 80,- are available until Monday January 14th, 2019

  • Call for sessions and workshops is open until January 21st, 2019

  • Selected program is announced on January 28th, 2019

  • Splash Award submissions is open until February 4th, 2019

  • Regular tickets for CHF 120,- end on February 28th, 2019 after that late bird tickets cost CHF 140,-

  • Drupal Mountain Camp takes place in Davos Switzerland from March 7-10th, 2019

Join us in Davos!

Visit https://drupalmountaincamp.ch or check our promotion slides to find out more about the conference, secure your ticket and join us to create a unique Drupal Mountain Camp 2019 - Open Source on top of the World in Davos, Switzerland March 7-10th, 2019.

Drupal Mountain Camp is brought to you by Drupal Events, the Swiss Drupal Association formed striving to promote and cultivate the Drupal in Switzerland.

Jan 09 2019
Jan 09

This blog has been re-posted and edited with permission from Dries Buytaert's blog.

Last year, I talked to nearly one hundred Drupal agency owners to understand what is preventing them from selling Drupal. One of the most common responses raised is that Drupal's administration UI looks outdated.

This critique is not wrong. Drupal's current administration UI was originally designed almost ten years ago when we were working on Drupal 7. In the last ten years, the world did not stand still; design trends changed, user interfaces became more dynamic and end-user expectations have changed with that.

To be fair, Drupal's administration UI has received numerous improvements in the past ten years; Drupal 8 shipped with a new toolbar, an updated content creation experience, more WYSIWYG functionality, and even some design updates.

A visual comparison of Drupal 7 and Drupal 8's administration UI

A comparison of the Drupal 7 and Drupal 8 content creation screen to highlight some of the improvements in Drupal 8.

While we made important improvements between Drupal 7 and Drupal 8, the feedback from the Drupal agency owners doesn't lie: we have not done enough to keep Drupal's administration UI modern and up-to-date.

This is something we need to address.

We are introducing a new design system that defines a complete set of principles, patterns, and tools for updating Drupal's administration UI.

In the short term, we plan on updating the existing administration UI with the new design system. Longer term, we are working on creating a completely new JavaScript-based administration UI.

A screenshot of the content administration using Drupal 8's Carlo theme

The content administration screen with the new design system.

As you can see on Drupal.org, community feedback on the proposal is overwhelmingly positive with comments like Wow! Such an improvement! and Well done! High contrast and modern look..

A screenshot of the spacing guidelines of Drupal 8's Carlo theme

Sample space sizing guidelines from the new design system.

I also ran the new design system by a few people who spend their days selling Drupal and they described it as "clean" with "good use of space" and a design they would be confident showing to prospective customers.

Whether you are a Drupal end-user, or in the business of selling Drupal, I recommend you check out the new design system and provide your feedback on Drupal.org.

Special thanks to Cristina ChumillasSascha EggenbergerRoy ScholtenArchita AroraDennis CohnRicardo MarcelinoBalazs KantorLewis Nyman,and Antonella Severo for all the work on the new design system so far!

We have started implementing the new design system as a contributed theme with the name Claro. We are aiming to release a beta version for testing in the spring of 2019 and to include it in Drupal core as an experimental theme by Drupal 8.8.0 in December 2019. With more help, we might be able to get it done faster.

Throughout the development of the refreshed administration theme, we will run usability studies to ensure that the new theme indeed is an improvement over the current experience, and we can iteratively improve it along the way.

Acquia has committed to being an early adopter of the theme through the Acquia Lightning distribution, broadening the potential base of projects that can test and provide feedback on the refresh. Hopefully other organizations and projects will do the same.

How can I help?

The team is looking for more designers and frontend developers to get involved. You can attend the weekly meetings on #javascript on Drupal Slack Mondays at 16:30 UTC and on #admin-ui on Drupal Slack Wednesdays at 14:30 UTC.

Thanks to Lauri EskolaGábor Hojtsy and Jeff Beeman for their help with this post.

File attachments:  drupal-7-vs-drupal-8-administration-ui-1280w.png carlo-content-administration-1280w.png carlo-spacing-1280w.png
Jan 09 2019
Jan 09

Drupal 9 is coming. Even if it feels like you only just upgraded to Drupal 8, soon it’ll be time to make the switch to the next version. Fortunately, the shift from Drupal 8 to Drupal 9 should be relatively painless for most organizations. Here’s why.

A little background

Though tools were built in to make the upgrade from Drupal 6 or 7 to Drupal 8 run as smoothly as possible, it could still be a difficult or dramatic process. Drupal 8 marked a major shift for the Drupal world: it introduced major new dependencies, such as Symfony, and a host of new features in Core. The new structure of the software made it tricky to upgrade sites in the first place, which was complicated by the fact that it took a long time for a number of modules to be properly optimized and secured for the new version.

Drupal 9: A natural extension of Drupal 8

Fortunately, the large number of changes made to the Drupal platform in Drupal 8 have made it relatively simple to build, expand, and upgrade for the future. The new software has been designed specifically to make it simple to transition between Drupal 8 and Drupal 9, so that making the migration requires little more work than upgrading between minor version of Drupal 8.

In fact, as Dries Buytaert (the founder and project lead of Drupal) wrote recently in a blog on Drupal.org:

Instead of working on Drupal 9 in a separate codebase, we are building Drupal 9 in Drupal 8. This means that we are adding new functionality as backwards-compatible code and experimental features. Once the code becomes stable, we deprecate any old functionality.

Planning for Drupal 9

As more information is released about the new features and updates in Drupal 9, organizations should consider their digital roadmaps and how the new platform will affect them. And regardless of what your plans are feature-wise, your organization should begin planning to upgrade to Drupal 9 no later than summer of 2021. The reason for that is because the projected end-of-life for the Drupal 8 software is November of 2021, when Symfony 3 (Drupal 8’s largest major dependency) will no longer be supported by its own community.

In the meantime, the best thing your organization can do to prepare for the launch of Drupal 9 is to make sure that you keep your Drupal 8 site fully up to date.

For help planning out your Drupal roadmap, and to make sure that you’ll be ready for a smooth upgrade to Drupal 9 when it releases, contact FFW. We’re here to help you plan out your long-term Drupal strategy and make sure that your team can make the most of your site today, tomorrow, and after Drupal 9 is released.

Jan 09 2019
Jan 09

Everyone loves attractive layouts for web pages. Luckily, Drupal has plenty of awesome page building tools. You will hear such tool names as Panels, Panelizer, Paragraphs, Display Suite, Page Manager, Twig, and more. Our Drupal team loves to take the best of them from our arsenal, combine them when needed, to achieve amazing results for our customers. But today we would like to focus on a wonderful new tool, Layout Builder, that appeared in Drupal 8.5. We will take a closer look at creating layouts in Drupal 8 with its help.

Layout Builder in Drupal 8: let’s get acquainted

The Layout Builder module has already been compared to the Panelizer, Panels, or Display Suite modules in its capacities. And that’s right, because according to the Layout Initiative, it is meant to become the number one tool for creating layouts in Drupal 8 core. The module is currently experimental but expected to reach stability in Drupal 8.7 in the spring of 2019.

The Layout Builder lets you define the layout of any fieldable entity — content type, user, and so on. You just select from the predefined sections and add blocks and fields to them as you wish.

The module’s UI is simple and intuitively understandable for administrators, as well as equipped with the drag-and-drop feature to swap the blocks and shape your page. Developers, in their turn, will appreciate that layouts can be defined in a module or theme and have Twig templates.

Creating layouts in Drupal 8 with the Layout Builder

Let’s take a look at Layout Builder in action. We will see how it works on the example of creating a layout for articles. We will begin with enabling the Layout Builder module in core, as well as the Field Layout and Layout Discovery.

Creating a layout for a content type

We go to our Article content type in Structure and select “Manage Display.” Instead of the traditional fields, we see “Manage Layout” button. We also make sure the “Use Layout Builder” option is checked in the “Layout Options.”

The “Manage Layout” button takes us to the page where we configure the article content type layout.

By clicking “Add Section”, we can select from the ready layouts with a different number of columns. The unnecessary sections can be removed.

By clicking “Add Block”, we can add standard Drupal blocks and content type fields (like “Authored by”, “Body”, “Image” etc.) from the list on the right, as well as create custom blocks. The blocks can be dragged anywhere you wish throughout the layout.

Every block has a “Configure” and “Remove” tabs in the right-hand corner next to it. Blocks can also be configured when clicked on the list to the right of the page. For example, we have just configured the article image by attaching a custom image style of 500x500 to it.

So here goes our simple two-column layout with the image and the author on the left and body on the right.

When everything is ready, we click “Save Layout.” After that, all articles will be created according to this pattern.

Creating a layout for an individual node

In many cases, you do not need the same layout for all content type items. Layout Builder lets you make every content item layout customizable by checking the appropriate option on the “Manage Display” tab.

The Layout Builder offers the handy “Layout” button near each node that leads you to its individual layout customization page. The procedure is the same as in creating a layout for a content type.

Creating different layouts within the same content type

We see how Layout Builder can build articles pages, but let’s now complicate things a little and review a special case. What if you are using the same content type for several actual types of content, and want your website to generate different layouts for them?

That was exactly the case with one of our customers. They wished different layouts to be generated for every content type on the homepage and on the content listing page. A select list menu was used to switch between the actual types of content within the same content type, which was based on the “list” field. According to this field value, specific types of content were filtered out in Views for homepage and content listing page.

The Layout Builder could be helpful here. If the Views is based on ‘Content”, it can choose a specific view mode. And it is awesome that the Layout Builder module can create layouts for particular view modes within the same content type!

View modes can be registered in the “Manage Display” tab of the content type, and each of them needs to have the “Use Layout Builder” option enabled, and each will have its own “Manage Layout” button.

At the time of our working with this customer, the Layout Builder was in alpha, and we successfully used a different solution, which involved Display Suite and Twig templates. Every case is unique, and deserves a special approach.

Let’s build the perfect layout for your website pages!

We have made a little overview of creating layouts in Drupal 8 with the Layout Builder. Let your website have beautiful and properly arranged layouts that work exactly according to your wishes. Just contact our Drupal development team, and we will select the optimal tools from Drupal’s “treasury”, as well as apply customization when needed, to build you the layouts that you will love!


About Drupal Sun

Drupal Sun is an Evolving Web project. It allows you to:

  • Do full-text search on all the articles in Drupal Planet (thanks to Apache Solr)
  • Facet based on tags, author, or feed
  • Flip through articles quickly (with j/k or arrow keys) to find what you're interested in
  • View the entire article text inline, or in the context of the site where it was created

See the blog post at Evolving Web

Evolving Web